From 6bd8a73fa6c0445ec2cd44ad5bbd715afdd619a0 Mon Sep 17 00:00:00 2001 From: Timo Furrer <tfurrer@gitlab.com> Date: Mon, 28 Oct 2024 15:22:04 +0100 Subject: [PATCH] Support GitLab dependency proxy when building gitlab-tofu images Closes https://gitlab.com/components/opentofu/-/issues/70 Changelog: feature --- .gitlab-ci.yml | 14 ++++++++++++++ .gitlab/README.md.template | 5 +++++ README.md | 5 +++++ 3 files changed, 24 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 8504a47..5a86ff3 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -89,6 +89,20 @@ gitlab-opentofu-image:build: stage: build image: quay.io/containers/buildah:v1.37.3 before_script: + # Supporting GitLab dependency proxies: + # see https://docs.gitlab.com/ee/user/packages/dependency_proxy/ + - | + if [ -n "$CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX" ]; then + echo "Detected GitLab Dependency Proxy at '$CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX', configuring it for buildah ..." + cat > /etc/containers/registries.conf.d/dependency-proxy.conf <<EOF + [[registry]] + location = "docker.io" + [[registry.mirror]] + location = "${CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX}" + EOF + + buildah login -u "$CI_DEPENDENCY_PROXY_USER" -p "$CI_DEPENDENCY_PROXY_PASSWORD" "$CI_DEPENDENCY_PROXY_SERVER" + fi - buildah login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY" script: - echo "Building $GITLAB_OPENTOFU_IMAGE_NAME" diff --git a/.gitlab/README.md.template b/.gitlab/README.md.template index e7008ec..a1ad5a7 100644 --- a/.gitlab/README.md.template +++ b/.gitlab/README.md.template @@ -396,6 +396,11 @@ See also the official GitLab documentation for it If you want to save runner resources you may disable the unit and integration tests by setting the `SKIP_TESTS` CI/CD variable to `true`. +The pipeline of this component respects the +[GitLab Dependency Proxy](https://docs.gitlab.com/ee/user/packages/dependency_proxy/) configuration +by detecting the `CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX` environment variable +and configuring `buildah` to use it when building the container images. + ## Migrating from the Terraform CI/CD templates When migrating from the GitLab Terraform CI/CD templates you can use the following migration rules: diff --git a/README.md b/README.md index a3b0c2a..1a1eefe 100644 --- a/README.md +++ b/README.md @@ -415,6 +415,11 @@ See also the official GitLab documentation for it If you want to save runner resources you may disable the unit and integration tests by setting the `SKIP_TESTS` CI/CD variable to `true`. +The pipeline of this component respects the +[GitLab Dependency Proxy](https://docs.gitlab.com/ee/user/packages/dependency_proxy/) configuration +by detecting the `CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX` environment variable +and configuring `buildah` to use it when building the container images. + ## Migrating from the Terraform CI/CD templates When migrating from the GitLab Terraform CI/CD templates you can use the following migration rules: -- GitLab