Skip to content

Resolve "build team-controlled containers from 0xacab registry"

Closes #244 (closed)

context

  • currently, we build the signalboost and our own custom signald container from scratch on deploy and in CI
  • this both: (1) creates slow build times, (2) creates the (unlikely) possibility of breaking changes during deploy (eg: something in the dockerfile changes causing a previously-cached build step to re-run some odd debian dependency has caused URLs to become invalid or certain packages to have been EOL'ed, etc...)
  • to avoid all of this (but also avoid trusting dockerhub), we want to publish images to the 0xacab docker regisry and pull them for gitlab CI jobs, deploy scripts, and our own dev env

changes

add commands for building/publishing images to 0xacab:

  • add bin/docker-build, bin/docker-push
    • take args for image (signald/signalboost) and tag (semver/latest)
    • use appropriate tags for taggging and/or publishing to 0xacab
  • add make commands for using these (that accept optional TAG arg)
  • usage notes:
    • the push job requires an authenticated session with the 0xacab container registry (which you can obatin by running docker login registry.0xacab.org
    • if you have 2-factor auth enabled (which of course you do!), then this will require generating an api token to use instead of your password as the password
    • registry can be viewed here: https://0xacab.org/team-friendo/signalboost/container_registry/

use 0xacab registry containers in all docker-compose files

add version LABEL to dockerfiles (corresponding to tags):

  • this is to help with semver-based tagging of docker containers for easy rollbacks
  • currently we just build from latest, but we are publishing images with semver tags to make their strict adoption possible in the future
  • if (e.g.), we ever wanted to rollback to specific versions, keeping them tagged in version control should make it easier to figure out which tag corresponds to which version of the image

Merge request reports

Loading