Extending Gitlab CI

Andrew Bartlett abartlet at samba.org
Wed Dec 19 17:53:42 UTC 2018 

On Wed, 2018-12-19 at 09:39 +0100, Andreas Schneider wrote:
> On Thursday, December 13, 2018 6:59:15 PM CET Andrew Bartlett via
> samba-
> technical wrote:
> > 
> > On Thu, 2018-12-13 at 14:31 +0100, Andreas Schneider via samba-
> > 
> > technical wrote:
> > > 
> > > Hi,
> > > 
> > > I've created a gitlab ci runner with Fedora [1] to do at least
> > > basic MIT
> > > Kerberos testing [2]!
> > Great!
> > 
> > > 
> > > I would like to have that in team repo we use for development.
> > So would I!
> > 
> > > 
> > > The gitlib ci runner images are build using the
> > > samba-gitlabci-build-images
> > > [3] project to create the docker images. All you have to do is to
> > > push
> > > your
> > > changes and a pipleline will be started to build a new image and
> > > push it.
> > Interesting.  I was talking with Joe around the office about how to
> > get
> > the current docker image stuff into somewhere more common.
> > 
> > I'll write more thoughts when in the office.
> Setting up that project is the first step to move forward ...
> 

Sorry for the lack of reply. 

This is my vision for how this should work:

* the master package list for a given Samba commit should be in-tree.  
* Docker containers are then produced from those lists
* Those containers are pushed to a public registry (the one on
gitlab.com/samba-team)
* The .gitlab-ci.yml file references those container images by an
immutable reference, the hash:
https://medium.com/@tariq.m.islam/container-deployments-a-lesson-in-deterministic-ops-a4a467b14a03

This way, we gain a pretty strong link between the package list in
master (and from here on, any commit and any release), the docker image
it was tested with, across multiple platforms and the developer
responsible (due to the .gitlab-ci.yml edit). 

We can then finally resolve the constant wiki edit churn on 
https://wiki.samba.org/index.php/Package_Dependencies_Required_to_Build_Samba
because we can point at the CI tested list in each release tag.
 (Currently well-meaning users try and fix it manually, breaking a
different Ubuntu or Debian release).

Joe is working on this here for the next few days:  
https://gitlab.com/catalyst-samba/samba/commits/platforms

Once implemented, we can then decide if we want to do the docker push
from a CI pipeline (from the main git tree but a different repo, using
a different .gitlab-ci.yml file) or with the individual developer's
credentials from their workstation. 

Sorry if this is a slightly longer pipeline (pardon the pun) than you
imagined, but I think it will be worth it.  

How does this sound?

Andrew Bartlett
-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba-technical mailing list