Docker.yaml

# -*- mode: yaml; coding: utf-8 -*-
# vim: ft=yaml
#
# Hidden template jobs to be used in `.gitlab-ci.yml`
#
# - `.docker:image:build`: build a docker image with `kaniko:executor`
#
# - `.docker:image:tag`: tag docker image with `crane`
#
---
#
# .docker:image:build
# ===================
#
# Build the container image `${IMAGE_NAME}:${IMAGE_TAG}` and push it to `${CI_REGISTRY}`
#
# USAGE
# =====
#
# foo-docker-build:
#   extends: .docker:image:build
#   variables:
#     DOCKERFILE: Some-specific.Dockerfile
#     IMAGE_TAG: $CI_COMMIT_REF_SLUG
#
# REQUIREMENTS
# ============
#
# - a `build` stage must be present in your pipeline or it must be
#   overriden by the extending job to feet your need.
#
# - the `.not-on-stable` rules templates
#
# OPTIONAL VARIABLES
# ==================
#
# - `IMAGE_NAME`: name of the docker image to build, defaults to
#   `${CI_JOB_NAME}` with any suffix `-docker-build*` removed
#
# - `IMAGE_TAG`: tag of the docker image, defaults to
#   `git-${CI_COMMIT_SHORT_SHA}`
#
# - `DOCKERFILE`: defaults, in order
#    - to value set by the user
#    - to `Dockerfile.${IMAGE_NAME}` if the file exists
#    - to `Dockerfile` if the file exists
#
# - `KANIKO_IMAGE`: name of the `kaniko` docker image to use
#
# - `KANIKO_ARGS`: arguments to pass to kaniko executor command, empty
#   by default
#
# USED CI VARIABLES
# =================
#
# - `CI_REGISTRY`
#
# - `CI_REGISTRY_USER`
#
# - `CI_REGISTRY_PASSWORD`
#
# - `CI_REGISTRY_IMAGE`
#
.docker:image:build:
  stage: build
  extends: .not-on-stable
  image:
    name: "${KANIKO_IMAGE}"
    entrypoint: [""]
  variables:
    KANIKO_IMAGE: gcr.io/kaniko-project/executor:v1.7.0-debug
    KANIKO_ARGS: ''
  script:
    - echo -e "\e[0Ksection_start:`date +%s`:docker-image-build-config[collapsed=true]\r\e[0KPrepare environment to build docker image"
    - export IMAGE_NAME=${IMAGE_NAME:-${CI_JOB_NAME%-docker-build*}}
    - test -f Dockerfile.${IMAGE_NAME} && export DOCKERFILE=${DOCKERFILE:-Dockerfile.${IMAGE_NAME}} || true
    - test -f Dockerfile && export DOCKERFILE=${DOCKERFILE:-Dockerfile} || true
    - export IMAGE_TAG=${IMAGE_TAG:-git-${CI_COMMIT_SHORT_SHA}}
    - mkdir -p /kaniko/.docker
    - echo "{\"auths\":{\"${CI_REGISTRY}\":{\"auth\":\"$(echo -n ${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD} | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
    - echo -e "\e[0Ksection_end:`date +%s`:docker-image-build-config\r\e[0K"
    - echo -e "\e[0Ksection_start:`date +%s`:docker-image-build-kaniko\r\e[0KBuild docker image '${IMAGE_NAME}:${IMAGE_TAG}' using Dockerfile '${DOCKERFILE}' and push to '${CI_REGISTRY_IMAGE}'"
    - /kaniko/executor ${KANIKO_ARGS} --context ${CI_PROJECT_DIR} --dockerfile $CI_PROJECT_DIR/${DOCKERFILE} --destination ${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:${IMAGE_TAG}
    - echo -e "\e[0Ksection_end:`date +%s`:docker-image-build-kaniko\r\e[0K"

.build-docker-image:
  extends: .docker:image:build
  before_script:
    - 'echo "DEPRECATION WARNING: use .docker:image:build instead"'


#
# .docker:image:tag
# =================
#
# Tag the `${IMAGE_NAME}:${SOURCE_TAG}` with the new tag `${IMAGE_TAG}`
#
# USAGE
# =====
#
# foo-docker-tag-devel:
#   extends: .docker:image:tag
#   variables:
#     IMAGE_TAG: 'devel'
#
# REQUIREMENTS
# ============
#
# - a `release` stage must be present in your pipeline or it must be
#   overriden by the extending job to feet your need.
#
# - the `.on-release-tag` rules templates
#
# OPTIONAL VARIABLES
# ==================
#
# - `IMAGE_NAME`: name of the docker image to tag, defaults to
#   `CI_JOB_NAME` with any suffix `-docker-tag*` removed
#
# - `SOURCE_TAG`: source image tag to retag, defaults to
#   `git-${CI_COMMIT_SHORT_SHA}`
#
# - `IMAGE_TAG`: image tag, defaults to `${CI_COMMIT_TAG}` with
#   prefix `${RELEASE_TAG_PREFIX}` removed
#
# - `RELEASE_TAG_PREFIX`: prefix of the `RELEASE`, defaults to
#   `release/`
#
# - `CRANE_IMAGE`: name of the `crane` docker image to use
#
# USED CI VARIABLES
# =================
#
# - `CI_REGISTRY`
#
# - `CI_REGISTRY_USER`
#
# - `CI_REGISTRY_PASSWORD`
#
# - `CI_REGISTRY_IMAGE`
#
.docker:image:tag:
  stage: release
  extends: .on-release-tag
  image:
    name: "${CRANE_IMAGE}"
    entrypoint: [""]
  variables:
    CRANE_IMAGE: gcr.io/go-containerregistry/crane:debug
    GIT_STRATEGY: none
  script:
    - echo -e "\e[0Ksection_start:`date +%s`:docker-image-tag-config[collapsed=true]\r\e[0KPrepare environment to tag docker image"
    - export IMAGE_NAME="${IMAGE_NAME:-${CI_JOB_NAME%-docker-tag*}}"
    - export SOURCE_TAG="${SOURCE_TAG:-git-${CI_COMMIT_SHORT_SHA}}"
    - export RELEASE_TAG_PREFIX="${RELEASE_TAG_PREFIX:-release/}"
    - export IMAGE_TAG="${IMAGE_TAG:-${CI_COMMIT_TAG#${RELEASE_TAG_PREFIX}}}"
    - crane auth login -u "${CI_REGISTRY_USER}" -p "${CI_REGISTRY_PASSWORD}" "${CI_REGISTRY}"
    - echo -e "\e[0Ksection_end:`date +%s`:docker-image-tag-config\r\e[0K"
    - echo -e "\e[0Ksection_start:`date +%s`:docker-image-tag-crane\r\e[0KTag docker image '${IMAGE_NAME}:${SOURCE_TAG}' with '${IMAGE_TAG}'"
    - crane tag "${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:${SOURCE_TAG}" "${IMAGE_TAG}"
    - echo -e "\e[0Ksection_end:`date +%s`:docker-image-tag-crane\r\e[0K"

.tag-docker-image:
  extends: .docker:image:tag
  before_script:
    - 'echo "DEPRECATION WARNING: use .docker:image:tag instead"'
...