docker/all¶
Configure an end-to-end pipeline that includes jobs from each of the build, test, push, and trigger components.
Usage¶
include:
- component: git.ligo.org/computing/cicd-components/docker/trigger@<VERSION>
Inputs¶
| Input | Default value | Description |
|---|---|---|
job_name_prefix | docker | Prefix to apply to all job names |
dockerfile | The path of the Dockerfile to build | |
deploy_when | "tags" | When to deploy images and trigger downstream projects; one of "tags" (only for git tags), "default" (pushes to the default git branch), "all" (pushes to all git branches) |
default_image_name | <image_name> | The name of the image to compare to when scanning a newly built image. Set to the name of the image in the upstream project to enable scanning from forks. |
image_name | $CI_REGISTRY_IMAGE | The name of the image to push to the container registry |
image_tag | $CI_COMMIT_SHA | The tag to give this image in the registry, defaults to the commit SHA |
deploy_tag | $CI_COMMIT_REF_NAME | The tag to give this image when deploying to the registry, and to DockerHub or Quay.io, defaults to the branch or tag name for which the pipeline was triggered. |
tag_latest | true | If true tag the new image as 'latest' when deploying to registries |
upstream_project_path | Path of the upstream project (to ensure that push jobs don't run on pipelines for forks of the upstream project). | |
test_script | Required | Array of commands to run as the script section of the test job |
gitlab_registry_repository | $CI_PROJECT_PATH | Path of target project on GitLab Container Registry (default is the parent project) |
docker_io_repository | Name of repository on Docker Hub to push to | |
quay_io_repository | Name of repository on Quay.io to push to | |
trigger_projects | The list of downstream project paths to trigger. |
Example¶
docker/all example
include:
- component: git.ligo.org/computing/gitlab/components/docker/all@1
inputs:
# validate that the tool is functional
test_script:
- my_tool --help
# only deploy from git tags
deploy_when: tags
# only deploy things from this project, not from forks
upstream_project_path: "namespace/project"
# deploy to
docker_io_repository: "username/repository"
quay_io_repository: "username/repository"
The above configuration would result in the following pipeline:
flowchart LR;
subgraph build
direction LR
job_build[<code>docker_build</code>]
end
subgraph test
direction LR
job_scan[<code>docker_container_scanning</code>]
job_test[<code>docker_test</code>]
end
subgraph deploy
direction LR
job_push_gitlab[<code>docker_push_gitlab</code>]
job_push_docker[<code>docker_push_docker_io</code>]
job_push_quay[<code>docker_push_quay_io</code>]
end
build --> test --> deployIn a successfull pipeline (where all jobs pass), the following images would be pushed at various stages:
| Job | Image |
|---|---|
docker_build | containers.ligo.org/namespace/project:$CI_COMMIT_SHA |
docker_push_gitlab | containers.ligo.org/namespace/project:$CI_COMMIT_REF_NAME |
docker_push_gitlab | containers.ligo.org/namespace/project:latest |
docker_push_docker_io | docker.io/username/repository:$CI_COMMIT_REF_NAME |
docker_push_docker_io | docker.io/username/repository:latest |
docker_push_quay_io | quay.io/username/repository:$CI_COMMIT_REF_NAME |
docker_push_quay_io | quay.io/username/repository:latest |