Commit cb296835 authored by Pedro Eduardo Trujillo's avatar Pedro Eduardo Trujillo
Browse files

Reubica plantillas de packaging, retrocompatible

parent dc96d9b1

_docker-build.yml

+3 −81
Original line number Diff line number Diff line 
.docker-operations:

  extends: .docker-env

  image: ${DOCKER_BUILD_IMAGE_NAME}:${DOCKER_BUILD_IMAGE_TAG}

  variables:

    DOCKER_BUILD_IMAGE_NAME: pedroetb/docker-build

    DOCKER_BUILD_IMAGE_TAG: latest

    PACKAGED_IMAGE_NAME: ${CI_REGISTRY_IMAGE}/${CI_COMMIT_REF_SLUG}

    PACKAGED_IMAGE_TAG: ${CI_COMMIT_SHA}

    REGISTRY_URL: ${CI_REGISTRY}

    REGISTRY_USER: gitlab-ci-token

    REGISTRY_PASS: ${CI_JOB_TOKEN}

# Only for backward compatibility, migrate asap your project includes to templates included here!



.docker-build:

  extends: .docker-operations

  stage: package

  variables:

    NEW_COMPOSE_FILE_NAME: compose.tmpl.yaml:compose.dev.yaml

    OLD_COMPOSE_FILE_NAME: docker-compose.tmpl.yml:docker-compose.dev.yml

  before_script:

    - >

      for directory in ${COMPOSE_PROJECT_DIRECTORY:-build deploy .};

      do

        if [ -z ${COMPOSE_FILE_NAME} ];

        then

          firstNewComposeFile=$(echo "${NEW_COMPOSE_FILE_NAME}" | cut -d ':' -f 1);

          newSingleComposeFile=compose.yaml;

          firstOldComposeFile=$(echo "${OLD_COMPOSE_FILE_NAME}" | cut -d ':' -f 1);

          oldSingleComposeFile=docker-compose.yml;

          if [ -f ${directory}/${firstNewComposeFile} ];

          then

            echo "Detected '${directory}/${firstNewComposeFile}' compose file, nice!";

            composeFileName="${NEW_COMPOSE_FILE_NAME}";

          elif [ -f ${directory}/${newSingleComposeFile} ];

          then

            echo "Detected '${directory}/${newSingleComposeFile}' compose file, nice!";

            composeFileName="${newSingleComposeFile}";

          elif [ -f ${directory}/${firstOldComposeFile} ];

          then

            echo "Detected '${directory}/${firstOldComposeFile}' compose file (old naming)";

            composeFileName="${OLD_COMPOSE_FILE_NAME}";

          elif [ -f ${directory}/${oldSingleComposeFile} ];

          then

            echo "Detected '${directory}/${oldSingleComposeFile}' compose file (old naming)";

            composeFileName="${oldSingleComposeFile}";

          else

            echo "No compose file detected at '${directory}/'";

          fi;

          if [ ! -z ${composeFileName} ];

          then

            echo "Automatically set COMPOSE_FILE_NAME to '${composeFileName}' and COMPOSE_PROJECT_DIRECTORY to '${directory}'";

            export COMPOSE_FILE_NAME="${composeFileName}";

            export COMPOSE_PROJECT_DIRECTORY="${directory}";

            break;

          fi;

        fi;

      done;

      if [ -z ${COMPOSE_FILE_NAME} ];

      then

        echo "No compose file specified or detected, using docker-build default for COMPOSE_FILE_NAME";

      fi;

  script: build



.docker-tag:

  extends: .docker-operations

  stage: post-package

  dependencies: []

  variables:

    NEW_IMAGE_TAG: ${CI_COMMIT_TAG}



.docker-tag-gitlab:

  extends: .docker-tag

  script: tag ${PACKAGED_IMAGE_NAME}:${PACKAGED_IMAGE_TAG} ${CI_REGISTRY_IMAGE}:${NEW_IMAGE_TAG}



.docker-tag-dockerhub:

  extends: .docker-tag

  variables:

    SOURCE_IMAGE_NAME: ${CI_PROJECT_PATH}

    ROOT_NAME: ${DOCKER_HUB_ROOT}

    TARGET_REGISTRY_URL: docker.io

    TARGET_REGISTRY_USER: ${DOCKER_HUB_USER}

    TARGET_REGISTRY_PASS: ${DOCKER_HUB_PASS}

  script: tag ${PACKAGED_IMAGE_NAME}:${PACKAGED_IMAGE_TAG} $(flatten):${NEW_IMAGE_TAG}
 
include:

  - local: '/packaging-docker/_docker-build.yml'

_packaging.yml

+4 −56
Original line number Diff line number Diff line 
include:

  - template: Container-Scanning.gitlab-ci.yml



.docker-env:

  image: ${PACKAGING_IMAGE_NAME}:${PACKAGING_IMAGE_TAG}

  variables:

    PACKAGING_IMAGE_NAME: docker

    PACKAGING_IMAGE_TAG: latest

    DIND_IMAGE_NAME: docker

    DIND_IMAGE_TAG: dind

    DOCKER_HOST: tcp://docker:2375

    DOCKER_DRIVER: overlay2

  services:

    - ${DIND_IMAGE_NAME}:${DIND_IMAGE_TAG}

# Only for backward compatibility, migrate asap your project includes to templates included here!



lint-dockerfile:

  extends: .docker-env

  stage: pre-package

  dependencies: []

  variables:

    LINT_IMAGE_NAME: hadolint/hadolint

    LINT_IMAGE_TAG: latest

    DOCKERFILE_NAME: Dockerfile

  before_script:

    - >

      if [ -z "${DOCKERFILE_PATH}" ];

      then

        dockerfilePath=$(find -name "${DOCKERFILE_NAME}");

        if [ -f "${dockerfilePath}" ];

        then

          echo "Detected '${dockerfilePath}' Dockerfile, nice!";

          export DOCKERFILE_PATH="${dockerfilePath}";

        else

          echo "DOCKERFILE_PATH is undefined and Dockerfile with name '${DOCKERFILE_NAME}' not found in project!";

          exit 1;

        fi;

      fi;

  script:

    - docker run --rm -i ${LINT_IMAGE_NAME}:${LINT_IMAGE_TAG} < "${DOCKERFILE_PATH}";

  allow_failure: true

  rules:

    - if: $CI_MERGE_REQUEST_ID ||

          $CI_COMMIT_TAG ||

          $CI_PIPELINE_SOURCE == "schedule"

      when: never

    - if: $CI_COMMIT_BRANCH



container_scanning:

  stage: post-package

  rules:

    - if: $CONTAINER_SCANNING_DISABLED ||

          $CI_MERGE_REQUEST_ID ||

          $CI_COMMIT_TAG ||

          $CI_PIPELINE_SOURCE == "schedule"

      when: never

    - if: $CI_COMMIT_BRANCH &&

          $GITLAB_FEATURES =~ /\bcontainer_scanning\b/
 
include:

  - local: '/packaging-docker/dockerfile-linting.yml'

  - local: '/scanning/container-scanning.yml'

packaging-docker/_docker-build.yml

0 → 100644
+81 −0
Original line number Diff line number Diff line 
.docker-operations:

  image: ${DOCKER_BUILD_IMAGE_NAME}:${DOCKER_BUILD_IMAGE_TAG}

  variables:

    DOCKER_BUILD_IMAGE_NAME: pedroetb/docker-build

    DOCKER_BUILD_IMAGE_TAG: latest

    PACKAGED_IMAGE_NAME: ${CI_REGISTRY_IMAGE}/${CI_COMMIT_REF_SLUG}

    PACKAGED_IMAGE_TAG: ${CI_COMMIT_SHA}

    REGISTRY_URL: ${CI_REGISTRY}

    REGISTRY_USER: gitlab-ci-token

    REGISTRY_PASS: ${CI_JOB_TOKEN}



.docker-build:

  extends: .docker-operations

  stage: package

  variables:

    NEW_COMPOSE_FILE_NAME: compose.tmpl.yaml:compose.dev.yaml

    OLD_COMPOSE_FILE_NAME: docker-compose.tmpl.yml:docker-compose.dev.yml

  before_script:

    - >

      for directory in ${COMPOSE_PROJECT_DIRECTORY:-build deploy .};

      do

        if [ -z ${COMPOSE_FILE_NAME} ];

        then

          firstNewComposeFile=$(echo "${NEW_COMPOSE_FILE_NAME}" | cut -d ':' -f 1);

          newSingleComposeFile=compose.yaml;

          firstOldComposeFile=$(echo "${OLD_COMPOSE_FILE_NAME}" | cut -d ':' -f 1);

          oldSingleComposeFile=docker-compose.yml;

          if [ -f ${directory}/${firstNewComposeFile} ];

          then

            echo "Detected '${directory}/${firstNewComposeFile}' compose file, nice!";

            composeFileName="${NEW_COMPOSE_FILE_NAME}";

          elif [ -f ${directory}/${newSingleComposeFile} ];

          then

            echo "Detected '${directory}/${newSingleComposeFile}' compose file, nice!";

            composeFileName="${newSingleComposeFile}";

          elif [ -f ${directory}/${firstOldComposeFile} ];

          then

            echo "Detected '${directory}/${firstOldComposeFile}' compose file (old naming)";

            composeFileName="${OLD_COMPOSE_FILE_NAME}";

          elif [ -f ${directory}/${oldSingleComposeFile} ];

          then

            echo "Detected '${directory}/${oldSingleComposeFile}' compose file (old naming)";

            composeFileName="${oldSingleComposeFile}";

          else

            echo "No compose file detected at '${directory}/'";

          fi;

          if [ ! -z ${composeFileName} ];

          then

            echo "Automatically set COMPOSE_FILE_NAME to '${composeFileName}' and COMPOSE_PROJECT_DIRECTORY to '${directory}'";

            export COMPOSE_FILE_NAME="${composeFileName}";

            export COMPOSE_PROJECT_DIRECTORY="${directory}";

            break;

          fi;

        fi;

      done;

      if [ -z ${COMPOSE_FILE_NAME} ];

      then

        echo "No compose file specified or detected, using docker-build default for COMPOSE_FILE_NAME";

      fi;

  script: build



.docker-tag:

  extends: .docker-operations

  stage: post-package

  dependencies: []

  variables:

    NEW_IMAGE_TAG: ${CI_COMMIT_TAG}



.docker-tag-gitlab:

  extends: .docker-tag

  script: tag ${PACKAGED_IMAGE_NAME}:${PACKAGED_IMAGE_TAG} ${CI_REGISTRY_IMAGE}:${NEW_IMAGE_TAG}



.docker-tag-dockerhub:

  extends: .docker-tag

  variables:

    SOURCE_IMAGE_NAME: ${CI_PROJECT_PATH}

    ROOT_NAME: ${DOCKER_HUB_ROOT}

    TARGET_REGISTRY_URL: docker.io

    TARGET_REGISTRY_USER: ${DOCKER_HUB_USER}

    TARGET_REGISTRY_PASS: ${DOCKER_HUB_PASS}

  script: tag ${PACKAGED_IMAGE_NAME}:${PACKAGED_IMAGE_TAG} $(flatten):${NEW_IMAGE_TAG}

packaging-docker/docker-build.yml

0 → 100644
+52 −0
Original line number Diff line number Diff line 
include:

  - local: '/packaging-docker/dockerfile-linting.yml'

  - local: '/packaging-docker/_docker-build.yml'

  - local: '/scanning/container-scanning.yml'



docker-build-support-branch:

  extends: .docker-build

  variables:

    VERSION: ${CI_COMMIT_SHORT_SHA}

  rules:

    - if: $CI_MERGE_REQUEST_ID ||

          $CI_COMMIT_TAG ||

          $CI_PIPELINE_SOURCE == "schedule" ||

          $CI_COMMIT_BRANCH == "master" ||

          $CI_COMMIT_BRANCH == "main"

      when: never

    - if: $CI_COMMIT_BRANCH



docker-build-stable-branch:

  extends: .docker-build

  variables:

    VERSION: ${CI_COMMIT_SHORT_SHA}

  rules:

    - if: $CI_MERGE_REQUEST_ID ||

          $CI_COMMIT_TAG ||

          $CI_PIPELINE_SOURCE == "schedule"

      when: never

    - if: $CI_COMMIT_BRANCH == "master" ||

          $CI_COMMIT_BRANCH == "main"



docker-build-tag:

  extends: .docker-build

  variables:

    VERSION: ${CI_COMMIT_TAG}

  rules:

    - if: $CI_MERGE_REQUEST_ID ||

          $CI_PIPELINE_SOURCE == "schedule" ||

          $CI_COMMIT_BRANCH

      when: never

    - if: $CI_COMMIT_TAG



.docker-tag-context: &docker-tag-context

  rules:

    - if: $CI_COMMIT_TAG



docker-tag-gitlab:

  extends: .docker-tag-gitlab

  <<: *docker-tag-context



docker-tag-dockerhub:

  extends: .docker-tag-dockerhub

  <<: *docker-tag-context

packaging-docker/dockerfile-linting.yml

0 → 100644
+46 −0
Original line number Diff line number Diff line 
.docker-env:

  image: ${PACKAGING_IMAGE_NAME}:${PACKAGING_IMAGE_TAG}

  variables:

    PACKAGING_IMAGE_NAME: docker

    PACKAGING_IMAGE_TAG: latest

    DIND_IMAGE_NAME: docker

    DIND_IMAGE_TAG: dind

    DOCKER_HOST: tcp://docker:2375

    DOCKER_DRIVER: overlay2

  services:

    - ${DIND_IMAGE_NAME}:${DIND_IMAGE_TAG}



lint-dockerfile:

  extends: .docker-env

  stage: pre-package

  dependencies: []

  variables:

    LINT_IMAGE_NAME: hadolint/hadolint

    LINT_IMAGE_TAG: latest

    DOCKERFILE_NAME: Dockerfile

  before_script:

    - >

      # Find Dockerfile in depth automatically by file name

      if [ -z "${DOCKERFILE_PATH}" ];

      then

        dockerfilePath=$(find -name "${DOCKERFILE_NAME}");

        if [ -f "${dockerfilePath}" ];

        then

          echo "Detected '${dockerfilePath}' Dockerfile, nice!";

          export DOCKERFILE_PATH="${dockerfilePath}";

        else

          echo "DOCKERFILE_PATH is undefined and Dockerfile with name '${DOCKERFILE_NAME}' not found in project!";

          exit 1;

        fi;

      else

        echo "DOCKERFILE_PATH is defined, omitting automatic lookup";

      fi;

  script:

    - docker run --rm -i ${LINT_IMAGE_NAME}:${LINT_IMAGE_TAG} < "${DOCKERFILE_PATH}";

  allow_failure: true

  rules:

    - if: $CI_MERGE_REQUEST_ID ||

          $CI_COMMIT_TAG ||

          $CI_PIPELINE_SOURCE == "schedule"

      when: never

    - if: $CI_COMMIT_BRANCH