Thank you very much for your support GitLab(SaaS) Localization efforts, but also thank brother Ma for his internal test qualification.
Recently, I suddenly came up with an idea to use a private image warehouse. Extreme fox GitLab provides a container image library, which is just a light experience with CICD.
Container image library Container Registry
Document introduction here , still in English. (there should be a lot of localization work, and the documents have not been translated yet.)
The container image library can be used as an independent image warehouse (why? See the next article). That is, use the docker command to push the constructed image to the container image library.
Of course, it can also be used in combination with CICD pipeline, which will be introduced later.
Independent use
There are two authentication methods for local login to Container Registry:
- SQL Server Authentication
- It's on Dual authentication , you can use access Personal access token
In fact, it is recommended to use an access token whether double authentication is started or not.
docker login registry.gitlab.cn #Enter the user name and password or token as prompted
image name There are three floors at most , that is, the content after registry.example.com/[namespace] has at most three layers. For example, the following image name is myproject/my/image
registry.example.com/mynamespace/myproject/my/image:rc1
Secondly, the first layer of the image name must be the image name, such as myproject above.
Try to push the image of tekton:
docker tag gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/controller:v0.28.1 registry.gitlab.cn/addozhang/registry-mirror/tekton-pipeline/controller:v0.28.1 docker push registry.gitlab.cn/addozhang/registry-mirror/tekton-pipeline/controller:v0.28.1
Please ignore the publishing time. There is a problem with the Created field of the original image.
It can also be accessed using the REST API:
curl --location --request GET 'https://gitlab.cn/api/v4/projects/addozhang%2Fregistry-mirror/registry/repositories/155/tags' \ --header 'PRIVATE-TOKEN: TOKEN_HERE' [{"name":"v0.28.1","path":"addozhang/registry-mirror/tekton-pipeline/controller:v0.28.1","location":"registry.gitlab.cn/addozhang/registry-mirror/tekton-pipeline/controller:v0.28.1"}]
Building and pushing with CICD
See below.
CICD
I mirrored the test tekton project used by github to here , and added a. gitlab-ci.yml Pipeline definition file.
Yes Official documents , and references Official templates , the definition of pipeline is very fast.
The whole pipeline includes two stage s: the compilation and packaging of Java code and the construction of image.
As shown in the figure above, the latest one is used cache function Cache. m2/repository; The cache was used in the first two times (the construction time here varies greatly. I wonder if it is because there are few resources at night?). The Java project will save the dependent packages in the local library. Using the cache function can improve the efficiency of construction.
Pipelined DAG
Using needs can control the construction order of jobs in the same stage, otherwise the execution of jobs in the same stage is parallel. At the same time, with needs, DAG can be built on the premise that at least three jobs are required, so I added another job.
cache: paths: - .m2/repository variables: MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true" stages: - build - image - post-build maven-build: image: maven:3-jdk-8 stage: build artifacts: paths: - target/*.jar script: - mvn install -DskipTests docker-build: image: docker:19.03.12 stage: image needs: - maven-build dependencies: - maven-build services: - docker:19.03.12-dind variables: IMAGE_TAG: $CI_REGISTRY_IMAGE:latest script: - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY - docker build -t $IMAGE_TAG . - docker push $IMAGE_TAG done: image: busybox:latest stage: post-build needs: - docker-build script: - echo "All Done!"
It feels like the drawing is a little crude. It should be optimized later.
Job dependency
In the previous pipeline definition, in order to transfer the jar s built by maven, artifacts and dependencies are used for transfer.
Am I wrong? Hovering over the mouse does not show the dependent jobs.
Pipeline trigger
In addition to push code triggering, you can also create triggers to trigger through the Web API.
curl -X POST \ -F token=TOKEN_HERE \ -F ref=main \ https://gitlab.cn/api/v4/projects/9766/trigger/pipeline {"id":19252,"project_id":9766,"sha":"5dde144d584b76fe6d3b63a4a9beb789762d1a2d","ref":"main","status":"created","created_at":"2021-10-01T07:37:42.806+08:00","updated_at":"2021-10-01T07:37:42.806+08:00","web_url":"https://gitlab.cn/addozhang/tekton-test/-/pipelines/19252","before_sha":"0000000000000000000000000000000000000000","tag":false,"yaml_errors":null,"user":{"id":432,"name":"addozhang","username":"addozhang","state":"active","avatar_url":null,"web_url":"https://gitlab.cn/addozhang"},"started_at":null,"finished_at":null,"committed_at":null,"duration":null,"queued_duration":null,"coverage":null,"detailed_status":{"icon":"status_created","text":"created","label":"created","group":"created","tooltip":"created","has_details":true,"details_path":"/addozhang/tekton-test/-/pipelines/19252","illustration":null,"favicon":"/assets/ci_favicons/favicon_status_created-4b975aa976d24e5a3ea7cd9a5713e6ce2cd9afd08b910415e96675de35f64955.png"}}
summary
Since Gitlab is also available in the company where I worked before, and I have experience in using Github Action and Tektoncd, there is no obstacle to the experience. This also benefits from the improvement of documents and the efforts of Jihu team. I hope Jihu can do better.
In this article, register mirror is used as the warehouse name, and you can guess something. Please pay attention to the next article.
The article is unified in the official account of the cloud.