Auto-Rebuild Downstream Docker Images in Container Registry when Baseline Image is Updated
Description
With the Docker Container Registry feature added to Gitlab, it would be useful to auto-rebuild downstream docker images, when a baseline image is updated.
Proposal
For instance, we may have two images:
- baseline_os_image
- application_image.
Application_image may be built from baseline_os_image:
FROM http://mygit.repo.com/project/baseline_os_image:latest
When baseline_os_image is updated, it would be useful that after a successful update of baseline_os_image:latest, that application_image would be updated.
This would be very handy in environments that require updates for security and compliance reasons, and must now manually track all users of a base image.
Presumably, since the docker local docker registry should be aware if a layer is shared by another projects containers, the information in order to detect that a baseline image is used by a downstream image should already be present within a Gitlab instance.
Links / references
https://about.gitlab.com/2016/05/23/gitlab-container-registry/
The above link hints that this may be possible:
Let the team easily contribute to the images, using the same workflow they are already accustomed to. With the help of GitLab CI you can automatically rebuild images that inherit from yours, allowing you to easily deliver fixes and new features to a base image used by your teams.
... but this does not appear to be the case (at this time anyways)
Documentation blurb
Auto-rebuild images in a Docker Container Registry that inherit from images within the registry. The pipeline for a downstream container will be auto-executed when triggered by an inherited container. This could be optionally disabled in the project settings.
This would have the additional benefit of re-deploying automatically updated containers if there is a deployment phase within the downstream container CI setup.