CI: Before building Docker image, check available runner and container registry
Currently, we don't do any checks if it's possible to build and push the Docker image:
- The default 0xcab shared runner doesn't run in privileged mode. This is needed to run Docker inside Docker, e.g. to build an Docker image inside a running Docker container.
- By default, the container registry (needed to push Docker images) isn't enabled for new projects.
Therefore, if people are forking our repo, this job will fail with the default settings, merging will be blocked, because of this.
Two ideas how to solve this:
We could check for the CI_RUNNER_TAGS env var: It should list
We could check for the CI_REGISTRY_IMAGE env var: If its unset, the container registry isn't enabled.
Any opinions / feedback?
Edit 1: Again, I'm not sure how to implement this. We would need to pass information between different jobs, and that's currently not possible. This issue is similar to the one described in the past.
Edit 2: Here is an idea how to implement this:
- Remove the tag
docker-in-docker, so the job gets picked up by the native 0xacab worker.
- At first, after start, check the current project namespace: Continue with the build if we're inside
exit 0in all other cases.
This would of course mean that this only "works for us", but, IMHO, this should be sufficient.