diff --git a/README.md b/README.md
index d4d5cde0b3298e4e5acb2dd69df77c22b0cab90a..c3371c44a3b4035f6467e4d6aafc2bd79830ab19 100644
--- a/README.md
+++ b/README.md
@@ -419,6 +419,7 @@ This job pushes (_promotes_) the built image as the _release_ image [skopeo](htt
| `DOCKER_PUBLISH_ARGS` | Additional [`skopeo copy` arguments](https://github.com/containers/skopeo/blob/master/docs/skopeo-copy.1.md#options) | _(none)_ |
| `AUTODEPLOY_TO_PROD` | Set to enable automatic publish (and deploy) on `master` branch | _none_ (enabled) |
| `PUBLISH_ON_PROD` | Determines whether this job is enabled on `master` branch | `true`_ (enabled) |
+| `DOCKER_SEMREL_RELEASE_DISABLED` | Set to `true` to disable [semantic-release integration](#semantic-release-integration) | _none_ (enabled) |
This job produces _output variables_ that are propagated to downstream jobs (using [dotenv artifacts](https://docs.gitlab.com/ee/ci/pipelines/job_artifacts.html#artifactsreportsdotenv)):
@@ -432,6 +433,25 @@ This job produces _output variables_ that are propagated to downstream jobs (usi
They may be freely used in downstream jobs (for instance to deploy the upstream built Docker image, whatever the branch or tag).
+### `semantic-release` integration
+
+If you activate the [`semantic-release-info` job from the `semantic-release` template](https://gitlab.com/to-be-continuous/semantic-release/#semantic-release-info-job), the `docker-publish` job will rely on the generated next version info.
+
+* the release will only be performed if a semantic release is present
+* the tag will be based on `SEMREL_INFO_NEXT_VERSION`, it will override `DOCKER_RELEASE_IMAGE` by simply substituting the tag, or adding a tag when there's none.
+
+For instance, in both cases:
+
+```yml
+DOCKER_RELEASE_IMAGE: "registry.gitlab.com/$CI_PROJECT_NAME"
+DOCKER_RELEASE_IMAGE: "registry.gitlab.com/$CI_PROJECT_NAME:$CI_COMMIT_REF_NAME"
+```
+The published Docker image will be `registry.gitlab.com/$CI_PROJECT_NAME:$SEMREL_INFO_NEXT_VERSION` and all subsequent jobs relying on the `docker_image` variable will be provided with this tag.
+
+:warning: When `semantic-release` detects no release (i.e. either the semantic-release template is misconfigured, or there were simply no `feat`/`fix` commits), the `docker-publish` job will report a warning and *no image will be pushed* in the release registry. In such a case, the `docker_image` remains unchanged, and will refer to the snapshot image. Any subsequent job that may deploy to production (Kubernetes or Openshift), should thus be configured *not to deploy* in this situation. Refer to deployment template for more information.
+
+Finally, the semantic-release integration can be disabled with the `DOCKER_SEMREL_RELEASE_DISABLED` variable.
+
## Examples
### Using the GitLab Docker registry
diff --git a/kicker.json b/kicker.json
index f1f9aaa09b96dd3cb2159cb4931e63a91c154499..c9a7106a281661265eadec4eab90c43628c97b0e 100644
--- a/kicker.json
+++ b/kicker.json
@@ -70,6 +70,11 @@
"default": "true",
"type": "boolean"
},
+ {
+ "name": "DOCKER_SEMREL_RELEASE_DISABLED",
+ "description": "Disable integration with the [semantic release template](https://gitlab.com/to-be-continuous/semantic-release/)",
+ "type": "boolean"
+ },
{
"name": "DOCKER_REGISTRY_MIRROR",
"description": "URL of a Docker registry mirror to use instead of default `https://index.docker.io`"
diff --git a/templates/gitlab-ci-docker.yml b/templates/gitlab-ci-docker.yml
index f42d800062814a43c02f7e371cc3ebceda28f73d..fb07ca70ba493313ff0f3ecfa12e472adc70d7bb 100644
--- a/templates/gitlab-ci-docker.yml
+++ b/templates/gitlab-ci-docker.yml
@@ -709,8 +709,9 @@ docker-sbom:
# ==================================================
# Stage: publish
# ==================================================
-# This stage only run when you put a new tag to the git repository (a good tag format would be x.x.x ex: 1.0.2, see https://semver.org/)
-# It will push the release tagged image to the chosen Registry
+# When semantic release is integrated, this stage run on main pipeline
+# When semantic release is not integrated, this stage only run when you put a new tag to the git repository (a good tag format would be x.x.x ex: 1.0.2, see https://semver.org/)
+# In both cases, it will push the release tagged image to the chosen Registry
docker-publish:
extends: .docker-base
image:
@@ -719,9 +720,20 @@ docker-publish:
stage: publish
variables:
GIT_STRATEGY: none
- dependencies: []
script:
- |
+ if [[ "${SEMREL_INFO_ON}" && "${DOCKER_SEMREL_RELEASE_DISABLED}" != "true" ]]
+ then
+ if [[ -z "${SEMREL_INFO_NEXT_VERSION}" ]]
+ then
+ log_warn "[semantic-release] no new version to release: skip"
+ exit 0
+ else
+ DOCKER_RELEASE_IMAGE=$(echo "$DOCKER_RELEASE_IMAGE" | sed "s/\(:.*\)\{0,1\}$/:$SEMREL_INFO_NEXT_VERSION/")
+ log_info "[semantic-release] new Image tag is set: $DOCKER_RELEASE_IMAGE"
+ fi
+ fi
+
if [[ "$DOCKER_SNAPSHOT_IMAGE" == "$DOCKER_RELEASE_IMAGE" ]]
then
log_warn "\\e[93mYou should consider distinguishing snapshot and release images as they do not differ. Skipping publish phase as image has already been created by previous job.\\e[0m"
@@ -742,16 +754,16 @@ docker-publish:
dotenv:
- docker.env
rules:
- # on tag: always
- - if: $CI_COMMIT_TAG
+ # on tag: if semrel info not enabled or semrel integration disabled
+ - if: '$CI_COMMIT_TAG && ($SEMREL_INFO_ON == null || $SEMREL_INFO_ON == "" || $DOCKER_SEMREL_RELEASE_DISABLED == "true")'
# exclude non-production branches
- if: '$CI_COMMIT_REF_NAME !~ $PROD_REF'
when: never
# exclude if $PUBLISH_ON_PROD disabled
- if: '$PUBLISH_ON_PROD != "true"'
when: never
- # exclude if snapshot is same as release image
- - if: '$DOCKER_SNAPSHOT_IMAGE == $DOCKER_RELEASE_IMAGE'
+ # exclude if snapshot is same as release image and semrel info not enabled or semrel integration disabled
+ - if: '$DOCKER_SNAPSHOT_IMAGE == $DOCKER_RELEASE_IMAGE && ($SEMREL_INFO_ON == null || $SEMREL_INFO_ON == "" || $DOCKER_SEMREL_RELEASE_DISABLED == "true")'
when: never
# if $AUTODEPLOY_TO_PROD: auto
- if: '$AUTODEPLOY_TO_PROD == "true"'