Continuing my series on the fun I’m having with GitLab CI, it’s time to discuss using it to automate nginx builds. I’ve previously written about how and why I use a custom build, and a few months ago, I decided to remove the monotony from the process.
Now, when a new mainline release is available, or OpenSSL releases a new version, I update a few CI variables, run a pipeline, and a new nginx binary is available within a few minutes. I’m also able to build for multiple versions of Debian.
I’ve incorporated Google’s Brotli module and a certificate transparency module, as well as OpenSSL 1.1.1 for TLSv1.3 support. I use the script to build mainline
versions, but it allows for any release nginx mirrors on GitHub (see https://www.nginx.com/blog/nginx-1-6-1-7-released/ for the differences between mainline
and stable
).
The build script and its CI configuration can be found at https://git.ethitter.com/debian/nginx-build. The pipeline for my v1.17.0 build can be seen at https://git.ethitter.com/debian/nginx-build/pipelines/1042.
I maintain a common set of images for CI purposes, and this uses the Debian-based build environments configured at https://git.ethitter.com/docker/images/tree/master/debian and served from that project’s container registry at https://git.ethitter.com/docker/images/container_registry. The build images are themselves built using GitLab CI, but that’s a topic for another post. 😆