I have a pipeline that:
- Builds a Docker image upon commit on
main. - Pushes the built Docker image to AWS ECR upon manual tag creation.
stages:
- build_qa
- push_qa
workflow:
rules:
- if: $CI_COMMIT_TAG
- if: $CI_COMMIT_BRANCH == "main"
build qa:
stage: build_qa
image:
name: amazon/aws-cli
entrypoint: [""]
rules:
- if: $CI_COMMIT_BRANCH == "main"
services:
- docker:dind
before_script:
- amazon-linux-extras install docker
- aws --version
- docker --version
- export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID_QA
- export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY_QA
- aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin $DOCKER_REGISTRY_QA
script:
- docker build -t $IMAGE_TAG_QA .
# tars the image and exports it to the artifact folder:
- mkdir image
- docker save $IMAGE_TAG_QA > image/qa_latest.tar
artifacts:
paths:
- image
push to qa:
dependencies:
- build qa
stage: push_qa
image:
name: amazon/aws-cli
entrypoint: [""]
rules:
- if: $CI_COMMIT_TAG != null
services:
- docker:dind
before_script:
- amazon-linux-extras install docker
- aws --version
- docker --version
- export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID_QA
- export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY_QA
- aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin $DOCKER_REGISTRY_QA
script:
# loads image from artifcact
- docker load -i image/qa_latest.tar
# creates a new image tag based on the created tag:
- export NEW_IMAGE_TAG_QA="$DOCKER_REGISTRY_QA/$APP_NAME:$CI_COMMIT_TAG"
# retags the image to the created tag:
- docker tag $IMAGE_TAG_QA $NEW_IMAGE_TAG_QA
- docker push $NEW_IMAGE_TAG_QA
I learned that the push to qa job is launched on another pipeline when I create a new tag, separate from the one where build qa was executed upon a new commit. So I get the following error:
$ docker load -i image/qa_latest.tar
open image/qa_latest.tar: no such file or directory
It isn’t able to access the artifact from the build stage. Does GitLab offer a free solution for this?