You want to have docker tags that match your git branches? Here is how to do it with Gitlab CI.

A lot of my projects have a CI pipeline that builds a docker image. Of course I do not want to always deploy the :latest tag, because that makes reproducibility and rollbacks hard.

I always push to :latest. Also I want to reference by:

  • tags/branches
  • commit hash

For this repo (the blog) it looks like this with Gitlab CI:

build:
  stage: build
  image: docker
  script:
  - docker build -t dcr.niels-ole.com/nielsole/niels-ole.com .
  - docker login --password $DCR_PASS --username $DCR_USER dcr.niels-ole.com
  - docker tag dcr.niels-ole.com/nielsole/niels-ole.com dcr.niels-ole.com/nielsole/niels-ole.com:${CI_COMMIT_SHA}
  - docker tag dcr.niels-ole.com/nielsole/niels-ole.com dcr.niels-ole.com/nielsole/niels-ole.com:${CI_COMMIT_REF_SLUG}
  - docker tag dcr.niels-ole.com/nielsole/niels-ole.com dcr.niels-ole.com/nielsole/niels-ole.com:latest
  - docker push dcr.niels-ole.com/nielsole/niels-ole.com:latest
  - docker push dcr.niels-ole.com/nielsole/niels-ole.com:${CI_COMMIT_SHA}
  - docker push dcr.niels-ole.com/nielsole/niels-ole.com:${CI_COMMIT_REF_SLUG}

Since the docker image is always the same(it is only built once) this almost uses no additional disk space.

Kubernetes

A nice gimmick with Kubernetes is that I can immediately set the new image after pushing the new code, while the image is still being built. Kubernetes will retry pulling the image until it’s ready and only then tear down old pods.