ci-boilerplate

[DEPRECATED] A boilerplate template for specifying a docker image using the makefile build approach. GitHub

Boilerplate for Docker Repository

Summary

A boilerplate template for specifying a docker image using the makefile build approach. The project icon is from cre.ativo mustard, HK from the Noun Project

This model of creating docker image has been deprecated.

Components

Metadata Arguments

Metadata build arguments used with the Label Schema Convention.

Variable Value Description
BUILD_DATE see metadata.variable The Date/Time the image was built.
VERSION see metadata.variable Release identifier for the contents of the image.
VCS_REF see metadata.variable Identifier for the version of the source code from which this image was built.

Build Arguments

Build arguments used in the image.

Variable Value Description
USER see Makefile.options Sets the user to use when running the image.
DUID see user.variable The user id of the docker user.
DGID see user.variable The group id of the docker user’s group.

Volumes

No volumes are exposed by the docker container. However, while running the image with limited permissions (baseimage), it is necessary to ensure that the docker user has permission to access mounted volumes. You will need to ensure that the docker user can read/write to the mounted volumes. (see User / Group Identifiers)

The working directory of the image is /media/.

Build Process

To build the docker image, use the included Makefile. It is recommended to use the makefile to ensure all build arguments are provided.

make VERSION=<version> build

You can view the build/README.md for more on using the Makefile to build the image.

Labels

The docker image follows the Label Schema Convention. Label Schema is a community project to provide a shared namespace for use by multiple tools, specifically org.label-schema. The values in the namespace can be accessed by the following command:

docker inspect -f '{{ index .Config.Labels "org.label-schema.<LABEL>" }}' [IMAGE]

Label Extension

The label namespace org.doc-schema is an extension of org.label-schema. The namespace stores internal variables often used when interacting with the image. These variables will often be application versions or exposed internal variables. The values in the namespace can be accessed by the following command:

docker inspect -f '{{ index .Config.Labels "org.doc-schema.<LABEL>" }}' [IMAGE]

User and Group Mapping

All processes within the baseimage docker container will be run as the docker user, a non-root user. The docker user is created on build with the user id DUID and a member of a group with group id DGID.

Any permissions on the host operating system (OS) associated with either the user (DUID) or group (DGID) will be associated with the docker user. The values of DUID and DGID are visible in the Build Arguments, and can be accessed by the commands:

docker inspect -f '{{ index .Config.Labels "org.doc-schema.user" }}' [IMAGE]
docker inspect -f '{{ index .Config.Labels "org.doc-schema.group" }}' [IMAGE]

The notation of the build variables is short form for docker user id (DUID) and docker group id (DGID).

Acknowledgements

The project icon is retrieved from the Noun Project. The original source material has been altered for the purposes of the project. The icon is used under the terms of the Creative Commons By 3.0.

The project icon is by cre.ativo mustard from the Noun Project.