Refactor/modernize CI, add stable distribution SHAs
What does this MR do?
Replacement for !961 (closed), now targeting default branch.
Add stable distributions SHAs
Record the SHA of base distribution images at the start of final image building process. This ensure that all images will have a common base layer even if upstream updates a floating tag during pipeline execution. This also automatically breaks cache if the upstream image changes between pipeline runs!
Refactor CI to use include, extends, rules
Simplify the rules
and needs
definitions on a per-Job level by
refactoring / dividing the Jobs to make use of:
This divides the .gitlab-ci.yml
into parts, using include
to pull
them back in from .gitlab/ci/*
.
The resulting division:
-
rules
, onlyrules
and DRY componets forrules
-
deps
, just dependencies.io job -
common
, with all base job definitions, commonalities to all of CI -
debian
, debian specific definitions andextends
for each image -
ubi
, UBI specific definitions andextends
for each image
The goal of this is to make it far less complicated to define job
inter-dependency, as we now separate them based on the pipeline type
via the include
stanza of .gitlab-ci.yml
using rules
.
Dividing up the YAML necessitated the move from any anchor merging
(<<: *job-base
) to the use of extends
and reference
.
ALSO: move when: always
to when: on_success
where appropriate
Note, that on_success
is the default, so some instances removed.
See also: !956 (comment 903075014)
Related issues
Related to:
Checklist
See Definition of done.
For anything in this list which will not be completed, please provide a reason in the MR discussion
Required
-
Merge Request Title, and Description are up to date, accurate, and descriptive -
MR targeting the appropriate branch -
MR has a green pipeline on GitLab.com
Expected (please provide an explanation if not completing)
-
Test plan indicating conditions for success has been posted and passes -
Documentation created/updated -
Integration tests added to GitLab QA -
The impact any change in container size has should be evaluated