More Related Content
Similar to オンプレでPrivate Registry使ったDockerイメージの運用について (20)
More from YASUKAZU NAGATOMI (18)
オンプレでPrivate Registry使ったDockerイメージの運用について
- 9. Makefile
NAME := hoge
REVISION := $(shell git rev-parse --short HEAD)
ORIGIN := $(shell git remote get-url origin | sed -e 's/^.*@//g')
TAGS := $(REVISION)
RELEASE_TAGS := 0.1.1 prod $(REVISION)
REGISTRY := registry.yassan.local
USER := yassan
.PHONY: revision
revision:
@echo $(REVISION)
.PHONY: test
test:
@python -m unittest test/test_config.py
@python -m unittest test/validate_config.py
.PHONY: test-with-docker
test-with-docker:
@docker run
-w /tmp/test
-v `pwd`:/tmp/test $(REGISTRY)/$(USER)/$(NAME):$(REVISION)
make test
.PHONY: build
build:
@docker build
--build-arg GIT_REVISION=$(REVISION)
--build-arg GIT_ORIGIN=$(ORIGIN)
--build-arg IMAGE_NAME=$(REGISTRY)/$(USER)/$(NAME)
$(addprefix -t $(REGISTRY)/$(USER)/$(NAME):,$(TAGS)) .
.PHONY: push
push:
@for TAG in $(TAGS); do
docker push $(REGISTRY)/$(USER)/$(NAME):$$TAG;
done
.PHONY: release
release:
@make build TAGS="$(RELEASE_TAGS)"
@make push TAGS="$(RELEASE_TAGS)"
- 10. Makefile
NAME := hoge
REVISION := $(shell git rev-parse --short HEAD)
ORIGIN := $(shell git remote get-url origin | sed -e 's/^.*@//g')
TAGS := $(REVISION)
RELEASE_TAGS := 0.1.1 prod $(REVISION)
REGISTRY := registry.yassan.local
USER := yassan
.PHONY: revision
revision:
@echo $(REVISION)
.PHONY: test
test:
@python -m unittest test/test_config.py
@python -m unittest test/validate_config.py
.PHONY: test-with-docker
test-with-docker:
@docker run
-w /tmp/test
-v `pwd`:/tmp/test $(REGISTRY)/$(USER)/$(NAME):$(REVISION)
make test
.PHONY: build
build:
@docker build
--build-arg GIT_REVISION=$(REVISION)
--build-arg GIT_ORIGIN=$(ORIGIN)
--build-arg IMAGE_NAME=$(REGISTRY)/$(USER)/$(NAME)
$(addprefix -t $(REGISTRY)/$(USER)/$(NAME):,$(TAGS)) .
.PHONY: push
push:
@for TAG in $(TAGS); do
docker push $(REGISTRY)/$(USER)/$(NAME):$$TAG;
done
.PHONY: release
release:
@make build TAGS="$(RELEASE_TAGS)"
@make push TAGS="$(RELEASE_TAGS)"
REVISIONとORIGINはコマンドで取得。
取得したものをdocker build時に埋め込む
- 11. Makefile
NAME := hoge
REVISION := $(shell git rev-parse --short HEAD)
ORIGIN := $(shell git remote get-url origin | sed -e 's/^.*@//g')
TAGS := $(REVISION)
RELEASE_TAGS := 0.1.1 prod $(REVISION)
REGISTRY := registry.yassan.local
USER := yassan
.PHONY: revision
revision:
@echo $(REVISION)
.PHONY: test
test:
@python -m unittest test/test_config.py
@python -m unittest test/validate_config.py
.PHONY: test-with-docker
test-with-docker:
@docker run
-w /tmp/test
-v `pwd`:/tmp/test $(REGISTRY)/$(USER)/$(NAME):$(REVISION)
make test
.PHONY: build
build:
@docker build
--build-arg GIT_REVISION=$(REVISION)
--build-arg GIT_ORIGIN=$(ORIGIN)
--build-arg IMAGE_NAME=$(REGISTRY)/$(USER)/$(NAME)
$(addprefix -t $(REGISTRY)/$(USER)/$(NAME):,$(TAGS)) .
.PHONY: push
push:
@for TAG in $(TAGS); do
docker push $(REGISTRY)/$(USER)/$(NAME):$$TAG;
done
.PHONY: release
release:
@make build TAGS="$(RELEASE_TAGS)"
@make push TAGS="$(RELEASE_TAGS)"
TAGSに空白区切りで記述して、
イメージタグを複数付けている
- 12. Jenkinsfile
pipeline {
agent any
stages {
stage('Test build') {
steps {
sh 'make build'
sh 'make push'
}
}
stage('Test') {
steps {
sh 'make test-with-docker'
}
}
stage('Docker release') {
when {
branch 'master'
}
steps {
sh 'make release'
}
Makefileだけでdocker buildやpushが
出来るので、Jenkinsfileが非常に簡単
になる。
また、Makefileで構成しているので、
他のCIツールなどへの移行も楽にな
る。
- 15. 参考情報
• Portus Official Docker image
• dockerをbuildする際のMakefile - Qiita
• Pull Request Builder PluginをJenkinsに導入する - Qiita
• JenkinsとGitHubを使ったCI実践ガイド | GitHub Resources
• [KubeConEU] Building images efficiently and securely on Kubernetes with
BuildKit
• Blue Ocean
• coreos/clair
• Clairで、Dockerイメージの脆弱性スキャンを試す - CLOVER🍀
• Harbor
• Dragonfly
• uber/kraken
• 複数のDockerイメージを単一リポジトリで管理する - Qiita