Docker
Build and publish Docker images using BuildKit with registry layer caching.
Import
yaml
include:
- project: hosst/gitlab-pipelines
file: pipelines/docker.yamlJobs
hadolint
Lints the Dockerfile with hadolint. Runs only when Dockerfile or files under docker/ change. Reports are uploaded as a GitLab Code Quality artifact.
| Variable | Default | Description |
|---|---|---|
HADOLINT_ARGS | --no-fail --format gitlab_codeclimate | hadolint arguments |
HADOLINT_IGNORE | Rules to ignore (e.g. --ignore DL3006) | |
HADOLINT_REPORT_PATH | reports/ | Report output directory |
docker:image
Builds and pushes a Docker image using docker buildx. Runs on saas-linux-medium-amd64 runners.
Layer caching is pulled from the latest branch image and the default branch image before each build.
Variables
| Variable | Default | Description |
|---|---|---|
DOCKER_REGISTRY | $CI_REGISTRY | Registry to push to |
DOCKER_REGISTRY_USER | $CI_REGISTRY_USER | Registry username |
DOCKER_REGISTRY_PASSWORD | $CI_REGISTRY_PASSWORD | Registry password |
DOCKER_FILE | Dockerfile | Path to the Dockerfile |
DOCKER_BUILD_DIR | . | Build context directory |
DOCKER_BUILD_TARGET | Build target for multi-stage builds | |
DOCKER_BUILD_TARGETS | Space-separated list of targets to build before the final image | |
DOCKER_IMAGE_NAME | $CI_PROJECT_PATH | Image name |
Image tags
Images are tagged automatically based on the pipeline trigger:
| Trigger | Variable | Example |
|---|---|---|
| Git tag | DOCKER_IMAGE_VERSION | registry.gitlab.com/org/app:1.0 |
| Git tag latest | DOCKER_IMAGE_VERSION_LATEST | registry.gitlab.com/org/app:latest |
| Git tag build target | DOCKER_IMAGE_VERSION_BUILD | registry.gitlab.com/org/app:build |
| Branch commit | DOCKER_IMAGE_BRANCH | registry.gitlab.com/org/app/feature-xyz:7056b235 |
| Branch latest | DOCKER_IMAGE_BRANCH_LATEST | registry.gitlab.com/org/app/feature-xyz:latest |
| Branch build target | DOCKER_IMAGE_BRANCH_BUILD | registry.gitlab.com/org/app/feature-xyz:build |
| Default branch | DOCKER_IMAGE_BRANCH_DEFAULT_LATEST | registry.gitlab.com/org/app/main:latest |
| Default branch build target | DOCKER_IMAGE_BRANCH_DEFAULT_BUILD | registry.gitlab.com/org/app/main:build |
Workflow
Merge Request pipelines are disabled. All other triggers run normally.