Thanks to the Extreme Fox team for the localization of GitLab (SaaS), and also thanks to Xiao Ma Ge for providing the internal test qualification.

I recently hit upon the idea of using a private mirror repository. Polar Fox GitLab has a container mirror library, which is perfect for a light experience with CICD.

Container Registry is the Container image library

The documentation is here and is still in English. (There is a lot of work to be done to localize, and the document has not been translated.)

The container image library can be used as a standalone image repository (why is a mystery in the next article) by using the Docker command to push the built image to the container image library.

Of course, it can also be combined with CICD assembly line, which will be introduced later.

Independent use

There are two authentication methods for logging in to the Container Registry locally:

  • Use a username and password
  • Two-factor authentication is turned on and access personal access tokens can be used

In fact, access tokens are recommended whether or not you start two-factor authentication.

docker login registry.gitlab.cn
#Enter a user name and password or token as prompted
Copy the code

The name of an image has a maximum of three layers, i.e., the content after registry.example.com/[namespace] has a maximum of three layers. For example, the following image name is myProject /my/image

registry.example.com/mynamespace/myproject/my/image:rc1
Copy the code

Second, the first layer of the image name must be the image name, as shown in myProject.

Try pushing tekton’s image up:

Docker tag gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/controller:v0.28.1 Registry. Gitlab. Cn/addozhang/registry - mirror/tekton - pipeline/controller: v0.28.1 docker push Registry. Gitlab. Cn/addozhang/registry - mirror/tekton - pipeline/controller: v0.28.1Copy the code

Please ignore the release time of the original imageCreatedThe field has a problem.

It can also be accessed using the REST API:

curl --location --request GET 'https://gitlab.cn/api/v4/projects/addozhang%2Fregistry-mirror/registry/repositories/155/tags' \ --header 'PRIVATE-TOKEN: TOKEN_HERE' [{" name ":" v0.28.1 ", "path" : "addozhang/registry - mirror/tekton - pipeline/controller: v0.28.1", "location" : "registry. Gitlab. Cn / Addozhang/registry - mirror/tekton - pipeline/controller: v0.28.1}] ""Copy the code

Build and push with CICD

See below.

CICD

I mirrored the previous github test Tekton project here and added a.gitlab-ci.yml pipeline definition file.

With the official documents, as well as reference to the official provided a variety of templates, the definition of pipelining quickly.

The pipeline consists of two stages: compilation and packaging of Java code and construction of images.

As shown above, the most recent use of the cache function is to cache.m2/repository. The first two caches were used. . Java projects store dependencies in local libraries, and using the cache feature can improve build efficiency.

Assembly line DAG

Needs can be used to control the build order of jobs at the same stage that would otherwise be executed in parallel. At the same time, DAG can also be constructed with needs, on the premise that at least three assignments are required, so I added another assignment.

cache:
  paths:
    - .m2/repository

variables:
  MAVEN_OPTS: "- Dhttps. Separate protocols = TLSv1.2 - Dmaven. Repo. Local = $CI_PROJECT_DIR/m2 / repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"

stages:
  - build
  - image
  - post-build

maven-build:
  image: maven:3-jdk-8
  stage: build
  artifacts:
    paths: 
      - target/*.jar
  script:
    - mvn install -DskipTests
    
docker-build:
  image: Docker: 19.03.12
  stage: image
  needs:
    - maven-build
  dependencies:
    - maven-build
  services:
    - Docker: 19.03.12 - dind
  variables:
    IMAGE_TAG: $CI_REGISTRY_IMAGE:latest
  script:
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
    - docker build -t $IMAGE_TAG .
    - docker push $IMAGE_TAG

done:
  image: busybox:latest
  stage: post-build
  needs:
    - docker-build
  script:
    - echo "All Done!"
Copy the code

The feel map is a little rough, it should be improved later.

Homework depend on

In the previous pipeline definition, artifacts and dependencies are passed to pass the JARS built by Maven.

Did I misunderstand? Hover does not show the dependency job.

Pipeline trigger

In addition to push code triggering, you can also create triggers that trigger through the Web API.

curl -X POST \ -F token=TOKEN_HERE \ -F ref=main \ https://gitlab.cn/api/v4/projects/9766/trigger/pipeline {"id":19252,"project_id":9766,"sha":"5dde144d584b76fe6d3b63a4a9beb789762d1a2d","ref":"main","status":"created","created_ At ":" the 2021-10-01 T07:37:42. 806 + 08:00, "" updated_at" : "the 2021-10-01 T07:37:42. 806 + 08:00," "web_url" : "https://gitlab.cn/addozhang/ tekton-test/-/pipelines/19252","before_sha":"0000000000000000000000000000000000000000","tag":false,"yaml_errors":null,"u ser":{"id":432,"name":"addozhang","username":"addozhang","state":"active","avatar_url":null,"web_url":"https://gitlab.cn /addozhang"},"started_at":null,"finished_at":null,"committed_at":null,"duration":null,"queued_duration":null,"coverage": null,"detailed_status":{"icon":"status_created","text":"created","label":"created","group":"created","tooltip":"created" ,"has_details":true,"details_path":"/addozhang/tekton-test/-/pipelines/19252","illustration":null,"favicon":"/assets/ci_ favicons/favicon_status_created-4b975aa976d24e5a3ea7cd9a5713e6ce2cd9afd08b910415e96675de35f64955.png"}}Copy the code

conclusion

Since the company I worked for before also used Gitlab, and I also had experience in using Github Action and Tektoncd, THERE was no obstacle in my experience. This is also due to the improvement of the documentation and the efforts of the Extreme Fox team. I hope the Extreme Fox can do better.

Use registry-mirror as the repository name.

The article is uniformly published in the public number cloud native refers to north.