Prepara versión inicial

*

stages:

  - package

  - test-package

  - deploy

variables:

  DOCKER_DRIVER: overlay2

services:

  - docker:dind

docker-build-commit-non-master-branches:

  stage: package

  image: docker:stable

  variables:

    FLUENTD_VERSION: '1.3'

    ES_PLUGIN_VERSION: '2.12.1'

  only:

    - branches

  except:

    - master

  script:

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - >

      docker build --build-arg FLUENTD_VERSION=${FLUENTD_VERSION} --build-arg ES_PLUGIN_VERSION=${ES_PLUGIN_VERSION}

      -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_REF_NAME}-latest .

    - docker push ${CI_REGISTRY_IMAGE}

docker-build-commit-master-branch:

  stage: package

  image: docker:stable

  variables:

    FLUENTD_VERSION: '1.3'

    ES_PLUGIN_VERSION: '2.12.1'

  only:

    - master

  script:

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - >

      docker build --build-arg FLUENTD_VERSION=${FLUENTD_VERSION} --build-arg ES_PLUGIN_VERSION=${ES_PLUGIN_VERSION}

      -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} -t ${CI_REGISTRY_IMAGE}:latest .

    - docker push ${CI_REGISTRY_IMAGE}

docker-tag-already-built-image:

  stage: package

  only:

    - tags

  script:

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - docker pull ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA}

    - docker tag ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} ${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG}

    - docker push ${CI_REGISTRY_IMAGE}

container-scanning:

  stage: test-package

  image: docker:stable

  allow_failure: true

  only:

    - branches

  script:

    - docker run -d --name db arminc/clair-db:latest

    - docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1

    - apk add -U wget ca-certificates

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - docker pull ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA}

    - wget https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64

    - mv clair-scanner_linux_amd64 clair-scanner

    - chmod +x clair-scanner

    - touch clair-whitelist.yml

    - >

      ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-container-report.json -l clair.log

      -w clair-whitelist.yml ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} || true

  artifacts:

    paths: [gl-sast-container-report.json]

deploy-supporting-branch-develop:

  stage: deploy

  image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest

  variables:

    SSH_REMOTE: ${DEV_SSH_REMOTE}

    STACK: log

    SERVICES_TO_CHECK: log_${CI_PROJECT_NAME}

    IMAGE_NAME: ${CI_REGISTRY_IMAGE}

    IMAGE_TAG: ${CI_COMMIT_SHA}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml

  script:

    - deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

  environment:

    name: dev

  only:

    - branches

  except:

    - master

  when: manual

deploy-stable-branch-develop:

  stage: deploy

  image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest

  variables:

    SSH_REMOTE: ${DEV_SSH_REMOTE}

    STACK: log

    SERVICES_TO_CHECK: log_${CI_PROJECT_NAME}

    IMAGE_NAME: ${CI_REGISTRY_IMAGE}

    IMAGE_TAG: ${CI_COMMIT_SHA}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml

  script:

    - deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

  environment:

    name: dev

  only:

    - master

  when: manual

deploy-supporting-branch-production:

  stage: deploy

  image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest

  variables:

    SSH_REMOTE: ${PRO_SSH_REMOTE}

    STACK: log

    SERVICES_TO_CHECK: log_${CI_PROJECT_NAME}

    IMAGE_NAME: ${CI_REGISTRY_IMAGE}

    IMAGE_TAG: ${CI_COMMIT_SHA}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml

  script:

    - deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

  environment:

    name: pro

  only:

    - branches

  except:

    - master

  when: manual

deploy-stable-branch-production:

  stage: deploy

  image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest

  variables:

    SSH_REMOTE: ${PRO_SSH_REMOTE}

    STACK: log

    SERVICES_TO_CHECK: log_${CI_PROJECT_NAME}

    IMAGE_NAME: ${CI_REGISTRY_IMAGE}

    IMAGE_TAG: ${CI_COMMIT_SHA}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml

  script:

    - deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

  environment:

    name: pro

  only:

    - master

  when: manual

ARG FLUENTD_VERSION=1.3

FROM fluent/fluentd:v${FLUENTD_VERSION}

LABEL maintainer="info@redmic.es"

ARG ES_PLUGIN_VERSION=2.12.1

RUN apk add --update --virtual .build-deps \

	sudo build-base ruby-dev && \

	sudo gem install \

		fluent-plugin-elasticsearch --no-rdoc --no-ri --version ${ES_PLUGIN_VERSION} && \

	sudo gem sources --clear-all && \

	apk del .build-deps && \

	rm -rf \

		/var/cache/apk/* \

		/home/fluent/.gem/ruby/2.5.0/cache/*.gem

<source>

	@type forward

	port 24224

	bind 0.0.0.0

</source>

<match *.**>

	@type copy

	<store>

		@type elasticsearch

		host es-1

		port 9200

		index_name fluentd

		type_name fluentd

		logstash_format true

		logstash_prefix fluentd

		logstash_dateformat %Y%m%d

		include_tag_key true

		tag_key @log_name

		flush_interval 1s

	</store>

	<store>

		@type stdout

	</store>

</match>