Docker Image
This page describes the rules that must be followed to create the docker image attached to the target repository.
Why a docker image ?
The docker image contains the environment that is needed to run the scripts. It must contain all the dependencies and software used by them. This allows an easy deployment on the GitLab-Runner and a tested & known environment. This prevents the need to configure and install all the dependencies on the GitLab-Runner directly. The docker image contains also the necessary credentials to clone the target repository sources.
Create the docker image
The docker image is build using the dockerfile located in the docker folder.
To allows the dAIEdge-VLab to clone the sources of the target repository the deployment token and the repository URL must be set in environment variables in the docker image. The following steps describe the mandatory environment variables that the docker image must have.
Install the minimum requirements
First, make sure the system you are using have docker installed. Use the docker official documentation to install docker if you need.
Create the dockerfile
In the folder docker of the target repository, create a file named dockerfile. This file contains the instructions to build the docker image.
Here install all the dependencies and software needed to run the scripts.
You must install git and jq in your image. You can do that by adding the following line to the dockerfile :
RUN apt-get install -y git jqBuild command
Give the Deploy Token to build command by adding the following parameters :
--build-arg DEPLOY_TOKEN_USERNAME=$CI_DEPLOY_USER--build-arg DEPLOY_TOKEN_PASSWORD=$CI_DEPLOY_PASSWORDCI_DEPLOY_USER and CI_DEPLOY_PASSWORD are variables that contains the Deploy Token. They are accessible from the CI/CD. If the build command is not run in the CI/CD, replace these variables by a valid Deploy Token.
An environment variable TARGET_REPOSITORY_URL must be set in the docker image. This variable must point to the target repository. The URL should be deduced by using the default CI/CD variables, that way, if the URL changes (e.g. reorganization), the update is automatically applied the next time the CI/CD is run.
Modify the build command by adding the following parameter:
--build-arg TARGET_REPOSITORY_URL=$CI_PROJECT_URLHere is an example of a build command :
docker build -t $CI_REGISTRY/$CI_PROJECT_PATH:latest ./docker/ --build-arg TARGET_REPOSITORY_URL=$CI_PROJECT_URL --build-arg DEPLOY_TOKEN_USERNAME=$CI_DEPLOY_USER --build-arg DEPLOY_TOKEN_PASSWORD=$CI_DEPLOY_PASSWORD -f ./docker/dockerfileDockerfile
Modify the dockerfile by adding the following lines or use the dockerfile template :
ARG DEPLOY_TOKEN_USERNAME
ARG DEPLOY_TOKEN_PASSWORD
ARG TARGET_REPOSITORY_URL
ENV DEPLOY_TOKEN_USERNAME=$DEPLOY_TOKEN_USERNAME
ENV DEPLOY_TOKEN_PASSWORD=$DEPLOY_TOKEN_PASSWORD
ENV TARGET_REPOSITORY_URL=$TARGET_REPOSITORY_URLThe three first lines allow to access the values given in parameters, the three last create three environment variables named DEPLOY_TOKEN_USERNAME, DEPLOY_TOKEN_PASSWORD and TARGET_REPOSITORY_URL. They contain the two values (username and token) that compose the Deploy Token.
git and jq in your image.Build and push the image to the container registry manually
Start by logging in to the container registry with the following command :
docker login <your-registry-url> <your-registry-url> is the URL of the container registry. For gitlab.com, the URL is registry.gitlab.com.
Then build the image with all the parameters :
docker build -t <your-registry-url>/<your-project-path>:latest ./docker/ --build-arg TARGET_REPOSITORY_URL=<your_repository_url> --build-arg DEPLOY_TOKEN_USERNAME=<your_deploy_token_user> --build-arg DEPLOY_TOKEN_PASSWORD=<your_deploy_token_password> -f ./docker/dockerfileFinally, push the image to the container registry :
docker push <your-registry-url>/<your-project-path>:latestAutomate the process
It is recommended to use the CI/CD to build and push the docker image in the repository. This allows to update and publish the docker image automatically. This prevents the need to update manually the Deploy Token or the URL if they change.
Recall that the image must contain the following environment variables :
TARGET_REPOSITORY_URL: URL of the sourcesDEPLOY_TOKEN_USERNAME: Deploy token username - Grant access to the repository.DEPLOY_TOKEN_PASSWORD: Deploy token password - Grant access to the repository.
These tree environment variables should be updated automatically in the CI/CD. Here is an example of how to build the image in the CI/CD :
build-image:
image: docker:dind
variables:
DOCKER_DRIVER: overlay2
DOCKER_HOST: "tcp://docker:2375"
DOCKER_TLS_CERTDIR: ""
tags:
- your-runner-tag
services:
- docker:dind
stage: build-image
script:
- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
# Build the docker image and set the variables (URL & deploy_token).
- docker build -t $CI_REGISTRY/$CI_PROJECT_PATH:latest ./docker/ --build-arg TARGET_REPOSITORY_URL=$CI_PROJECT_URL --build-arg DEPLOY_TOKEN_USERNAME=$CI_DEPLOY_USER --build-arg DEPLOY_TOKEN_PASSWORD=$CI_DEPLOY_PASSWORD -f ./docker/dockerfile
# Push the latest image to the container registry.
- docker push $CI_REGISTRY/$CI_PROJECT_PATH:latestbuild-image doesn’t need to be modified and can simply be added to your CI/CD. All the values come from default CI/CD variables. However, you should change the your-runner-tag with the tag associated with the runner you want to use.your-runner-tag with the tag associated with the runner you want to use. Thus, you must have a runner registered in your gitlab project to use the CI/CD. If you don’t have one, you can follow the runner official documentation to add one to your repository.