According to me , it will be best for you to keep your Dockerfile with the source code. We use labels to add versioning info to the produced image. We add:
- the git commit and branch
- whether it's "dirty" meaning that changes were made locally on the src code from what's in git
- a CI version number (publicly visible)
- the person who built the image (not the person who last checked in git)
We also tag the image with the commit number.
build-image.sh
echo '===> Building docker image...'
GIT_BRANCH=$(git name-rev --name-only HEAD | sed "s/~.*//")
GIT_COMMIT=$(git rev-parse HEAD)
GIT_COMMIT_SHORT=$(echo $GIT_COMMIT | head -c 8)
GIT_DIRTY='false'
BUILD_CREATOR=$(git config user.email)
BUILD_NUMBER="${BUILDKITE_BUILD_NUMBER-0}"
# Whether the repo has uncommitted changes
if [[ $(git status -s) ]]; then
GIT_DIRTY='true'
fi
docker build \
-q \
-t quay.io/myco/servicename:latest \
-t quay.io/myco/servicename:"$GIT_COMMIT_SHORT" \
--build-arg GIT_BRANCH="$GIT_BRANCH" \
--build-arg GIT_COMMIT="$GIT_COMMIT" \
--build-arg GIT_DIRTY="$GIT_DIRTY" \
--build-arg BUILD_CREATOR="$BUILD_CREATOR" \
--build-arg BUILD_NUMBER="$BUILD_NUMBER" \
.
echo "Done"
echo "Push to quay using:"
echo " docker push quay.io/myco/servicename:latest"
echo " docker push quay.io/myco/servicename:$GIT_COMMIT_SHORT"
Dockerfile
FROM ...
ARG GIT_COMMIT
ARG GIT_BRANCH=master
ARG GIT_DIRTY=undefined
ARG BUILD_CREATOR
ARG BUILD_NUMBER
LABEL branch=$GIT_BRANCH \
commit=$GIT_COMMIT \
dirty=$GIT_DIRTY \
build-creator=$BUILD_CREATOR \
build-number=$BUILD_NUMBER
... etc
Then you can make scripts that check the version of your image. Eg:
docker inspect --format "{{.ContainerConfig.Labels.commit}}" image
I hope the above information will be helpful for you.
