Mirrored_Repos/crafty-4
1
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2024-08-30 18:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
74ef9e0a13
crafty-4/.gitlab/docker-build.yml
Zedifus 4b0147e654 Fix gitlab registry digest information with provenance workaround 
docker buildx as of v0.10.0 defaults to using SLSA Provenance for multi architecture builds.

Pushing an image built with buildx to Gitlab results in a tag with empty manifest data.

https://gitlab.com/gitlab-org/gitlab/-/issues/388865
2023-05-14 19:34:38 +01:00

117 lines
4.7 KiB
YAML
Raw Blame History

# yamllint disable rule:line-length
---
docker-build-dev:
image: docker:latest
services:
- name: docker:dind
stage: dev-deployment
tags:
- docker_priv
rules:
- if: $CI_COMMIT_BRANCH == 'dev'
environment:
name: development
before_script:
- |
apk --no-cache add jq
MAJOR=$(cat app/config/version.json | jq '.major' )
MINOR=$(cat app/config/version.json | jq '.minor' )
SUB=$(cat app/config/version.json | jq '.sub' )
- |
apk --no-cache add curl
latest_tag=$(curl -s https://api.github.com/repos/docker/buildx/releases/latest | sed -Ene '/^ *"tag_name": *"(v.+)",$/s//\1/p')
echo "Using buildx version $latest_tag"
curl -sSLo docker-buildx "https://github.com/docker/buildx/releases/download/$latest_tag/buildx-$latest_tag.linux-amd64"
chmod a+x docker-buildx
mkdir -p ~/.docker/cli-plugins
mv docker-buildx ~/.docker/cli-plugins/docker-buildx
docker version
- docker run --rm --privileged aptman/qus -- -r
- docker run --rm --privileged aptman/qus -s -- -p aarch64 x86_64
- echo $CI_JOB_TOKEN | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
- echo $DOCKERHUB_TOKEN | docker login -u "$DOCKERHUB_USER" --password-stdin $DOCKERHUB_REGISTRY
script:
- |
tag=":$CI_COMMIT_REF_SLUG"
VERSION="${MAJOR}.${MINOR}.${SUB}"
- |
echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
echo "Crafty Version: $VERSION"
- docker context create tls-environment
- docker buildx create --name zedBuilder --use tls-environment
- docker buildx build
--cache-from type=registry,ref="$CI_REGISTRY_IMAGE${tag}"
--build-arg BUILDKIT_INLINE_CACHE=1
--build-arg "BUILD_DATE=$(date +"%Y-%m-%dT%H:%M:%SZ")"
--build-arg "BUILD_REF=${CI_COMMIT_SHA}"
--build-arg "CRAFTY_VER=${VERSION}"
--provenance false
--tag "$CI_REGISTRY_IMAGE${tag}"
--tag "arcadiatechnology/crafty-4${tag}"
--platform linux/arm64/v8,linux/amd64
--push .
after_script:
- |
docker buildx rm zedBuilder && echo "Successfully Stopped builder instance" || echo "Failed to stop builder instance."
docker context rm tls-environment || true
echo "Please review multi-arch manifests are present:"
docker buildx imagetools inspect "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
docker-build-prod:
image: docker:latest
services:
- name: docker:dind
stage: prod-deployment
tags:
- docker_priv
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
environment:
name: production
before_script:
- |
apk --no-cache add jq
MAJOR=$(cat app/config/version.json | jq '.major' )
MINOR=$(cat app/config/version.json | jq '.minor' )
SUB=$(cat app/config/version.json | jq '.sub' )
- |
apk --no-cache add curl
latest_tag=$(curl -s https://api.github.com/repos/docker/buildx/releases/latest | sed -Ene '/^ *"tag_name": *"(v.+)",$/s//\1/p')
echo "Using buildx version $latest_tag"
curl -sSLo docker-buildx "https://github.com/docker/buildx/releases/download/$latest_tag/buildx-$latest_tag.linux-amd64"
chmod a+x docker-buildx
mkdir -p ~/.docker/cli-plugins
mv docker-buildx ~/.docker/cli-plugins/docker-buildx
docker version
- docker run --rm --privileged aptman/qus -- -r
- docker run --rm --privileged aptman/qus -s -- -p aarch64 x86_64
- echo $CI_JOB_TOKEN | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
- echo $DOCKERHUB_TOKEN | docker login -u "$DOCKERHUB_USER" --password-stdin $DOCKERHUB_REGISTRY
script:
- |
VERSION="${MAJOR}.${MINOR}.${SUB}"
- |
echo "Running on branch '$CI_COMMIT_BRANCH'"
echo "Crafty Version: $VERSION"
- docker context create tls-environment
- docker buildx create --name zedBuilder --use tls-environment
- docker buildx build
--cache-from type=registry,ref="$CI_REGISTRY_IMAGE:latest"
--build-arg BUILDKIT_INLINE_CACHE=1
--build-arg "BUILD_DATE=$(date +"%Y-%m-%dT%H:%M:%SZ")"
--build-arg "BUILD_REF=${CI_COMMIT_SHA}"
--build-arg "CRAFTY_VER=${VERSION}"
--provenance false
--tag "$CI_REGISTRY_IMAGE:$VERSION"
--tag "$CI_REGISTRY_IMAGE:latest"
--tag "arcadiatechnology/crafty-4:$VERSION"
--tag "arcadiatechnology/crafty-4:latest"
--platform linux/arm64/v8,linux/amd64
--push .
after_script:
- |
docker buildx rm zedBuilder && echo "Successfully Stopped builder instance" || echo "Failed to stop builder instance."
docker context rm tls-environment || true
echo "Please review multi-arch manifests are present:"
docker buildx imagetools inspect "$CI_REGISTRY_IMAGE${tag}"
Reference in New Issue View Git Blame Copy Permalink