JetBrains Space Help

Docker

Prerequisites

  • A Dockerfile that defines the Docker image is stored in the project sources.

Eligible images

  • Not required. A docker step runs in a special custom image.

We suppose three main CI/CD scenarios for Docker:

Space Automation DSL provides a special docker keyword that simplifies working with Docker builds.

Build and publish a Docker image

For example, the job below first builds and then publishes the image defined in the Dockerfile located in the project's docker directory.

job("Build and push Docker") { docker { build { context = "docker" file = "./docker/Dockerfile" args["HTTP_PROXY"] = "http://10.20.30.2:1234" labels["vendor"] = "mycompany" } push("mycompany.registry.jetbrains.space/p/projectkey/mydocker/myimage") { // use current job run number as a tag - '0.0.run_number' tags("0.0.\$JB_SPACE_EXECUTION_NUMBER") // see [[[example|https://www.jetbrains.com/help/space/automation-environment-variables.html#example]]] on how to use branch name in a tag } } }
  • docker: is a special step used to build and publish Docker images. In fact, it's a special type of container with Docker on board.

  • build: runs the docker build command with the following arguments

  • push: runs the docker push command with the following arguments

    • "mycompany.registry.jetbrains.space/mydocker/myimage": image name including the repository URL. Note that to be able to push to a Space Packages Container registry, your script doesn't require authentication.

    • tags: specifies the image tags.

Create an image dependency, build, and publish a Docker image

Quite often, you may need to first generate some artifact (say, a .jar file) and then put it into an image. Such cases require running two steps: The first generates the artifact and the second one runs docker build and docker push.

job("Build and push Docker") { container(displayName = "Run gradle build", image = "openjdk") { shellScript { content = """ ./gradlew build cp -r build $mountDir/share """ } } docker { resources { cpu = 1.cpu memory = 2000.mb } beforeBuildScript { content = "cp -r $mountDir/share docker" } build { context = "docker" } push("mycompany.registry.jetbrains.space/mydocker/myimage") { tags("0.\$JB_SPACE_EXECUTION_NUMBER", "lts") } } }
  • The container step uses gradlew build to generate some artifacts and put them to the file share.

  • In the docker step:

    • resources specifies system resources as in a regular container.

    • beforeBuildScript is a sub-step that runs before build. Here we use beforeBuildScript to copy the Gradle output from the file share to the context directory.

    • build and push build and push the image correspondingly.

Publish a Docker image to Docker Hub

To publish an image to an external repository that requires authentication (e.g., Docker Hub), you should first save authentication credentials to the Docker configuration file. You can do this in the beforeBuildScript block.

  1. In Docker Hub, create an access token with the Write permission. Save the created token to a safe location.

    Docker Hub token
  2. In Space, create two secrets:

    • dockerhub_user: your Docker Hub username.

    • dockerhub_token: the Docker Hub token you've created in step 1.

  3. Edit the project's .space.kts:

    job("Publish to Docker Hub") { docker("Docker build and push") { // get auth data from secrets and put it to env vars env["DOCKERHUB_USER"] = Secrets("dockerhub_user") env["DOCKERHUB_TOKEN"] = Secrets("dockerhub_token") // put auth data to Docker config beforeBuildScript { content = """ B64_AUTH=${'$'}(echo -n ${'$'}DOCKERHUB_USER:${'$'}DOCKERHUB_TOKEN | base64) echo "{\"auths\":{\"https://index.docker.io/v1/\":{\"auth\":\"${'$'}B64_AUTH\"}}}" > ${'$'}DOCKER_CONFIG/config.json """ } build { labels["vendor"] = "mycompany" } //in push, specify repo_name/image_name push("myrepo/hello-from-space") { tags("1.0.\$JB_SPACE_EXECUTION_NUMBER") } } }
Last modified: 10 September 2021