Commit 703b62ea authored by Pedro Eduardo Trujillo's avatar Pedro Eduardo Trujillo
Browse files

Pone al día el proyecto, con config CI actualizada 

Declara docker-compose de construcción.
Fija versiones de dependencias.
Reorganiza Dockerfile para mejorar eficiencia de layers.
parent 67e2825f

.env

0 → 100644
+12 −0
Original line number Diff line number Diff line 
SELENIUM_NODE_CHROME_VERSION=3.12.0-boron



APT_TRANSPORT_HTTPS_VERSION=1.2.32ubuntu0.2

BZIP2_VERSION=1.0.6-8ubuntu0.2

CURL_VERSION=7.47.0-1ubuntu2.18

GIT_VERSION=1:2.7.4-0ubuntu1.9

YARN_VERSION=1.22.5-1

NODEJS_VERSION=9.11.2-1nodesource1

GRUNT_CLI_VERSION=1.3.2



CACHE_PATH=/opt/cache

WORK_PATH=/opt/redmic

.gitlab-ci.yml

+8 −51
Original line number Diff line number Diff line 
image: docker:stable

include:

  - project: 'redmic-project/gitlab-ci-templates'

    ref: master

    file: '/packaging.yml'



stages:

  - pre-package

  - package

  - test-package

  - post-package



docker-build-development:

  stage: package

.docker-build:

  variables:

    DOCKER_DRIVER: overlay2

  services:

    - docker:dind

  only:

    - branches

  except:

    - master

  script:

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - docker build -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_REF_NAME}-latest .

    - docker push ${CI_REGISTRY_IMAGE}



docker-build-stable:

  stage: package

  variables:

    DOCKER_DRIVER: overlay2

  services:

    - docker:dind

  only:

    - master

  script:

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - docker build -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} -t ${CI_REGISTRY_IMAGE}:latest .

    - docker push ${CI_REGISTRY_IMAGE}



container-scanning:

  stage: test-package

  variables:

    DOCKER_DRIVER: overlay2

  allow_failure: true

  services:

    - docker:stable-dind

  only:

    - branches

  script:

    - docker run -d --name db arminc/clair-db:latest

    - docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1

    - apk add -U wget ca-certificates

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - docker pull ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA}

    - wget https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64

    - mv clair-scanner_linux_amd64 clair-scanner

    - chmod +x clair-scanner

    - touch clair-whitelist.yml

    - ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-container-report.json -l clair.log -w clair-whitelist.yml ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} || true

  artifacts:

    paths: [gl-sast-container-report.json]
 
    COMPOSE_FILE_NAME: docker-compose.yml

Dockerfile

+29 −17
Original line number Diff line number Diff line 
FROM selenium/node-chrome

ARG SELENIUM_NODE_CHROME_VERSION=3.12.0-boron

FROM selenium/node-chrome:${SELENIUM_NODE_CHROME_VERSION}



LABEL maintainer="info@redmic.es"



USER root



ENV WORK_PATH=/opt/redmic \

	CACHE_PATH=/opt/cache



WORKDIR ${WORK_PATH}

ARG CACHE_PATH=/opt/cache \

	APT_TRANSPORT_HTTPS_VERSION=1.2.32ubuntu0.2 \

	BZIP2_VERSION=1.0.6-8ubuntu0.2 \

	CURL_VERSION=7.47.0-1ubuntu2.18 \

	GIT_VERSION=1:2.7.4-0ubuntu1.9 \

	YARN_VERSION=1.22.5-1 \

	NODEJS_VERSION=9.11.2-1nodesource1 \

	GRUNT_CLI_VERSION=1.3.2



SHELL ["/bin/bash", "-o", "pipefail", "-c"]

RUN apt-get update && \

	apt-get install -y --no-install-recommends \

		apt-transport-https \

		bzip2 \

		curl \

		git



RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add - && \

	curl -sL https://deb.nodesource.com/setup_9.x | sudo -E bash - && \

	echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list && \

		"apt-transport-https=${APT_TRANSPORT_HTTPS_VERSION}" \

		"bzip2=${BZIP2_VERSION}" \

		"curl=${CURL_VERSION}" \

		"git=${GIT_VERSION}" && \

	curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \

	echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \

	curl -sL https://deb.nodesource.com/setup_9.x | bash - && \

	apt-get update && \

	apt-get install -y --no-install-recommends \

		yarn \

		nodejs

		"yarn=${YARN_VERSION}" \

		"nodejs=${NODEJS_VERSION}" && \

	apt-get clean && \

	rm -rf /var/lib/apt/lists/* && \

	npm install -g "grunt-cli@${GRUNT_CLI_VERSION}" && \

	yarn config set cache-folder "${CACHE_PATH}"



USER 1200



RUN npm install -g grunt-cli && \

	yarn config set cache-folder ${CACHE_PATH}

ARG WORK_PATH=/opt/redmic



WORKDIR ${WORK_PATH}



ENTRYPOINT []

docker-compose.yml

0 → 100644
+19 −0
Original line number Diff line number Diff line 
version: '3.5'



services:

  web-build:

    image: ${IMAGE_NAME:-registry.gitlab.com/redmic-project/docker/web-build}:${IMAGE_TAG:-latest}

    build:

      context: .

      dockerfile: ${DOCKERFILE:-Dockerfile}

      args:

        SELENIUM_NODE_CHROME_VERSION:

        APT_TRANSPORT_HTTPS_VERSION:

        BZIP2_VERSION:

        CURL_VERSION:

        GIT_VERSION:

        YARN_VERSION:

        NODEJS_VERSION:

        GRUNT_CLI_VERSION:

        CACHE_PATH:

        WORK_PATH: