Draft: gitlab CI: switch to using ci-templates

ci-templates encourages building specific containers that can be re-used:

  • containers are re-used across pipelines, producing consistent results
  • containers are re-used by contributors since they will use the upstream containers for their MR, thus guaranteeing the same results.

Containers are automatically rebuild whenever the respective FDO_DISTRIBUTION_TAG changes. This is particularly interesting now that Docker Hub will introduce pull limits.

This CI script consists of a config file and a jinja2 template, simply running 'ci-fairy generate-template' produces the .gitlab-ci.yml. ci-fairy is part of the freedesktop.org ci-templates and can be pip installed, see the check-ci-script job.

Functional changes to the previous script:

  • new job: check-ci-script, verifies that our gitlab-ci.yml is the one generated by the sources
  • Dropped distributions:
    • Fedora 28, 29, 30
    • Ubuntu 16.04
    • Centos 7.5, 7.6
  • Added distributions:
    • Fedora 33
  • The actual work is now down by a set of scripts in .gitlab-ci/, specifically:
    • .gitlab-ci/build.sh is the previous do_build job
    • .gitlab-ci/{fedora|debian}-install.sh are the previous {fedora|debian}_install jobs symlinks are in place for centos and ubuntu

Why the scripts instead of steps in the CI? Easer to reading and reproduce. With the containers being static, it's easy to pull one locally and re-run the CI job to reproduce an issue. Having everything in a single script makes that trivial.



  • actually run all jobs, I ran a random-ish subset so far but all the images etc. aren't free
  • re-add any distros dropped where need be
  • arguably the container-build jobs shouldn't be manual so we have a container to rely on when you want to run a specific job
    • update: it's manual but the build job itself isn't, so triggering the container job will run the build job automatically
  • arguably jobs on current distributions should run automatically, but that's not my decision to make
  • the golang:alpine jobs will run into the docker limits as well, see freedesktop/ci-templates#17 (closed) for a potential solution
Edited by Peter Hutterer

Merge request reports