NcamGnrvngu/gitlab-build-images
1
0
Fork 0
mirror of https://ops.gitlab.net/gitlab-org/gitlab-build-images.git synced 2025-12-09 10:02:56 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
Mirror of https://gitlab.com/gitlab-org/gitlab-build-images/
795 commits 76 branches 0 tags 1.5 MiB
Find a file
Tomasz Maczukin 026e9fa6ef
Follow GitLab CI best practices 
This commit changes few things, implementing some of the GitLab CI known
best practices:

1. Explicitly pointing the `docker:git` image to a specific version.

    Leaving the floating one we're risking that a buggy release of new
    Docker image will be randomly introduced to our pipelines. It's also
    best to make the Docker Client (used by the job from within the
    `docker:git` image) to be at the same version as the Docker Engine
    (running in the `docker:dind` service container).

2. Replacing `ci-job-token` with `CI_REGISTRY_USER` and `CI_JOB_TOKEN`
   with `CI_REGISTRY_PASSWORD` makes the script more bulletproff. Yes,
   at this moment these variables contain the same values. But they are
   dedicated for such usage and if GitLab CI will ever decide to switch
   how Registry access should be done, the dedicated variables will
   folow the proper way.
2021-02-25 14:19:31 +01:00
assets Merge branch 'disable-gosec-error-checking' into 'master' 2020-01-20 10:52:26 +00:00
patches/ruby Fix support for Ruby versions 2021-02-01 17:45:17 +01:00
scripts Merge branch '60-remove-ansible-and-terraform-installation-scripts-from-this-repository' into 'master' 2021-02-22 17:29:54 +00:00
.gitattributes Add Dockerfile syntax highlighting 2019-03-26 09:52:21 +00:00
.gitignore Add .gitignore for .idea 2020-05-26 22:37:59 -07:00
.gitlab-ci.yml Follow GitLab CI best practices 2021-02-25 14:19:31 +01:00
CONTRIBUTING.md Update license and contributing.md 2017-11-14 14:57:23 +01:00
Dockerfile.alpine-helm Add alpine-helm image used in Charts 2019-09-05 11:18:45 +05:30
Dockerfile.build-git Add Dockerfile to build Git 2020-02-06 16:53:49 +01:00
Dockerfile.custom Remove Ansible and Terraform custom installation scripts 2021-02-16 09:11:00 +00:00
Dockerfile.danger Update danger from 8.2.1 to 8.2.2 2021-02-15 07:47:05 +00:00
Dockerfile.gitlab-charts-build-base Update Helm 2 to latest patch version 2020-08-04 09:25:04 +01:00
Dockerfile.gitlab-charts-build-base-helm-3 Update Helm to 3.4.1 2020-12-17 18:34:39 -05:00
Dockerfile.gitlab-helm3-kubectl1.14 Add a new gitlab-helm3-kubectl1.14 image 2020-04-01 11:48:11 +02:00
Dockerfile.gitlab-operator-build-base Add yq to gitlab-operator-build-base image 2021-01-13 15:08:21 -06:00
Dockerfile.gitlab-puppeteer Update puppeteer image to use node@12 2019-06-14 12:21:16 +00:00
Dockerfile.gitlab-qa-alpine-ruby-2.7 Update Docker (CLI) to 20.10.2 in GitLab QA build images 2021-01-14 13:38:08 +00:00
Dockerfile.gitlab-qa-alpine-ruby-3.0 Update Docker (CLI) to 20.10.2 in GitLab QA build images 2021-01-14 13:38:08 +00:00
Dockerfile.gitlab-qa-ruby-2.7 Update Docker (CLI) to 20.10.2 in GitLab QA build images 2021-01-14 13:38:08 +00:00
Dockerfile.gitlab-qa-ruby-3.0 Update Docker (CLI) to 20.10.2 in GitLab QA build images 2021-01-14 13:38:08 +00:00
Dockerfile.golangci-lint-alpine Update golangci-lint 2021-02-22 12:45:38 +01:00
Dockerfile.omnibus-gitlab-bionic Pin bundler to 2.2.3 temporarily 2021-01-07 11:54:48 -08:00
Dockerfile.omnibus-gitlab-buster Pin bundler to 2.2.3 temporarily 2021-01-07 11:54:48 -08:00
Dockerfile.omnibus-gitlab-centos7 Pin bundler to 2.2.3 temporarily 2021-01-07 11:54:48 -08:00
Dockerfile.omnibus-gitlab-centos8 Pin bundler to 2.2.3 temporarily 2021-01-07 11:54:48 -08:00
Dockerfile.omnibus-gitlab-cve-search Add cve-search Docker image 2020-06-10 18:45:51 +00:00
Dockerfile.omnibus-gitlab-depscan Add image used by dependency_scanning job in omnibus-gitlab 2018-12-15 12:18:00 +05:30
Dockerfile.omnibus-gitlab-focal Pin bundler to 2.2.3 temporarily 2021-01-07 11:54:48 -08:00
Dockerfile.omnibus-gitlab-jessie Pin bundler to 2.2.3 temporarily 2021-01-07 11:54:48 -08:00
Dockerfile.omnibus-gitlab-opensuse15.1 Pin bundler to 2.2.3 temporarily 2021-01-07 11:54:48 -08:00
Dockerfile.omnibus-gitlab-opensuse15.2 Pin bundler to 2.2.3 temporarily 2021-01-07 11:54:48 -08:00
Dockerfile.omnibus-gitlab-stretch Pin bundler to 2.2.3 temporarily 2021-01-07 11:54:48 -08:00
Dockerfile.omnibus-gitlab-wheezy Pin bundler to 2.2.3 temporarily 2021-01-07 11:54:48 -08:00
Dockerfile.omnibus-gitlab-xenial Pin bundler to 2.2.3 temporarily 2021-01-07 11:54:48 -08:00
Dockerfile.release-tools Update release-tools to use Ruby v2.7 2020-11-02 13:29:50 -08:00
Dockerfile.sitespeed-gitlab Move static files to assets directory 2019-11-21 09:51:13 -08:00
Dockerfile.terraform add terraform image 2020-03-12 20:19:25 +00:00
Dockerfile.ubi-release Revert "Use pip3 to grab python3 awscli" 2020-06-26 13:58:52 -07:00
Dockerfile.www-gitlab-com-2.7 Update install script of gcloud for www-gitlab-com 2021-01-31 12:06:26 +00:00
Dockerfile.www-gitlab-com-3.0 Add Ruby 3.0-based image for www-gitlab-com repo 2021-02-20 21:46:19 +00:00
LICENSE Update license and contributing.md 2017-11-14 14:57:23 +01:00
README.md Remove Ansible and Terraform custom installation scripts 2021-02-16 09:11:00 +00:00

README.md

GitLab Build Images

This repository is used to build docker images that are used to build and test various parts of GitLab:

  1. Build Omnibus packages
  2. Test GitLab-CE/EE project
  3. Build gitlab-org/www-gitlab-com project

Adding a new image

There are two methods to adding a new image:

  1. Use a Dockerfile.
  2. Use a custom image with versioned features.

Use a Dockerfile

A bespoke image is one that uses it's own Dockerfile. In the interests of avoiding repetition, it's better to use the custom docker build if possible.

Assuming the image you want to add is called new-image:

  1. Add a test task: new-image test: *test_build.
  2. Add a new build task: new-image: *build_and_deploy.
  3. Add a Dockerfile: Dockerfile.new-image.

Use a custom image with versioned features

To add a new image to the build, edit .gitlab-ci.yml.

With custom images, the name of the image is used to define the contents (as opposed to use a bespoke Dockerfile build).

For this reason, the name needs to be correctly defined.

The name is defined as [feature]-[version] pairs, separated by -.

Here are some example build names:

  1. ruby-2.7-golang-1.15-git-2.29
  2. ruby-3.0.0-git-2.29-lfs-2.9-node-14.15-yarn-1.22-graphicsmagick-1.3.34
  3. ruby-3.0.0.patched-golang-1.14-git-2.29-lfs-2.9-chrome-87-node-14.15-yarn-1.22-postgresql-12-graphicsmagick-1.3.34

The first pair represents the base image and version. So ruby-3.0-... will use the ruby:3.0 base image, while golang-1.15 will use the golang:1.15 base image.

Each of the following parts represents another feature and version. Available options are:

  1. chrome
  2. docker
  3. git
  4. golang
  5. graphicsmagick
  6. lfs
  7. node
  8. pgbouncer
  9. postgresql
  10. ruby
  11. yarn

Adding a new build

As an example, if you want to add new image for Ruby 3.0 with git 2.29 and golang 1.15, the name would be ruby-3.0-golang-1.15-git-2.29.

  1. Add a test task: ruby-3.0-golang-1.15-git-2.29 test: *test_custom
  2. Add a new build task: ruby-3.0-golang-1.15-git-2.29 push: *build_and_deploy_custom

Pushing a rebuild image

To build (or rebuild) a given image and push it, you need to enable manual action for a given job after it is merged to master.

By default we don't do it to ensure that an upstream dependency doesn't end up breaking our images unexpectedly. For reference, this happened in the past: https://gitlab.com/gitlab-org/gitlab/issues/205192

Note regarding Google Chrome

Google has a policy of yanking older versions of Google Chrome from their PPA whenever a new major version is released. To help maintain consistent build images, there is a CI step that saves the latest Google Chrome .deb into an S3 bucket. The install for Chrome will attempt to retrieve from the bucket if it cannot find the file in the apt repository. See scripts/cache-google-chrome for more details.

Contributing

See Contributing