This should be a quick guide on how to get the CI/CD pipeline running inside GitLab.
We have a software stack that should be automatically deployed to our production, staging and dev devices as soon as someone pushes a new commit or release. So very similar to the BalenaCloud build server only that this is available for OpenBalena too.
balena deployneeds docker and a running version of
- OpenBalena has custom certificates that need to be integrated
Balena and Docker in Docker
Since dind is only provided on alpine images and the balena-cli can not be installed on alpine we need to find a different way to get this working. Luckily the
gitlab-ci.yml has severices that enable us to deploy services (other containers) around our stage task.
build-container: image: ubuntu:bionic stage: deploy services: - name: docker:dind alias: docker script: - echo "$CRT" > balena.crt - echo "$YML" > ~/.balenarc.yml - apt-get update - apt-get install -y wget unzip # Setup Balena - export NODE_EXTRA_CA_CERTS="$PWD/balena.crt" - export DEBUG=1 - wget https://github.com/balena-io/balena-cli/releases/download/v11.23.0/balena-cli-v11.23.0-linux-x64-standalone.zip -O balena.zip - unzip balena.zip - cp balena-cli/balena ./ - ./balena login --credentials --email $BALENA_EMAIL --password $BALENA_PASSWORD # Setup docker - export DOCKER_HOST=tcp://docker:2375 - apt-get install docker.io -y # Build an deploy image - ./balena deploy .... after_script: - rm balena.crt - rm ~/.balenarc.yml only: - master
Custom certs integrated into the dind container
Since the repository needs custom certs the only way is to integrate them into the dind container, therefore build your own one and replace the docker service with your container.
services: - name: path/to/your/dind:latest alias: docker
Build the container:
ADD balena.crt /usr/local/share/ca-certificates/balena.crt RUN chmod 644 /usr/local/share/ca-certificates/balena.crt && update-ca-certificates ENV DOCKER_TLS_CERTDIR = /certs
I could not finde anything i wanted to put this here, in case some one else is looking for a similar way.
I case i was just to stupid to google it, feel free to poste the link of a guide regarding this challenges in the comment.