The following are the jobs defined in the pipeline in the
corresponding order of the stages section of the
.gitlab-ci.yml file:
hadolint: This job is assigned to the Quality stage.
The purpose is to run hadolint, a linter for Dockerfiles,
ensuring the Dockerfile follows best practices.
getsquid_vars: This job, assigned to the Get-version
stage, is responsible for identifying the latest release of Squid from
GitHub and store the version in an environment variable. It also updates
the README file with the latest Squid version.
update_dockerhub_readme: A Docs stage job, it
updates Docker Hub’s full description of the image with the content of
the README file.
docker-hub-build-arm, docker-hub-build:
These jobs belong to the Docker-hub-build stage. They build a Docker
image for ARM and AMD64 architectures respectively from the Dockerfile,
using the latest Squid version previously obtained.
docker-hub-test-arm, docker-hub-test:
Part of Docker-hub-test stage, these aim to test the built ARM and AMD64
Docker images by spinning up a container and attempt to access an
external website via the proxy.
docker-hub-pushtag-arm,
docker-hub-pushtag: In the Docker-hub-pushtag stage, these
jobs tag the Docker images with their corresponding Squid version and
architecture, and then push them to Docker Hub.
chatgpt_analysis: This Docs stage job uses OpenAI’s
GPT-3 to explain the GitLab CI/CD jobs and saves the output in markdown
and HTML format.
The job hadolint uses a pre-defined Docker image
hadolint/hadolint:latest-debian. The purpose is to lint the
Dockerfile with the hadolint tool, which helps to discover
potential issues in the Dockerfile.
# Navigate to the project directory
cd $CI_PROJECT_DIR
# Run hadolint command on Dockerfile
hadolint --ignore DL3008 Dockerfile In getsquid_vars, the latest Squid version is fetched
from GitHub using a curl command. This command parses the HTML of
Squid’s release page and extracts the latest release version.
# Fetch the latest Squid version from GitHub's release page
export SQUID_VERSION=$(curl -LsXGET https://github.com/squid-cache/squid/releases/latest | grep -m 1 "Release" | cut -d " " -f4 |tr -d 'v')
echo "SQUID_VERSION=$SQUID_VERSION" > variables.env
echo $SQUID_VERSIONIt then replaces the {{SQUID_VERSION}} keyword in the
README_template.md with the fetched Squid version. It similarly replaces
the {{DATE}} keyword with the current date and saves the
changes to README.md. Once the file has been modified, it’s committed
and pushed using the git command.
In the docker-hub-build job, authentication takes place
to the Docker Hub registry. The Docker build command is then used to
build an image using the fetched Squid version in the Dockerfile. The
Dockerfile is instructed to do so via a build-time argument
(--build-arg). The built image is then pushed to the Docker
registry.
# Docker Hub login
docker login -u "$DOCKER_HUB_USER" -p "$DOCKER_HUB_TOKEN" $DOCKER_HUB_REGISTRY
# Docker build command
docker build --build-arg SQUID_VERSION=$SQUID_VERSION --pull -t $CONTAINER_BUILD_NOPROD_NAME_AMD64 .
# Pushing image to Docker Hub
docker push $CONTAINER_BUILD_NOPROD_NAME_AMD64The docker-hub-test job spins up a Docker container of
the previously built Squid image. It then tests the connectivity by
running a curl command to the Google home page, through the
Squid proxy.
# Updates package lists and installs curl
apt update && apt install -y curl --no-upgrade --no-install-recommends --no-install-suggests
# Test connectivity via Squid proxy
export https_proxy=http://$CONTAINER_TEST_NAME:3128 && curl -k https://www.google.frIn docker-hub-pushtag, the Docker image is pulled from
the Docker registry, and then it is tagged with the Squid version and
architecture. The tagged images are then pushed to Docker Hub.
# Docker Hub login
docker login -u "$DOCKER_HUB_USER" -p "$DOCKER_HUB_TOKEN" $DOCKER_HUB_REGISTRY
# Docker pull command
docker pull $CONTAINER_BUILD_NOPROD_NAME_AMD64
# Docker tag command for tagging the image with Squid version & architecture
docker tag $CONTAINER_BUILD_NOPROD_NAME_AMD64 $HUB_REGISTRY_IMAGE:$SQUID_VERSION-amd64
# Pushing tagged image to Docker Hub
docker push $HUB_REGISTRY_IMAGE:$SQUID_VERSION-amd64The chatgpt_analysis job uses OpenAI’s GPT-3 to generate
detailed explanations of the GitLab CI/CD jobs mentioned above in
Markdown format.
# Prepare content for GPT-3
JOBS_CONTENT=$(cat .gitlab-ci.yml gitlabci/*)
LAST_COMMIT=$(git log -1 --pretty=format:"%h %s%n%b")
CONTENT="..."
# Prepare JSON payload for API call
JSON_CONTENT=$(jq -n --arg model "gpt-4" --arg content "$CONTENT" '{model:$model, messages:[{role:"user", content:$content}] }')
# Call OpenAI's Chat Models API
RESPONSE=$(curl -X POST https://api.openai.com/v1/chat/completions -H "Authorization:Bearer $CHATGPT_API_KEY" -H "Content-Type:application/json" -d "$JSON_CONTENT")
# Extract the response
ANSWER=$(echo $RESPONSE | jq 'del(.choices[0].message.content)')
RESPONSE=$(echo $RESPONSE | jq -r '.choices[0].message.content')
# Print the results and store in a markdown file
echo "$ANSWER"
echo -e "$RESPONSE" > chatgpt_analysis_$(date +%Y%m%d).mdSeveral environment variables are used across the jobs:
CI_PROJECT_DIR: It represents the full path where
the project is located. GitLab CI/CD uses this variable
internally.
DOCKER_HUB_USER, DOCKER_HUB_TOKEN and
DOCKER_HUB_REGISTRY: Used for Docker Hub integration, they
represent Docker Hub username, authentication token, and Docker Hub
registry URL respectively.
CONTAINER_BUILD_NOPROD_NAME_AMD64,
CONTAINER_BUILD_NOPROD_NAME_ARM: They represent filenames
for Docker images for AMD64 and ARM architectures respectively.
CONTAINER_CLIENT_IMAGE: This variable holds the name
of the Docker image used to execute various commands throughout multiple
jobs.
SQUID_VERSION: This variable holds the fetched Squid
version from GitHub. It is used by Docker build job to build an image
referring to this specific version.
variables.env: This file maintains the fetched Squid
version.
README.md: It is the documentation file that is
updated with the fetched Squid version.
Jobs are connected via the needs keyword in GitLab. It
is used to define a relation that the completion of one job is dependent
on the successful state of the other job. For instance,
docker-hub-build depends on a successful execution of
getsquid_vars.
Each job creates detailed logs of their execution on the GitLab
server, and these logs serve as the first level of outcome for each job.
Furthermore, several jobs generate artifacts. For example,
getsquid_vars generates an artifact
variables.env containing the fetched Squid version. Another
example is chatgpt_analysis which generates artifacts
.md and .html documents with explanations.
e8d2bf4 README Auto update [skip ci]The purpose of the latest commit is to automate the update of the
README file with the latest Squid version fetched from GitHub. The
[skip ci] in the commit message is used to prevent
triggering new CI/CD pipelines for this commit.
Project: https://gitlab.com/fredbcode-images/squid Pipeline: https://gitlab.com/fredbcode-images/squid/-/pipelines/2110438423 Docker images: https://hub.docker.com/r/fredbcode