## How to use this project

A functional example of using GIT @ UIBK with our local registry, 
the CI/CD process, and some advanced CI/CD techniques.

If you are experienced with docker and gitlab/ci, 
simply tailor the .gitlab-ci.yml file to your needs.

If you are new to docker and/or gitlab-ci, you can Fork this project and 
simply execute the pipeline of your Fork.

1. Fork this project
2. Create and modify the Secret Variable named HELLO_WHO. 
   Go to Project's Settings -> CI/CD -> Variables. 
   Only fill in a value; do not set the options.
3. Run the pipeline  (or make a commit, which will trigger this). 
   Go to Project -> CI/CD -> Pipelines, 
   click on the green button in the upper-right corner "Run Pipeline"

Done! Examine the job output of the "testdind" (test docker-in-docker) stage to see all the gory details. 
The `docker info` step is a debug step, and you will eventually want to remove that from your project.
The Variables are used to contain keys and passwords to things like other repositories. 
There are predefined variables which you can use as well. 
They are all [https://docs.gitlab.com/ee/ci/variables/](documented at Gitlab).

-----

## How to create a simple "hello-world" container from scratch and push it to your repository's registry

You can also create your own images from your own docker service, push them
to the registry and make use of them that way. Once there, you can use them 
as part of your build or testing process.
This is a quick tutorial on how to do that.

On a host running docker, follow the steps below. These steps are more or less 
the same from what you find in the `.gitlab-ci.yaml` file in this repository.

### Step 1: login to our registry

> **Prerequisite**: Your user account should be a member of the `docker` group.


```
$ docker login docker.uibk.ac.at:443
Username: <YOUR_C_USER_ID>
Password: <CAMPUS_LDAP_PASSWORD>
WARNING! Your password will be stored unencrypted in /home/c102/c10267/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
```

> **Warning** This step saves your credentials to a file in your directory on the localhost.
> **It is stored unencrypted, base-64 unencoded. It is not secure**
> Anyone with root access on the host will be able to sniff this file. 
> Logout afterwards to minimize chance of your credentials being stolen.
> To be more secure, use GPG to keep your credentials secured. See [https://www.antoniojgutierrez.com/2018/08/11/docker_login_password_store.html](this tutorial)

### Step 2: Create a Dockerfile

```sh
$ cat > Dockerfile <<EOF
FROM alpine:3.7
ENTRYPOINT ["echo","Hello world"]
EOF
```

### Step 3: Create the image with docker:

Modify/Set  $PROJECT_NAMESPACE and $PROJECT_NAME  to that of your clone.

```
$ docker build -t docker.uibk.ac.at:443/$PROJECT_NAMESPACE/$PROJECT_NAME .
Sending build context to Docker daemon  13.31kB
Step 1/2 : FROM alpine:3.7
 ---> 6d1ef012b567
Step 2/2 : ENTRYPOINT ["echo","Hello world"]
 ---> Running in e70bd295c9c9
Removing intermediate container e70bd295c9c9
 ---> c35fc1654db0
Successfully built c35fc1654db0
Successfully tagged docker.uibk.ac.at:443/XXXXX/YYYYYYYYYY:latest
```

The image names will differ of course.

### Step 4: Push the project to the docker-registry @ uibk

```
$ docker push docker.uibk.ac.at:443/$PROJECT_NAMESPACE/$PROJECT_NAME || echo "Push failed"
```

You will see some output. You might see "Layer already exists", and that's usually safe to ignore.

Now you can run the pipeline, and it should simply work.

### Step 5: Logoff 

This step is important for security on a shared host. Logoff to remove the stored credentials.

```
$ docker logout docker.uibk.ac.at:443
```