1 files changed, 70 insertions, 0 deletions

diff --git a/gitlab-templates/Docker.gitlab-ci.yml b/gitlab-templates/Docker.gitlab-ci.yml
new file mode 100644
index 000000000..8acb5a00e
--- /dev/null
+++ b/gitlab-templates/Docker.gitlab-ci.yml
@@ -0,0 +1,70 @@
+# Build and push a Docker image with CI/CD.
+# Docker-in-Docker documentation: https://docs.gitlab.com/ee/ci/docker/using_docker_build.html
+#
+# By default builds are tagged with their branch name and pushed to the
+# Gitlab Docker Registry. If DOCKER_TAG_LATEST is set to true, builds on
+# the $DOCKER_LATEST_BRANCH are also tagged and pushed as ":latest"
+#
+# Scheduled builds can be enabled on a Gitlab schedule by specifying
+# DOCKER_SCHEDULE = "true" in variables
+---
+variables:
+  # Docker registry where images will be pushed
+  DOCKER_REGISTRY: "$CI_REGISTRY"
+  DOCKER_USERNAME: "$CI_REGISTRY_USER"
+  DOCKER_TOKEN: "$CI_REGISTRY_PASSWORD"
+  # Whether or to push images after they're built
+  DOCKER_PUSH: "true"
+  # TODO: Conditionally include '--file' to docker build to reduce need
+  # to always define FILEPATH when BUILDCONTEXT is set
+  DOCKER_FILEPATH: "Dockerfile"
+  DOCKER_BUILDCONTEXT: "."
+  DOCKER_IMAGE: "$CI_REGISTRY_IMAGE"
+  # If LATEST_TAG is set to true, builds on the $DOCKER_LATEST_BRANCH
+  #   will be tagged and pushed with ":latest"
+  DOCKER_LATEST_TAG: "true"
+  DOCKER_LATEST_BRANCH: "$CI_DEFAULT_BRANCH"
+
+.docker-build-and-push: &docker-build-and-push
+  image: docker:latest
+  stage: deploy
+  interruptible: true
+  services:
+    - docker:dind
+  before_script:
+    - docker login -u "$DOCKER_USERNAME" -p "$DOCKER_TOKEN" $DOCKER_REGISTRY
+  script:
+    # Warm the cache by fetching the latest image. There's no guarantee
+    # the image will already exist on the runner.
+    - docker pull "$DOCKER_IMAGE:${CI_COMMIT_REF_SLUG}" || true
+    - >
+        docker build
+        --pull
+        --cache-from "$DOCKER_IMAGE:${CI_COMMIT_REF_SLUG}"
+        --file "$DOCKER_FILEPATH"
+        --tag "$DOCKER_IMAGE:${CI_COMMIT_REF_SLUG}"
+        $DOCKER_BUILDCONTEXT
+    - |
+      if [[ "$CI_COMMIT_BRANCH" == "$DOCKER_LATEST_BRANCH" && "$DOCKER_LATEST_TAG" == "true" ]]; then
+        docker tag "$DOCKER_IMAGE:${CI_COMMIT_REF_SLUG}" "$DOCKER_IMAGE"
+      fi
+    - |
+      # Push docker images if DOCKER_PUSH is set
+      if [[ "$DOCKER_PUSH" == "true" ]]; then
+        docker push "$DOCKER_IMAGE:${CI_COMMIT_REF_SLUG}"
+        # Push ':latest' if LATEST_TAG is true
+        if [[ "$CI_COMMIT_BRANCH" == "$DOCKER_LATEST_BRANCH" && "$DOCKER_LATEST_TAG" == "true" ]]; then
+          docker push "$DOCKER_IMAGE"
+        fi
+      fi
+  rules:
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+      when: never
+    # Gitlab does not have a way of specifying which jobs are scheduled,
+    # so an extra variable is needed in order to signify docker build
+    # should be picked up by the schedule run.
+    - if: $CI_PIPELINE_SOURCE == "schedule" && $DOCKER_SCHEDULE != "true"
+      when: never
+    - if: '$CI_COMMIT_BRANCH == $DOCKER_LATEST_BRANCH'
+    - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
+    - if: $CI_COMMIT_TAG