- Supported Environments
- Parameters Reported by Agent
- Docker Support Build Feature
- Docker Connection for a Project
- Docker Build Runner
- Docker Compose Runner
- Docker Wrapper
- Docker Disk Space Cleaner
TeamCity 2017.2 comes with built-in Docker support. If you installed the plugin for the previous version manually, please remove it.
For TeamCity 2017.2.x TeamCity-Docker support can run on Mac, Linux, and Windows build agents. It uses the
'docker' executable on the build agent machine, so it should be runnable by the build agent user.
Parameters Reported by Agent
During the build, the build agent reports the following parameters:
|The Docker Engine version|
|The Docker Compose file version if the Docker Compose build step is used|
| ||The Docker server OS type, can have the |
If you are using the Command Line Build step (and not the TeamCity-provided docker steps), these parameters can be used as agent requirements to ensure your build is run only on the agents with Docker installed.
TeamСity-Docker integration provides the following features which facilitate working with Docker under TeamCity:
Docker Support Build Feature
Adding this build feature will enable docker events monitoring: such operations as docker pull, docker run will be detected. The build feature adds the Docker Info tab to the build results page providing information on Docker-related operations.
Since TeamCity 2017.2 this build feature provides the following options:
- the ability to clean-up the images
- automatic login to an authenticated registry before the build and logout of it after the build
These options require a configured connection to a docker registry.
Clean-up of images
If you have a build configuration which publishes images, you need to remove them at some point. You can select the corresponding option and instruct TeamCity to remove the images published by a certain build when the build itself is cleaned up. It works as follows: when an image is published, TeamCity stores the information about the registry of the images published by the build. When the server clean-up is run and it deletes the build, all the configured connections are searched for the address of this registry and the images published by the build are cleaned up using the credentials specified in the connection found.
Automatic Login to/Logout of Docker Registry
If you need to log in to a registry requiring authentication before a build, select the corresponding option and a connection to Docker configured in the project settings. Automatic logout will be performed after the build finishes.
Docker Connection for a Project
The Project Settings | Connections page allows you to configure a connection to docker.io (default) or a private Docker registry. More than one connection can be added to the project. The connection will be available in all the subprojects and build configurations of the current project.
Registry Address Format
By default, https://docker.io is used.
To connect to a registry, use the following format:
If the protocol is not specified, the connection over
https is used by default.
Connecting to Private Cloud Registry
- Since TeamCity 2017.2.3, it is possible to get authenticated with an Azure container registry storing Docker images using Service principal (the principal ID and password are used as connection credentials) or Admin account.
Connecting to Insecure Registry
To connect to an insecure registry:
- Configure all TeamCity agents where Docker is installed to work with insecure repositories as stated Docker documentation. This is sufficient to allow the connection to the private registry over http.
- To connect to an insecure registry over https with a self-signed certificate, in addition to the step above, import the self-signed certificate to the JVM of the TeamCity server as described here. You can consult the Docker documentation on using self-signed certificates.
Docker Build Runner
The runner allows building Docker images as a separate build step. When creating TeamCity projects/ build configurations from a repository URL, the runner is offered as build step during auto-detection, provided a Dockerfile is present in the VCS repository.
Docker Build Parameters
Depending on the selected source, the settings below will vary. The available options include File, a URL or File content.
|Path to file|
Available if File is selected as the source. Specify the path to the Docker file. The path should be relative to the checkout directory.
|Context folder||Available if File is selected as the source. Specify the context for the docker build. If blank, the enclosing folder for Dockerfile will be used.|
URL to file
|Available if URL is selected as the source. The URL can refer to three kinds of resources: Git repositories, pre-packaged tarball contexts, and plain text files. See Docker documentation for details.|
|File Content:||Available if the file content is selected as the source. You can enter the content of the Dockerfile into the field.|
Provide a newline-separated list of image name:tag(s)
|Additional arguments for 'build' command||Supply additional arguments to the docker build command. See Docker documentation for details.|
Docker Compose Runner
The runner allows starting Docker Compose build services and shutting down those services at the end of the build.
The executed commands are
When using Docker Compose with images which support HEALTHCHECK, TeamCity will wait for the
healthy status of all containers, which support this parameter.
If the start of Docker Compose was successful, the TeamCity agent will register the TEAMCITY_DOCKER_NETWORK environment variable containing the name of the Docker Compose default network. This network will be passed transparently to the Docker Wrapper when used in some build runners.
In this section, you can specify a Docker image which will be used to run the build step.
|Run step within Docker container|
|Pull image explicitly (since TeamCity 2017.2)|
If the checkbox is enabled,
|Additional docker run arguments|
The Edit arguments field allows specifying additional options for
Technically, the command of the build runner is wrapped in a shell script, and this script is executed inside a Docker container with the
docker run command. All the details about the started process, text of the script etc. are written into the build log (the Verbose mode enables viewing them).
The checkout directory and most build agent directories are mapped inside the Docker process, and TeamCity passes most environment variables from the build agent into the docker process.
After the build step with the Docker wrapper, a build agent will run the
chown command to restore access of the buildAgent user to the checkout directory. This mitigates a possible problem when the files from a Docker container are created with the 'root' ownership and cannot be removed by the build agent later.
If the process environment contains the
TEAMCITY_DOCKER_NETWORK variable, this network is passed to the started
docker run command with
It is possible to provide extra parameters for the
docker run command, for instance, provide an additional volume mapping.
Docker Disk Space Cleaner
When there is not enough disk space on the agent at the beginning of the build, the
docker system prune -a command will be run cleaning the local Docker Caches. The command is run only as the last resort if all other cleaners did not manage to free enough space. Docker Disk Space Cleaner is an extension to the Free Disk Space build feature ensuring a certain amount of disk space for a build.