Merge branch 'feature-v6.5.x' into 'dev'

*

!modules

PORT=5601

ELASTICSEARCH_URL=es-1

ELASTICSEARCH_PORT=9200

image: docker:stable

stages:

  - package

  - test-package

  - deploy

variables:

  IMAGE_NAME: docker.elastic.co/kibana/kibana

  IMAGE_TAG: '5.6.5'

image: docker:stable

deploy-dev:

  stage: deploy

  image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest

variables:

  DOCKER_DRIVER: overlay2

    SSH_REMOTE: ${DEV_SSH_REMOTE}

  NODE_IMAGE_TAG: '11-alpine'

  KIBANA_IMAGE_TAG: '6.5.4'

  STACK: elastic

  SERVICES_TO_CHECK: elastic_${CI_PROJECT_NAME}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml

    ELASTIC_USER_PASS: ${DEV_ELASTIC_ADMIN_PASS}

    PUBLIC_HOSTNAME: ${DEV_PUBLIC_HOSTNAME}

  IMAGE_NAME: ${CI_REGISTRY_IMAGE}

  IMAGE_TAG: ${CI_COMMIT_SHA}

services:

  - docker:dind

docker-build-commit-non-master-branches:

  stage: package

  variables:

    GIT_SUBMODULE_STRATEGY: normal

  tags:

    - oagdev

  only:

    - branches

  except:

    - master

  script:

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - >

      docker build --build-arg NODE_IMAGE_TAG=${NODE_IMAGE_TAG} --build-arg KIBANA_IMAGE_TAG=${KIBANA_IMAGE_TAG}

      -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_REF_NAME}-latest .

    - docker push ${CI_REGISTRY_IMAGE}

docker-build-commit-master-branch:

  stage: package

  variables:

    GIT_SUBMODULE_STRATEGY: normal

  tags:

    - oagdev

  only:

    - master

  script:

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - >

      docker build --build-arg NODE_IMAGE_TAG=${NODE_IMAGE_TAG} --build-arg KIBANA_IMAGE_TAG=${KIBANA_IMAGE_TAG}

      -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} -t ${CI_REGISTRY_IMAGE}:latest .

    - docker push ${CI_REGISTRY_IMAGE}

docker-tag-already-built-image:

  stage: package

  only:

    - tags

  script:

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - docker pull ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA}

    - docker tag ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} ${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG}

    - docker push ${CI_REGISTRY_IMAGE}

container-scanning:

  stage: test-package

  allow_failure: true

  only:

    - branches

  script:

    - docker run -d --name db arminc/clair-db:latest

    - docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1

    - apk add -U wget ca-certificates

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - docker pull ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA}

    - wget https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64

    - mv clair-scanner_linux_amd64 clair-scanner

    - chmod +x clair-scanner

    - touch clair-whitelist.yml

    - >

      ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-container-report.json -l clair.log

      -w clair-whitelist.yml ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} || true

  artifacts:

    paths: [gl-sast-container-report.json]

deploy-supporting-branch-develop:

  stage: deploy

  image: registry.gitlab.com/redmic-project/docker/docker-deploy:${DOCKER_DEPLOY_IMAGE_TAG}

  variables:

    SSH_REMOTE: ${DEV_SSH_REMOTE}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml

    ELASTICSEARCH_URL: ${DEV_ELASTICSEARCH_URL}

    ELASTICSEARCH_USERNAME: ${DEV_ELASTICSEARCH_USERNAME}

    ELASTICSEARCH_PASSWORD: ${DEV_ELASTICSEARCH_PASSWORD}

    PUBLIC_HOSTNAME: ${DEV_PUBLIC_HOSTNAME}

  script:

    - >

      deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

      ELASTICSEARCH_URL=${ELASTICSEARCH_URL} ELASTICSEARCH_USERNAME=${ELASTICSEARCH_USERNAME}

      ELASTICSEARCH_PASSWORD=${ELASTICSEARCH_PASSWORD} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME}

  environment:

    name: dev

    url: https://kibana.${DEV_PUBLIC_HOSTNAME}

  only:

    - branches

  except:

    - master

  when: manual

deploy-stable-branch-develop:

  stage: deploy

  image: registry.gitlab.com/redmic-project/docker/docker-deploy:${DOCKER_DEPLOY_IMAGE_TAG}

  variables:

    SSH_REMOTE: ${DEV_SSH_REMOTE}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml

    ELASTICSEARCH_URL: ${DEV_ELASTICSEARCH_URL}

    ELASTICSEARCH_USERNAME: ${DEV_ELASTICSEARCH_USERNAME}

    ELASTICSEARCH_PASSWORD: ${DEV_ELASTICSEARCH_PASSWORD}

    PUBLIC_HOSTNAME: ${DEV_PUBLIC_HOSTNAME}

  script:

    - >

      deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

      ELASTIC_USER_PASS=${ELASTIC_USER_PASS} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME}

      ELASTICSEARCH_URL=${ELASTICSEARCH_URL} ELASTICSEARCH_USERNAME=${ELASTICSEARCH_USERNAME}

      ELASTICSEARCH_PASSWORD=${ELASTICSEARCH_PASSWORD} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME}

  environment:

    name: dev

    url: https://kibana.${DEV_PUBLIC_HOSTNAME}

  only:

    - dev

    - master

  when: manual

deploy-pro:

deploy-supporting-branch-production:

  stage: deploy

  image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest

  image: registry.gitlab.com/redmic-project/docker/docker-deploy:${DOCKER_DEPLOY_IMAGE_TAG}

  variables:

    DOCKER_DRIVER: overlay2

    SSH_REMOTE: ${PRO_SSH_REMOTE}

    STACK: elastic

    SERVICES_TO_CHECK: elastic_${CI_PROJECT_NAME}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml

    ELASTIC_USER_PASS: ${PRO_ELASTIC_ADMIN_PASS}

    ELASTICSEARCH_URL: ${PRO_ELASTICSEARCH_URL}

    ELASTICSEARCH_USERNAME: ${PRO_ELASTICSEARCH_USERNAME}

    ELASTICSEARCH_PASSWORD: ${PRO_ELASTICSEARCH_PASSWORD}

    PUBLIC_HOSTNAME: ${PRO_PUBLIC_HOSTNAME}

  script:

    - >

      deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

      ELASTICSEARCH_URL=${ELASTICSEARCH_URL} ELASTICSEARCH_USERNAME=${ELASTICSEARCH_USERNAME}

      ELASTICSEARCH_PASSWORD=${ELASTICSEARCH_PASSWORD} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME}

  environment:

    name: pro

    url: https://kibana.${PRO_PUBLIC_HOSTNAME}

  only:

    - branches

  except:

    - master

  when: manual

deploy-stable-branch-production:

  stage: deploy

  image: registry.gitlab.com/redmic-project/docker/docker-deploy:${DOCKER_DEPLOY_IMAGE_TAG}

  variables:

    SSH_REMOTE: ${PRO_SSH_REMOTE}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml

    ELASTICSEARCH_URL: ${PRO_ELASTICSEARCH_URL}

    ELASTICSEARCH_USERNAME: ${PRO_ELASTICSEARCH_USERNAME}

    ELASTICSEARCH_PASSWORD: ${PRO_ELASTICSEARCH_PASSWORD}

    PUBLIC_HOSTNAME: ${PRO_PUBLIC_HOSTNAME}

  services:

    - docker:dind

  script:

    - >

      deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

      ELASTIC_USER_PASS=${ELASTIC_USER_PASS} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME}

      ELASTICSEARCH_URL=${ELASTICSEARCH_URL} ELASTICSEARCH_USERNAME=${ELASTICSEARCH_USERNAME}

      ELASTICSEARCH_PASSWORD=${ELASTICSEARCH_PASSWORD} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME}

  environment:

    name: pro

    url: https://kibana.${PRO_PUBLIC_HOSTNAME}

[submodule "modules/kibana-time-plugin"]

	path = modules/kibana-time-plugin

	url = https://github.com/nreese/kibana-time-plugin.git

	branch = master

	ignore = dirty

ARG NODE_IMAGE_TAG="11-alpine"

ARG KIBANA_IMAGE_TAG="6.5.4"

FROM node:${NODE_IMAGE_TAG} AS npm-build

ARG KIBANA_IMAGE_TAG

COPY modules/ /modules/

WORKDIR /modules/kibana-time-plugin

RUN npm install -g bower && \

	bower --allow-root install && \

	npm --no-git-tag-version version ${KIBANA_IMAGE_TAG}

FROM docker.elastic.co/kibana/kibana:${KIBANA_IMAGE_TAG}

LABEL maintainer="info@redmic.es"

ARG SEARCH_GUARD_URL="https://search.maven.org/remotecontent?filepath=com/floragunn/search-guard-kibana-plugin/6.5.4-17/search-guard-kibana-plugin-6.5.4-17.zip"

RUN ./bin/kibana-plugin install --no-optimize ${SEARCH_GUARD_URL}

ARG LOGTRAIL_URL="https://github.com/sivasamyk/logtrail/releases/download/v0.1.30/logtrail-6.5.4-0.1.30.zip"

RUN ./bin/kibana-plugin install --no-optimize ${LOGTRAIL_URL}

COPY --from=npm-build /modules/ plugins/