danielhamelberg · May 5, 2022 09:29
diff --git a/docker-build.yml b/docker-build.yml
 # This template provides the ability to build and push Docker images. It uses
 # a tool called Kaniko, which runs in rootless and without a Docker daemon.
 #
 # It automatically uses and pushes build caches back into the registry,
 # allowing future builds to be performed more quickly (assuming your Dockerfile
 # leverages build caches appropriately).
 #
 # By default, this template pushes images back into GitLab, but can be modified 
 # to push images to any other registry. If ECR is to be used, additional setup
 # will be required, which is documented on the Kaniko website.
 #
 # In addition, any builds for the repo's default branch will also be given
 # an additional "latest" tag.

 .docker-build: &docker-build
  stage: build
  image:
    name: gcr.io/kaniko-project/executor:debug
    entrypoint: [""]
  variables:
    ########## LIKELY TO BE OVERRIDDEN ##########

    # The full image name, minus the tag. If changing, it should contain the URL of
    # the registry as well.
    IMAGE_NAME: $CI_REGISTRY_IMAGE

    # If IMAGE_TAG is set to "default", a default pattern will be used. It provides 
    # traceability of the ref and commit and the timestamp. GitLab doesn't provide
    # a Unix timestamp variable, which is why the value of "default" is used to
    # trigger the tag format creation.
    #    <REF>-<SHORT_COMMIT_SHA>-<UNIX_TIMESTAMP>
    IMAGE_TAG: "default"

    # The location/directory the Dockerfile is found and build context
    BUILD_CONTEXT: $CI_PROJECT_DIR

    # Change these if not pushing to GitLab. If pushing somewhere else, use
    # GitLab CI variables to store the username/password and reference them
    # here. Look at the README on how to override variables defined here.
    REGISTRY_HOST: $CI_REGISTRY
    REGISTRY_USERNAME: $CI_REGISTRY_USER
    REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD

    # The filename to use to store environment variables useful for downstream jobs.
    # The file will consist of the following:
    # DOCKER_IMAGE: image/path:with-tag
    # DOCKER_TAG: just-the-tag
    DOCKER_OUTPUT_DOTENV_FILE: "docker.env"

    # A prefix to be added before the variables defined in ${DOCKER_ENV_FILE}. This
    # is useful in pipelines where multiple Docker builds are executed, yet the output
    # from each is desired.
    DOCKER_OUTPUT_DOTENV_PREFIX: ""

    ########### LESS LIKELY TO BE OVERRIDDEN ###########

    # The name of the Dockerfile to build in the $BUILD_CONTEXT directory
    DOCKERFILE: Dockerfile

    # Change this to simply "" if you want to disable the automatic build cache
    # support during the build. Note that this will cause every build to create a
    # new image and all built layers will have to be repushed/pulled.
    CACHE_IMAGE: ${CI_REGISTRY_IMAGE}/cache

    # Additional build arguments to pass to Kaniko. Purposely commented out here
    # so you can define them at a pipeline-level, as a job-scoped variable will
    # always take precedence.
    # EXTRA_BUILD_ARGUMENTS: ""
  artifacts:
    reports:
      dotenv: $DOCKER_OUTPUT_DOTENV_FILE
  script:
    - export DOCKER_TLS_CERTDIR="/certs"
    - export DOCKER_DRIVER="overlay2"
    - EXTRA_ARGUMENTS="$EXTRA_BUILD_ARGUMENTS"
    - |
      if [ "$IMAGE_NAME" == "" ] && [ "$CI_REGISTRY_IMAGE" == "" ]; then
        echo "No registry is found. If you are planning to use GitLab, ensure the Container registry is enabled on the repo (Settings -> General -> Visibility, project features, permissions -> Container registry" >&2
        exit 1
      fi
    - |
      if [ "$IMAGE_TAG" == "default" ]; then
        BUILD_TIME=$(date +%s)
        export IMAGE_TAG="${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHORT_SHA}-${BUILD_TIME}"
      fi
    - |
      if [ "$REGISTRY_USERNAME" != "" ]; then
        mkdir -p /kaniko/.docker/
        echo "{\"auths\":{\"$REGISTRY_HOST\":{\"username\":\"$REGISTRY_USERNAME\",\"password\":\"$REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
      fi
    - |
      if [ "$CI_COMMIT_REF_NAME" == "$CI_DEFAULT_BRANCH" ]; then
        EXTRA_ARGUMENTS="${EXTRA_ARGUMENTS} --destination $IMAGE_NAME:latest"
      fi
    - |
      if [ "$CACHE_IMAGE" != "" ]; then
        EXTRA_ARGUMENTS="${EXTRA_ARGUMENTS} --cache --cache-repo ${CACHE_IMAGE}"
      fi
    - echo "Performing build. Context - '$BUILD_CONTEXT/$DOCKERFILE'; Tagging - '$IMAGE_NAME:$IMAGE_TAG'; Extra args - '$EXTRA_ARGUMENTS'"
    - /kaniko/executor --ignore-path=/cache --context $BUILD_CONTEXT --dockerfile $BUILD_CONTEXT/$DOCKERFILE --destination $IMAGE_NAME:$IMAGE_TAG $EXTRA_ARGUMENTS
    - |
      if [ "$DOCKER_OUTPUT_DOTENV_FILE" != "" ]; then
      cat > $DOCKER_OUTPUT_DOTENV_FILE <<EOF
      ${DOCKER_OUTPUT_DOTENV_PREFIX}DOCKER_IMAGE=$IMAGE_NAME:$IMAGE_TAG
      ${DOCKER_OUTPUT_DOTENV_PREFIX}DOCKER_TAG=$IMAGE_TAG
      EOF
      fi
	# This template provides the ability to build and push Docker images. It uses
	# a tool called Kaniko, which runs in rootless and without a Docker daemon.
	#
	# It automatically uses and pushes build caches back into the registry,
	# allowing future builds to be performed more quickly (assuming your Dockerfile
	# leverages build caches appropriately).
	#
	# By default, this template pushes images back into GitLab, but can be modified
	# to push images to any other registry. If ECR is to be used, additional setup
	# will be required, which is documented on the Kaniko website.
	#
	# In addition, any builds for the repo's default branch will also be given
	# an additional "latest" tag.

	.docker-build: &docker-build
	stage: build
	image:
	name: gcr.io/kaniko-project/executor:debug
	entrypoint: [""]
	variables:
	########## LIKELY TO BE OVERRIDDEN ##########

	# The full image name, minus the tag. If changing, it should contain the URL of
	# the registry as well.
	IMAGE_NAME: $CI_REGISTRY_IMAGE

	# If IMAGE_TAG is set to "default", a default pattern will be used. It provides
	# traceability of the ref and commit and the timestamp. GitLab doesn't provide
	# a Unix timestamp variable, which is why the value of "default" is used to
	# trigger the tag format creation.
	# <REF>-<SHORT_COMMIT_SHA>-<UNIX_TIMESTAMP>
	IMAGE_TAG: "default"

	# The location/directory the Dockerfile is found and build context
	BUILD_CONTEXT: $CI_PROJECT_DIR

	# Change these if not pushing to GitLab. If pushing somewhere else, use
	# GitLab CI variables to store the username/password and reference them
	# here. Look at the README on how to override variables defined here.
	REGISTRY_HOST: $CI_REGISTRY
	REGISTRY_USERNAME: $CI_REGISTRY_USER
	REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD

	# The filename to use to store environment variables useful for downstream jobs.
	# The file will consist of the following:
	# DOCKER_IMAGE: image/path:with-tag
	# DOCKER_TAG: just-the-tag
	DOCKER_OUTPUT_DOTENV_FILE: "docker.env"

	# A prefix to be added before the variables defined in ${DOCKER_ENV_FILE}. This
	# is useful in pipelines where multiple Docker builds are executed, yet the output
	# from each is desired.
	DOCKER_OUTPUT_DOTENV_PREFIX: ""

	########### LESS LIKELY TO BE OVERRIDDEN ###########

	# The name of the Dockerfile to build in the $BUILD_CONTEXT directory
	DOCKERFILE: Dockerfile

	# Change this to simply "" if you want to disable the automatic build cache
	# support during the build. Note that this will cause every build to create a
	# new image and all built layers will have to be repushed/pulled.
	CACHE_IMAGE: ${CI_REGISTRY_IMAGE}/cache

	# Additional build arguments to pass to Kaniko. Purposely commented out here
	# so you can define them at a pipeline-level, as a job-scoped variable will
	# always take precedence.
	# EXTRA_BUILD_ARGUMENTS: ""
	artifacts:
	reports:
	dotenv: $DOCKER_OUTPUT_DOTENV_FILE
	script:
	- export DOCKER_TLS_CERTDIR="/certs"
	- export DOCKER_DRIVER="overlay2"
	- EXTRA_ARGUMENTS="$EXTRA_BUILD_ARGUMENTS"
	- \|
	if [ "$IMAGE_NAME" == "" ] && [ "$CI_REGISTRY_IMAGE" == "" ]; then
	echo "No registry is found. If you are planning to use GitLab, ensure the Container registry is enabled on the repo (Settings -> General -> Visibility, project features, permissions -> Container registry" >&2
	exit 1
	fi
	- \|
	if [ "$IMAGE_TAG" == "default" ]; then
	BUILD_TIME=$(date +%s)
	export IMAGE_TAG="${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHORT_SHA}-${BUILD_TIME}"
	fi
	- \|
	if [ "$REGISTRY_USERNAME" != "" ]; then
	mkdir -p /kaniko/.docker/
	echo "{\"auths\":{\"$REGISTRY_HOST\":{\"username\":\"$REGISTRY_USERNAME\",\"password\":\"$REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
	fi
	- \|
	if [ "$CI_COMMIT_REF_NAME" == "$CI_DEFAULT_BRANCH" ]; then
	EXTRA_ARGUMENTS="${EXTRA_ARGUMENTS} --destination $IMAGE_NAME:latest"
	fi
	- \|
	if [ "$CACHE_IMAGE" != "" ]; then
	EXTRA_ARGUMENTS="${EXTRA_ARGUMENTS} --cache --cache-repo ${CACHE_IMAGE}"
	fi
	- echo "Performing build. Context - '$BUILD_CONTEXT/$DOCKERFILE'; Tagging - '$IMAGE_NAME:$IMAGE_TAG'; Extra args - '$EXTRA_ARGUMENTS'"
	- /kaniko/executor --ignore-path=/cache --context $BUILD_CONTEXT --dockerfile $BUILD_CONTEXT/$DOCKERFILE --destination $IMAGE_NAME:$IMAGE_TAG $EXTRA_ARGUMENTS
	- \|
	if [ "$DOCKER_OUTPUT_DOTENV_FILE" != "" ]; then
	cat > $DOCKER_OUTPUT_DOTENV_FILE <<EOF
	${DOCKER_OUTPUT_DOTENV_PREFIX}DOCKER_IMAGE=$IMAGE_NAME:$IMAGE_TAG
	${DOCKER_OUTPUT_DOTENV_PREFIX}DOCKER_TAG=$IMAGE_TAG
	EOF
	fi
No results found