-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
130 lines (115 loc) · 5.18 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# Based off of instructions at https://gitlab.com/guided-explorations/containers/kaniko-docker-build/-/blob/master/.gitlab-ci.yml
# Tags in this file MUST match GitLab runner configured tags else the jobs will not run.
#
# Created by Joel Farthing: 2020-01-06
default:
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
tags: [arbutus]
stages:
- .pre
- build_deploy
- tag
variables:
#DOCKER_HOST: tcp://docker:2375
#DOCKER_TLS_CERTDIR: ""
CONTAINER_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
# Kaniko Variables
VERSIONLABELMETHOD: "OnlyIfThisCommitHasVersion" # options: "OnlyIfThisCommitHasVersion","LastVersionTagInGit"
IMAGE_LABELS: >
--label org.opencontainers.image.vendor=$CI_SERVER_URL/$GITLAB_USER_LOGIN
--label org.opencontainers.image.authors=$CI_SERVER_URL/$GITLAB_USER_LOGIN
--label org.opencontainers.image.revision=$CI_COMMIT_SHA
--label org.opencontainers.image.source=$CI_PROJECT_URL
--label org.opencontainers.image.documentation=$CI_PROJECT_URL
--label org.opencontainers.image.licenses=$CI_PROJECT_URL
--label org.opencontainers.image.url=$CI_PROJECT_URL
--label vcs-url=$CI_PROJECT_URL
--label com.gitlab.ci.user=$CI_SERVER_URL/$GITLAB_USER_LOGIN
--label com.gitlab.ci.email=$GITLAB_USER_EMAIL
--label com.gitlab.ci.tagorbranch=$CI_COMMIT_REF_NAME
--label com.gitlab.ci.pipelineurl=$CI_PIPELINE_URL
--label com.gitlab.ci.commiturl=$CI_PROJECT_URL/commit/$CI_COMMIT_SHA
--label com.gitlab.ci.cijoburl=$CI_JOB_URL
--label com.gitlab.ci.mrurl=$CI_PROJECT_URL/-/merge_requests/$CI_MERGE_REQUEST_ID
get-latest-git-version:
stage: .pre
image:
name: alpine/git
entrypoint: [""]
rules:
- if: '$VERSIONLABELMETHOD == "LastVersionTagInGit"'
script:
- |
echo "the google kaniko container does not have git and does not have a package manager to install it"
git clone https://github.com/GoogleContainerTools/kaniko.git
cd kaniko
echo "$(git describe --abbrev=0 --tags)" > ../VERSIONTAG.txt
echo "VERSIONTAG.txt contains $(cat ../VERSIONTAG.txt)"
artifacts:
paths:
- VERSIONTAG.txt
.build_with_kaniko:
#Hidden job to use as an "extends" template
stage: build_deploy
script:
- |
echo "Building and shipping image to $CI_REGISTRY_IMAGE"
#Build date for opencontainers
BUILDDATE="'$(date '+%FT%T%z' | sed -E -n 's/(\+[0-9]{2})([0-9]{2})$/\1:\2/p')'" #rfc 3339 date
IMAGE_LABELS="$IMAGE_LABELS --label org.opencontainers.image.created=$BUILDDATE --label build-date=$BUILDDATE"
#Description for opencontainers
BUILDTITLE=$(echo $CI_PROJECT_TITLE | tr " " "_")
IMAGE_LABELS="$IMAGE_LABELS --label org.opencontainers.image.title=$BUILDTITLE --label org.opencontainers.image.description=$BUILDTITLE"
#Add ref.name for opencontainers
IMAGE_LABELS="$IMAGE_LABELS --label org.opencontainers.image.ref.name=$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME"
#Build Version Label and Tag from git tag, LastVersionTagInGit was placed by a previous job artifact
if [[ "$VERSIONLABELMETHOD" == "LastVersionTagInGit" ]]; then VERSIONLABEL=$(cat VERSIONTAG.txt); fi
if [[ "$VERSIONLABELMETHOD" == "OnlyIfThisCommitHasVersion" ]]; then VERSIONLABEL=$CI_COMMIT_TAG; fi
if [[ ! -z "$VERSIONLABEL" ]]; then
IMAGE_LABELS="$IMAGE_LABELS --label org.opencontainers.image.version=$VERSIONLABEL"
ADDITIONALTAGLIST="$ADDITIONALTAGLIST $VERSIONLABEL"
fi
ADDITIONALTAGLIST="$ADDITIONALTAGLIST $CI_COMMIT_REF_NAME $CI_COMMIT_SHORT_SHA"
if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then ADDITIONALTAGLIST="$ADDITIONALTAGLIST latest"; fi
if [[ -n "$ADDITIONALTAGLIST" ]]; then
for TAG in $ADDITIONALTAGLIST; do
FORMATTEDTAGLIST="${FORMATTEDTAGLIST} --tag $CI_REGISTRY_IMAGE:$TAG ";
done;
fi
#Reformat Docker tags to kaniko's --destination argument:
FORMATTEDTAGLIST=$(echo "${FORMATTEDTAGLIST}" | sed s/\-\-tag/\-\-destination/g)
echo $FORMATTEDTAGLIST
echo $IMAGE_LABELS
mkdir -p /kaniko/.docker
echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(echo -n $CI_REGISTRY_USER:$CI_REGISTRY_PASSWORD | base64)\"}}}" > /kaniko/.docker/config.json
/kaniko/executor --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile $FORMATTEDTAGLIST $IMAGE_LABELS
# Build an image tagged with the commit SHA
build_deploy_image:
extends: .build_with_kaniko
stage: build_deploy
except:
- tags
# Tag 'latest' if the push was to master branch
tag_latest:
stage: tag
image:
name: gcr.io/go-containerregistry/crane:debug
entrypoint: [""]
script:
- crane auth login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- crane tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA latest
only:
- master
# If the pipeline source is a tag, use it as a version
tag_version:
stage: tag
image:
name: gcr.io/go-containerregistry/crane:debug
entrypoint: [""]
script:
- crane auth login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- crane tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA $CI_COMMIT_TAG
only:
- tags