Below are the jobs defined in the .gitlab-ci.yml file of
the Squid project.
hadolint) - Job that checks
the Dockerfile for any style issues using
Hadolint.getsquid_vars) - Job that
fetches the current Squid version from the GitHub releases, save it into
a file, updates README.md, and checks if the version has
changed.docker-hub-build,
docker-hub-build-arm) - Jobs that build Docker images for
the AMD64 and ARM platforms, respectively.docker-hub-test,
docker-hub-test-arm, SquidParseConfig,
dive, dive-arm) - Jobs that run tests on the
built Docker images, including network tests, squid config
checking, and examining the image layers with dive.push-docker-hub,
push-docker-hub_arm) - Jobs that push the Docker images to
Docker Hub with the Squid version as a tag for both AMD64 and ARM,
respectively..gitlab-ci.yml content.chatgpt_analysis,
update_dockerhub_readme) - Jobs that generate a ChatGPT
analysis report, and update the Docker Hub repository description with
the current README.md.Since this is a brief overview, the following sections will cover each job in more detail, explaining the commands and their objectives, parameters, variables, job dependencies, artifacts produced, and the latest commit’s impact on the pipeline.
This job uses the hadolint/hadolint:latest-debian Docker
image to check the Dockerfile for style violations.
hadolint is a popular tool used to promote best practices
when writing Dockerfiles.
The script of this job tells hadolint to ignore the rule
DL3008, which warns about deleting apt-get lists after installing
something.
Here’s the breakdown of the script section: -
hadolint --ignore DL3008 Dockerfile: Lint the
Dockerfile while ignoring the rule DL3008.
The purpose of this job is to fetch the latest Squid version from
GitHub releases, save the version into variables.env file,
update the README.md file with the new Squid version, and
check if the Squid version has changed.
Here’s the breakdown of the script section:
- export SQUID_VERSION=$(curl -LsXGET https://github.com/squid-cache/squid/releases/latest | grep -m 1 "Release" | cut -d " " -f4 |tr -d 'v') # Fetch the latest released Squid version from GitHub.
- echo "SQUID_VERSION=$SQUID_VERSION" > variables.env # Save the Squid version to `variables.env`.
- sed -i "s/{{SQUID_VERSION}}/$SQUID_VERSION/g" README_template.md # Replace the {{SQUID_VERSION}} placeholder with the fetched Squid version in `README_template.md`.
- cp README_template.md README.md # Copy the updated `README_template.md` to `README.md`.
- if [ "$LAST_KNOWN" != "$SQUID_VERSION" ]; then echo "$SQUID_VERSION" > ci/last_squid_version.txt; echo "version_changed=1" > version_changed; git add ci/last_squid_version.txt || true; else echo "version_changed=0" > version_changed; fi # Check if the Squid version has changed. If it has, update the `ci/last_squid_version.txt` file, set `version_changed` to 1, and stage the `ci/last_squid_version.txt` for commit. Otherwise, set `version_changed` to 0.
- git config user.email "fredbcode"
- git config user.name "fredbcode"
- git add README.md ci/last_squid_version.txt variables.env || true
- git commit -m "README Auto update and update last_squid_version [skip ci]" || true
- git push https://$GITLAB_TOKEN@gitlab.com/fredbcode-images/squid.git HEAD:master || true # Commit and push the changes to GitLab.These jobs are responsible for building Docker images in ARM and
AMD64 platforms. They both source the Squid version from
variables.env, build Docker images with that Squid version
as a build arg, tag the images, and push them to the Docker Hub
registry. The docker-hub-build job is responsible for the
AMD64 platform, while docker-hub-build-arm covers the ARM
platform.
Here’s the breakdown of the script section:
- source variables.env # Source the variables from `variables.env`.
- docker build --build-arg SQUID_VERSION=$SQUID_VERSION --pull -t $CONTAINER_BUILD_NOPROD_NAME_AMD64 . # Build a Docker image using `Dockerfile`, with $SQUID_VERSION as a build arg and tag it with $CONTAINER_BUILD_NOPROD_NAME_AMD64.
- docker push $CONTAINER_BUILD_NOPROD_NAME_AMD64 # Push the image to the Docker Hub registry.These two jobs test the Docker images built in the previous stage.
They first update the package index in the system and install
curl used for the test. Then, they try to use the built
Squid Docker images as a proxy to send a GET request to
https://www.google.fr.
Here’s the breakdown of the script section:
- export https_proxy=http://$CONTAINER_TEST_NAME:3128 && curl -k https://www.google.fr # Use the Squid proxy to connect to `https://www.google.fr`.This job tests the squid.conf used in the Squid Docker
image. The squid executable is run with the
-k parse option to check the squid.conf file.
If the parsing results in an error, the job exits with a non-zero exit
code, signaling failure.
Here’s the breakdown of the script section:
- /usr/sbin/squid -k parse /etc/squid/squid.conf
- "! /usr/sbin/squid -k parse /etc/squid/squid.conf 2>&1 | grep ERROR" # Parse the `squid.conf` and exit with a non-zero exit code if there is an error.The dive and dive-arm jobs inspect the
Docker images built by docker-hub-build and
docker-hub-build-arm, respectively. They use the
dive Docker image for this purpose.
These jobs are responsible for tagging the Docker images built by
docker-hub-build and docker-hub-build-arm with
the Squid version and pushing them to Docker Hub. The
push-docker-hub job tags and pushes the Docker image built
by docker-hub-build (AMD64), while
push-docker-hub_arm refers to the Docker image built by
docker-hub-build-arm (ARM).
This job generates a ChatGPT analysis report. It first checks if the Squid version has changed. If there is no change in the Squid version, it will exit the job early. If there is a change, it will generate a ChatGPT analysis report and push it to a remote server.
This job updates the Docker Hub repository description with the
README.md of the project.
There are several environment variables used throughout the pipeline:
SQUID_VERSION: This variable holds the current Squid
version. It is defined in getsquid_vars and used in the
docker-hub-build, docker-hub-build-arm,
push-docker-hub, and push-docker-hub_arm
jobs.
GIT_CLONE_PATH: This variable is used to specify the
project’s clone path.
CONTAINER_CLIENT_IMAGE: This image is used in the
getsquid_vars, docker-hub-test,
docker-hub-build, and docker-hub-test-arm
jobs.
CONTAINER_BUILD_NOPROD_NAME_ARM and
CONTAINER_BUILD_NOPROD_NAME_AMD64: These variables are used
to specify the Docker image tags for ARM and AMD64 platforms,
respectively.
DOCKER_HUB_USER and DOCKER_HUB_TOKEN:
These variables are used for logging into Docker Hub in the Docker build
and push jobs.
HUB_REGISTRY_IMAGE: This variable is used to specify
the Docker Hub repository name where the images will be pushed.
File references in jobs include:
README_template.md: This file is used as a template
to update README.md in the getsquid_vars
job.
ci/last_squid_version.txt: This file contains the
last known Squid version, and is used to detect if the Squid version has
changed in the getsquid_vars job.
variables.env: This file contains environment
variables, and is used to pass the Squid version between different
jobs.
.gitlab-ci.yml and gitlabci/*: These
files contain the pipeline configuration and are used in the
chatgpt_analysis job.
Jobs in this pipeline heavily depend on each other. For example:
docker-hub-build and
docker-hub-build-arm depend on getsquid_vars
because they need the Squid version in variables.env
file.
docker-hub-test and docker-hub-test-arm
depend on docker-hub-build and
docker-hub-build-arm, respectively, because they test the
Docker images produced by those jobs.
push-docker-hub and push-docker-hub_arm
depend on docker-hub-test and
docker-hub-test-arm, respectively, because they need to
make sure the Docker images have passed the tests.
chatgpt_analysis depends on
getsquid_vars because it needs the Squid version in
variables.env file.
Generally, the pipeline progresses in such a way that each stage depends on the successful completion of the previous one.
Jobs in this pipeline produce several artifacts and results:
getsquid_vars produces variables.env
and README.md files as artifacts.
docker-hub-build pushes Docker images for AMD64
platform to Docker Hub, and leaves the Docker images in the CI/CD
environment for later stages.
docker-hub-build-arm does the same for ARM
platform.
docker-hub-test and docker-hub-test-arm
validate the Docker images and produce logs.
push-docker-hub and push-docker-hub_arm
produce no artifacts, but they push Docker images for AMD64 and ARM
platform, respectively, to Docker Hub.
chatgpt_analysis produces Markdown and HTML files of
ChatGPT analysis, and also uploads the HTML files to a remote
server.
The commit dcc6126 adds auto-update functionality to the
README.md file and last_squid_version.txt,
which contains the last-known Squid version.
The commit message has [skip ci], so it will not trigger
a pipeline. If the Squid version has changed, the
getsquid_vars job will update the README.md
and last_squid_version.txt to reflect the new version and
commit the changes. This ensures that the README.md always
displays the latest Squid version and
last_squid_version.txt always has the last known Squid
version.
The last_squid_version.txt file is used to decide
whether the chatgpt_analysis job should run or not. If the
Squid version has not changed since the last pipeline, there is no need
to generate a new ChatGPT analysis report.