In this pipeline, several CI/CD jobs are defined in the
stages section of the .gitlab-ci.yml file to
automate the process of building, testing, and deploying Squid image
version 6.13.
Quality - This job uses the hadolint utility to analyze the Dockerfile for best practices and possible errors.
Get-version - This job fetches the latest Squid
version from GitHub and updates a variables.env file and
README.md file with this version.
Docker-hub-build - This job builds a Docker image using the Dockerfile, and then pushes the built image to the Docker Hub.
Docker-hub-test: This job tests the Docker image using a set of predefined tests.
Docker-hub-pushtag - It retagging the Docker images and pushes them up to Docker Hub.
Docker-hub-build-arm - Similar to Docker-hub-build but for ARM processors.
Docker-hub-test-arm - Similar to Docker-hub-test but for ARM images.
Docker-hub-pushtag-arm - Similar to Docker-hub-pushtag but for ARM images.
Docs - This job seeks to collate and display
pipeline job analysis in an informative manner, storing results in the
chatgpt_analysis markdown (.md)
document.
The above jobs fundamentally ensure that the docker image is of the highest quality, it is tested thoroughly across different processor families (ARM and AMD64), and finally, the image is correctly tagged and pushed into the docker hub repository.
The following portion will discuss the purpose of each job and associated command sequences:
Using hadolint command-line utility, Dockerfile is analyzed for any
possible errors or non-compliance with best practices. It informs early
in the pipeline if the Dockerfile might create an issue later in the
process. The tool uses ShellCheck under the hood to lint the shell code
existing in the RUN instructions. This job ignores a specific rule,
DL3008, which recommends pinning versions in apt package
installs.
- hadolint --ignore DL3008 DockerfileThis job updates the environment variables and README.md file with the current Squid version. It fetches the latest Squid version, replaces an existing placeholder in README.md, and commits the changes:
- export SQUID_VERSION=$(curl -LsXGET https://github.com/squid-cache/squid/releases/latest | grep -m 1 "Release" | cut -d " " -f4 |tr -d 'v')
- echo "SQUID_VERSION=$SQUID_VERSION" > variables.env
- echo $SQUID_VERSION
- sed -i "s/{{SQUID_VERSION}}/$SQUID_VERSION/g" README_template.md
- sed -i "s/{{DATE}}/$(date +%Y%m%d)/g" README_template.md
- cp README_template.md README.md
- git config user.email "fredbcode"
- git config user.name "fredbcode"
- git add README.md
- git commit -m "README Auto update [skip ci]" || true
- git push https://$GITLAB_TOKEN@gitlab.com/fredbcode-images/squid.git HEAD:master || trueThese jobs build the Docker image for the AMD64 and ARM platforms
respectively, using the Dockerfile in the repository and the latest
Squid version retrieved in the Get-version stage. It also
pushes the newly created images into the Docker repository.
- source variables.env
- docker build -f Dockerfile --build-arg SQUID_VERSION=$SQUID_VERSION --pull -t $CONTAINER_BUILD_NOPROD_NAME_ARM .
- docker push $CONTAINER_BUILD_NOPROD_NAME_ARMThese jobs execute a series of tests against the newly built Docker images. The tested images are theoretically production-ready, if all test cases pass.
- export https_proxy=http://$CONTAINER_TEST_NAME:3128 && curl -k https://www.google.frIn these jobs, Docker images are re-tagged and pushed to Docker hub. When successful, these jobs signify the Docker images for both AMD64 and ARM architectures are ready for deployment or release.
- source variables.env
- docker pull $CONTAINER_BUILD_NOPROD_NAME_ARM
- docker tag $CONTAINER_BUILD_NOPROD_NAME_ARM $HUB_REGISTRY_IMAGE:$SQUID_VERSION-arm
- docker push $HUB_REGISTRY_IMAGE:$SQUID_VERSION-armThis job gets detailed explanations from an AI (using OpenAi’s
gpt-4 model) of the GitLab CI/CD jobs, convert the markdown
(.md) file to HTML using pandoc, and then
store this output as artifacts. Output results could be accessed on the
GitLab UI.
Many environmental variables and files are used throughout the
script. They’re defined under the variables section and referenced as
$VARIABLE_NAME in the shell execution. A description of
each is:
variables.env - Stores the current Squid version among
other things.GIT_CLONE_PATH - Path for cloning the Git repository
locally.CI_BUILDS_DIR - Built-in GitLab CI/CD path for build
artifacts.CI_PROJECT_NAME - The project name in GitLab.CI_COMMIT_BRANCH - Branch of the commit.CONTAINER_CLIENT_IMAGE - Docker image for the
client.DOCKERFILE - Dockerfile used to build the images.DOCKER_HUB_USER - Docker hub username for pushing the
Docker images.DOCKER_HUB_TOKEN - Docker hub access token.DOCKER_HUB_REGISTRY - Docker hub registry address.HUB_REGISTRY_IMAGE - Docker hub image address.SQUID_VERSION - Current Squid version fetched from the
GitHub page.CHATGPT_API_KEY - API key for OpenAI’s GPT-3.Environment variables like CI_PROJECT_DIR,
CI_PIPELINE_URL, CI_PROJECT_URL etc are
predefined in GitLab CI/CD and do not need explicit definition.
Jobs in GitLab CI/CD are linked by dependencies and/or needs keyword.
Using the needs: keyword, jobs can run as soon as all jobs
it “needs” are finished. This can potentially speed up your pipeline as
you don’t have to wait for all jobs from previous stages to finish.
Almost all jobs needs the job: “getsquid_vars” because it
fetches and sets the Squid version, which is then used by other
jobs.
Artifacts are the outputs of each job. All stages that build or test
docker images contain a corresponding Docker image as an output artifact
while artifact from Doc stage holds the detailed
explanation of jobs in Gitlab CI/CD pipeline as a markdown category.
The latest commit, “Temp fix dive”, likely relates to the script making a temporary fix bug in the “dive” job. This information is valuable because it can provide insight into what was changed recently in the pipeline and how these changes might affect the execution of the jobs.