Commit a623c593 authored by Pedro Eduardo Trujillo's avatar Pedro Eduardo Trujillo
Browse files

Merge branch 'dev' into 'master' 

Dev

See merge request redmic-project/gitlab-ci-templates!3
parents b8fe8999 16f61394

deployment.yml

+18 −6
Original line number Diff line number Diff line 
variables:

  DEPLOYMENT_IMAGE: ${DOCKER_DEPLOY_IMAGE_NAME}:${DOCKER_DEPLOY_IMAGE_TAG}

  STACK: stack

  STATUS_CHECK_RETRIES: 10

  STATUS_CHECK_INTERVAL: 20

  STATUS_CHECK_DELAY: 120

  STATUS_CHECK_MIN_HITS: 3

  IMAGE_NAME: ${CI_REGISTRY_IMAGE}

  IMAGE_TAG: ${CI_COMMIT_SHA}
@@ -13,11 +17,12 @@ variables: 
    - deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

  when: manual



.deploy-develop:

.deploy-development:

  extends: .deploy

  variables:

    SSH_REMOTE: ${DEV_SSH_REMOTE}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml

    PUBLIC_HOSTNAME: ${DEV_PUBLIC_HOSTNAME}

  environment:

    name: dev
@@ -26,29 +31,36 @@ variables: 
  variables:

    SSH_REMOTE: ${PRO_SSH_REMOTE}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml

    PUBLIC_HOSTNAME: ${PRO_PUBLIC_HOSTNAME}

  environment:

    name: pro



deploy-supporting-branch-develop:

  extends: .deploy-develop

deploy-support-branch-development:

  extends: .deploy-development

  only:

    - branches

  except:

    - master

    - schedules



deploy-stable-branch-develop:

  extends: .deploy-develop

deploy-stable-branch-development:

  extends: .deploy-development

  only:

    - master

  except:

    - schedules



deploy-supporting-branch-production:

deploy-support-branch-production:

  extends: .deploy-production

  only:

    - branches

  except:

    - master

    - schedules



deploy-stable-branch-production:

  extends: .deploy-production

  only:

    - master

  except:

    - schedules

maven-building.yml

0 → 100644
+31 −0
Original line number Diff line number Diff line 
variables:

  BUILDING_IMAGE: ${MAVEN_IMAGE_NAME}:${MAVEN_IMAGE_TAG}

  MAVEN_OPTS: -Dmaven.repo.local=.m2/repository

  SPRING_PROFILES_ACTIVE: test

  MAVEN_PROJECT_NAME: ${CI_PROJECT_NAME}

  MAVEN_GOALS: verify spring-boot:repackage

  TEST_COVERAGE_XPATH: //table[@id=\"coveragetable\"]/tfoot//td[@class=\"ctr2\"][1]/text()

  PROJECT_ROOT_PATH: '.'

  TEST_OUTPUT_PATH: target

  BUILD_OUTPUT_PATH: dist



maven-build:

  stage: build

  image: ${BUILDING_IMAGE}

  cache:

    paths:

      - .m2/repository/

  script:

    - mvn -pl :${MAVEN_PROJECT_NAME} -U -B clean ${MAVEN_GOALS}

    - coveragePath="${PROJECT_ROOT_PATH}/${TEST_OUTPUT_PATH}/site/jacoco/index.html"

    - coverage=$(xmllint --html --xpath "${TEST_COVERAGE_XPATH}" "${coveragePath}")

    - echo "Coverage: ${coverage}"

  after_script:

    - rm -r .m2/repository/es

  only:

    - branches

  artifacts:

    name: '${MAVEN_PROJECT_NAME}-${CI_COMMIT_REF_NAME}'

    expire_in: '6 months'

    paths:

      - ${PROJECT_ROOT_PATH}/${BUILD_OUTPUT_PATH}/*.jar

packaging.yml

0 → 100644
+79 −0
Original line number Diff line number Diff line 
variables:

  PACKAGING_IMAGE: docker:stable

  DIND_IMAGE: docker:dind

  DOCKER_REGISTRY: ${CI_REGISTRY}

  DOCKER_REGISTRY_USER: gitlab-ci-token

  DOCKER_REGISTRY_PASS: ${CI_JOB_TOKEN}

  DOCKER_BUILD_ARGS: ''

  DOCKER_IMAGE_NAME: ${CI_REGISTRY_IMAGE}



.docker:

  image: ${PACKAGING_IMAGE}

  variables:

    DOCKER_DRIVER: overlay2

    DOCKER_DEFAULT_TAGGING: ${DOCKER_IMAGE_NAME}:${CI_COMMIT_SHA}

  services:

    - ${DIND_IMAGE}

  before_script:

    - docker login -u ${DOCKER_REGISTRY_USER} -p ${DOCKER_REGISTRY_PASS} ${DOCKER_REGISTRY}



.docker-operations:

  stage: package

  extends: .docker

  after_script:

    - docker push ${DOCKER_IMAGE_NAME}



.docker-operations-build:

  extends: .docker-operations

  script:

    - docker build ${DOCKER_BUILD_ARGS} -t ${DOCKER_DEFAULT_TAGGING} -t ${DOCKER_SPECIFIC_TAGGING} .



docker-build-support-branch:

  extends: .docker-operations-build

  variables:

    DOCKER_SPECIFIC_TAGGING: ${DOCKER_IMAGE_NAME}:${CI_COMMIT_REF_NAME}-latest

  only:

    - branches

  except:

    - master

    - schedules



docker-build-stable-branch:

  extends: .docker-operations-build

  variables:

    DOCKER_SPECIFIC_TAGGING: ${DOCKER_IMAGE_NAME}:latest

  only:

    - master

  except:

    - schedules



docker-tag:

  extends: .docker-operations

  only:

    - tags

  script:

    - docker pull ${DOCKER_DEFAULT_TAGGING}

    - docker tag ${DOCKER_DEFAULT_TAGGING} ${DOCKER_IMAGE_NAME}:${CI_COMMIT_TAG}



docker-scan:

  stage: test-package

  extends: .docker

  allow_failure: true

  only:

    - branches

  except:

    - schedules

  script:

    - docker run -d --name db arminc/clair-db:latest

    - docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1

    - apk add -U wget ca-certificates

    - docker pull ${DOCKER_DEFAULT_TAGGING}

    - wget https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64

    - mv clair-scanner_linux_amd64 clair-scanner

    - chmod +x clair-scanner

    - touch clair-whitelist.yml

    - >

      ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-container-report.json -l clair.log

      -w clair-whitelist.yml ${DOCKER_DEFAULT_TAGGING} || true

  artifacts:

    paths: [gl-sast-container-report.json]