Loading .dockerignoredeleted 100644 → 0 +0 −1 Original line number Diff line number Diff line * .gitlab-ci.yml +24 −69 Original line number Diff line number Diff line stages: - package - test-package - deploy - maintenance services: - docker:dind variables: DOCKER_DRIVER: overlay2 DOCKER_VERSION: '18.09.0' PARENT_IMAGE_TAG: latest STACK: maintenance SERVICES_TO_CHECK: maintenance_${CI_PROJECT_NAME} IMAGE_NAME: ${CI_REGISTRY_IMAGE} IMAGE_TAG: ${CI_COMMIT_SHA} docker-build-commit-non-master-branches: stage: package image: docker:stable only: - branches except: - master script: - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY} - > docker build --build-arg PARENT_IMAGE_NAME=${PARENT_IMAGE_NAME} -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_REF_NAME}-latest . - docker push ${CI_REGISTRY_IMAGE} docker-build-commit-master-branch: stage: package image: docker:stable only: - master script: - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY} - > docker build --build-arg PARENT_IMAGE_NAME=${PARENT_IMAGE_NAME} -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} -t ${CI_REGISTRY_IMAGE}:latest . - docker push ${CI_REGISTRY_IMAGE} docker-tag-already-built-image: stage: package image: docker:stable only: - tags script: - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY} - docker pull ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} - docker tag ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} ${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG} - docker push ${CI_REGISTRY_IMAGE} container-scanning: stage: test-package image: docker:stable allow_failure: true only: - branches script: - docker run -d --name db arminc/clair-db:latest - docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1 - apk add -U wget ca-certificates - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY} - docker pull ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} - wget https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 - mv clair-scanner_linux_amd64 clair-scanner - chmod +x clair-scanner - touch clair-whitelist.yml - > ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-container-report.json -l clair.log -w clair-whitelist.yml ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} || true artifacts: paths: [gl-sast-container-report.json] IMAGE_TAG: latest deploy-supporting-branch-develop: stage: deploy Loading @@ -81,7 +18,7 @@ deploy-supporting-branch-develop: SSH_REMOTE: ${DEV_SSH_REMOTE} COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml script: - deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} - deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} environment: name: dev only: Loading @@ -97,7 +34,7 @@ deploy-stable-branch-develop: SSH_REMOTE: ${DEV_SSH_REMOTE} COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml script: - deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} - deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} environment: name: dev only: Loading @@ -111,7 +48,7 @@ deploy-supporting-branch-production: SSH_REMOTE: ${PRO_SSH_REMOTE} COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml script: - deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} - deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} environment: name: pro only: Loading @@ -127,9 +64,27 @@ deploy-stable-branch-production: SSH_REMOTE: ${PRO_SSH_REMOTE} COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml script: - deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} - deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} environment: name: pro only: - master when: manual scheduled-run-stable-branch-develop: stage: maintenance variables: SSH_REMOTE: ${DEV_SSH_REMOTE} SERVICE: ${STACK}_${CI_PROJECT_NAME} script: relaunch.sh only: - schedules scheduled-run-stable-branch-production: stage: maintenance variables: SSH_REMOTE: ${PRO_SSH_REMOTE} SERVICE: ${STACK}_${CI_PROJECT_NAME} script: relaunch.sh only: - schedules Dockerfiledeleted 100644 → 0 +0 −5 Original line number Diff line number Diff line ARG PARENT_IMAGE_TAG="latest" FROM spotify/docker-gc:${PARENT_IMAGE_TAG} LABEL maintainer="info@redmic.es" deploy/.env +2 −1 Original line number Diff line number Diff line GRACE_PERIOD_SECONDS=172800 MINIMUM_IMAGES_TO_SAVE=2 REMOVE_ASSOCIATED_VOLUME=0 EXCLUDE_DEAD=1 EXCLUDE_DEAD=0 DRY_RUN=0 deploy/docker-compose.tmpl.yml +4 −3 Original line number Diff line number Diff line Loading @@ -2,12 +2,13 @@ version: '3.5' services: docker-gc: image: ${IMAGE_NAME}:${IMAGE_TAG:-latest} image: ${IMAGE_NAME:-spotify/docker-gc}:${IMAGE_TAG:-latest} environment: GRACE_PERIOD_SECONDS: MINIMUM_IMAGES_TO_SAVE: REMOVE_ASSOCIATED_VOLUME: EXCLUDE_DEAD: DRY_RUN: volumes: - /var/run/docker.sock:/var/run/docker.sock configs: Loading @@ -28,9 +29,9 @@ services: resources: limits: cpus: '0.1' memory: 64M memory: 32M reservations: memory: 52M memory: 16M configs: exclude-gc-image: Loading Loading
.gitlab-ci.yml +24 −69 Original line number Diff line number Diff line stages: - package - test-package - deploy - maintenance services: - docker:dind variables: DOCKER_DRIVER: overlay2 DOCKER_VERSION: '18.09.0' PARENT_IMAGE_TAG: latest STACK: maintenance SERVICES_TO_CHECK: maintenance_${CI_PROJECT_NAME} IMAGE_NAME: ${CI_REGISTRY_IMAGE} IMAGE_TAG: ${CI_COMMIT_SHA} docker-build-commit-non-master-branches: stage: package image: docker:stable only: - branches except: - master script: - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY} - > docker build --build-arg PARENT_IMAGE_NAME=${PARENT_IMAGE_NAME} -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_REF_NAME}-latest . - docker push ${CI_REGISTRY_IMAGE} docker-build-commit-master-branch: stage: package image: docker:stable only: - master script: - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY} - > docker build --build-arg PARENT_IMAGE_NAME=${PARENT_IMAGE_NAME} -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} -t ${CI_REGISTRY_IMAGE}:latest . - docker push ${CI_REGISTRY_IMAGE} docker-tag-already-built-image: stage: package image: docker:stable only: - tags script: - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY} - docker pull ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} - docker tag ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} ${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG} - docker push ${CI_REGISTRY_IMAGE} container-scanning: stage: test-package image: docker:stable allow_failure: true only: - branches script: - docker run -d --name db arminc/clair-db:latest - docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1 - apk add -U wget ca-certificates - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY} - docker pull ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} - wget https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 - mv clair-scanner_linux_amd64 clair-scanner - chmod +x clair-scanner - touch clair-whitelist.yml - > ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-container-report.json -l clair.log -w clair-whitelist.yml ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} || true artifacts: paths: [gl-sast-container-report.json] IMAGE_TAG: latest deploy-supporting-branch-develop: stage: deploy Loading @@ -81,7 +18,7 @@ deploy-supporting-branch-develop: SSH_REMOTE: ${DEV_SSH_REMOTE} COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml script: - deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} - deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} environment: name: dev only: Loading @@ -97,7 +34,7 @@ deploy-stable-branch-develop: SSH_REMOTE: ${DEV_SSH_REMOTE} COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml script: - deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} - deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} environment: name: dev only: Loading @@ -111,7 +48,7 @@ deploy-supporting-branch-production: SSH_REMOTE: ${PRO_SSH_REMOTE} COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml script: - deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} - deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} environment: name: pro only: Loading @@ -127,9 +64,27 @@ deploy-stable-branch-production: SSH_REMOTE: ${PRO_SSH_REMOTE} COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml script: - deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} - deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} environment: name: pro only: - master when: manual scheduled-run-stable-branch-develop: stage: maintenance variables: SSH_REMOTE: ${DEV_SSH_REMOTE} SERVICE: ${STACK}_${CI_PROJECT_NAME} script: relaunch.sh only: - schedules scheduled-run-stable-branch-production: stage: maintenance variables: SSH_REMOTE: ${PRO_SSH_REMOTE} SERVICE: ${STACK}_${CI_PROJECT_NAME} script: relaunch.sh only: - schedules
Dockerfiledeleted 100644 → 0 +0 −5 Original line number Diff line number Diff line ARG PARENT_IMAGE_TAG="latest" FROM spotify/docker-gc:${PARENT_IMAGE_TAG} LABEL maintainer="info@redmic.es"
deploy/.env +2 −1 Original line number Diff line number Diff line GRACE_PERIOD_SECONDS=172800 MINIMUM_IMAGES_TO_SAVE=2 REMOVE_ASSOCIATED_VOLUME=0 EXCLUDE_DEAD=1 EXCLUDE_DEAD=0 DRY_RUN=0
deploy/docker-compose.tmpl.yml +4 −3 Original line number Diff line number Diff line Loading @@ -2,12 +2,13 @@ version: '3.5' services: docker-gc: image: ${IMAGE_NAME}:${IMAGE_TAG:-latest} image: ${IMAGE_NAME:-spotify/docker-gc}:${IMAGE_TAG:-latest} environment: GRACE_PERIOD_SECONDS: MINIMUM_IMAGES_TO_SAVE: REMOVE_ASSOCIATED_VOLUME: EXCLUDE_DEAD: DRY_RUN: volumes: - /var/run/docker.sock:/var/run/docker.sock configs: Loading @@ -28,9 +29,9 @@ services: resources: limits: cpus: '0.1' memory: 64M memory: 32M reservations: memory: 52M memory: 16M configs: exclude-gc-image: Loading
