Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
gitlab-ci.yml for self-signed docker repositories, from debuglevel/greeting-microservice
services:
- name: docker:dind
command: ["/bin/sh", "-c", "[[ -z $CERTIFICATE_URL ]] && ( echo Injecting no certificate && dockerd-entrypoint.sh || exit ) || ( echo Injecting certificate $CERTIFICATE_URL && wget $CERTIFICATE_URL -O /usr/local/share/ca-certificates/cert.crt && update-ca-certificates && dockerd-entrypoint.sh || exit )"]
variables:
## Uncomment this to inject a self-signed certificate into the docker:dind service
# CERTIFICATE_URL: http://my_server/my_corp.crt
# # disable TLS; see: https://gitlab.com/gitlab-org/gitlab-runner/issues/1350#note_199840999 and https://about.gitlab.com/2019/07/31/docker-in-docker-with-docker-19-dot-03/
# DOCKER_TLS_CERTDIR: ""
before_script:
- JOB_TIMESTAMP=$(date +'%Y%m%d-%H%M%S')
- COMMIT_HASH_SHORT=${CI_COMMIT_SHA:0:8}
- COMMIT_BRANCH_OR_TAG=$CI_COMMIT_REF_SLUG
- REGISTRY_HOST=$CI_REGISTRY
- REGISTRY_USER=$CI_REGISTRY_USER
- REGISTRY_PASSWORD=$CI_REGISTRY_PASSWORD
- REGISTRY_IMAGE=$CI_REGISTRY_IMAGE
stages:
- build
- release
# No explicit test stage is needed, as "gradle build" does already run the "test" task
#test:
# stage: build
# image: alpine:3.7
# script:
# - ...
# Traditional build with gradle and generate artifacts
build:
stage: build
image: openjdk:8-jdk-alpine
script:
- ./gradlew build
artifacts:
paths:
# use only shadowed jars
- "build/libs/*.jar"
- "build/distributions/*shadow*.tar"
# reports (e.g. about failed tests)
- "build/reports"
## Build & Push Docker Images ##
# Build docker image and push it to the registry as "debuglevel/greeting-microservice:branch-97dd42c"
build-docker-master:
stage: build
image: docker:latest
script:
- echo "JOB_TIMESTAMP $JOB_TIMESTAMP | COMMIT_HASH_SHORT $COMMIT_HASH_SHORT | COMMIT_BRANCH_OR_TAG $COMMIT_BRANCH_OR_TAG | REGISTRY_HOST $REGISTRY_HOST | REGISTRY_USER $REGISTRY_USER | REGISTRY_IMAGE $REGISTRY_IMAGE | CERTIFICATE_URL $CERTIFICATE_URL"
- docker login -u "$REGISTRY_USER" -p "$REGISTRY_PASSWORD" $REGISTRY_HOST
- docker build --pull -t "$REGISTRY_IMAGE:$COMMIT_BRANCH_OR_TAG-$COMMIT_HASH_SHORT" .
- docker push "$REGISTRY_IMAGE:$COMMIT_BRANCH_OR_TAG-$COMMIT_HASH_SHORT" && echo "== Pushed docker image $REGISTRY_IMAGE:$COMMIT_BRANCH_OR_TAG-$COMMIT_HASH_SHORT"
# Release branch docker image by pushing it to the registry as "debuglevel/greeting-microservice:branch"
release-docker:
stage: release
image: docker:latest
script:
- docker login -u "$REGISTRY_USER" -p "$REGISTRY_PASSWORD" $REGISTRY_HOST
- docker pull "$REGISTRY_IMAGE:$COMMIT_BRANCH_OR_TAG-$COMMIT_HASH_SHORT"
- docker tag "$REGISTRY_IMAGE:$COMMIT_BRANCH_OR_TAG-$COMMIT_HASH_SHORT" "$REGISTRY_IMAGE:$COMMIT_BRANCH_OR_TAG"
- docker push "$REGISTRY_IMAGE:$COMMIT_BRANCH_OR_TAG" && echo "== Pushed docker image $REGISTRY_IMAGE:$COMMIT_BRANCH_OR_TAG"
# Release master docker image by pushing it to the registry as "debuglevel/greeting-microservice" (which automatically also becomes "debuglevel/greeting-microservice:latest")
release-docker-master:
stage: release
image: docker:latest
script:
- docker login -u "$REGISTRY_USER" -p "$REGISTRY_PASSWORD" $REGISTRY_HOST
- docker pull "$REGISTRY_IMAGE:$COMMIT_BRANCH_OR_TAG-$COMMIT_HASH_SHORT"
- docker tag "$REGISTRY_IMAGE:$COMMIT_BRANCH_OR_TAG-$COMMIT_HASH_SHORT" "$REGISTRY_IMAGE"
- docker push "$REGISTRY_IMAGE" && echo "== Pushed docker image $REGISTRY_IMAGE"
only:
- master
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.