1. GitLab Docker 镜像库配置

//开启 docker 存储库

  1. $ vim /etc/gitlab/gitlab.rb
  2. ...
  3. registry_external_url 'https://gitlabtest.xiodi.cn:4567'
  4. ...
  5. registry_nginx['enable'] = true
  6. registry_nginx['ssl_certificate'] = "/etc/gitlab/ssl/1_gitlabtest.xiodi.cn_bundle.crt"
  7. registry_nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/2_gitlabtest.xiodi.cn.key"
  8. ...

//更改存储库路径,默认为 /var/opt/gitlab/gitlab-rails/shared/registry

  1. gitlab_rails['registry_path'] = "/path/to/registry/storage"

//存储库路径支持 s3 存储

  1. registry['storage'] = {
  2.   's3' => {
  3.     'accesskey' => 's3-access-key',
  4.     'secretkey' => 's3-secret-key-for-access-key',
  5.     'bucket' => 'your-s3-bucket',
  6.     'region' => 'your-s3-region',
  7.     'regionendpoint' => 'your-s3-regionendpoint'
  8.   }
  9. }

更多存储参考:https://docs.gitlab.com/12.8/ee/administration/packages/container_registry.html#container-registry-storage-driver

//重启服务后,gitlab 页面如下
6.2 gitlab 私有镜像库和 Docker构建 - 图1

2. Docker 构建

由于 docker-in-docker 需要 privileged,所以要修改 runner。

  1. $ vim /data/etc/gitlab-runner/config.toml
  2. ...
  3.  [runners.docker]
  4.     tls_verify = false
  5.     image = "harbor.xiodi.cn/tools/alpine:3.11"
  6.     privileged = true
  7. ...
  9. $ docker restart gitlab-runner2

需要先把前面测试的 CI_REGISTRY 变量去掉。

//.gitlab.ci.yml

  1. variables:
  2.   REGISTRY: $CI_REGISTRY/edu-java-demo/edu-java-spring
  3.   MAVEN_OPTS: "-Dmaven.repo.local=.m2"
  5. stages:
  6.   - test
  7.   - build
  8.   - package
  10. test:
  11.   stage: test
  12.   image: harbor.xiodi.cn/tools/openjdk:11.0.6
  13.   tags:
  14.     - docker
  15.     - host20133-docker
  16.   script:
  17.     - chmod +x ./mvnw && ./mvnw test
  18.   cache:
  19.     key: maven-repo-cache
  20.     paths:
  21.       - .m2
  23. build:
  24.   stage: build
  25.   image: harbor.xiodi.cn/tools/openjdk:11.0.6
  26.   tags:
  27.     - docker
  28.     - host20133-docker
  29.   script:
  30.     - chmod +x ./mvnw && ./mvnw package
  31.   cache:
  32.     key: maven-repo-cache
  33.     paths:
  34.       - .m2
  35.   artifacts:
  36.     paths:
  37.       - target/*.jar
  38.     expire_in: 1 week
  40. docker-package:
  41.   stage: package
  42.   image: harbor.xiodi.cn/tools/docker:18.09.9
  43.   services:
  44.     - docker:18.09-dind
  45.   tags:
  46.     - docker
  47.     - host20133-docker
  48.   variables:
  49.     REGISTRY_VERSION: $CI_COMMIT_SHORT_SHA
  50.   script:
  51.     - export
  52.     - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
  53.     - docker build -t $REGISTRY:$CI_COMMIT_SHORT_SHA -f Dockerfile .
  54.     - docker push $REGISTRY:$CI_COMMIT_SHORT_SHA

3. Docker 镜像查看

6.2 gitlab 私有镜像库和 Docker构建 - 图2