From 897d4460831e77d9236c4fc49cc8aaaecdbfd90a Mon Sep 17 00:00:00 2001
From: Daniel Dehennin <daniel.dehennin@ac-dijon.fr>
Date: Fri, 11 Mar 2022 13:31:07 +0100
Subject: [PATCH] refactor(docker): new job templates but keep compatible jobs

Building a docker image is now done by `.docker:image:build` job
template.

Tagging a docker image is now done by `.docker:image:tag` job
template.

We keep the previous job templates for backward compatibility.

* templates/Docker.yaml: new `.docker:image:build` and
  `.docker:image:tag` job templates.
---
 templates/Docker.yaml | 114 ++++++++++++++++++++++++++++++++----------
 1 file changed, 87 insertions(+), 27 deletions(-)

diff --git a/templates/Docker.yaml b/templates/Docker.yaml
index 9834d67..b8f8c80 100644
--- a/templates/Docker.yaml
+++ b/templates/Docker.yaml
@@ -1,14 +1,24 @@
 # -*- mode: yaml; coding: utf-8 -*-
 # vim: ft=yaml
 #
-# Define `.build-docker-image` template used by `*-docker-build` jobs
-# It build the container image and push it to `${CI_REGISTRY}`
+# Hidden template jobs to be used in `.gitlab-ci.yml`
+#
+# - `.docker:image:build`: build a docker image with `kaniko:executor`
+#
+# - `.docker:image:tag`: tag docker image with `crane`
+#
+---
+#
+# .docker:image:build
+# ===================
+#
+# Build the container image `${IMAGE_NAME}:${IMAGE_TAG}` and push it to `${CI_REGISTRY}`
 #
 # USAGE
 # =====
 #
 # foo-docker-build:
-#   extends: .build-docker-image
+#   extends: .docker:image:build
 #   variables:
 #     DOCKERFILE: Some-specific.Dockerfile
 #     IMAGE_TAG: $CI_COMMIT_REF_SLUG
@@ -16,92 +26,142 @@
 # REQUIREMENTS
 # ============
 #
-# - A `build` stage must be present in your pipeline or it must be
+# - a `build` stage must be present in your pipeline or it must be
 #   overriden by the extending job to feet your need.
-# - The `.not-on-stable` rules template
+#
+# - the `.not-on-stable` rules templates
 #
 # OPTIONAL VARIABLES
 # ==================
 #
-# - `IMAGE_NAME`: defaults to `${CI_JOB_NAME}` with any suffix `-docker-build*` removed
+# - `IMAGE_NAME`: name of the docker image to build, defaults to
+#   `${CI_JOB_NAME}` with any suffix `-docker-build*` removed
+#
+# - `IMAGE_TAG`: tag of the docker image, defaults to
+#   `git-${CI_COMMIT_SHORT_SHA}`
+#
 # - `DOCKERFILE`: defaults, in order
 #    - to value set by the user
 #    - to `Dockerfile.${IMAGE_NAME}` if the file exists
 #    - to `Dockerfile` if the file exists
-# - `IMAGE_TAG`: defaults to `git-${CI_COMMIT_SHORT_SHA}`
-# - `KANIKO_ARGS`: arguments to pass to kaniko executor command, empty by default
+#
+# - `KANIKO_IMAGE`: name of the `kaniko` docker image to use
+#
+# - `KANIKO_ARGS`: arguments to pass to kaniko executor command, empty
+#   by default
 #
 # USED CI VARIABLES
 # =================
 #
 # - `CI_REGISTRY`
+#
 # - `CI_REGISTRY_USER`
+#
 # - `CI_REGISTRY_PASSWORD`
+#
 # - `CI_REGISTRY_IMAGE`
 #
-.build-docker-image:
+.docker:image:build:
   stage: build
   extends: .not-on-stable
   image:
-    name: gcr.io/kaniko-project/executor:v1.7.0-debug
+    name: "${KANIKO_IMAGE}"
     entrypoint: [""]
   variables:
+    KANIKO_IMAGE: gcr.io/kaniko-project/executor:v1.7.0-debug
     KANIKO_ARGS: ''
   script:
+    - echo -e "\e[0Ksection_start:`date +%s`:docker-image-build-config[collapsed=true]\r\e[0KPrepare environment to build docker image"
     - export IMAGE_NAME=${IMAGE_NAME:-${CI_JOB_NAME%-docker-build*}}
     - test -f Dockerfile.${IMAGE_NAME} && export DOCKERFILE=${DOCKERFILE:-Dockerfile.${IMAGE_NAME}} || true
     - test -f Dockerfile && export DOCKERFILE=${DOCKERFILE:-Dockerfile} || true
     - export IMAGE_TAG=${IMAGE_TAG:-git-${CI_COMMIT_SHORT_SHA}}
     - mkdir -p /kaniko/.docker
     - echo "{\"auths\":{\"${CI_REGISTRY}\":{\"auth\":\"$(echo -n ${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD} | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
+    - echo -e "\e[0Ksection_end:`date +%s`:docker-image-build-config\r\e[0K"
+    - echo -e "\e[0Ksection_start:`date +%s`:docker-image-build-kaniko\r\e[0KBuild docker image '${IMAGE_NAME}:${IMAGE_TAG}' using Dockerfile '${DOCKERFILE}' and push to '${CI_REGISTRY_IMAGE}'"
     - /kaniko/executor ${KANIKO_ARGS} --context ${CI_PROJECT_DIR} --dockerfile $CI_PROJECT_DIR/${DOCKERFILE} --destination ${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:${IMAGE_TAG}
+    - echo -e "\e[0Ksection_end:`date +%s`:docker-image-build-kaniko\r\e[0K"
+
+.build-docker-image:
+  extends: .docker:image:build
+  before_script:
+    - 'echo "DEPRECATION WARNING: use .docker:image:build instead"'
 
-# Define `.tag-docker-image` template used by `*-docker-tag` jobs
-# It tag the `${IMAGE_NAME}:${SOURCE_TAG}` with the tag `${IMAGE_TAG}`
+
+#
+# .docker:image:tag
+# =================
+#
+# Tag the `${IMAGE_NAME}:${SOURCE_TAG}` with the new tag `${IMAGE_TAG}`
 #
 # USAGE
 # =====
 #
 # foo-docker-tag-devel:
-#   extends: .tag-docker-image
+#   extends: .docker:image:tag
 #   variables:
 #     IMAGE_TAG: 'devel'
 #
 # REQUIREMENTS
 # ============
 #
-# - A `release` stage must be present in your pipeline or it must be
+# - a `release` stage must be present in your pipeline or it must be
 #   overriden by the extending job to feet your need.
-# - The `.not-on-stable` rules template
+#
+# - the `.on-release-tag` rules templates
 #
 # OPTIONAL VARIABLES
 # ==================
 #
-# - `IMAGE_NAME`: defaults to `${CI_JOB_NAME}` with any suffix `-docker-tag*` removed
-# - `SOURCE_TAG`: source image tag to retag, defaults to `git-${CI_COMMIT_SHORT_SHA}`
-# - `IMAGE_TAG`: image tag, defaults to `${CI_COMMIT_TAG}` with prefix `RELEASE_PREFIX` removed
-# - `RELEASE_PREFIX`: prefix of the `RELEASE`, defaults to `release/`
+# - `IMAGE_NAME`: name of the docker image to tag, defaults to
+#   `CI_JOB_NAME` with any suffix `-docker-tag*` removed
+#
+# - `SOURCE_TAG`: source image tag to retag, defaults to
+#   `git-${CI_COMMIT_SHORT_SHA}`
+#
+# - `IMAGE_TAG`: image tag, defaults to `${CI_COMMIT_TAG}` with
+#   prefix `${RELEASE_TAG_PREFIX}` removed
+#
+# - `RELEASE_TAG_PREFIX`: prefix of the `RELEASE`, defaults to
+#   `release/`
+#
+# - `CRANE_IMAGE`: name of the `crane` docker image to use
 #
 # USED CI VARIABLES
 # =================
 #
 # - `CI_REGISTRY`
+#
 # - `CI_REGISTRY_USER`
+#
 # - `CI_REGISTRY_PASSWORD`
+#
 # - `CI_REGISTRY_IMAGE`
 #
-.tag-docker-image:
+.docker:image:tag:
   stage: release
   extends: .on-release-tag
   image:
-    name: gcr.io/go-containerregistry/crane:debug
+    name: "${CRANE_IMAGE}"
     entrypoint: [""]
   variables:
+    CRANE_IMAGE: gcr.io/go-containerregistry/crane:debug
     GIT_STRATEGY: none
   script:
-    - export IMAGE_NAME=${IMAGE_NAME:-${CI_JOB_NAME%-docker-tag*}}
-    - export SOURCE_TAG=${SOURCE_TAG:-git-${CI_COMMIT_SHORT_SHA}}
-    - export RELEASE_PREFIX=${RELEASE_PREFIX:-release/}
-    - export IMAGE_TAG=${IMAGE_TAG:-${CI_COMMIT_TAG#${RELEASE_PREFIX}}}
-    - crane auth login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY}
-    - crane tag ${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:${SOURCE_TAG} ${IMAGE_TAG}
+    - echo -e "\e[0Ksection_start:`date +%s`:docker-image-tag-config[collapsed=true]\r\e[0KPrepare environment to tag docker image"
+    - export IMAGE_NAME="${IMAGE_NAME:-${CI_JOB_NAME%-docker-tag*}}"
+    - export SOURCE_TAG="${SOURCE_TAG:-git-${CI_COMMIT_SHORT_SHA}}"
+    - export RELEASE_TAG_PREFIX="${RELEASE_TAG_PREFIX:-release/}"
+    - export IMAGE_TAG="${IMAGE_TAG:-${CI_COMMIT_TAG#${RELEASE_TAG_PREFIX}}}"
+    - crane auth login -u "${CI_REGISTRY_USER}" -p "${CI_REGISTRY_PASSWORD}" "${CI_REGISTRY}"
+    - echo -e "\e[0Ksection_end:`date +%s`:docker-image-tag-config\r\e[0K"
+    - echo -e "\e[0Ksection_start:`date +%s`:docker-image-tag-crane\r\e[0KTag docker image '${IMAGE_NAME}:${SOURCE_TAG}' with '${IMAGE_TAG}'"
+    - crane tag "${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:${SOURCE_TAG}" "${IMAGE_TAG}"
+    - echo -e "\e[0Ksection_end:`date +%s`:docker-image-tag-crane\r\e[0K"
+
+.tag-docker-image:
+  extends: .docker:image:tag
+  before_script:
+    - 'echo "DEPRECATION WARNING: use .docker:image:tag instead"'
+...
-- 
GitLab