Commit 0b14ed8e authored by Lucas Charles's avatar Lucas Charles

Tag all CI jobs requiring docker-in-docker

Adds the appropriate `docker` tag to all CI jobs requiring
docker-in-docker, to ensure they are picked up by privileged runners
parent be62d061
...@@ -12,7 +12,9 @@ stages: ...@@ -12,7 +12,9 @@ stages:
- post-qa - post-qa
- pages - pages
# always use `gitlab-org` runners # always use `gitlab-org` runners, however
# in cases where jobs require Docker-in-Docker, the job
# definition must be extended with `.use-docker-in-docker`
default: default:
tags: tags:
- gitlab-org - gitlab-org
...@@ -49,6 +51,7 @@ variables: ...@@ -49,6 +51,7 @@ variables:
BUILD_ASSETS_IMAGE: "false" BUILD_ASSETS_IMAGE: "false"
ES_JAVA_OPTS: "-Xms256m -Xmx256m" ES_JAVA_OPTS: "-Xms256m -Xmx256m"
ELASTIC_URL: "http://elastic:changeme@elasticsearch:9200" ELASTIC_URL: "http://elastic:changeme@elasticsearch:9200"
DOCKER_VERSION: "19.03.0"
include: include:
- local: .gitlab/ci/cache-repo.gitlab-ci.yml - local: .gitlab/ci/cache-repo.gitlab-ci.yml
......
...@@ -15,10 +15,9 @@ ...@@ -15,10 +15,9 @@
- .default-retry - .default-retry
- .default-before_script - .default-before_script
- .assets-compile-cache - .assets-compile-cache
- .use-docker-in-docker
image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-git-2.26-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-graphicsmagick-1.3.34-docker-19.03.1 image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-git-2.26-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-graphicsmagick-1.3.34-docker-19.03.1
stage: prepare stage: prepare
services:
- docker:19.03.0-dind
variables: variables:
NODE_ENV: "production" NODE_ENV: "production"
RAILS_ENV: "production" RAILS_ENV: "production"
...@@ -27,8 +26,6 @@ ...@@ -27,8 +26,6 @@
WEBPACK_REPORT: "true" WEBPACK_REPORT: "true"
# we override the max_old_space_size to prevent OOM errors # we override the max_old_space_size to prevent OOM errors
NODE_OPTIONS: --max_old_space_size=3584 NODE_OPTIONS: --max_old_space_size=3584
DOCKER_DRIVER: overlay2
DOCKER_HOST: tcp://docker:2375
cache: cache:
key: "assets-compile:production:v1" key: "assets-compile:production:v1"
artifacts: artifacts:
...@@ -53,9 +50,6 @@ ...@@ -53,9 +50,6 @@
- time scripts/build_assets_image - time scripts/build_assets_image
- scripts/clean-old-cached-assets - scripts/clean-old-cached-assets
- rm -f /etc/apt/sources.list.d/google*.list # We don't need to update Chrome here - rm -f /etc/apt/sources.list.d/google*.list # We don't need to update Chrome here
tags:
- gitlab-org
- docker
gitlab:assets:compile pull-push-cache: gitlab:assets:compile pull-push-cache:
extends: extends:
......
...@@ -101,3 +101,15 @@ ...@@ -101,3 +101,15 @@
.as-if-foss: .as-if-foss:
variables: variables:
FOSS_ONLY: '1' FOSS_ONLY: '1'
.use-docker-in-docker:
image: docker:${DOCKER_VERSION}
services:
- docker:${DOCKER_VERSION}-dind
variables:
DOCKER_DRIVER: overlay2
DOCKER_HOST: tcp://docker:2375
DOCKER_TLS_CERTDIR: ""
tags:
# See https://gitlab.com/gitlab-com/www-gitlab-com/-/issues/7019 for tag descriptions
- gitlab-org-docker
...@@ -11,15 +11,14 @@ code_quality: ...@@ -11,15 +11,14 @@ code_quality:
extends: extends:
- .default-retry - .default-retry
- .reports:rules:code_quality - .reports:rules:code_quality
- .use-docker-in-docker
stage: test stage: test
needs: [] needs: []
image: docker:stable
allow_failure: true allow_failure: true
services:
- docker:stable-dind
variables: variables:
DOCKER_DRIVER: overlay2 # emptying DOCKER_HOST so it can be detected properly on kubernetes executor
DOCKER_TLS_CERTDIR: "" # with the script below
DOCKER_HOST: ""
CODE_QUALITY_IMAGE: "registry.gitlab.com/gitlab-org/ci-cd/codequality:0.85.9" CODE_QUALITY_IMAGE: "registry.gitlab.com/gitlab-org/ci-cd/codequality:0.85.9"
script: script:
- | - |
...@@ -50,6 +49,7 @@ sast: ...@@ -50,6 +49,7 @@ sast:
extends: extends:
- .default-retry - .default-retry
- .reports:rules:sast - .reports:rules:sast
- .use-docker-in-docker
stage: test stage: test
allow_failure: true allow_failure: true
needs: [] needs: []
...@@ -59,14 +59,12 @@ sast: ...@@ -59,14 +59,12 @@ sast:
reports: reports:
sast: gl-sast-report.json sast: gl-sast-report.json
expire_in: 1 week # GitLab-specific expire_in: 1 week # GitLab-specific
image: docker:stable
variables: variables:
DOCKER_DRIVER: overlay2 # emptying DOCKER_HOST so it can be detected properly on kubernetes executor
DOCKER_TLS_CERTDIR: "" # with the script below
DOCKER_HOST: ""
SAST_BRAKEMAN_LEVEL: 2 # GitLab-specific SAST_BRAKEMAN_LEVEL: 2 # GitLab-specific
SAST_EXCLUDED_PATHS: qa,spec,doc,ee/spec # GitLab-specific SAST_EXCLUDED_PATHS: qa,spec,doc,ee/spec # GitLab-specific
services:
- docker:stable-dind
script: script:
- export SAST_VERSION=${SP_VERSION:-$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')} - export SAST_VERSION=${SP_VERSION:-$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')}
- | - |
...@@ -89,16 +87,15 @@ dependency_scanning: ...@@ -89,16 +87,15 @@ dependency_scanning:
extends: extends:
- .default-retry - .default-retry
- .reports:rules:dependency_scanning - .reports:rules:dependency_scanning
- .use-docker-in-docker
stage: test stage: test
needs: [] needs: []
image: docker:stable
variables: variables:
DOCKER_DRIVER: overlay2 # emptying DOCKER_HOST so it can be detected properly on kubernetes executor
DOCKER_TLS_CERTDIR: "" # with the script below
DOCKER_HOST: ""
DS_EXCLUDED_PATHS: "qa/qa/ee/fixtures/secure_premade_reports,spec,ee/spec" # GitLab-specific DS_EXCLUDED_PATHS: "qa/qa/ee/fixtures/secure_premade_reports,spec,ee/spec" # GitLab-specific
allow_failure: true allow_failure: true
services:
- docker:stable-dind
script: script:
- export DS_VERSION=${SP_VERSION:-$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')} - export DS_VERSION=${SP_VERSION:-$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')}
- | - |
......
.review-docker: .review-docker:
extends: extends:
- .default-retry - .default-retry
- .use-docker-in-docker
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine-ruby-2.6 image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine-ruby-2.6
services:
- docker:19.03.0-dind
tags:
- gitlab-org
- docker
variables: variables:
DOCKER_DRIVER: overlay2
DOCKER_HOST: tcp://docker:2375
GITLAB_EDITION: "ce" GITLAB_EDITION: "ce"
build-qa-image: build-qa-image:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment