Created
July 8, 2017 20:25
-
-
Save foklepoint/2f9087375830068ec032ef326d93f423 to your computer and use it in GitHub Desktop.
Build and Push images to GCP Container Registry with Gitlab CI
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
image: docker:latest | |
# When using dind, it's wise to use the overlayfs driver for | |
# improved performance. | |
variables: | |
DOCKER_DRIVER: overlay | |
GCP_PROJECT_ID: CHANGE-TO-GCP-PROJECT-ID | |
IMAGE_NAME: image_id | |
services: | |
- docker:dind | |
stages: | |
- publish | |
publish-image: | |
stage: publish | |
script: | |
# Install CA certs, openssl to https downloads, python for gcloud sdk | |
- apk add --update make ca-certificates openssl python | |
- update-ca-certificates | |
# Write our GCP service account private key into a file | |
- echo $GCLOUD_SERVICE_KEY | base64 -d > ${HOME}/gcloud-service-key.json | |
# Download and install Google Cloud SDK | |
- wget https://dl.google.com/dl/cloudsdk/release/google-cloud-sdk.tar.gz | |
- tar zxvf google-cloud-sdk.tar.gz && ./google-cloud-sdk/install.sh --usage-reporting=false --path-update=true | |
- google-cloud-sdk/bin/gcloud --quiet components update | |
- google-cloud-sdk/bin/gcloud auth activate-service-account --key-file ${HOME}/gcloud-service-key.json | |
# Create our image. Expected to create an image 'image_id' | |
- make-my-image | |
# Tag our image for container registry | |
- docker tag $IMAGE_NAME gcr.io/$GCP_PROJECT_ID/$IMAGE_NAME | |
# Optionally tag the image with the commit short-sha | |
- docker tag $IMAGE_NAME gcr.io/$GCP_PROJECT_ID/$IMAGE_NAME:$(echo $CI_COMMIT_SHA | cut -c1-8) | |
- google-cloud-sdk/bin/gcloud docker -- push gcr.io/$GCP_PROJECT_ID/$IMAGE_NAME:latest | |
- google-cloud-sdk/bin/gcloud docker -- push gcr.io/$GCP_PROJECT_ID/$IMAGE_NAME:$(echo $CI_COMMIT_SHA | cut -c1-8) | |
# Only run builds for these refs | |
only: | |
- master |
@vladkras's approach works really, really well. BTW, it's jamming in a whole JSON file, newlines and all, into the password field. 👌
$ apk add --update make ca-certificates openssl python
fetch https://dl-cdn.alpinelinux.org/alpine/v3.13/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.13/community/x86_64/APKINDEX.tar.gz
ERROR: unable to select packages:
python (no such package):
required by: world[python]
Cleaning up file based variables
00:00
ERROR: Job failed: exit code 1
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I agree with @vladkras . This way is much simpler and works.