If you’re using GitLab CI to build your software, you might also want to use it to build Docker images of your application.This can be a little tricky, because by default GitLab CI runs jobs inside Docker containers.
The standard technique for getting around this problem is using Docker-in-Docker, but you can also use a simpler technique by using Podman, the reimplemented version of Docker.Let’s see why and how.
Option #1: Docker-in-Docker
When you run the docker command-line tool, it is actually not doing much work itself.Instead, it talks to dockerd, a daemon or server typically running on the same machine where you’re running the CLI.The actual work of running a container or building an image is done by dockerd.
Jan 19, 2019 Writing a deploy script with Python and fabric. Jan 19, 2019 3 min read. Some weeks ago I tried to set up a continuous deployment pipeline for a python project with Gitlab CI and I. Using Python and Rust together. In his presentation at GitLab Commit London, Mario demonstrated how he managed to build a Firebase web application in Rust using Python, and deploy it using GitLab CI so fellow GitLab users can try to replicate his process, or get some input if they're also having difficulties.
When you want to run docker inside GitLab CI, you face the issue that GitLab CI jobs typically run as Docker containers.So you can’t just rely on a normal dockerd being available as you would, for example, in a virtual machine.
Gitlab Ci Run Python Script Online
To help with this scenario, there’s a Docker image that runs dockerd for you: docker:dind.Once that is running, you can point docker at that running daemon and issue commands like docker build.
In the context of GitLab CI, your jobs can run services, which are also Docker containers.So we can configure .gitlab-ci.yml to run docker:dind as a service in a job:
In this case, the service is given the hostname alias dockerdaemon.You also need to tell the docker CLI how to find the server, which you can do via an environment variable DOCKER_HOST, as well as set a couple of other variables that make it work, and work faster:
A full configuration that builds an image and pushes it to the GitLab image registry corresponding to the GitLab CI repository looks like this:
For more details see the relevant GitLab CI documentation.
A working example
I’ve set up an example repository that contains this configuration.Here’s what the Dockerfile looks like:
Like most GitLab repositories, it has a corresponding Docker image registry, and you can run the image built by the above configuration like so:
Note: Outside the very specific topic under discussion, the Dockerfiles in this article are not examples of best practices, since the added complexity would obscure the main point of the article.
To ensure you’re following all the best practices you need to have a secure, correct, fast Dockerfiles, check out the Python on Docker Production Handbook.
Option #2: Podman
Podman is a reimplemented version of Docker from RedHat.It supports the same command-line options, but has a fundamentally different architecture: unlike Docker, there is no daemon by default.The CLI does all the work itself.
That means we can do a much simpler GitLab CI config, without the service running the daemon:
Notice all we had to do was change the docker command-line to do podman instead; they basically accept the same options.
A working example
The same example repository is also configured to use Podman.Again, you can run the resulting image:
Docker-in-Docker (DinD) vs Podman
Which of these two should you choose?DinD gives you access to BuildKit, which has some useful features and performance improvements; Podman does not support all of them yet, though it does support build secrets.
On the other hand, running the DinD daemon adds some overhead, since another image has to be downloaded; the DinD build adds another 20 seconds of fixed overhead in my test.For less trivial builds this overhead probably will be overwhelmed by other factors.
.gitlab-ci.yml Run Python Script
If you don’t care about BuildKit’s additional features, using Podman is just a little bit simpler while offering the same user experience.Finally, you could look into Buildah, which is how podman build is implemented: it’s a tool specifically focused only on building images.
Gitlab ships with its own free CICD which works pretty well. This post will give you an example of the CICD file .gitlab-ci.yml for a Python project running on Gitlab Windows runner.
The official doc on how to use coverage is not very clear.
My coverage tool’s output (from pytest --cov=) is something like :
In my example .gitlab-ci.yml, the coverage is configured as:
This regex will find the coverage which is at 81%.
Be aware that:
- The coverage only use regular expression to find the coverage percentage from coverage tool’s output.
- The regular expression must be surrounded by single quote
', double quote is not allowed. - Inside the single quotes, must be surrounded by
/. - You can use http://rubular.com to test your regex.
- The overage regex returns the last catch group value from the output. Even if it is not in the last line, or if the regex catches more than one values among all the lines.
.gitlab-ci.yml file content
I cloned the project flask_log_request_id and try to run CICD over it.
I’m still working on this CICD .gitlab-ci.yml file, the example given here will be updated as long as I add new things inside.