Gitlab CI/CD
Configure project variables
Warning
This documentation is deprecated, please check here for its new home
To use the Gitlab CI/CD with harbor, first setup a robot account.
On your gitlab project go to Settings -> CI/CD -> Variables (expand) and create the variables CI_REGISTRY_USER and CI_REGISTRY_PASSWORD and assign it the robot account name and the robot account token, respectively.
Pipeline: build and push images
Two CI template files are provided, these should be included in the gitlab-ci.yml file depending on the use case:
1. To build an image using kaniko, include this template file as shown here:
include:
- project : 'ci-tools/container-image-ci-templates'
file : 'kaniko-image.gitlab-ci.yml'
ref: master
2. To build the image with docker-in-docker privileged mode, include this template file as shown here:
include:
- project : 'ci-tools/container-image-ci-templates'
file : 'docker-image.gitlab-ci.yml'
ref: master
Below is a list of template ENVIRONMENT_VARIABLES that you can configure:
-
REGISTRY_IMAGE_PATH: Mandatory field. The path/to/image:tag to use. ex: "registry.cern.ch/MYPROJECT/MYIMAGE:MYTAG".
-
CONTEXT_DIR: Default value is set to an empty string "". The build context is set to the base folder of the repository. It represents a directory containing a Dockerfile which kaniko will use to build the image. If the build context for kaniko is
folder_name/subfolder_name/, then set the variable CONTEXT_DIR asfolder_name/subfolder_name. -
DOCKER_FILE_NAME: Default value is set to
Dockerfile. It stores the name of the Dockerfile to be built. DOCKER_FILE_NAME variable is relative to CONTEXT DIR variable. (i.e. if the CONTEXT_DIR variable isfolder_nameand the DOCKER_FILE_NAME variable isdockerfile_name, then kaniko will build the image using the docker filefolder_name/dockerfile_namein the repository) -
PUSH_IMAGE: Default value is
"false". Select if the gitlab step should push the built image.
For example, to build an image using a dockerfile Dockerfile_ubuntu from the project directory dockerfiles_folder/ and push this image (only when tagged) to registry.cern.ch/MYPROJECT/MYIMAGE:MYTAG, the gitlab-ci.yml file should look like this:
include:
- project : 'ci-tools/container-image-ci-templates'
file : 'kaniko-image.gitlab-ci.yml'
ref: master
stages:
- build
- deploy
build_container:
rules:
- if: $CI_COMMIT_BRANCH
stage: build
extends: .build_kaniko
variables:
REGISTRY_IMAGE_PATH : "registry.cern.ch/MYPROJECT/MYIMAGE:$CI_COMMIT_SHORT_SHA"
CONTEXT_DIR: "dockerfiles_folder"
DOCKER_FILE_NAME: "Dockerfile_ubuntu"
deploy_container:
rules:
- if: $CI_COMMIT_TAG
stage: deploy
extends: .build_kaniko
variables:
PUSH_IMAGE: "true"
REGISTRY_IMAGE_PATH : "registry.cern.ch/MYPROJECT/MYIMAGE:$CI_COMMIT_TAG"
CONTEXT_DIR: "dockerfiles_folder"
DOCKER_FILE_NAME: "Dockerfile_ubuntu"
To consider more examples you can explore the repository CI file.
Pipeline: build and push Helm charts
A CI template file is provided to build and push helm charts to Harbor. The template works with single chart and multi chart structures:
The job template .deploy_helm is provided for this purpose. To integrate this in your repository follow the example bellow.
include:
- project : 'ci-tools/container-image-ci-templates'
file : 'helm.gitlab-ci.yml'
ref: master
stages:
- build
- deploy
build_chart:
extends: .deploy_helm
stage: build
variables:
REGISTRY_PATH: registry.cern.ch/chartrepo/MYPROJECT
deploy_chart:
extends: .deploy_helm
stage: deploy
variables:
REGISTRY_PATH: registry.cern.ch/chartrepo/MYPROJECT
PUSH_CHART: "true"
Below is a list of template ENVIRONMENT_VARIABLES that you can configure:
-
REGISTRY_PATH: The harbor chartrepo project name. ex: "registry.cern.ch/chartrepo/MYPROJECT".
-
REGISTRY_SIGNKEY: (optional) The key with which to sign the helm chart blobs.
-
PUSH_CHART: Default value is
"false". Select if the gitlab step should push the packaged chart.