我确认 GitLab CI 中尚未提供该功能;然而,我最近发现可以实现一种通用的解决方法,在取自私有 Docker 镜像的容器内运行专用 CI 脚本。
模板文件.gitlab-ci.yml
下面是根据OP的示例改编的,使用Docker 中的 Docker http://blog.teracy.com/2017/09/11/how-to-use-docker-in-docker-dind-and-docker-outside-of-docker-dood-for-local-ci-testing/我建议的方法这另一个答案 https://stackoverflow.com/a/59689194/9164010,本身的灵感来自于GitLab CI 文档处理dind https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#container-registry-examples:
stages:
- test
variables:
IMAGE: "0222822883.dkr.ecr.us-east-1.amazonaws.com/api-build:latest"
REGION: "ap-northeast-1"
tests:
stage: test
image: docker:latest
services:
- docker:dind
variables:
# GIT_STRATEGY: none # uncomment if "git clone" is unneeded for this job
before_script:
- ': before_script'
- apt install amazon-ecr-credential-helper
- apk add --no-cache curl jq python py-pip
- pip install awscli
- $(aws ecr get-login --no-include-email --region "$REGION")
- docker pull "$IMAGE"
script:
- ': script'
- |
docker run --rm -v "$PWD:/build" -w /build "$IMAGE" /bin/bash -c "
export PS4='+ \e[33;1m($CI_JOB_NAME @ line \$LINENO) \$\e[0m ' # optional
set -ex
## TODO insert your multi-line shell script here ##
echo \"One comment\" # quotes must be escaped here
: A better comment
echo $PWD # interpolated outside the container
echo \$PWD # interpolated inside the container
bundle install
bundle exec rspec
## (cont'd) ##
"
- ': done'
allow_failure: true # for now as we do not have tests
此示例假设 Docker$IMAGE
包含/bin/bash
二进制,并依赖于所谓的块样式 https://yaml.org/spec/1.2/spec.html#style/block/YAML 的。
上面的模板已经包含注释,但要独立:
[欢迎提供反馈,因为我无法直接测试此配置(我不是 AWS ECR 用户),但我对 OP 的示例同时包含一些内容感到困惑apt
and apk
命令...]
关于陷阱的相关评论set -e
请注意,以下脚本有错误:
set -e
command1 && command2
command3
即,改为写:
set -e
command1 ; command2
command3
or:
set -e
( command1 && command2 )
command3
要确信这一点,您可以尝试运行:
bash -e -c 'false && true; echo $?; echo this should not be run'
→ 1
→ this should not be run
bash -e -c 'false; true; echo $?; echo this should not be run'
bash -e -c '( false && true ); echo $?; echo this should not be run'