It takes some tries to get Gitlab CI to build and deploy to AWS, since you need to use docker in docker (dind). Here is what works for me.
- runner must be privileged
- see changes to runner volumes
Last active
June 22, 2022 12:30
-
-
Save viezel/0aab0b87414cf0ce650c3398d5488421 to your computer and use it in GitHub Desktop.
Gitlab Docker in Docker build image and deploy to AWS ECR
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| deploy_staging: | |
| image: docker:stable | |
| stage: deploy | |
| when: always | |
| services: | |
| - name: docker:dind | |
| alias: dockerhost | |
| variables: | |
| ECR_REPO_PREFIX: XXX.dkr.ecr.eu-west-1.amazonaws.com/my-app-name | |
| DOCKER_TLS_CERTDIR: "" | |
| DOCKER_DRIVER: overlay2 | |
| DOCKER_HOST: tcp://dockerhost:2375/ | |
| script: | |
| - export DEBIAN_FRONTEND=noninteractive | |
| # Install python & AWS CLI | |
| - apk update -qy && apk add --no-cache curl unzip bash | |
| - apk add --no-cache python3 && python3 -m ensurepip && rm -r /usr/lib/python*/ensurepip && pip3 install --upgrade pip setuptools && if [ ! -e /usr/bin/pip ]; then ln -s pip3 /usr/bin/pip ; fi && if [[ ! -e /usr/bin/python ]]; then ln -sf /usr/bin/python3 /usr/bin/python; fi && rm -r /root/.cache | |
| - pip3 install awscli | |
| # Login to AWS ECR | |
| - $(aws ecr get-login --no-include-email --region eu-west-1) | |
| # docker images | |
| - docker pull ${ECR_REPO_PREFIX}:cache-latest || true | |
| - docker build -f ./docker/staging/Dockerfile --cache-from ${ECR_REPO_PREFIX}:cache-latest -t ${ECR_REPO_PREFIX}:${CI_COMMIT_SHA} -t ${ECR_REPO_PREFIX}:cache-latest . | |
| - docker push ${ECR_REPO_PREFIX}:cache-latest | |
| - docker push ${ECR_REPO_PREFIX}:${CI_COMMIT_SHA} | |
| # AWS Cloudformation | |
| - aws cloudformation update-stack --template-url https://s3.amazonaws.com/web-platform-cloudformation/ecs-${CI_COMMIT_SHA}.yml --stack-name web-platform-staging --region eu-west-1 --capabilities CAPABILITY_IAM | |
| - aws cloudformation wait stack-update-complete --stack-name web-platform-staging --region eu-west-1 | |
| only: | |
| - tags | |
| - staging |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [[runners]] | |
| name = "my-gitlab-runner" | |
| url = "https://gitlab.example.com/" | |
| token = "SOME_TOKEN" | |
| executor = "docker" | |
| [runners.custom_build_dir] | |
| [runners.cache] | |
| [runners.cache.s3] | |
| [runners.cache.gcs] | |
| [runners.cache.azure] | |
| [runners.docker] | |
| tls_verify = false | |
| image = "docker:stable" | |
| privileged = true | |
| disable_entrypoint_overwrite = false | |
| oom_kill_disable = false | |
| disable_cache = false | |
| volumes = ["/certs/client", "/cache"] | |
| shm_size = 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment