Commit 0b14ed8e authored by Lucas Charles's avatar Lucas Charles

Tag all CI jobs requiring docker-in-docker

Adds the appropriate `docker` tag to all CI jobs requiring
docker-in-docker, to ensure they are picked up by privileged runners
parent be62d061
......@@ -12,7 +12,9 @@ stages:
- post-qa
- pages
# always use `gitlab-org` runners
# always use `gitlab-org` runners, however
# in cases where jobs require Docker-in-Docker, the job
# definition must be extended with `.use-docker-in-docker`
default:
tags:
- gitlab-org
......@@ -49,6 +51,7 @@ variables:
BUILD_ASSETS_IMAGE: "false"
ES_JAVA_OPTS: "-Xms256m -Xmx256m"
ELASTIC_URL: "http://elastic:changeme@elasticsearch:9200"
DOCKER_VERSION: "19.03.0"
include:
- local: .gitlab/ci/cache-repo.gitlab-ci.yml
......
......@@ -15,10 +15,9 @@
- .default-retry
- .default-before_script
- .assets-compile-cache
- .use-docker-in-docker
image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-git-2.26-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-graphicsmagick-1.3.34-docker-19.03.1
stage: prepare
services:
- docker:19.03.0-dind
variables:
NODE_ENV: "production"
RAILS_ENV: "production"
......@@ -27,8 +26,6 @@
WEBPACK_REPORT: "true"
# we override the max_old_space_size to prevent OOM errors
NODE_OPTIONS: --max_old_space_size=3584
DOCKER_DRIVER: overlay2
DOCKER_HOST: tcp://docker:2375
cache:
key: "assets-compile:production:v1"
artifacts:
......@@ -53,9 +50,6 @@
- time scripts/build_assets_image
- scripts/clean-old-cached-assets
- rm -f /etc/apt/sources.list.d/google*.list # We don't need to update Chrome here
tags:
- gitlab-org
- docker
gitlab:assets:compile pull-push-cache:
extends:
......
......@@ -101,3 +101,15 @@
.as-if-foss:
variables:
FOSS_ONLY: '1'
.use-docker-in-docker:
image: docker:${DOCKER_VERSION}
services:
- docker:${DOCKER_VERSION}-dind
variables:
DOCKER_DRIVER: overlay2
DOCKER_HOST: tcp://docker:2375
DOCKER_TLS_CERTDIR: ""
tags:
# See https://gitlab.com/gitlab-com/www-gitlab-com/-/issues/7019 for tag descriptions
- gitlab-org-docker
......@@ -11,15 +11,14 @@ code_quality:
extends:
- .default-retry
- .reports:rules:code_quality
- .use-docker-in-docker
stage: test
needs: []
image: docker:stable
allow_failure: true
services:
- docker:stable-dind
variables:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ""
# emptying DOCKER_HOST so it can be detected properly on kubernetes executor
# with the script below
DOCKER_HOST: ""
CODE_QUALITY_IMAGE: "registry.gitlab.com/gitlab-org/ci-cd/codequality:0.85.9"
script:
- |
......@@ -50,6 +49,7 @@ sast:
extends:
- .default-retry
- .reports:rules:sast
- .use-docker-in-docker
stage: test
allow_failure: true
needs: []
......@@ -59,14 +59,12 @@ sast:
reports:
sast: gl-sast-report.json
expire_in: 1 week # GitLab-specific
image: docker:stable
variables:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ""
# emptying DOCKER_HOST so it can be detected properly on kubernetes executor
# with the script below
DOCKER_HOST: ""
SAST_BRAKEMAN_LEVEL: 2 # GitLab-specific
SAST_EXCLUDED_PATHS: qa,spec,doc,ee/spec # GitLab-specific
services:
- docker:stable-dind
script:
- export SAST_VERSION=${SP_VERSION:-$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')}
- |
......@@ -89,16 +87,15 @@ dependency_scanning:
extends:
- .default-retry
- .reports:rules:dependency_scanning
- .use-docker-in-docker
stage: test
needs: []
image: docker:stable
variables:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ""
# emptying DOCKER_HOST so it can be detected properly on kubernetes executor
# with the script below
DOCKER_HOST: ""
DS_EXCLUDED_PATHS: "qa/qa/ee/fixtures/secure_premade_reports,spec,ee/spec" # GitLab-specific
allow_failure: true
services:
- docker:stable-dind
script:
- export DS_VERSION=${SP_VERSION:-$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')}
- |
......
.review-docker:
extends:
- .default-retry
- .use-docker-in-docker
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine-ruby-2.6
services:
- docker:19.03.0-dind
tags:
- gitlab-org
- docker
variables:
DOCKER_DRIVER: overlay2
DOCKER_HOST: tcp://docker:2375
GITLAB_EDITION: "ce"
build-qa-image:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment