-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathdocker.yml
79 lines (75 loc) · 2.56 KB
/
docker.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
spec:
inputs:
version:
description: 'The version of the Docker image'
type: string
default: '24.0'
stage:
description: 'The stage to run the job'
type: string
default: 'build'
image_name:
description: 'The image name to build'
type: string
default: '$CI_REGISTRY_IMAGE'
image_tag:
description: 'The image tag to build'
type: string
default: '$CI_COMMIT_SHORT_SHA'
---
variables:
DOCKER_BUILDX_VERSION: '0.12.0'
.docker:
image: docker:stable
cache: {}
services:
- docker:$[[ inputs.version ]]-dind
variables:
DOCKER_HOST: tcp://docker:2376
before_script:
- mkdir -p $HOME/.docker
- echo -e "\e[0Ksection_start:`date +%s`:setup_docker[collapsed=true]\r\e[0KSetup Docker Buildx"
- mkdir -p /usr/libexec/docker/cli-plugins
- wget https://github.com/docker/buildx/releases/download/v${DOCKER_BUILDX_VERSION}/buildx-v${DOCKER_BUILDX_VERSION}.linux-amd64
-O /usr/libexec/docker/cli-plugins/docker-buildx
- chmod +x /usr/libexec/docker/cli-plugins/docker-buildx
- docker context create gitlab-ci
- docker buildx create --use gitlab-ci # Enable cache export support
- echo -e "\e[0Ksection_end:`date +%s`:setup_docker\r\e[0K";
- echo "$CI_JOB_TOKEN" | docker login -u $CI_REGISTRY_USER --password-stdin $CI_REGISTRY
.docker:base:
extends: .docker
variables:
IMAGE_NAME: $[[ inputs.image_name | expand_vars ]]
IMAGE_TAG: $[[ inputs.image_tag | expand_vars ]]
REVISION: $CI_COMMIT_SHORT_SHA
script:
- export DOCKER_TAG_OPTIONS="--tag ${IMAGE_NAME}:${CI_COMMIT_REF_SLUG} --tag ${IMAGE_NAME}:${IMAGE_TAG}"
- if [ "$LATEST_IMAGE" == "yes" ]; then export DOCKER_TAG_OPTIONS="--tag ${IMAGE_NAME}:latest ${DOCKER_TAG_OPTIONS}"; fi
# Workaround for missing manifest digest to add --provenance false
- docker buildx build
--cache-from type=registry,ref=${IMAGE_NAME}:buildcache
--cache-to type=registry,ref=${IMAGE_NAME}:buildcache,mode=max,image-manifest=true
--build-arg REVISION=${REVISION}
--provenance false
${DOCKER_TAG_OPTIONS}
--push .
interruptible: true
cache:
key:
files:
- Gemfile.lock
prefix: docker-$CI_COMMIT_REF_NAME
docker:
extends: .docker:base
stage: $[[ inputs.stage ]]
retry:
max: 1
rules:
- if: '$DOCKER_ENABLED == "yes" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
variables:
LATEST_IMAGE: 'yes'
- if: '$DOCKER_ENABLED == "yes" && $CI_COMMIT_TAG'
variables:
REVISION: $CI_COMMIT_TAG
- if: '$DOCKER_ENABLED == "yes"'