Add CI configuration for Kubernetes

Configure Gitlab CI to run on Kubernetes according to the official documentation. https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#docker-in-docker-with-tls-enabled-in-kubernetes These changes are needed because of the CI jobs using Docker-in-Docker (dind). As soon as Docker-in-Docker is replaced with Kaniko, these changes can be reverted. I documented what I did to set up the Kubernetes runner on the wiki: https://wiki.qemu.org/Testing/CI/KubernetesRunners Signed-off-by: Camilla Conte <cconte@redhat.com> Message-Id: <20230407145252.32955-1-cconte@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
qemu · May 19, 2023 · e998c2e · e998c2e
1 parent aa222a8
commit e998c2e
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 8 deletions.
diff --git a/.gitlab-ci.d/container-template.yml b/.gitlab-ci.d/container-template.yml
@@ -1,14 +1,14 @@
 .container_job_template:
   extends: .base_job_template
-  image: docker:stable
+  image: docker:20.10.16
   stage: containers
   services:
-    - docker:dind
+    - docker:20.10.16-dind
   before_script:
     - export TAG="$CI_REGISTRY_IMAGE/qemu/$NAME:latest"
     - export COMMON_TAG="$CI_REGISTRY/qemu-project/qemu/qemu/$NAME:latest"
     - apk add python3
-    - docker info
+    - until docker info; do sleep 1; done
     - docker login $CI_REGISTRY -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD"
   script:
     - echo "TAG:$TAG"

diff --git a/.gitlab-ci.d/default.yml b/.gitlab-ci.d/default.yml
@@ -0,0 +1,3 @@
+default:
+  tags:
+    - $RUNNER_TAG
diff --git a/.gitlab-ci.d/opensbi.yml b/.gitlab-ci.d/opensbi.yml
@@ -42,17 +42,15 @@
 docker-opensbi:
   extends: .opensbi_job_rules
   stage: containers
-  image: docker:stable
+  image: docker:20.10.16
   services:
-    - docker:stable-dind
+    - docker:20.10.16-dind
   variables:
     GIT_DEPTH: 3
     IMAGE_TAG: $CI_REGISTRY_IMAGE:opensbi-cross-build
-    # We don't use TLS
-    DOCKER_HOST: tcp://docker:2375
-    DOCKER_TLS_CERTDIR: ""
   before_script:
     - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    - until docker info; do sleep 1; done
   script:
     - docker pull $IMAGE_TAG || true
     - docker build --cache-from $IMAGE_TAG --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA

diff --git a/.gitlab-ci.d/qemu-project.yml b/.gitlab-ci.d/qemu-project.yml
@@ -1,7 +1,24 @@
 # This file contains the set of jobs run by the QEMU project:
 # https://gitlab.com/qemu-project/qemu/-/pipelines
 
+variables:
+  RUNNER_TAG: ""
+
+workflow:
+  rules:
+    # Set additional variables when running on Kubernetes.
+    # https://wiki.qemu.org/Testing/CI/KubernetesRunners
+    - if: $RUNNER_TAG == "k8s"
+      variables:
+        DOCKER_HOST: tcp://docker:2376
+        DOCKER_TLS_CERTDIR: "/certs"
+        DOCKER_TLS_VERIFY: 1
+        DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client"
+    # Run the pipeline in other cases.
+    - when: always
+
 include:
+  - local: '/.gitlab-ci.d/default.yml'
   - local: '/.gitlab-ci.d/base.yml'
   - local: '/.gitlab-ci.d/stages.yml'
   - local: '/.gitlab-ci.d/opensbi.yml'