Browse Source

Merge "Add docker image build jobs"

changes/90/632790/1
Zuul 6 months ago
parent
commit
2e46b8b9cf

+ 80
- 0
playbooks/docker-image/README.rst View File

@@ -0,0 +1,80 @@
1
+This is one of a collection of jobs which are designed to work
2
+together to build, upload, and promote docker images in a gating
3
+context:
4
+
5
+  * :zuul:job:`build-docker-image`: Build the images.
6
+  * :zuul:job:`upload-docker-image`: Build and stage the images on dockerhub.
7
+  * :zuul:job:`promote-docker-image`: Promote previously uploaded images.
8
+
9
+The :zuul:job:`build-docker-image` job is designed to be used in
10
+a `check` pipeline and simply builds the images to verify that
11
+the build functions.
12
+
13
+The :zuul:job:`upload-docker-image` job builds and uploads the images
14
+to Docker Hub, but only with a single tag corresponding to the
15
+change ID.  This job is designed in a `gate` pipeline so that the
16
+build produced by the gate is staged and can later be promoted to
17
+production if the change is successful.
18
+
19
+The :zuul:job:`promote-docker-image` job is designed to be used in a
20
+`promote` pipeline.  It requires no nodes and runs very quickly on the
21
+Zuul executor.  It simply re-tags a previously uploaded image for a
22
+change with whatever tags are supplied by
23
+:zuul:jobvar:`build-docker-image.docker_images.tags`.  It also removes
24
+the change ID tag from the repository in Docker Hub, and removes any
25
+similar change ID tags more than 24 hours old.  This keeps the
26
+repository tidy in the case that gated changes fail to merge after
27
+uploading their staged images.
28
+
29
+They all accept the same input data, principally a list of
30
+dictionaries representing the images to build.  YAML anchors_ can be
31
+used to supply the same data to all three jobs.
32
+
33
+**Job Variables**
34
+
35
+.. zuul:jobvar:: zuul_work_dir
36
+   :default: {{ zuul.project.src_dir }}
37
+
38
+   The project directory.  Serves as the base for
39
+   :zuul:jobvar:`build-docker-image.docker_images.context`.
40
+
41
+.. zuul:jobvar:: docker_images
42
+   :type: list
43
+
44
+   A list of images to build.  Each item in the list should have:
45
+
46
+   .. zuul:jobvar:: context
47
+
48
+      The docker build context; this should be a directory underneath
49
+      :zuul:jobvar:`build-docker-image.zuul_work_dir`.
50
+
51
+   .. zuul:jobvar:: repository
52
+
53
+      The name of the target repository in dockerhub for the
54
+      image.  Supply this even if the image is not going to be
55
+      uploaded (it will be tagged with this in the local
56
+      registry).
57
+
58
+   .. zuul:jobvar:: path
59
+
60
+      Optional: the directory that should be passed to docker build.
61
+      Useful for building images with a Dockerfile in the context
62
+      directory but a source repository elsewhere.
63
+
64
+   .. zuul:jobvar:: build_args
65
+      :type: list
66
+
67
+      Optional: a list of values to pass to the docker ``--build-arg``
68
+      parameter.
69
+
70
+   .. zuul:jobvar:: target
71
+
72
+      Optional: the target for a multi-stage build.
73
+
74
+   .. zuul:jobvar:: tags
75
+      :type: list
76
+      :default: ['latest']
77
+
78
+      A list of tags to be added to the image when promoted.
79
+
80
+.. _anchors: https://yaml.org/spec/1.2/spec.html#&%20anchor//

+ 22
- 0
playbooks/docker-image/credentials.rst View File

@@ -0,0 +1,22 @@
1
+.. zuul:jobvar:: docker_credentials
2
+   :type: dict
3
+
4
+   This is expected to be a Zuul Secret with these keys:
5
+
6
+   .. zuul:jobvar:: username
7
+
8
+      The Docker Hub username.
9
+
10
+   .. zuul:jobvar:: password
11
+
12
+      The Docker Hub password.
13
+
14
+   .. zuul:jobvar:: repository
15
+
16
+      Optional; if supplied this is a regular expression which
17
+      restricts to what repositories the image may be uploaded.  The
18
+      following example allows projects to upload images to
19
+      repositories within an organization based on their own names::
20
+
21
+        repository: "^myorgname/{{ zuul.project.short_name }}.*"
22
+

+ 3
- 0
playbooks/docker-image/pre.yaml View File

@@ -0,0 +1,3 @@
1
+- hosts: all
2
+  roles:
3
+    - install-docker

+ 3
- 0
playbooks/docker-image/promote.yaml View File

@@ -0,0 +1,3 @@
1
+- hosts: localhost
2
+  roles:
3
+    - promote-docker-image

+ 3
- 0
playbooks/docker-image/run.yaml View File

@@ -0,0 +1,3 @@
1
+- hosts: all
2
+  roles:
3
+    - build-docker-image

+ 3
- 0
playbooks/docker-image/upload.yaml View File

@@ -0,0 +1,3 @@
1
+- hosts: all
2
+  roles:
3
+    - upload-docker-image

+ 4
- 4
roles/build-docker-image/common.rst View File

@@ -20,8 +20,8 @@ production if the change is successful.
20 20
 The :zuul:role:`promote-docker-image` role is designed to be used in a
21 21
 `promote` pipeline.  It requires no nodes and runs very quickly on the
22 22
 Zuul executor.  It simply re-tags a previously uploaded image for a
23
-change with whatever tags are supplied by the
24
-:zuul:rolevar:`build-docker-image.docker_images.context`.  It also
23
+change with whatever tags are supplied by
24
+:zuul:rolevar:`build-docker-image.docker_images.tags`.  It also
25 25
 removes the change ID tag from the repository in Docker Hub, and
26 26
 removes any similar change ID tags more than 24 hours old.  This keeps
27 27
 the repository tidy in the case that gated changes fail to merge after
@@ -88,7 +88,7 @@ using this role.
88 88
       Useful for building images with a Dockerfile in the context
89 89
       directory but a source repository elsewhere.
90 90
 
91
-   .. zuul:jobvar:: build_args
91
+   .. zuul:rolevar:: build_args
92 92
       :type: list
93 93
 
94 94
       Optional: a list of values to pass to the docker ``--build-arg``
@@ -98,7 +98,7 @@ using this role.
98 98
 
99 99
       Optional: the target for a multi-stage build.
100 100
 
101
-   .. zuul:jobvar:: tags
101
+   .. zuul:rolevar:: tags
102 102
       :type: list
103 103
       :default: ['latest']
104 104
 

+ 30
- 0
zuul.yaml View File

@@ -20,6 +20,36 @@
20 20
     pre-run: playbooks/unittests/pre.yaml
21 21
     post-run: playbooks/unittests/post.yaml
22 22
 
23
+- job:
24
+    name: build-docker-image
25
+    description: |
26
+      Build a docker image.
27
+
28
+      .. include:: ../../playbooks/docker-image/README.rst
29
+    pre-run: playbooks/docker-image/pre.yaml
30
+    run: playbooks/docker-image/run.yaml
31
+
32
+- job:
33
+    name: upload-docker-image
34
+    parent: build-docker-image
35
+    description: |
36
+      Build and upload a docker image.
37
+
38
+      .. include:: ../../playbooks/docker-image/README.rst
39
+      .. include:: ../../playbooks/docker-image/credentials.rst
40
+    post-run: playbooks/zuul/docker-image/upload.yaml
41
+
42
+- job:
43
+    name: promote-docker-image
44
+    description: |
45
+      Retag a previously-uploaded docker image.
46
+
47
+      .. include:: ../../playbooks/docker-image/README.rst
48
+      .. include:: ../../playbooks/docker-image/credentials.rst
49
+    run: playbooks/zuul/build-image/promote.yaml
50
+    nodeset:
51
+      nodes: []
52
+
23 53
 - job:
24 54
     name: tox
25 55
     parent: unittests

Loading…
Cancel
Save