.gitlab-ci.yml: Share certs with inner container. (!237) · Merge requests · GNOME / pitivi

Brady Garvin requested to merge brady.j.garvin/pitivi:ci_with_tls into master Jan 19, 2020

Recent commits to Pitivi have been failing CI because GitLab is unable to establish a connection with TLS to the inner Docker instances in Pitivi's Docker-in-Docker (dind) setup.

As described at https://hub.docker.com/_/docker#tls, TLS certificates can be shared from the outer Docker instance to the inner instance to ensure that the same certificates are used by both instances. The process involves sharing the certificate folder (-v ${DOCKER_TLS_CERTDIR}:${DOCKER_TLS_CERTDIR}:ro) and setting an environment variable to indicate where that shared folder is (-e DOCKER_TLS_CERTDIR=${DOCKER_TLS_CERTDIR}).

As recommended by GitLab, this commit also specifies a version for the dind service, so that developers can control when upgrades occur, and similar changes to dind will not disrupt CI at inopportune times.

Note that CI still fails because registry.gitlab.gnome.org/gnome/pitivi:master-sdk_3.34 is not available. I am able to access registry.gitlab.gnome.org/gnome/pitivi:master-sdk_3.32, but of course that's too old now for flatpak-builder to get anywhere.

.gitlab-ci.yml: Share certs with inner container.

Merge request reports