DEV Community

Marcin Wosinek
Marcin Wosinek

Posted on • Originally published at how-to.dev

1 1

How to build Docker images in GitLab CI

In this article, I'll show you how to build Docker images in GitLab & push them to the container registry provided by the platform.

The Docker file

Simple file, where I set non-root user for the node image. Dockerfile:

FROM node:16.5.0

USER node
Enter fullscreen mode Exit fullscreen mode

In Docker Hub images, it's a convention to leave them on the root user. Some npm features are turned off for root, so it's better to run our builds on a different user.

GitLab CI file

Inside .gitlab-ci.yml goes as follow:

stages:
  - build
Enter fullscreen mode Exit fullscreen mode

Defining stages. In our simple example, we are fine with only 1 stage.

docker-image:
  stage: build
Enter fullscreen mode Exit fullscreen mode

Creating the docker-image job & setting it to build stage

  image:
    name: gcr.io/kaniko-project/executor:debug
    entrypoint: [""]
Enter fullscreen mode Exit fullscreen mode

A Google tool for creating images. It's supposed to support standard Dockerfiles, and so far, with 5~8 images, I found no issues that would be specific to kaniko only. There is a Docker image for building images, but it's a bit of a hassle to set up inside Docker. You need to configure docker-in-docker, and I found it simpler to use kaniko.

entrypoint: [""] overrides the entry point of the image. I found it while setting up this thing myself, and indeed if I remove this line the build fails

  script:
    - mkdir -p /kaniko/.docker
    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
Enter fullscreen mode Exit fullscreen mode
  • mkdir -p /kaniko/.docker - creates a folder from where kaniko reads access file
  • echo ... - puts the GitLab registry access info to file that will be read by kaniko. Note! Those values are provided by GitLab, you don't have to set up credentials yourself.
    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination $CI_REGISTRY_IMAGE
Enter fullscreen mode Exit fullscreen mode

We build the files & push the image to the registry. If you want to build multiple images in the repository, you can replace --destination $CI_REGISTRY_IMAGE with --destination $CI_REGISTRY_IMAGE/image-name - in this way you can fit multiple images next to each other.

Complete config

.gitlab-ci.yml:

stages:
  - build

docker-image:
  stage: build
  image:
    name: gcr.io/kaniko-project/executor:debug
    entrypoint: [""]
  script:
    - mkdir -p /kaniko/.docker
    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination $CI_REGISTRY_IMAGE
Enter fullscreen mode Exit fullscreen mode

Working build

If we configured everything correctly, the build will be running:

running-build.png

And when it's finished an image will be added to the container registry:

registry.png

References

Here you can find the example repository & container registry.

Summary

In this article, we have seen a simple example of how to build images in GitLab. If you want to build more images, you can always add more /kaniko/executor calls with other files.

Image of Timescale

Timescale – the developer's data platform for modern apps, built on PostgreSQL

Timescale Cloud is PostgreSQL optimized for speed, scale, and performance. Over 3 million IoT, AI, crypto, and dev tool apps are powered by Timescale. Try it free today! No credit card required.

Try free

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more