Make a script at .travis/docker_push:
Developers should feel free to update the functionality of this embed their custom workflow, tagging, branch structure, etc., this is just a simple baseline stolen from the early stages of asym-crypto-yaml.
#!/bin/bash
echo "$DOCKER_PASSWORD" | docker login -u $DOCKER_USERNAME --password-stdin
if [ ! -z "${TRAVIS_TAG}" ]; then
docker tag edxops/MY_REPO:latest edxops/MY_REPO:${TRAVIS_TAG}
docker push edxops/MY_REPO:${TRAVIS_TAG}
fi
docker push edxops/MY_REPO:latest
Login to docker hub with your regular account and add your docker image repo to the automation team in the appropriate org (either edxops or openedx)
Login to docker hub ad the edxbuilder user and create a new API key for your repo and encrypt it as follows.
Add --pro to travis encrypt command if using a private repo
$ travis encrypt --add env.global Reading from stdin, press Ctrl+D when done DOCKER_PASSWORD=PASTE_API_KEY_HERE $
Set the DOCKER_USERNAME variable in .travis.yml to edxbuilder
Your .travis.yml file should look like this.
$ cat .travis.yml
services:
- docker
sudo: required
script:
- make docker_build docker_tag
env:
matrix:
- DOCKER_USERNAME=edxbuilder
global:
- secure: tl7BX1c2BkjgObJ+VDIfdB9IshpC01gklxiw5WQ1ubG05TbSmp1OvvUrFNwQ81KWb2tkjM0Jq1wnxzNCRyqwqgptPB5fGflxT0CVGKVJYBM5ZpPH2QNcwdxkH8fqZNaY/MpO45UI2qwKRxqouEkg71tVpjYdxFf/C1SrLRfQgtUNjA9g5OEXGw7dzKmvs3vjn6j5n5wBTM3pcNgiKRM7vnW920tQRKoJ8C6sqOnBnUP8CcnCnN+Qdgr5MGPf2ucKLMbdWO8ssAGuZ1eKMAbCVxmd10utQHch1ra4xS0tQDc/yK67iVu05CIvhe27YRAaJ14NSQUDDqbQqUWpxW9zr5ucMfr8LP6jHN34Qxq5h7Y4AK1vHkDBGajNJAbx07JcXQn/9l0C4uwdTjK5N0FVE/jSkJIjhjmyZ4dk8BGunKyYZVHcnqiTBGwx9t9xJLQH3J3C0IeeGLchnHeA5ONaIeShdtg98SNMMMkfJ8pQGXK4GOkMehnIFwYDUAISf1ID9rCmTQ9w9lO6JNBLxGdVTNKqwqC6J71vgQz7oTHF5iG9RZr7ouBlIplohGdhZ0Rta0vzEfxofWEMdP3RArYomz/0ynFYP19DpI9Fzf3hirRGI8Bet2mQzvH6m7WF5YBxCX0JCkst2fvNml0ZOZTVVB3qwts2/F4FBSniK+yeRPg=
- secure: HhndVFqd0GD2Wnr+bkIFZlfARy5VgprItWpSHV+AmXxkwue57eZmrJFfS+9IXEkwsPwt9OaP3l5N1QJ7/XdXCiXmBSx1M5+ME2xKy8ZviyIAQOHynT8NDiQqn91edhhjT4H3mqm/RLNE5emrUZAIAUXdpglvm+R3IsncdZqzRv05pnXStjDOm9ILd2LDW2AkUJ0wczm6ZWap4E/C72/iO5XbT0yFfzcmh6kJIUUSnu+plehHAVPXrE6u153dZK9+jgtxlBKq6iUUkvLQXn47ag2Ah7o4GxxIFhIb8lGesRRwQ4k2jl+Xe3zgYp6Gcue1Ue4IXqGOVVlT+McWF20MjjU8r+18EWqLs1JVk5dTtfvrxdwCibAx3HvAke/PUMjfg58r78sW7GQ4lzSBpxMjnh51SVkbu08nT2+qQfCzhIusP3E7YRs96MDX6eyU25qwrzcPaVOAP5E3HT3nr5VNqyaqp3MPWCxgNfpACncy+BeeEV7KsXxejVu6CDlys2DwVn/6tgSwR/DtzJRV1w671gLDoUb3cCbbjj3T31rKBqneXEJiZ0JLBQyVkGLpUiewmP1i7XsWI0U8WPmhmwK+x1Iw/xdzP4yzdc7LpMbBxqtvW10Wx3NovvDbs6xdOZYFnx2K9TTXdsSmgjcV9xUkoepTRJTSGz9E+O74ai6hZ84=
deploy:
provider: script
script: make docker_push
on:
branch: master
Your Makefile might look something like the following. The important bit is the docker_auth step.
$ cat Makefile
.PHONY: docker_build docker_tag docker_auth docker_push
.DEFAULT_GOAL := docker_tag
docker_build:
docker build . -f Dockerfile -t edxops/ecr-cred-helper
docker_tag: docker_build
docker tag edxops/ecr-cred-helper edxops/ecr-cred-helper:1.14
docker tag edxops/ecr-cred-helper edxops/ecr-cred-helper:1.14.6
docker tag edxops/ecr-cred-helper edxops/ecr-cred-helper:$$TRAVIS_COMMIT
docker_auth:
echo "$$DOCKER_PASSWORD" | docker login -u "$$DOCKER_USERNAME" --password-stdin
docker_push: docker_tag docker_auth ## push to docker hub
docker push 'edxops/ecr-cred-helper:latest'
docker push "edxops/ecr-cred-helper:$$TRAVIS_COMMIT"
docker push 'edxops/ecr-cred-helper:1.14'
docker push 'edxops/ecr-cred-helper:1.14.6'
See https://github.com/edx/ecr-cred-helper/pull/1/files as an example
If you need help configuring it for multiple providers look at the syntax here:
https://docs.travis-ci.com/user/deployment#deploying-to-multiple-providers