I have a number of projects that use a docker-compose.yml to setup an app + db service. I can build them with docker compose build or podman-compose build just fine. I have my gitlab-ci setup using fedora:latest as the base and podman-compose to build the container so I don’t need dind. Privileged runners are not an option due to security concerns, so I will not be using dind.
My goal currently it to have a build stage the builds the container (with it’s 2+ images) and pushes it to the GitLab project container registry. Then a test stage that uses the container to run tests. In practice I’ll have many jobs in the test stage for different things, but to keep it simple right now just one.
I’m currently able to build the container, podman-compose push executes without error, but nothing appears in the container registry. The test job attempts to pull it and errors out.
The documentation on avoiding dind references buildah and kaniko but kaniko for sure doesn’t support docker-compose and buildah I couldn’t find an example.
.gitlab-ci.yml
build:
stage: build
image: fedora:latest
tags:
- docker
before_script:
- yum -y install podman podman-compose
- podman login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
script:
- podman-compose build
- podman-compose push $CI_REGISTRY_IMAGE/$CI_COMMIT_SHORT_SHA
test:
stage: test
image: $CI_REGISTRY_IMAGE/$CI_COMMIT_SHORT_SHA
variables:
RAILS_ENV: test
tags:
- docker
before_script:
- cd /app
- bundle exec rails db:drop db:create db:schema:load
script:
- bundle exec rails test
build output (intesting parts):
$ podman login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
Login Succeeded!
$ podman-compose build
podman-compose version: 1.0.6
['podman', '--version', '']
using podman version: 4.5.0
podman build -f ./Dockerfile -t docker.io/ruby:3.2.2 .
STEP 1/10: FROM docker.io/ruby:3.2.2
Trying to pull docker.io/library/ruby:3.2.2...
Getting image source signatures
Copying blob sha256:dcf5010fd812b13dc34d7d69ce3c12a142728204d4cb6f48f1b156b7b4278fed
...
COMMIT docker.io/ruby:3.2.2
--> 80bbb61098ec
Successfully tagged docker.io/library/ruby:3.2.2
80bbb61098ec700587d02975fb7647811b87af5b4f5f0f99aeafceedf18cd9c4
exit code: 0
$ podman-compose push $CI_REGISTRY_IMAGE/$CI_COMMIT_SHORT_SHA
podman-compose version: 1.0.6
['podman', '--version', '']
using podman version: 4.5.0
Cleaning up project directory and file based variables
00:01
Job succeeded
test output:
Running with gitlab-runner 15.8.3 (080abeab)
on gitlab-aws-autoscaler 560fb87c, system ID: s_c41a39b95300
Resolving secrets
00:00
Preparing the "docker+machine" executor
00:02
Using Docker executor with image registry.doit.wisc.edu/smph/smph-it/appdev/deploy-test/cf11d408 ...
Authenticating with credentials from job payload (GitLab Registry)
Pulling docker image registry.doit.wisc.edu/smph/smph-it/appdev/deploy-test/cf11d408 ...
WARNING: Failed to pull image with policy "always": Error response from daemon: manifest for registry.doit.wisc.edu/smph/smph-it/appdev/deploy-test/cf11d408:latest not found: manifest unknown: manifest unknown (manager.go:237:0s)
ERROR: Job failed: failed to pull image "registry.doit.wisc.edu/smph/smph-it/appdev/deploy-test/cf11d408" with specified policies [always]: Error response from daemon: manifest for registry.doit.wisc.edu/smph/smph-it/appdev/deploy-test/cf11d408:latest not found: manifest unknown: manifest unknown (manager.go:237:0s)