Skip to content

Instantly share code, notes, and snippets.

@jdickey

jdickey/Dockerfile Secret

Last active Nov 12, 2019
Embed
What would you like to do?
Failing Semaphore pipeline config file to build Docker image from already-tested code.
# This pipeline runs after semaphore.yml
version: v1.0
name: Docker build
agent:
machine:
type: e1-standard-2
os_image: ubuntu1804
# containers:
# - name: main
# image: semaphoreci/ruby:2.6.5
# - name: db
# image: postgres:9.6
# env_vars:
# - name: POSTGRES_PASSWORD
# value: notthepasswordduh
blocks:
- name: Build
task:
# Mount a secret which defines DOCKER_USERNAME and DOCKER_PASSWORD
# environment variables.
# For info on creating secrets, see:
# https://docs.semaphoreci.com/article/66-environment-variables-and-secrets
secrets:
- name: dockerhub
prologue:
commands:
- sem-version ruby 2.6.5
- sem-service start postgres
env_vars:
- name: REPO_NAME
value: semaphore_hanami_poc
jobs:
- name: Docker build
commands:
# Authenticate with Docker Hub
# using environment variables in markoa-dockerhub secret:
- echo "${DOCKER_PASSWORD}" | docker login -u "${DOCKER_USERNAME}" --password-stdin
- checkout
# Use docker layer caching and reuse unchanged layers to build a new
# container image faster.
# To do that, we first need to pull a previous version of container:
- docker pull "${DOCKER_USERNAME}"/"${REPO_NAME}":latest || true
# Build a new image based on pulled image, if present.
# Use $SEMAPHORE_WORKFLOW_ID environment variable to produce a
# unique image tag.
# For a list of available environment variables on Semaphore, see:
# https://docs.semaphoreci.com/article/12-environment-variables
- sem-service status postgres
- docker build --cache-from "${DOCKER_USERNAME}"/"${REPO_NAME}":latest -t "${DOCKER_USERNAME}"/"${REPO_NAME}":$SEMAPHORE_WORKFLOW_ID .
- docker images
# Push a new image to Docker Hub container registry:
- docker push "${DOCKER_USERNAME}"/"${REPO_NAME}":$SEMAPHORE_WORKFLOW_ID
# The deployment pipeline is defined to run on manual approval from the UI.
# Semaphore will the time and the name of the person who promotes each
# deployment.
#
# You could, for example, add another promotion to a pipeline that
# automatically deploys to a staging environment from branches named
# after a certain pattern.
# https://docs.semaphoreci.com/article/50-pipeline-yaml#promotions
promotions:
- name: Deploy to Kubernetes
pipeline_file: deploy-k8s.yml
FROM jdickey/ruby:2.6
RUN apt-get update -qq && apt-get dist-upgrade -y && \
apt-get install -y libpq-dev postgresql-client && apt-get clean && \
find /var/lib/apt/lists/* -delete
RUN gem install dry-validation:0.11.2 sassc:2.2.0 bundler:2.0.2
ENV APP_HOME /app
RUN mkdir -p $APP_HOME/tmp $APP_HOME/db/migrations $APP_HOME/config/initializers/
WORKDIR $APP_HOME
ADD Gemfile* $APP_HOME/
RUN bundle install --binstubs --without development test
ADD . $APP_HOME
ENV DATABASE_URL="postgresql://postgres:@0.0.0.0:5432/semaphore_hanami_poc" \
SERVE_STATIC_ASSETS="true" \
WEB_SESSIONS_SECRET="29bfc4f2a7b80bf7e499db9a8ad4504b556271e8c2e3a74c8a21cdec797cbdc9"
RUN bin/hanami db drop || true
RUN bin/hanami db create && bin/hanami db migrate
RUN ls -lR $APP_HOME/config && bin/hanami assets precompile
EXPOSE 2300
CMD bundle exec hanami server --host=0.0.0.0
# CMD bundle exec hanami server --host=0.0.0.0 --port=2300
# Use the latest stable version of Semaphore 2.0 YML syntax:
version: v1.0
# Name of your pipeline. In this example we connect multiple pipelines with
# promotions, so it helps to differentiate what's the job of each.
name: CI
# An agent defines the environment in which your code runs.
# It is a combination of one of available machine types and operating
# system images. See:
# https://docs.semaphoreci.com/article/20-machine-types
# https://docs.semaphoreci.com/article/32-ubuntu-1804-image
agent:
machine:
type: e1-standard-2
os_image: ubuntu1804
# Blocks are the heart of a pipeline and are executed sequentially.
# Each block has a task that defines one or more jobs. Jobs define the
# commands to execute.
# See https://docs.semaphoreci.com/article/62-concepts
blocks:
- name: Install dependencies
task:
prologue:
commands:
- sem-version ruby 2.6.5
jobs:
- name: bundle install
commands:
# Checkout code from Git repository. This step is mandatory if the
# job is to work with your code.
# Optionally you may use --use-cache flag to avoid roundtrip to
# remote repository.
# See https://docs.semaphoreci.com/article/54-toolbox-reference#checkout
- checkout
# Restore dependencies from cache, command won't fail if it's
# missing.
# More on caching: https://docs.semaphoreci.com/article/149-caching
- cache restore
- gem install bundler
- bundle install --deployment --path vendor/bundle
# Store the latest version of dependencies in cache,
# to be used in next blocks and future workflows:
- cache store
- name: Tests
task:
prologue:
commands:
- sem-version ruby 2.6.5
- sem-service start postgres 11
env_vars:
- name: HANAMI_ENV
value: test
- name: RACK_ENV
value: test
- name: DATABASE_URL
value: postgresql://postgres:@0.0.0.0/semaphore_hanami_poc
- name: SERVE_STATIC_ASSETS
value: 'true'
- name: WEB_SESSIONS_SECRET
value: 29bfc4f2a7b80bf7e499db9a8ad4504b556271e8c2e3a74c8a21cdec797cbdc9
jobs:
- name: rspec
commands:
- checkout
- cache restore
- gem install bundler
# Bundler requires `install` to run even though cache has been
# restored, but generally this is not the case with other package
# managers. Installation will not actually run and command will
# finish quickly:
- bundle install --deployment --path vendor/bundle
# Set up database:
- sem-service status postgres
- bundle exec hanami db create
- bundle exec hanami db migrate
# Run unit tests:
- bundle exec rspec
# If all tests pass, we move on to build a Docker image.
# This is a job for a separate pipeline which we link with a promotion.
#
# What happens outside semaphore.yml will not appear in GitHub pull
# request status report.
#
# In this example we run docker build automatically on every branch.
# You may want to limit it by branch name, or trigger it manually.
# For more on such options, see:
# https://docs.semaphoreci.com/article/50-pipeline-yaml#promotions
promotions:
- name: Dockerize
pipeline_file: docker-build.yml
auto_promote_on:
- result: passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.