Overview
Continuous Integration systems are as varied as the companies that use them. Fortunately, Earthly is flexible enough to fit into most (and where we don't, let us know!). This document serves as a starting point to configuring Earthly in your CI environment.
Setting up Earthly is as easy as three steps:
We also have instructions for specific CI systems; and special-case instructions for other scenarios (explore the "CI Integrations" category.)
Dependencies
Earthly has two software dependencies: docker
and git
. Because earthly
will not install these for you, please ensure they are present before proceeding. These tools are very common, so many environments will already have them installed. If you choose to use our prebuilt containers, these dependencies are already included.
docker
is used to glean information about the containerization environment, and manage our earthly-buildkitd
daemon. It is also used to do things like save images locally on your machine after they have been built by Earthly. To install docker
, use the most recent versions directly from Docker. The versions packaged for many distributions tend to fall behind.
git
is used to help fetch remote targets, and also provides metadata for Earthly during your build. To install git
, you can typically use your distributions package manager.
Installation
Once you have ensured that the dependencies are available, you'll need to install earthly
itself.
Option 1: Direct install
This is the simplest method for adding earthly
to your CI. It will work best on dedicated computers, or in scripted/auto-provisioned build environments. You can pin it to a specific version like so:
It is recommended to install earthly
as part of the new host's configuration, and not as part of your build. This will speed up your builds, since you do not need to download earthly
each time; and it will also provide stability in case a future version of earthly
changes the behavior of a command.
Don't forget to run earthly bootstrap
when you are done to finish configuration!
Option 2: Image
If a local installation isn't possible, Earthly currently offers two official images:
earthly/earthly
, which is a 1-stop shop. It includes a built-inearthly-buildkitd
daemon, and accepts a target to be built as a parameter. It requires a mount for your source code, and an accessibleDOCKER_HOST
.earthly/buildkitd
, which is the sameearthly-buildkitd
container thatearthly
will run on your host. This is useful in more advanced configurations, such as remotely sharing a singlebuildkitd
machine across many workers, or isolating the privileged parts of builds. This feature is experimental.
If you need to provide additional configuration or tools, consider building your own image for CI.
Configuration
While earthly
is fairly configurable by itself, it also depends on the configuration of its dependencies. In a CI environment, you will need to ensure all of them are configured correctly.
Git
If you plan to build any private, or otherwise secure repositories, git
will need to be configured to have access to these repositories. Please see our documentation for how to configure access.
Docker
Like git
, docker
also needs to be configured to have access to any private repositories referenced in the Earthfiles
you want to build. Please our documentation for how to log in, and our examples for pushing to many popular repositories.
If your private registry can use a credential helper, configure it according to your vendor's instructions. earthly
can also make use of these to provide access when needed. If you need help configuring docker
for use with Earthly, see our guides on configuring many popular registries for details.
Finally, the earthly-buildkitd
daemon requires running in --privileged
mode, which means that the docker
daemon needs to be configured to allow this as well. Rootless configurations are currently unsupported.
Earthly
earthly
has quite a few configuration options that can either be set through a configuration file or environment variables. See our configuration reference for a complete list of options.
You can also configure earthly
by using the earthly config
command from within a script. This can be useful for some dynamic configuration.
Some options that may make sense in a CI environment are:
Earthly also has some special command-line switches to ensure best practices are followed within your CI. These come highly recommended. Enable these with the --ci
option, which is shorthand for --save-inline-cache
--strict
--no-output
.
Earthly also has a special --push
option that can be used when invoking a target. In a CI, you may want to ensure this flag is present to push images or run commands that are not typically done as part of a normal development workflow.
If you would like to do cross-platform builds, you will need to install some binfmt_misc
entries. This can be done by running: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
. This installs the needed entries and qemu-user-static
binaries on your system. This will need to be repeated on each physical box (only once, since its a kernel level change, and the kernel is shared across containers).
To share secrets with earthly
, use the --secret
option to inject secrets into your builds. You could also use our cloud secrets, for a more seamless experience.
Networking & Security
Upon invocation, earthly
depends on the availability of an earthly-buildkit
daemon to perform its build. This daemon has some networking and security considerations.
Large builds can generate many docker
pull requests for certain images. You can set up and use a pull through cache to circumvent this.
If earthly
is running on a dedicated host, the only consideration to take is the ability to run the container in a --privileged
mode. Typical installations should support this out of the box. We also support running under user namespaces, when earthly
is configured to start the earthly-buildkit
container with the --userns host
option. Rootless configurations are currently unsupported.
If earthly
is connecting to a remote earthly-buildkitd
, then you will need to take additional steps. See this article for running a remote BuildKit instance.
Examples
Below are links to CI systems that we have more specific information for. If you run into anything in your CI that wasn't covered here, we would love to add it to our documentation. Pull requests are welcome!
Last updated