This repository is a collection of Docker images we use internally for continuous integration/delivery pipelines.
Daily builds are run against these images and automatically sent to our DockerHub repository at:
https://hub.docker.com/r/govtechsg/cicd-images
- Alpine Linux (
alpine) - Ansible (
ansible) - Amazon Web Services CLI (
awscli) - Cypress (
cypress) - Docker-in-Docker (
dind) - Google Kubernetes Engine CLI (
gkecli) - Karma Test Runner (
karma) - Kubernetes Client (
kubectl) - Trinity (
awscli+docker+kubectl) - Node.js (
node) - Robot Selenium (
robot-selenium) - Robot Selenium Generic Image (
chrome-oracle-py) - Version Tagging Scripts (
vtscripts)
The images are found in the DockerHub registry, and the names of the different types of images are added as a tag. For example given a type of image called xyz, it will be available under the repository URL govtechsg/cicd-images:xyz-latest. Specific versions can be found in the DockerHub Tags page
All images will contain some tools essential for most operations that will happen in a continuous integration/delivery pipeline. These tools are:
bashcurljqvimgit
Canonical Tag: alpine-<ALPINE_VERSION>
Latest URL: govtechsg/cicd-images:alpine-latest
We use Alpine for our production deployments, only makes sense to run stuff in Alpine. This image contains common tools in pipelines and should serve most general needs. If you need more pacakges, feel free to submit a pull request with the required APK packages.
Canonical Tag: ansible-<ANSIBLE_VERSION>
Latest URL: govtechsg/cicd-images:ansible-latest
This image also contains Ansible-lint and Boto3 so you can lint your Ansible playbooks and use Ansible playbooks to automate stuff on AWS respectively
Canonical Tag: awscli-<AWS_CLI_VERSION>
Latest URL: govtechsg/cicd-images:awscli-latest
Set the following environment variables to your AWS credentials to allow the AWS CLI tool to connect.
AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
AWS_DEFAULT_REGIONCanonical Tag: cypress-<REPO_VERSION>
Latest URL: govtechsg/cicd-images:cypress-latest
Canonical Tag: dephash-<REPO_VERSION>
Latest URL: govtechsg/cicd-images:dephash-latest
See https://github.com/govtechsg/version-tagging-scripts for more information on using this. Commands are symbolic linked to the system variable directory so you can use the following commands:
dephash ./path/to/file --npmdephash ./path/to/file --npm --proddephash ./path/to/file --npm --devdephash ./path/to/file --yarn
Canonical Tag: dind-<DOCKER_VERSION>
Latest URL: govtechsg/cicd-images:dind-latest
You will need to configure this image so that the host file at path /var/run/docker.sock is mapped to the /var/run/docker.sock in the container.
- https://jpetazzo.github.io/2015/09/03/do-not-use-docker-in-docker-for-ci/
- https://www.develves.net/blogs/asd/2016-05-27-alternative-to-docker-in-docker/
- https://getintodevops.com/blog/the-simple-way-to-run-docker-in-docker-for-ci
Canonical Tag: gkecli-<GOOGLE_SDK_VERSION>
Latest URL: govtechsg/cicd-images:gkecli-latest
An additional child image, or a script should be added to this to set Google credentials and retrieve the Kubernetes configurations.
Canonical Tag: karma-<CHROMIUM_VERSION>
Latest URL: govtechsg/cicd-images:karma-latest
Karma is not included in the karma image, this image only provides the base for it to run ChromeHeadless. Remember to include the --no-sandbox flag in the Karma configuration.
Canonical Tag: kubectl-<KUBECTL_VERSION>
Latest URL: govtechsg/cicd-images:kubectl-latest
For use when there's a deployment to a Kubernetes deployment.
Canonical Tag: node-<NODE_VERSION>
Latest URL: govtechsg/cicd-images:node<NODE_MAJOR_VERSION>-latest
All LTS versions of Node, and the latest major version (LTS or otherwise) are builit.
Latest URL: govtechsg/cicd-images:robot-selenium-latest
Canonical Tag: chrome-oracle-py<PYTHON_VERSION>
Latest URL: govtechsg/cicd-images:chrome-oracle-py<PYTHON_VERSION>-latest
Python Versions:
- 2.7
- 3.6
- 3.7
Current Oracle Version: 12.1.0.2.0
- Versions available are listed here. The downloaded python image version will be as follows: python:${PYTHON_VERSION}-slim-stretch
- For use as a base image for robot regression frameworks.
- pip freeze > requirements.txt in regression project folder
- Add this instruction to your regression Dockerfile
Or just just mount requirements.txt to container and include
COPY requirements.txt ./ RUN pip install -r requirements.txtpip install -r requirements.txtin your entrypoint.
Canonical Tag: trinity-<AWS_CLI_VERSION>-<DOCKER_VERSION>-<KUBECT_VERSION>
Latest URL: govtechsg/cicd-images:trinity-latest
Canonical Tag: vtscripts-<VTSCRIPTS>
Latest URL: govtechsg/cicd-images:vtscripts-latest
See https://github.com/govtechsg/version-tagging-scripts for more information on using this. Commands are symbolic linked to the system variable directory so you can use the following commands:
init -qget-branch -qget-latest -qget-next -qiterate -q
Images specified here can be uploaded to other repositories if you so wish. The commands are:
The build script creates the build for the specified image:
DH_REPO=__URL_TO_REPO__
IMAGE_NAME=__DIRECTORY_NAME__
./.scripts/.build.sh "${DH_REPO}" "${IMAGE_NAME}"An example to upload to a DockerHub at yourusername/yourimage:dind-latest:
DH_REPO="yourusername/yourimage"
IMAGE_NAME="dind"
./.scripts/.build.sh "${DH_REPO}" "${IMAGE_NAME}"The publish script in each directory sends your built image to DockerHub and relies on the ./.scripts/.build.sh script being run prior to it. The general format of usage:
DH_REPO=__URL_TO_REPO__
IMAGE_NAME=__DIRECTORY_NAME__
./${IMAGE_NAME}/.publish.sh "${DH_REPO}:${IMAGE_NAME}"A corresponding example to upload to a DockerHub repository at yourusername/yourimage:dind-latest:
DH_REPO="yourusername/yourimage"
IMAGE_NAME="dind"
./${IMAGE_NAME}/.publish.sh "${DH_REPO}:${IMAGE_NAME}"Each directory and type of image has its own publish script because of the different ways they are versioned.