Revert "ci: switch to rootless dind for insecure local registry"
This reverts commit c957c68f62.
This commit is contained in:
Bot
parent
c957c68f62
commit
4c95cce611
1 changed files with 40 additions and 44 deletions
|
|
@ -4,65 +4,61 @@ stages:
|
|||
variables:
|
||||
REGISTRY_HOST: "10.10.10.10:5050"
|
||||
IMAGE_NAME: "$REGISTRY_HOST/$CI_PROJECT_PATH"
|
||||
DOCKER_HOST: "tcp://docker:2375"
|
||||
DOCKER_DRIVER: overlay2
|
||||
DOCKER_TLS_CERTDIR: ""
|
||||
# Force clone via IP instead of hostname to bypass Unraid Docker DNS issues
|
||||
CI_SERVER_URL: "http://10.10.10.10:9080"
|
||||
GITLAB_FEATURES: ""
|
||||
|
||||
docker-build:
|
||||
stage: build
|
||||
image: docker:24.0.5
|
||||
services:
|
||||
- name: docker:24.0.5-dind-rootless
|
||||
alias: docker
|
||||
command:
|
||||
- "--insecure-registry=10.10.10.10:5050"
|
||||
- "--tls=false"
|
||||
image:
|
||||
name: gcr.io/kaniko-project/executor:v1.23.2-debug
|
||||
entrypoint: [""]
|
||||
rules:
|
||||
- if: $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH
|
||||
before_script:
|
||||
- docker info
|
||||
- echo "$CI_REGISTRY_PASSWORD" | docker login "$REGISTRY_HOST" -u "$CI_REGISTRY_USER" --password-stdin
|
||||
- mkdir -p /kaniko/.docker
|
||||
- |
|
||||
cat > /kaniko/.docker/config.json <<EOF
|
||||
{
|
||||
"auths": {
|
||||
"$REGISTRY_HOST": {
|
||||
"username": "$CI_REGISTRY_USER",
|
||||
"password": "$CI_REGISTRY_PASSWORD"
|
||||
}
|
||||
}
|
||||
}
|
||||
EOF
|
||||
script:
|
||||
- |
|
||||
if [ "$CI_COMMIT_REF_NAME" = "main" ]; then
|
||||
export TAG="main"
|
||||
export VERSION="1.1.0"
|
||||
export CHANNEL="stable"
|
||||
TAG="main"
|
||||
VERSION="1.1.0"
|
||||
CHANNEL="stable"
|
||||
elif [ "$CI_COMMIT_REF_NAME" = "feature/nightly" ] || [ "$CI_COMMIT_REF_NAME" = "nightly" ]; then
|
||||
export TAG="nightly"
|
||||
export VERSION="1.1.0-nightly"
|
||||
export CHANNEL="nightly"
|
||||
TAG="nightly"
|
||||
VERSION="1.1.0-nightly"
|
||||
CHANNEL="nightly"
|
||||
else
|
||||
export CLEAN_TAG=$(echo "$CI_COMMIT_REF_NAME" | sed 's/\//-/g')
|
||||
export TAG="$CLEAN_TAG"
|
||||
export VERSION="1.1.0-dev"
|
||||
export CHANNEL="dev"
|
||||
CLEAN_TAG=$(echo "$CI_COMMIT_REF_NAME" | sed 's/\//-/g')
|
||||
TAG="$CLEAN_TAG"
|
||||
VERSION="1.1.0-dev"
|
||||
CHANNEL="dev"
|
||||
fi
|
||||
|
||||
- 'echo "Building for channel $CHANNEL with version $VERSION and tag $TAG"'
|
||||
- 'echo "Using registry image: $IMAGE_NAME"'
|
||||
|
||||
# Build
|
||||
- docker pull $IMAGE_NAME:$TAG || true
|
||||
- >
|
||||
docker build
|
||||
--cache-from $IMAGE_NAME:$TAG
|
||||
--build-arg VITE_BUILD_CHANNEL=$CHANNEL
|
||||
--build-arg VITE_APP_VERSION=$VERSION
|
||||
-t $IMAGE_NAME:$CI_COMMIT_SHA
|
||||
-t $IMAGE_NAME:$TAG
|
||||
.
|
||||
|
||||
# Push
|
||||
- docker push $IMAGE_NAME:$CI_COMMIT_SHA
|
||||
- docker push $IMAGE_NAME:$TAG
|
||||
|
||||
# If main branch, also tag and push as latest
|
||||
- |
|
||||
DESTINATIONS="--destination=$IMAGE_NAME:$CI_COMMIT_SHA --destination=$IMAGE_NAME:$TAG"
|
||||
if [ "$CI_COMMIT_REF_NAME" = "main" ]; then
|
||||
docker tag $IMAGE_NAME:$TAG $IMAGE_NAME:latest
|
||||
docker push $IMAGE_NAME:latest
|
||||
DESTINATIONS="$DESTINATIONS --destination=$IMAGE_NAME:latest"
|
||||
fi
|
||||
|
||||
echo "Building for channel $CHANNEL with version $VERSION and tag $TAG"
|
||||
echo "Using registry image: $IMAGE_NAME"
|
||||
|
||||
/kaniko/executor \
|
||||
--context "$CI_PROJECT_DIR" \
|
||||
--dockerfile "$CI_PROJECT_DIR/Dockerfile" \
|
||||
--build-arg "VITE_BUILD_CHANNEL=$CHANNEL" \
|
||||
--build-arg "VITE_APP_VERSION=$VERSION" \
|
||||
--insecure \
|
||||
--insecure-registry "$REGISTRY_HOST" \
|
||||
--skip-tls-verify-registry "$REGISTRY_HOST" \
|
||||
$DESTINATIONS
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue