Lets break down this CI file.
Building docker images requires our Docker runner, as we will need to have access to the Docker socket to be able to use the Docker-In-Docker – dind – service. Setting the docker tag on this task ensures the runner will only pick up jobs with matching tags.
We have 2 stages, building and publishing. There is a publishMaster, and a publish task, both under the publish stage, along with a build and buildMaster in the build stage. These tasks run based on the branch the task has been called from. This allows us to keep a master release, as well as keeping a regularly updated latest tag.
When not on the master branch, we use –no-cache and –pull to ensure we are pulling the latest base images and wiping our cached build layers. This ensures we are always building a clean image from scratch.
The various $CI variables are provided by the GitLab CI environment, you can find out more about those here.
After the image is built, we package the image into a tarball and pass it as an archive to the next stage of the process.
During this publishing phase, we initially need to authenticate with our Docker registry. If you are using DockerHub, remove the url as DockerHub is the default registry. In the case of this project, I have added the $CI_REGISTRY_USER and $CI_REGISTRY_PASS as variables to the project under Project > Settings > CI/CD > Variables. This allows me to keep these values hidden while still be able to use them in public facing areas of the project.
Once logged in, we simply load the image from the artifact, and push it to the registry as normal.
Below you can see a screenshot of the registry page from one of my other projects. You can check out the pipeline and jobs as well. Take a look! open-source/docker-projects/gitlab-ci-android