iwanbolzern/.gitlab-ci.yml

## .gitlab-ci.yml
image: docker:latest
services:
    - docker:dind
stages:
    - Dev
    - Dev-publish
    - Prod-Tag
    - Prod-publish
variables:
    REGISTRY: [Your Registry]
    REPOSITORY: [Your Repository]

before_script:
    # check for VERSION file
    - if [ ! -f VERSION ]; then echo "VERSION file not found!"; exit 1; else export VERSION=$(cat VERSION); fi
    - 'echo "Running Pipeline for: $REGISTRY/$REPOSITORY:${VERSION}"'

build:
    stage: Dev
    script:
        - docker build -t $REGISTRY/$REPOSITORY .
        - docker save $REGISTRY/$REPOSITORY > image.tar
        - docker image ls
    artifacts:
        paths:
            - image.tar
    only:
        - master

dev-publish:
    stage: Dev-publish
    dependencies:
        - build
    script:
        # check for $REGISTRY_USER and $REGISTRY_PW file
        - if [ -z ${REGISTRY_USER+x} ]; then echo "REGISTRY_USER is not set!"; exit 1; fi
        - if [ -z ${REGISTRY_PW+x} ]; then echo "REGISTRY_PW is not set!"; exit 1; fi
        # login into docker registry
        - docker login -u $REGISTRY_USER -p $REGISTRY_PW $REGISTRY
        # load previously generated docker image
        - docker load -i image.tar
        # push to docker registry
        - docker tag $REGISTRY/$REPOSITORY:latest $REGISTRY/$REPOSITORY:latest-dev
        - docker push $REGISTRY/$REPOSITORY:latest-dev
    only:
        - master

publish:
    stage: Prod-publish
    dependencies:
        - build
        - tag
    script:
        # check for $REGISTRY_USER and $REGISTRY_PW file
        - if [ -z ${REGISTRY_USER+x} ]; then echo "REGISTRY_USER is not set!"; exit 1; fi
        - if [ -z ${REGISTRY_PW+x} ]; then echo "REGISTRY_PW is not set!"; exit 1; fi
        # login into docker registry
        - docker login -u $REGISTRY_USER -p $REGISTRY_PW $REGISTRY
        # load previously generated docker image
        - docker load -i image.tar
        # push to docker registry
        - docker tag $REGISTRY/$REPOSITORY:latest $REGISTRY/$REPOSITORY:$VERSION
        - docker push $REGISTRY/$REPOSITORY:$VERSION
    only:
        - master

tag:
    image: python:3.7-stretch
    stage: Prod-Tag
    script:
        - mkdir -p ~/.ssh && chmod 700 ~/.ssh
        - ssh-keyscan gitlab.com >> ~/.ssh/known_hosts && chmod 644 ~/.ssh/known_hosts
        - eval $(ssh-agent -s)
        - echo -n "$SSH_DEPLOY_KEY" | tr -d '\r' | ssh-add - > /dev/null
        - chmod +x tag.py
        - ./tag.py
    when: manual
    allow_failure: false
    only:
        - master

## readme.md

      
    Raw
  

              readme.md
            
          
    Gitlab CI for docker build, git tag and push to docker registry

Setup


Copy .gitlab-ci.yml, tag.py and readme.md into your repository
Update .gitlab-ci.yml with your registry and repository. Therefore, change:

REGISTRY: [Your Registry]
REPOSITORY: [Your Repository]

to e.g.
REGISTRY: registry.hub.docker.com/library
REPOSITORY: iwanbolzern/finals


Create gitlab secret for REGISTRY_USER, REGISTRY_PW. It's the username and password of your docker registry!
In your Project go to Settings > CI/CD > Variables and create the two variables.
Create Deploy Key with write access to your repository and add it as SSH_DEPLOY_KEY to variables. First you have to create a public and private key. To do so, open your git-bash and type: ssh-keygen -o -t rsa -b 4096 -C "email@example.com" -f ssh-key. Copy the public key to token in Settings > Repository > Deploy Keys and the private key into your variables.


## tag.py
#!/usr/bin/env python3
import os
import re
import sys
import subprocess


def git(*args):
    return subprocess.check_output(['git'] + list(args))


def tag_repo(tag):
    url = os.environ['CI_REPOSITORY_URL']

    # Transforms the repository URL to the SSH URL
    # Example input: https://gitlab-ci-token:xxxxxxxxxxxxxxxxxxxx@gitlab.com/threedotslabs/ci-examples.git
    # Example output: git@gitlab.com:threedotslabs/ci-examples.git
    push_url = re.sub(r'.+@([^/]+)/', r'git@\1:', url)

    git('remote', 'set-url', '--push', 'origin', push_url)
    git('tag', tag)
    git('push', 'origin', tag)


def main():
    if 'VERSION' not in os.environ:
        print('VERSION not set')
        return -1
    version = os.environ['VERSION']

    # check if version already exists
    tags = git('describe', '--tags', '--always').decode().strip()
    if version in tags:
        print('Version already exists!')
        return -1

    tag_repo(version)

    return 0


if __name__ == '__main__':
    sys.exit(main())

## VERSION
1.0.0
	image: docker:latest
	services:
	- docker:dind
	stages:
	- Dev
	- Dev-publish
	- Prod-Tag
	- Prod-publish
	variables:
	REGISTRY: [Your Registry]
	REPOSITORY: [Your Repository]

	before_script:
	# check for VERSION file
	- if [ ! -f VERSION ]; then echo "VERSION file not found!"; exit 1; else export VERSION=$(cat VERSION); fi
	- 'echo "Running Pipeline for: $REGISTRY/$REPOSITORY:${VERSION}"'

	build:
	stage: Dev
	script:
	- docker build -t $REGISTRY/$REPOSITORY .
	- docker save $REGISTRY/$REPOSITORY > image.tar
	- docker image ls
	artifacts:
	paths:
	- image.tar
	only:
	- master

	dev-publish:
	stage: Dev-publish
	dependencies:
	- build
	script:
	# check for $REGISTRY_USER and $REGISTRY_PW file
	- if [ -z ${REGISTRY_USER+x} ]; then echo "REGISTRY_USER is not set!"; exit 1; fi
	- if [ -z ${REGISTRY_PW+x} ]; then echo "REGISTRY_PW is not set!"; exit 1; fi
	# login into docker registry
	- docker login -u $REGISTRY_USER -p $REGISTRY_PW $REGISTRY
	# load previously generated docker image
	- docker load -i image.tar
	# push to docker registry
	- docker tag $REGISTRY/$REPOSITORY:latest $REGISTRY/$REPOSITORY:latest-dev
	- docker push $REGISTRY/$REPOSITORY:latest-dev
	only:
	- master

	publish:
	stage: Prod-publish
	dependencies:
	- build
	- tag
	script:
	# check for $REGISTRY_USER and $REGISTRY_PW file
	- if [ -z ${REGISTRY_USER+x} ]; then echo "REGISTRY_USER is not set!"; exit 1; fi
	- if [ -z ${REGISTRY_PW+x} ]; then echo "REGISTRY_PW is not set!"; exit 1; fi
	# login into docker registry
	- docker login -u $REGISTRY_USER -p $REGISTRY_PW $REGISTRY
	# load previously generated docker image
	- docker load -i image.tar
	# push to docker registry
	- docker tag $REGISTRY/$REPOSITORY:latest $REGISTRY/$REPOSITORY:$VERSION
	- docker push $REGISTRY/$REPOSITORY:$VERSION
	only:
	- master

	tag:
	image: python:3.7-stretch
	stage: Prod-Tag
	script:
	- mkdir -p ~/.ssh && chmod 700 ~/.ssh
	- ssh-keyscan gitlab.com >> ~/.ssh/known_hosts && chmod 644 ~/.ssh/known_hosts
	- eval $(ssh-agent -s)
	- echo -n "$SSH_DEPLOY_KEY" \| tr -d '\r' \| ssh-add - > /dev/null
	- chmod +x tag.py
	- ./tag.py
	when: manual
	allow_failure: false
	only:
	- master
	#!/usr/bin/env python3
	import os
	import re
	import sys
	import subprocess


	def git(*args):
	return subprocess.check_output(['git'] + list(args))


	def tag_repo(tag):
	url = os.environ['CI_REPOSITORY_URL']

	# Transforms the repository URL to the SSH URL
	# Example input: https://gitlab-ci-token:xxxxxxxxxxxxxxxxxxxx@gitlab.com/threedotslabs/ci-examples.git
	# Example output: git@gitlab.com:threedotslabs/ci-examples.git
	push_url = re.sub(r'.+@([^/]+)/', r'git@\1:', url)

	git('remote', 'set-url', '--push', 'origin', push_url)
	git('tag', tag)
	git('push', 'origin', tag)


	def main():
	if 'VERSION' not in os.environ:
	print('VERSION not set')
	return -1
	version = os.environ['VERSION']

	# check if version already exists
	tags = git('describe', '--tags', '--always').decode().strip()
	if version in tags:
	print('Version already exists!')
	return -1

	tag_repo(version)

	return 0


	if __name__ == '__main__':
	sys.exit(main())