Use Container Registry Enterprise Edition instances to build images - Image Build| Alibaba Cloud Documentation Center

Container Registry Enterprise Edition allows you to build images from source code. This is a secure, high concurrent, stable, and efficient continuous integration (CI) process. Container Registry Enterprise Edition automates the build and delivery of images from source code repositories to Container Registry repositories based on Dockerfiles. When the source code is updated, Container Registry Enterprise Edition automatically builds an image by using a Dockerfile and uploads the image to a Container Registry repository. This topic describes how to build images by using Container Registry Enterprise Edition instances.

Prerequisites

A Container Registry Enterprise Edition instance is created. For more information, see Use a Container Registry Enterprise Edition instance to push and pull images.
A Dockerfile is created.

Background information

The image build service of Container Registry features security, stability, and high efficiency:

Security: During an image build, the system distributes a single image build task to a new, exclusive, and environment-isolated machine. This ensures the absolute security of code and image assets.
Stability: If you use a source code repository to build multiple images, the time used for each image build is stable because each image build task is run on an exclusive machine.
High efficiency:
- By default, the system uses the efficient build tool BuildKit. BuildKit has the robust build capabilities, especially for multi-stage build scenarios, and supports rich build features.
- The system hosts common base images. During image builds, the system can use base images without the need to pull images. Base images help reduce the build time.
- The system uses the remote cache to accelerate image build.
  
  Note If you want to use this feature, submit a ticket in the Ticket system.

The image build service of Container Registry supports features such as multiple code hosting platforms and accelerated image generation.

Five code hosting platforms are supported.


Code hosting platform	Edition	Binding method	Limit on triggering image building
GitHub	Container Registry Personal Edition	OAuth authentication	None
GitLab	All editions	Personal access token	None
Alibaba Cloud Code	All editions	OAuth authentication	An image build is not automatically triggered when the code changes.
Gitee	All editions	OAuth authentication	None

Accelerated image generation: The system allows you to load resources of a container image on demand. The accelerated version of the container image is automatically generated after the container image is pushed. For more information, see Load resources of a container image on demand.

Step 1: Bind your instance to a source code hosting platform

Before you build images, you must bind your instance to a source code hosting platform. For more information, see Bind a source code hosting platform.

Notice You cannot build images from an on-premises code repository.

Step 2: Create a namespace

Log on to the Container Registry console.
In the top navigation bar, select a region.
In the left-side navigation pane, click Instances.
On the Instances page, click the Container Registry Enterprise Edition instance for which you want to create a namespace.
On the management page of the Container Registry Enterprise Edition instance, choose Repository > Namespace in the left-side navigation pane.
On the page that appears, click Create Namespace.
In the Create Namespace dialog box, set the Namespace, Automatically Create Repository, and Default Repository Type parameters. Click OK.

Step 3: Create an image repository

Create an image repository and bind it to a code repository. All image builds triggered by the code repository are pushed to the image repository.

Log on to the Container Registry console.
In the top navigation bar, select a region.
In the left-side navigation pane, click Instances.
On the Instances page, click the required Container Registry Enterprise Edition instance.
On the management page of the Container Registry Enterprise Edition instance, choose Repository > Repositories in the left-side navigation pane.
On the Repositories page, click Create Repository.
In the Repository Info step, set the Namespace, Repository Name, Repository Type, Tags, Accelerated Image, Summary, and Description parameters, and click Next.

On the Code Source wizard page, set the Code Source, Build Settings, and Build Rules parameters, and then click Create Repositories.


Parameter	Description
Code Source	The code source.
Build Settings	Automatically Build Images When Code Changes: If you select this option, an image is automatically built when code is committed from a branch. Build With Servers Deployed Outside Mainland China: If you select this option, images are built on servers outside mainland China and then pushed to the repository in the specified region. If the Dockerfile used in your project must be downloaded from a site outside mainland China but the cross-border network connection is unstable, you can enable Build With Servers Deployed Outside Mainland China. Build Without Cache: If you select this option, the system pulls the base image from the source code repository each time an image is built. This may increase the build time. You can disable Build Without Cache to accelerate the image build.

On the Repositories page, click the created image repository. If you can view Build in the left-side navigation pane of the repository management page, the image repository is bound to the source code repository.

Step 4: Build an image

Note If you cannot find Build on the repository management page, it indicates that no code source is bound to the repository. You can refer to Step 1 to bind a code source.

Log on to the Container Registry console.
In the top navigation bar, select a region.
In the left-side navigation pane, click Instances.
On the Instances page, click the required Container Registry Enterprise Edition instance.
On the management page of the Container Registry Enterprise Edition instance, choose Repository > Repositories in the left-side navigation pane.
On the Repositories page, find the created image repository and click Manage in the Actions column.

In the left-side navigation pane, click Build. In the Build Rules section, click Add Build Rule. In the Build Information step of the Add Build Rule dialog box, set the following parameters and click Next.


Parameter	Description
Type	The type of the source code repository. Valid values: Branch and Tag.
Branch/Tag	Select or enter a branch or a tag. Regular expressions are supported. If you specify the release-(?<imageTag>\w) regular expression, the system automatically builds an image of V1 when the source code in the release-v1 branch is updated. The image cannot be built immediately. For more information about how to specify regular expressions, see Use regular expressions in named capturing groups. Note* After you specify regular expressions, images can be built only by the system. You cannot manually build images.
Dockerfile Directory	The directory of the Dockerfile. Specify the Dockerfile directory relative to the branch or tag directory. For example, if the branch directory is master and the Dockerfile is in the master directory, set the value to /.
Dockerfile Filename	The name of the Dockerfile. The default name is Dockerfile.

In the Tag step, set the following parameters, click Save, and then click Next.

Note Click Add Configuration to add an image tag. You can specify up to three image tags.


Parameter	Description
Image Tag	The tag of the image, for example, latest. You can enable named capturing groups. For example, if you specify a named capturing group for Branch/Tag, you can use the captured content.
Build Time	The time when source code is pushed. The time is in UTC+8 format, for example, 20201015 or 202010151613. Note This parameter is optional. If you set this parameter, images can be built only by the system. You cannot manually build images.
Commit ID	The number of characters to be obtained from the commit ID of the most recently pushed code. By default, the first six characters are used. You can adjust the slider to change the number of characters. Note This parameter is optional. If you set this parameter, images can be built only by the system. You cannot manually build images.

In the Build Configurations step, set the following parameters and click Confirm.


Parameter	Description
Build Architecture	The architecture for which you want to build images. You can select multiple architectures. If you select multiple architectures, multiple container images for the architectures are built for each image tag.
Build Parameters	The runtime parameters of the image build. Each build parameter is a key-value pair that is case-sensitive. You can set a maximum of 20 build parameters. You can set a build parameter that modifies the environment variables in a Dockerfile to make the same Dockerfile present multiple states.

Trigger the image build rule.
You can use one of the following methods to trigger an image build rule:
- In the Build Rules section of the Build page, find the image build rule and click Build in the Actions column.
- Submit code to the master branch of the source code repository to trigger the build rule.
Note
- In the Build Log section of the Build page, find the triggered image build and click Cancel in the Actions column to cancel the image build task.
- In the Build Log section of the Build page, find the triggered image build and click Log in the Actions column to view the image build log.
In the left-side navigation pane, click Image Tag. You can view the created image, which indicates that the image is built.

Example 1: Build an image based on the main branch (you can manually build images)

Configure the build rule based on the following settings:

Type: Branch
Branch/Tag: main
Dockerfile Directory: /
Dockerfile Filename: Dockerfile
Image Tag: latest

When you click Build or the source code in the main branch is updated, the system builds an image. The file named Dockerfile in the / directory of the main branch is used to build the image. The tag of the created image is latest. The following figure shows the configuration of the build rule.

Example 2: Build an image based on the branch that matches a regular expression (you cannot manually build images)

Configure the build rule based on the following settings:

Type: Branch
Branch/Tag: release-(?<imageTag>\w*)
Dockerfile Directory: /
Dockerfile Filename: Dockerfile
Image Tag: ${imageTag}
Build Time: yyyyMMddHHmm
Commit ID: 30

When the source code is updated in the branch whose name starts with release-, the system automatically builds an image. The file named Dockerfile in the / directory of the branch is used to build the image.

For example, if the source code in the branch named release-v1 is updated, the regular rule release-(?<imageTag>\w*) captures the v1 in the branch name, sends the v1 to the variable imageTag, and uses v1 in the image tag. In this example, the tag of the created image is v1-202010151625-d4ef3dc3b77a011a5779eec7efdd45. The following figure shows the configuration of the build rule.

What to do next

You can perform the following operations after the image is built:

You can pull the image from Container Service for Kubernetes (ACK) clusters without using passwords. For more information, see Use the aliyun-acr-credential-helper component to pull images without a password.
You can use the image to create applications in ACK clusters. For more information, see Create a stateless application by using a Deployment.
You can use the P2P acceleration feature in ACK clusters to improve the image pulling speed. For more information, see Use the P2P acceleration feature in ASK and ACK clusters.