Commit 343beb6b authored by Douglas Barbosa Alexandre's avatar Douglas Barbosa Alexandre

Merge branch 'jcunha/upgrade-auto-devops-docker-version' into 'master'

Updates Auto DevOps docker version usage to 19.03.11

See merge request gitlab-org/gitlab!33664
parents 7ac786bc 2432932c
...@@ -123,7 +123,7 @@ not without its own challenges: ...@@ -123,7 +123,7 @@ not without its own challenges:
- By default, Docker 17.09 and higher uses `--storage-driver overlay2` which is - By default, Docker 17.09 and higher uses `--storage-driver overlay2` which is
the recommended storage driver. See [Using the overlayfs driver](#use-the-overlayfs-driver) the recommended storage driver. See [Using the overlayfs driver](#use-the-overlayfs-driver)
for details. for details.
- Since the `docker:19.03.8-dind` container and the Runner container don't share their - Since the `docker:19.03.11-dind` container and the Runner container don't share their
root filesystem, the job's working directory can be used as a mount point for root filesystem, the job's working directory can be used as a mount point for
child containers. For example, if you have files you want to share with a child containers. For example, if you have files you want to share with a
child container, you may create a subdirectory under `/builds/$CI_PROJECT_PATH` child container, you may create a subdirectory under `/builds/$CI_PROJECT_PATH`
...@@ -142,7 +142,7 @@ not without its own challenges: ...@@ -142,7 +142,7 @@ not without its own challenges:
An example project using this approach can be found here: <https://gitlab.com/gitlab-examples/docker>. An example project using this approach can be found here: <https://gitlab.com/gitlab-examples/docker>.
In the examples below, we are using Docker images tags to specify a In the examples below, we are using Docker images tags to specify a
specific version, such as `docker:19.03.8`. If tags like `docker:stable` specific version, such as `docker:19.03.11`. If tags like `docker:stable`
are used, you have no control over what version is going to be used and this are used, you have no control over what version is going to be used and this
can lead to unpredictable behavior, especially when new versions are can lead to unpredictable behavior, especially when new versions are
released. released.
...@@ -158,7 +158,7 @@ issue](https://gitlab.com/gitlab-org/charts/gitlab-runner/-/issues/83) for ...@@ -158,7 +158,7 @@ issue](https://gitlab.com/gitlab-org/charts/gitlab-runner/-/issues/83) for
details. details.
The Docker daemon supports connection over TLS and it's done by default The Docker daemon supports connection over TLS and it's done by default
for Docker 19.03.8 or higher. This is the **suggested** way to use the for Docker 19.03.11 or higher. This is the **suggested** way to use the
Docker-in-Docker service and Docker-in-Docker service and
[GitLab.com Shared Runners](../../user/gitlab_com/index.md#shared-runners) [GitLab.com Shared Runners](../../user/gitlab_com/index.md#shared-runners)
support this. support this.
...@@ -174,13 +174,13 @@ support this. ...@@ -174,13 +174,13 @@ support this.
--registration-token REGISTRATION_TOKEN \ --registration-token REGISTRATION_TOKEN \
--executor docker \ --executor docker \
--description "My Docker Runner" \ --description "My Docker Runner" \
--docker-image "docker:19.03.8" \ --docker-image "docker:19.03.11" \
--docker-privileged \ --docker-privileged \
--docker-volumes "/certs/client" --docker-volumes "/certs/client"
``` ```
The above command will register a new Runner to use the special The above command will register a new Runner to use the special
`docker:19.03.8` image, which is provided by Docker. **Notice that it's `docker:19.03.11` image, which is provided by Docker. **Notice that it's
using the `privileged` mode to start the build and service using the `privileged` mode to start the build and service
containers.** If you want to use [Docker-in-Docker](https://www.docker.com/blog/docker-can-now-run-within-docker/) mode, you always containers.** If you want to use [Docker-in-Docker](https://www.docker.com/blog/docker-can-now-run-within-docker/) mode, you always
have to use `privileged = true` in your Docker containers. have to use `privileged = true` in your Docker containers.
...@@ -199,7 +199,7 @@ support this. ...@@ -199,7 +199,7 @@ support this.
executor = "docker" executor = "docker"
[runners.docker] [runners.docker]
tls_verify = false tls_verify = false
image = "docker:19.03.8" image = "docker:19.03.11"
privileged = true privileged = true
disable_cache = false disable_cache = false
volumes = ["/certs/client", "/cache"] volumes = ["/certs/client", "/cache"]
...@@ -209,10 +209,10 @@ support this. ...@@ -209,10 +209,10 @@ support this.
``` ```
1. You can now use `docker` in the build script (note the inclusion of the 1. You can now use `docker` in the build script (note the inclusion of the
`docker:19.03.8-dind` service): `docker:19.03.11-dind` service):
```yaml ```yaml
image: docker:19.03.8 image: docker:19.03.11
variables: variables:
# When using dind service, we need to instruct docker, to talk with # When using dind service, we need to instruct docker, to talk with
...@@ -237,7 +237,7 @@ support this. ...@@ -237,7 +237,7 @@ support this.
DOCKER_TLS_CERTDIR: "/certs" DOCKER_TLS_CERTDIR: "/certs"
services: services:
- docker:19.03.8-dind - docker:19.03.11-dind
before_script: before_script:
- docker info - docker info
...@@ -264,7 +264,7 @@ Assuming that the Runner `config.toml` is similar to: ...@@ -264,7 +264,7 @@ Assuming that the Runner `config.toml` is similar to:
executor = "docker" executor = "docker"
[runners.docker] [runners.docker]
tls_verify = false tls_verify = false
image = "docker:19.03.8" image = "docker:19.03.11"
privileged = true privileged = true
disable_cache = false disable_cache = false
volumes = ["/cache"] volumes = ["/cache"]
...@@ -274,10 +274,10 @@ Assuming that the Runner `config.toml` is similar to: ...@@ -274,10 +274,10 @@ Assuming that the Runner `config.toml` is similar to:
``` ```
You can now use `docker` in the build script (note the inclusion of the You can now use `docker` in the build script (note the inclusion of the
`docker:19.03.8-dind` service): `docker:19.03.11-dind` service):
```yaml ```yaml
image: docker:19.03.8 image: docker:19.03.11
variables: variables:
# When using dind service we need to instruct docker, to talk with the # When using dind service we need to instruct docker, to talk with the
...@@ -298,7 +298,7 @@ variables: ...@@ -298,7 +298,7 @@ variables:
DOCKER_TLS_CERTDIR: "" DOCKER_TLS_CERTDIR: ""
services: services:
- docker:19.03.8-dind - docker:19.03.11-dind
before_script: before_script:
- docker info - docker info
...@@ -318,7 +318,7 @@ container so that Docker is available in the context of that image. ...@@ -318,7 +318,7 @@ container so that Docker is available in the context of that image.
NOTE: **Note:** NOTE: **Note:**
If you bind the Docker socket [when using GitLab Runner 11.11 or If you bind the Docker socket [when using GitLab Runner 11.11 or
newer](https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/1261), newer](https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/1261),
you can no longer use `docker:19.03.8-dind` as a service because volume bindings you can no longer use `docker:19.03.11-dind` as a service because volume bindings
are done to the services as well, making these incompatible. are done to the services as well, making these incompatible.
In order to do that, follow the steps: In order to do that, follow the steps:
...@@ -333,12 +333,12 @@ In order to do that, follow the steps: ...@@ -333,12 +333,12 @@ In order to do that, follow the steps:
--registration-token REGISTRATION_TOKEN \ --registration-token REGISTRATION_TOKEN \
--executor docker \ --executor docker \
--description "My Docker Runner" \ --description "My Docker Runner" \
--docker-image "docker:19.03.8" \ --docker-image "docker:19.03.11" \
--docker-volumes /var/run/docker.sock:/var/run/docker.sock --docker-volumes /var/run/docker.sock:/var/run/docker.sock
``` ```
The above command will register a new Runner to use the special The above command will register a new Runner to use the special
`docker:19.03.8` image which is provided by Docker. **Notice that it's using `docker:19.03.11` image which is provided by Docker. **Notice that it's using
the Docker daemon of the Runner itself, and any containers spawned by Docker the Docker daemon of the Runner itself, and any containers spawned by Docker
commands will be siblings of the Runner rather than children of the Runner.** commands will be siblings of the Runner rather than children of the Runner.**
This may have complications and limitations that are unsuitable for your workflow. This may have complications and limitations that are unsuitable for your workflow.
...@@ -352,7 +352,7 @@ In order to do that, follow the steps: ...@@ -352,7 +352,7 @@ In order to do that, follow the steps:
executor = "docker" executor = "docker"
[runners.docker] [runners.docker]
tls_verify = false tls_verify = false
image = "docker:19.03.8" image = "docker:19.03.11"
privileged = false privileged = false
disable_cache = false disable_cache = false
volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache"] volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache"]
...@@ -361,11 +361,11 @@ In order to do that, follow the steps: ...@@ -361,11 +361,11 @@ In order to do that, follow the steps:
``` ```
1. You can now use `docker` in the build script (note that you don't need to 1. You can now use `docker` in the build script (note that you don't need to
include the `docker:19.03.8-dind` service as when using the Docker in Docker include the `docker:19.03.11-dind` service as when using the Docker in Docker
executor): executor):
```yaml ```yaml
image: docker:19.03.8 image: docker:19.03.11
before_script: before_script:
- docker info - docker info
...@@ -419,10 +419,10 @@ any image that's used with the `--cache-from` argument must first be pulled ...@@ -419,10 +419,10 @@ any image that's used with the `--cache-from` argument must first be pulled
Here's a `.gitlab-ci.yml` file showing how Docker caching can be used: Here's a `.gitlab-ci.yml` file showing how Docker caching can be used:
```yaml ```yaml
image: docker:19.03.8 image: docker:19.03.11
services: services:
- docker:19.03.8-dind - docker:19.03.11-dind
variables: variables:
# Use TLS https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#tls-enabled # Use TLS https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#tls-enabled
......
...@@ -58,10 +58,10 @@ To enable Container Scanning in your pipeline, you need the following: ...@@ -58,10 +58,10 @@ To enable Container Scanning in your pipeline, you need the following:
```yaml ```yaml
build: build:
image: docker:19.03.8 image: docker:19.03.11
stage: build stage: build
services: services:
- docker:19.03.8-dind - docker:19.03.11-dind
variables: variables:
IMAGE_TAG: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA IMAGE_TAG: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
script: script:
...@@ -114,7 +114,7 @@ build: ...@@ -114,7 +114,7 @@ build:
image: docker:stable image: docker:stable
stage: build stage: build
services: services:
- docker:19.03.8-dind - docker:19.03.11-dind
variables: variables:
IMAGE: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA IMAGE: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
script: script:
...@@ -282,7 +282,7 @@ stages: ...@@ -282,7 +282,7 @@ stages:
build_latest_vulnerabilities: build_latest_vulnerabilities:
stage: build stage: build
services: services:
- docker:19.03.8-dind - docker:19.03.11-dind
script: script:
- docker pull arminc/clair-db:latest - docker pull arminc/clair-db:latest
- docker tag arminc/clair-db:latest $CI_REGISTRY/namespace/clair-vulnerabilities-db - docker tag arminc/clair-db:latest $CI_REGISTRY/namespace/clair-vulnerabilities-db
......
...@@ -248,10 +248,10 @@ should look similar to this: ...@@ -248,10 +248,10 @@ should look similar to this:
```yaml ```yaml
build: build:
image: docker:19.03.8 image: docker:19.03.11
stage: build stage: build
services: services:
- docker:19.03.8-dind - docker:19.03.11-dind
script: script:
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- docker build -t $CI_REGISTRY/group/project/image:latest . - docker build -t $CI_REGISTRY/group/project/image:latest .
...@@ -262,10 +262,10 @@ You can also make use of [other variables](../../../ci/variables/README.md) to a ...@@ -262,10 +262,10 @@ You can also make use of [other variables](../../../ci/variables/README.md) to a
```yaml ```yaml
build: build:
image: docker:19.03.8 image: docker:19.03.11
stage: build stage: build
services: services:
- docker:19.03.8-dind - docker:19.03.11-dind
variables: variables:
IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
script: script:
...@@ -288,9 +288,9 @@ when needed. Changes to `master` also get tagged as `latest` and deployed using ...@@ -288,9 +288,9 @@ when needed. Changes to `master` also get tagged as `latest` and deployed using
an application-specific deploy script: an application-specific deploy script:
```yaml ```yaml
image: docker:19.03.8 image: docker:19.03.11
services: services:
- docker:19.03.8-dind - docker:19.03.11-dind
stages: stages:
- build - build
...@@ -363,9 +363,9 @@ Below is an example of what your `.gitlab-ci.yml` should look like: ...@@ -363,9 +363,9 @@ Below is an example of what your `.gitlab-ci.yml` should look like:
```yaml ```yaml
build: build:
image: $CI_REGISTRY/group/project/docker:19.03.8 image: $CI_REGISTRY/group/project/docker:19.03.11
services: services:
- name: $CI_REGISTRY/group/project/docker:19.03.8-dind - name: $CI_REGISTRY/group/project/docker:19.03.11-dind
alias: docker alias: docker
stage: build stage: build
script: script:
...@@ -373,7 +373,7 @@ Below is an example of what your `.gitlab-ci.yml` should look like: ...@@ -373,7 +373,7 @@ Below is an example of what your `.gitlab-ci.yml` should look like:
- docker run my-docker-image /script/to/run/tests - docker run my-docker-image /script/to/run/tests
``` ```
If you forget to set the service alias, the `docker:19.03.8` image won't find the If you forget to set the service alias, the `docker:19.03.11` image won't find the
`dind` service, and an error like the following will be thrown: `dind` service, and an error like the following will be thrown:
```plaintext ```plaintext
...@@ -443,10 +443,10 @@ stages: ...@@ -443,10 +443,10 @@ stages:
- clean - clean
build_image: build_image:
image: docker:19.03.8 image: docker:19.03.11
stage: build stage: build
services: services:
- docker:19.03.8-dind - docker:19.03.11-dind
variables: variables:
IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
script: script:
...@@ -459,10 +459,10 @@ build_image: ...@@ -459,10 +459,10 @@ build_image:
- master - master
delete_image: delete_image:
image: docker:19.03.8 image: docker:19.03.11
stage: clean stage: clean
services: services:
- docker:19.03.8-dind - docker:19.03.11-dind
variables: variables:
IMAGE_TAG: $CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG IMAGE_TAG: $CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG
REG_SHA256: ade837fc5224acd8c34732bf54a94f579b47851cc6a7fd5899a98386b782e228 REG_SHA256: ade837fc5224acd8c34732bf54a94f579b47851cc6a7fd5899a98386b782e228
......
performance: performance:
stage: performance stage: performance
image: docker:19.03.8 image: docker:19.03.11
allow_failure: true allow_failure: true
variables: variables:
DOCKER_TLS_CERTDIR: "" DOCKER_TLS_CERTDIR: ""
services: services:
- docker:19.03.8-dind - docker:19.03.11-dind
script: script:
- | - |
if ! docker info &>/dev/null; then if ! docker info &>/dev/null; then
......
build: build:
stage: build stage: build
image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-build-image:v0.2.2" image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-build-image:v0.2.3"
variables: variables:
DOCKER_TLS_CERTDIR: "" DOCKER_TLS_CERTDIR: ""
services: services:
- docker:19.03.8-dind - docker:19.03.11-dind
script: script:
- | - |
if [[ -z "$CI_COMMIT_TAG" ]]; then if [[ -z "$CI_COMMIT_TAG" ]]; then
......
code_quality: code_quality:
stage: test stage: test
image: docker:19.03.8 image: docker:19.03.11
allow_failure: true allow_failure: true
services: services:
- docker:19.03.8-dind - docker:19.03.11-dind
variables: variables:
DOCKER_DRIVER: overlay2 DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: "" DOCKER_TLS_CERTDIR: ""
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment