7. Container Image build

This lab covers packaging the application by building a Container Image.

Task 7.1: Create Image build stage

Image builds are done inside a package stage.

Create a new job with the following configuration which runs inside the new package stage:

job name: build_image
image: diemobiliar.azurecr.io/dlp-cicd-dockercli-image:254
Add a tag block to select a suitable Runner
```
tags:
  - build
  - mobiliar
```
Add a service block to enable the Docker in Docker builds
```
services:
  - docker:dind
```
before_script: docker info

script:

- docker build --no-cache -t $IMAGE_NAME .
- IMAGE_PATH=$IMAGE_HOST/$IMAGE_REPOSITORY/$IMAGE_NAME:${CI_COMMIT_SHA:0:8}
- echo "docker image path is - $IMAGE_PATH"
- docker tag $IMAGE_NAME $IMAGE_PATH
# - docker login -u ${DOCKER_USERNAME} -p ${DOCKER_PASSWORD} ${IMAGE_HOST}
# - docker push $IMAGE_PATH

This Job builds the container image defined by the Dockerfile in your source code. In the real world, the resulting container image would now be pushed into a container registry for simplicity reasons, we skip this step in our pipeline.

Did you see the required variables inside the script? Also add the following variables to the variables block:

IMAGE_HOST: ‘quay.io’
IMAGE_REPOSITORY: ‘puzzle’
IMAGE_NAME: ’example-spring-boot'

solution

The new stage is defined at the end of our `.gitlab-ci.yml`, we also need to add the package stage to the stage list and define the new variables.

stages:
  - info
  - build
  - test
  - package

variables:
  GIT_STRATEGY: 'clone'
  COMPILE: 'false'
  IMAGE_HOST: 'quay.io'
  IMAGE_REPOSITORY: 'puzzle'
  IMAGE_NAME: 'example-spring-boot'

info:
  stage: info
  script:
    - echo "This is your first stage (ツ)"
    - echo "Username is ${USERNAME} with ${PASSWORD}"

build_application:
  stage: build
  tags:
    - build
    - mobiliar
  image: registry.access.redhat.com/ubi9/openjdk-17:latest
  script:
    - ./gradlew assemble

test_application:
  stage: test
  image: registry.access.redhat.com/ubi9/openjdk-17:latest
  script:
    - ./gradlew check
  artifacts:
    when: always
    reports:
      junit: build/test-results/test/**/TEST-*.xml

build_image:
  image: diemobiliar.azurecr.io/dlp-cicd-dockercli-image:254
  tags:
    - build
    - mobiliar
  services:
    - docker:dind
  stage: package
  before_script:
    - docker info
  script:
    - docker build --no-cache -t $IMAGE_NAME .
    - IMAGE_PATH=$IMAGE_HOST/$IMAGE_REPOSITORY/$IMAGE_NAME:${CI_COMMIT_SHA:0:8}
    - echo "docker image path is - $IMAGE_PATH"
    - docker tag $IMAGE_NAME $IMAGE_PATH
    # - docker login -u ${DOCKER_USERNAME} -p ${DOCKER_PASSWORD} ${IMAGE_HOST}
    # - docker push $IMAGE_PATH

Warning

As mentioned in the variables Lab sensitive data, for example DOCKER_USERNAME and DOCKER_PASSWORD should never be stored as plain variable within a pipeline definition. Such variables can be defined on Projects, Groups and Instances in the Gitlab Web Console (e.g. Project Settings –> CI/CD –> Variables). During a pipeline run Gitlab will take care that sensitive data never shows up in logs and can be leaked in such a way.

Task 7.2: Check the pipeline

Go to your GitLab project and check the pipelines under Build –> Pipelines.

Check that the image build job was successful.

Last modified September 25, 2023: renabed CI/CD to Build (e01a5c8)