Extend security-products/ci-templates to build alternative UBI-image
Why are we doing this work
We need to extend includes-dev/docker.yml
in https://gitlab.com/gitlab-org/security-products/ci-templates/ to support building UBI-based Docker image.
Relevant links
Non-functional requirements
- [-] Documentation:
- [-] Feature flag:
- [-] Performance:
- [-] Testing:
Implementation plan
-
backend extend https://gitlab.com/gitlab-org/security-products/ci-templates/raw/master/includes-dev/docker.yml to build UBI-based image:
diff --git a/includes-dev/docker.yml b/includes-dev/docker.yml
index 0958bcb..a2c36b8 100644
--- a/includes-dev/docker.yml
+++ b/includes-dev/docker.yml
@@ -18,7 +18,27 @@ build tmp image:
- docker build --build-arg GO_VERSION -t $TMP_IMAGE .
- docker push $TMP_IMAGE
+build tmp ubi image:
+ image: docker:20.10
+ stage: build-image
+ services:
+ - docker:20.10-dind
+ script:
+ - docker info
+ - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
+ - docker build --build-arg GO_VERSION -f Dockerfile.ubi -t $TMP_IMAGE-ubi .
+ - docker push $TMP_IMAGE-ubi
+ rules:
+ - exists:
+ - Dockerfile.ubi
+
+.dockerfile-matrix:
+ parallel:
+ matrix:
+ - TMP_IMAGE_POSTFIX: [''] # extend this in analyzer `.gitlab-ci.yml` file to include `'-ubi'` as well.
+
.docker_tag:
+ extends: .dockerfile-matrix
image: docker:20.10
stage: release-version
services:
@@ -26,7 +46,7 @@ build tmp image:
script:
- docker info
- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
- - export SOURCE_IMAGE=$TMP_IMAGE
+ - export SOURCE_IMAGE=$TMP_IMAGE$TMP_IMAGE_POSTFIX
- export TARGET_IMAGE=$CI_REGISTRY_IMAGE:${IMAGE_TAG:-$CI_JOB_NAME}
- docker pull $SOURCE_IMAGE
- docker tag $SOURCE_IMAGE $TARGET_IMAGE
Edited by Alan (Maciej) Paruszewski