Commit de562e09 authored by Rémy Coutable's avatar Rémy Coutable

Merge branch '215003-use-kaniko-to-build-asset-image-in-gitlab-ci' into 'master'

Use Kaniko to build asset image in GitLab CI

Closes #215003

See merge request gitlab-org/gitlab!29892
parents 2ebe77c1 f06925d8
stages: stages:
- sync - sync
- prepare - prepare
- build-images
- fixtures - fixtures
- test - test
- post-test - post-test
......
...@@ -15,7 +15,6 @@ ...@@ -15,7 +15,6 @@
- .default-retry - .default-retry
- .default-before_script - .default-before_script
- .assets-compile-cache - .assets-compile-cache
- .use-docker-in-docker
image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-git-2.26-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-graphicsmagick-1.3.34-docker-19.03.1 image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-git-2.26-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-graphicsmagick-1.3.34-docker-19.03.1
stage: prepare stage: prepare
variables: variables:
...@@ -44,10 +43,6 @@ ...@@ -44,10 +43,6 @@
- retry yarn install --frozen-lockfile --production --cache-folder .yarn-cache --prefer-offline - retry yarn install --frozen-lockfile --production --cache-folder .yarn-cache --prefer-offline
- free -m - free -m
- time bin/rake gitlab:assets:compile > assets-compile.log 2>&1 - time bin/rake gitlab:assets:compile > assets-compile.log 2>&1
# TODO: Change the image tag to be the MD5 of assets files and skip image building if the image exists
# We'll also need to pass GITLAB_ASSETS_TAG to the trigerred omnibus-gitlab pipeline similarly to how we do it for trigerred CNG pipelines
# https://gitlab.com/gitlab-org/gitlab/issues/208389
- time scripts/build_assets_image
- scripts/clean-old-cached-assets - scripts/clean-old-cached-assets
- rm -f /etc/apt/sources.list.d/google*.list # We don't need to update Chrome here - rm -f /etc/apt/sources.list.d/google*.list # We don't need to update Chrome here
...@@ -65,6 +60,23 @@ gitlab:assets:compile pull-cache: ...@@ -65,6 +60,23 @@ gitlab:assets:compile pull-cache:
cache: cache:
policy: pull policy: pull
build-assets-image:
extends:
- .use-kaniko
- .frontend:rules:gitlab-assets-compile-pull-cache
stage: build-images
needs: ["gitlab:assets:compile pull-cache"]
variables:
GIT_STRATEGY: none
script:
- wget -O ./build_assets_image "${CI_PROJECT_URL}/raw/${CI_COMMIT_SHA}/scripts/build_assets_image"
- wget -O ./Dockerfile.assets "${CI_PROJECT_URL}/raw/${CI_COMMIT_SHA}/Dockerfile.assets"
- chmod +x build_assets_image
# TODO: Change the image tag to be the MD5 of assets files and skip image building if the image exists
# We'll also need to pass GITLAB_ASSETS_TAG to the trigerred omnibus-gitlab pipeline similarly to how we do it for trigerred CNG pipelines
# https://gitlab.com/gitlab-org/gitlab/issues/208389
- ./build_assets_image
.compile-assets-metadata: .compile-assets-metadata:
extends: extends:
- .default-retry - .default-retry
......
...@@ -3,7 +3,8 @@ build-qa-image: ...@@ -3,7 +3,8 @@ build-qa-image:
- .use-kaniko - .use-kaniko
- .default-retry - .default-retry
- .review:rules:mr-and-schedule-auto - .review:rules:mr-and-schedule-auto
stage: prepare stage: build-images
needs: []
script: script:
- '[[ -d "ee/" ]] || export GITLAB_EDITION="ce"' - '[[ -d "ee/" ]] || export GITLAB_EDITION="ce"'
- export QA_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-${GITLAB_EDITION:-ee}-qa:${CI_COMMIT_REF_SLUG}" - export QA_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-${GITLAB_EDITION:-ee}-qa:${CI_COMMIT_REF_SLUG}"
......
...@@ -19,6 +19,9 @@ The current stages are: ...@@ -19,6 +19,9 @@ The current stages are:
<https://gitlab.com/gitlab-org/gitlab-foss>. <https://gitlab.com/gitlab-org/gitlab-foss>.
- `prepare`: This stage includes jobs that prepare artifacts that are needed by - `prepare`: This stage includes jobs that prepare artifacts that are needed by
jobs in subsequent stages. jobs in subsequent stages.
- `build-images`: This stage includes jobs that prepare docker images
that are needed by jobs in subsequent stages or downstream pipelines.
- `fixtures`: This stage includes jobs that prepare fixtures needed by frontend tests.
- `test`: This stage includes most of the tests, DB/migration jobs, and static analysis jobs. - `test`: This stage includes most of the tests, DB/migration jobs, and static analysis jobs.
- `post-test`: This stage includes jobs that build reports or gather data from - `post-test`: This stage includes jobs that build reports or gather data from
the `test` stage's jobs (e.g. coverage, Knapsack metadata etc.). the `test` stage's jobs (e.g. coverage, Knapsack metadata etc.).
...@@ -30,7 +33,6 @@ The current stages are: ...@@ -30,7 +33,6 @@ The current stages are:
that is deployed in the previous stage. that is deployed in the previous stage.
- `post-qa`: This stage includes jobs that build reports or gather data from - `post-qa`: This stage includes jobs that build reports or gather data from
the `qa` stage's jobs (e.g. Review App performance report). the `qa` stage's jobs (e.g. Review App performance report).
- `notification`: This stage includes jobs that sends notifications about pipeline status.
- `pages`: This stage includes a job that deploys the various reports as - `pages`: This stage includes a job that deploys the various reports as
GitLab Pages (e.g. <https://gitlab-org.gitlab.io/gitlab/coverage-ruby/>, GitLab Pages (e.g. <https://gitlab-org.gitlab.io/gitlab/coverage-ruby/>,
<https://gitlab-org.gitlab.io/gitlab/coverage-javascript/>, <https://gitlab-org.gitlab.io/gitlab/coverage-javascript/>,
...@@ -74,6 +76,7 @@ that are scoped to a single [configuration parameter](../ci/yaml/README.md#confi ...@@ -74,6 +76,7 @@ that are scoped to a single [configuration parameter](../ci/yaml/README.md#confi
| `.use-pg9-ee` | Same as `.use-pg9` but also use the `docker.elastic.co/elasticsearch/elasticsearch:6.4.2` services. | | `.use-pg9-ee` | Same as `.use-pg9` but also use the `docker.elastic.co/elasticsearch/elasticsearch:6.4.2` services. |
| `.use-pg10-ee` | Same as `.use-pg10` but also use the `docker.elastic.co/elasticsearch/elasticsearch:6.4.2` services. | | `.use-pg10-ee` | Same as `.use-pg10` but also use the `docker.elastic.co/elasticsearch/elasticsearch:6.4.2` services. |
| `.use-pg11-ee` | Same as `.use-pg11` but also use the `docker.elastic.co/elasticsearch/elasticsearch:6.4.2` services. | | `.use-pg11-ee` | Same as `.use-pg11` but also use the `docker.elastic.co/elasticsearch/elasticsearch:6.4.2` services. |
| `.use-kaniko` | Allows a job to use the `kaniko` tool to build Docker images. |
| `.as-if-foss` | Simulate the FOSS project by setting the `FOSS_ONLY='1'` environment variable. | | `.as-if-foss` | Simulate the FOSS project by setting the `FOSS_ONLY='1'` environment variable. |
## `workflow:rules` ## `workflow:rules`
...@@ -255,14 +258,21 @@ graph RL; ...@@ -255,14 +258,21 @@ graph RL;
2_2-5["webpack-dev-server (7.62 minutes)"]; 2_2-5["webpack-dev-server (7.62 minutes)"];
click 2_2-5 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8404303&udv=0" click 2_2-5 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8404303&udv=0"
2_3-1["build-assets-image"];
class 2_3-1 criticalPath;
subgraph "Needs `setup-test-env` & `compile-assets`"; subgraph "Needs `setup-test-env` & `compile-assets`";
2_2-1 & 2_2-2 & 2_2-4 & 2_2-5 --> 1-6 & 1-3; 2_2-1 & 2_2-2 & 2_2-4 & 2_2-5 --> 1-6 & 1-3;
2_2-3 --> 1-6 & 1-4; 2_2-3 --> 1-6 & 1-4;
end end
subgraph "Needs `build-qa-image` & `gitlab:assets:compile`"; subgraph "Needs `gitlab:assets:compile`";
2_3-1["package-and-qa (manual)"] --> 1-2 & 1-5; 2_3-1 --> 1-5
click 2_3-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914305&udv=0" end
subgraph "Needs `build-qa-image` & `build-assets-image`";
2_4-1["package-and-qa (manual)"] --> 1-2 & 2_3-1;
click 2_4-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914305&udv=0"
end end
subgraph "Needs `compile-assets`, `setup-test-env, & `retrieve-tests-metadata`"; subgraph "Needs `compile-assets`, `setup-test-env, & `retrieve-tests-metadata`";
...@@ -363,26 +373,33 @@ graph RL; ...@@ -363,26 +373,33 @@ graph RL;
2_2-5["webpack-dev-server (7.62 minutes)"]; 2_2-5["webpack-dev-server (7.62 minutes)"];
click 2_2-5 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8404303&udv=0" click 2_2-5 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8404303&udv=0"
2_3-1["build-assets-image"];
class 2_3-1 criticalPath;
subgraph "Needs `setup-test-env` & `compile-assets`"; subgraph "Needs `setup-test-env` & `compile-assets`";
2_2-1 & 2_2-2 & 2_2-4 & 2_2-5 --> 1-6 & 1-3; 2_2-1 & 2_2-2 & 2_2-4 & 2_2-5 --> 1-6 & 1-3;
2_2-3 --> 1-6 & 1-4; 2_2-3 --> 1-6 & 1-4;
end end
subgraph "Needs `build-qa-image` & `gitlab:assets:compile`"; subgraph "Needs `gitlab:assets:compile`";
2_3-1["package-and-qa (manual)"] --> 1-2 & 1-5; 2_3-1 --> 1-5
click 2_3-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914305&udv=0"
end end
subgraph "Needs `compile-assets`, `setup-test-env, & `retrieve-tests-metadata`"; subgraph "Needs `build-qa-image` & `build-assets-image`";
2_4-1["rspec & db jobs (12-22 minutes)"] --> 1-3 & 1-6 & 1-14; 2_4-1["package-and-qa (manual)"] --> 1-2 & 2_3-1;
class 2_4-1 criticalPath; click 2_4-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914305&udv=0"
click 2_4-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations"
end end
subgraph "Needs `gitlab:assets:compile`"; subgraph "Needs `compile-assets`, `setup-test-env, & `retrieve-tests-metadata`";
2_5-1["review-build-cng (27.3 minutes)"] --> 1-5; 2_5-1["rspec & db jobs (12-22 minutes)"] --> 1-3 & 1-6 & 1-14;
class 2_5-1 criticalPath; class 2_5-1 criticalPath;
click 2_5-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914314&udv=0" click 2_5-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations"
end
subgraph "Needs `build-assets-image`";
2_6-1["review-build-cng (27.3 minutes)"] --> 2_3-1;
class 2_6-1 criticalPath;
click 2_6-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914314&udv=0"
end end
3_1-1["jest (11.2 minutes)"]; 3_1-1["jest (11.2 minutes)"];
...@@ -401,7 +418,7 @@ graph RL; ...@@ -401,7 +418,7 @@ graph RL;
end end
subgraph "Depends on `rspec` jobs"; subgraph "Depends on `rspec` jobs";
3_2-1["rspec:coverage (7.67 minutes)"] -.->|"(don't use needs because of limitations)"| 2_4-1; 3_2-1["rspec:coverage (7.67 minutes)"] -.->|"(don't use needs because of limitations)"| 2_5-1;
class 3_2-1 criticalPath; class 3_2-1 criticalPath;
click 3_2-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=7248745&udv=0" click 3_2-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=7248745&udv=0"
end end
...@@ -413,7 +430,7 @@ graph RL; ...@@ -413,7 +430,7 @@ graph RL;
end end
subgraph "Played by `review-build-cng`"; subgraph "Played by `review-build-cng`";
3_3-1["review-deploy (6 minutes)"] --> 2_5-1; 3_3-1["review-deploy (6 minutes)"] --> 2_6-1;
class 3_3-1 criticalPath; class 3_3-1 criticalPath;
click 3_3-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6721130&udv=0" click 3_3-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6721130&udv=0"
end end
...@@ -484,10 +501,15 @@ graph RL; ...@@ -484,10 +501,15 @@ graph RL;
2_2-1 --> 1-6 & 1-3; 2_2-1 --> 1-6 & 1-3;
end end
subgraph "Needs `build-qa-image` & `gitlab:assets:compile`"; subgraph "Needs `gitlab:assets:compile`";
2_3-1["package-and-qa (108 minutes)"] --> 1-2 & 1-5; 2_3-1["build-assets-image (2 minutes)"] --> 1-5
class 2_3-1 criticalPath; class 2_3-1 criticalPath;
click 2_3-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914305&udv=0" end
subgraph "Needs `build-qa-image` & `build-assets-image`";
2_4-1["package-and-qa (108 minutes)"] --> 1-2 & 2_3-1;
class 2_4-1 criticalPath;
click 2_4-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914305&udv=0"
end end
``` ```
......
#!/bin/bash
# Exit early if we don't want to build the image # Exit early if we don't want to build the image
if [[ "${BUILD_ASSETS_IMAGE}" != "true" ]] if [[ "${BUILD_ASSETS_IMAGE}" != "true" ]]
then then
...@@ -19,15 +17,19 @@ ASSETS_IMAGE_PATH=${CI_REGISTRY}/${CI_PROJECT_PATH}/${ASSETS_IMAGE_NAME} ...@@ -19,15 +17,19 @@ ASSETS_IMAGE_PATH=${CI_REGISTRY}/${CI_PROJECT_PATH}/${ASSETS_IMAGE_NAME}
mkdir -p assets_container.build/public mkdir -p assets_container.build/public
cp -r public/assets assets_container.build/public/ cp -r public/assets assets_container.build/public/
cp Dockerfile.assets assets_container.build/ cp Dockerfile.assets assets_container.build/
docker build -t ${ASSETS_IMAGE_PATH}:${CI_COMMIT_REF_SLUG} -f assets_container.build/Dockerfile.assets assets_container.build/
docker tag ${ASSETS_IMAGE_PATH}:${CI_COMMIT_REF_SLUG} ${ASSETS_IMAGE_PATH}:${CI_COMMIT_SHA} COMMIT_REF_SLUG_DESTINATION=${ASSETS_IMAGE_PATH}:${CI_COMMIT_REF_SLUG}
docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY} COMMIT_SHA_DESTINATION=${ASSETS_IMAGE_PATH}:${CI_COMMIT_SHA}
docker push ${ASSETS_IMAGE_PATH}:${CI_COMMIT_REF_SLUG} COMMIT_REF_NAME_DESTINATION=${ASSETS_IMAGE_PATH}:${CI_COMMIT_REF_NAME}
docker push ${ASSETS_IMAGE_PATH}:${CI_COMMIT_SHA}
DESTINATIONS="--destination=$COMMIT_REF_SLUG_DESTINATION --destination=$COMMIT_SHA_DESTINATION"
# Also tag the image with GitLab version, if running on a tag pipeline, so # Also tag the image with GitLab version, if running on a tag pipeline, so
# other projects can simply use that instead of computing the slug. # other projects can simply use that instead of computing the slug.
if [ -n "$CI_COMMIT_TAG" ]; then if [ -n "$CI_COMMIT_TAG" ]; then
docker tag ${ASSETS_IMAGE_PATH}:${CI_COMMIT_REF_SLUG} ${ASSETS_IMAGE_PATH}:${CI_COMMIT_REF_NAME} DESTINATIONS="$DESTINATIONS --destination=$COMMIT_REF_NAME_DESTINATION"
docker push ${ASSETS_IMAGE_PATH}:${CI_COMMIT_REF_NAME}
fi fi
echo "building assets image for destinations: $DESTINATIONS"
/kaniko/executor --context=assets_container.build --dockerfile=assets_container.build/Dockerfile.assets $DESTINATIONS
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment