diff --git a/.gitignore b/.gitignore
index 61f0d7a9cb65b52536dc4e6043b47d20d58170c2..2cfca4773e7b10e86f8537bada338de467866dd2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -19,4 +19,7 @@ BUILD
debug
DEBUG
+#gitlab-ci-local
+.gitlab-ci-local/
+
.nfs*
diff --git a/.gitlab-ci-local-env b/.gitlab-ci-local-env
new file mode 100644
index 0000000000000000000000000000000000000000..3ddfc3f0aca75e93c6ef3282d0959cca09ec0568
--- /dev/null
+++ b/.gitlab-ci-local-env
@@ -0,0 +1,4 @@
+PRIVILEGED=1
+ULIMIT=8000:16000
+VOLUME=certs:/certs/client
+VARIABLE="DOCKER_TLS_CERTDIR=/certs"
\ No newline at end of file
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index ce3e3a77cf84ca18383e817def4c9d23c554bceb..a04c45338fdabfec98923ef6a539a347eb9bbe46 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,8 +1,10 @@
-image: eicweb.phy.anl.gov:4567/containers/image_recipes/ubuntu_dind:latest
+image: alpine
variables:
## External images
- DOCKER_IMAGE: docker.io/docker:24.0.5
+ # FIXME:
+ #DOCKER_IMAGE: docker.io/docker:24.0.5
+ DOCKER_IMAGE: eicweb.phy.anl.gov:4567/containers/image_recipes/ubuntu_dind:latest
SINGULARITY_IMAGE: quay.io/singularity/singularity:v3.11.4
## Application versions used for the main release
@@ -30,15 +32,15 @@ variables:
JOBS: 128
## is this nightly or not?
- NIGHTLY:
+ NIGHTLY: ""
## Add to tag
NIGHTLY_TAG: "nightly"
## Additional options for docker build (e.g. --no-cache)
- BUILD_OPTIONS:
+ BUILD_OPTIONS: ""
## Version to be set by external trigger
- VERSION:
+ VERSION: ""
## Internal tag used for the CI
INTERNAL_TAG: "pipeline-${CI_PIPELINE_ID}"
@@ -53,19 +55,6 @@ stages:
- test
- finalize
-default:
- before_script:
- - ./gitlab-ci/docker_login.sh -u ${DH_REGISTRY_USER} -p ${DH_EICWEB_TOKEN}
- -n ${DOCKER_NTRIES} -t ${DOCKER_WAIT_TIME}
- - ./gitlab-ci/docker_login.sh -u ${GITHUB_REGISTRY_USER} -p ${GITHUB_REGISTRY_TOKEN}
- -n ${DOCKER_NTRIES} -t ${DOCKER_WAIT_TIME}
- ${GH_REGISTRY}
- - ./gitlab-ci/docker_login.sh --ci -n ${DOCKER_NTRIES} -t ${DOCKER_WAIT_TIME}
- after_script:
- - docker logout
- - docker logout ${CI_REGISTRY}
- - docker logout ${GH_REGISTRY}
-
## only run CI for in the following cases:
## master, stable branch, release tag, MR event and nightly builds
## nightly builds are now part of the regular master build in order to keep
@@ -131,7 +120,7 @@ version:
VERSION="${CI_COMMIT_REF_NAME}-${CI_PIPELINE_ID}"
EXPORT_TAG=""
fi
- echo "INTERNAL_TAG=$INTERNAL_TAG" >> build.env
+ echo "INTERNAL_TAG=$INTERNAL_TAG" > build.env
echo "VERSION=$VERSION" >> build.env
echo "NIGHTLY_TAG=$NIGHTLY_TAG" >> build.env
echo "EXPORT_TAG=$EXPORT_TAG" >> build.env
@@ -140,22 +129,61 @@ version:
reports:
dotenv: build.env
-## base job settings for all build jobs
+## base job settings for all docker interactions
+.docker:
+ image: ${DOCKER_IMAGE}
+ before_script:
+ - # Login to registries
+ if [[ -n "${EXPORT_TAG}" ]] ; then
+ if [[ -n "${DH_REGISTRY}" ]] ; then
+ ./gitlab-ci/docker_login.sh -u ${DH_REGISTRY_USER} -p ${DH_EICWEB_TOKEN}
+ -n ${DOCKER_NTRIES} -t ${DOCKER_WAIT_TIME}
+ ${DH_REGISTRY} ;
+ fi ;
+ if [[ -n "${GH_REGISTRY}" ]] ; then
+ ./gitlab-ci/docker_login.sh -u ${GITHUB_REGISTRY_USER} -p ${GITHUB_REGISTRY_TOKEN}
+ -n ${DOCKER_NTRIES} -t ${DOCKER_WAIT_TIME}
+ ${GH_REGISTRY} ;
+ fi ;
+ if [[ -n "${CI_REGISTRY}" ]] ; then
+ ./gitlab-ci/docker_login.sh -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD}
+ -n ${DOCKER_NTRIES} -t ${DOCKER_WAIT_TIME}
+ ${CI_REGISTRY} ;
+ fi ;
+ fi
+ after_script:
+ - # Logout from registries
+ if [[ -n "${EXPORT_TAG}" ]] ; then
+ if [[ -n "${DH_REGISTRY}" ]] ; then
+ docker logout ${DH_REGISTRY}
+ fi ;
+ if [[ -n "${GH_REGISTRY}" ]] ; then
+ docker logout ${GH_REGISTRY}
+ fi ;
+ if [[ -n "${CI_REGISTRY}" ]] ; then
+ docker logout ${CI_REGISTRY}
+ fi ;
+ fi
+
+## base job settings for all docker build jobs
.build:
+ extends: .docker
rules:
- when: on_success
resource_group: ${CI_COMMIT_REF_NAME}-${VERSION}
tags:
- docker-new
before_script:
- - !reference [default, before_script]
+ - !reference [.docker, before_script]
- mount binfmt_misc -t binfmt_misc /proc/sys/fs/binfmt_misc ;
for arch in aarch64 ; do
- if ! grep --quiet enabled /proc/sys/fs/binfmt_misc/qemu-$arch ; then
+ if ! grep -q enabled /proc/sys/fs/binfmt_misc/qemu-$arch ; then
docker run --rm --privileged multiarch/qemu-user-static --persistent yes ;
fi ;
done
- - docker buildx create --name builder --driver docker-container --bootstrap --use
+ - docker context create context
+ - docker context use context
+ - docker buildx create --name builder --driver docker-container --bootstrap --use context
## rules for nightly jobs
.nightly:
@@ -425,11 +453,9 @@ jug_xl:nightly:
expire_in: 1 days
paths:
- build/${BUILD_IMAGE}.sif
- before_script: ""
script:
- mkdir build
- singularity pull build/${BUILD_IMAGE}.sif docker://${CI_REGISTRY_IMAGE}/${BUILD_IMAGE}:${INTERNAL_TAG}-${BUILD_TYPE}
- after_script: ""
jug_xl:singularity:default:
extends: .singularity
@@ -513,6 +539,7 @@ benchmarks:physics:nightly:
allow_failure: false
clean:
+ extends: .docker
stage: finalize
dependencies:
- version
@@ -538,6 +565,7 @@ clean:
- ./gitlab-ci/cleanup_registry.sh -i dind -r 93 ${INTERNAL_TAG}
clean_unstable_mr:
+ extends: .docker
stage: finalize
dependencies:
- clean