Use labels to add versioning information to the docker image. Keep the dockerfile and the source code together.
- the git commit and branch
- whether it's "dirty" meaning that changes were made locally on the src code from what's in git
- a CI version number (publicly visible)
- the person who built the image (not the person who last checked in git)
Add the commit number to the image. Here's a sample of what it would be like:
build-image.sh
echo '===> Building docker image...'
GIT_BRANCH=$(git name-rev --name-only HEAD | sed "s/~.*//")
GIT_COMMIT=$(git rev-parse HEAD)
GIT_COMMIT_SHORT=$(echo $GIT_COMMIT | head -c 8)
GIT_DIRTY='false'
BUILD_CREATOR=$(git config user.email)
BUILD_NUMBER="${BUILDKITE_BUILD_NUMBER-0}"
# Whether the repo has uncommitted changes
if [[ $(git status -s) ]]; then
GIT_DIRTY='true'
fi
docker build \
-q \
-t quay.io/myco/servicename:latest \
-t quay.io/myco/servicename:"$GIT_COMMIT_SHORT" \
--build-arg GIT_BRANCH="$GIT_BRANCH" \
--build-arg GIT_COMMIT="$GIT_COMMIT" \
--build-arg GIT_DIRTY="$GIT_DIRTY" \
--build-arg BUILD_CREATOR="$BUILD_CREATOR" \
--build-arg BUILD_NUMBER="$BUILD_NUMBER" \
.
echo "Done"
echo "Push to quay using:"
echo " docker push quay.io/myco/servicename:latest"
echo " docker push quay.io/myco/servicename:$GIT_COMMIT_SHORT"
Dockerfile
FROM ...
ARG GIT_COMMIT
ARG GIT_BRANCH=master
ARG GIT_DIRTY=undefined
ARG BUILD_CREATOR
ARG BUILD_NUMBER
LABEL branch=$GIT_BRANCH \
commit=$GIT_COMMIT \
dirty=$GIT_DIRTY \
build-creator=$BUILD_CREATOR \
build-number=$BUILD_NUMBER
... etc
You can then write scripts to check for the version of the image
docker inspect --format "{{.ContainerConfig.Labels.commit}}" imageid
