forked from dperson/samba
-
Notifications
You must be signed in to change notification settings - Fork 3
/
.gitlab-ci.yml
138 lines (127 loc) · 4.87 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
# following instructions in https://docs.gitlab.com/ee/ci/docker/using_kaniko.html
# kaniko docs: https://github.com/GoogleContainerTools/kaniko
default:
image:
name: gcr.io/kaniko-project/executor:v1.8.1-debug
entrypoint: [""]
tags:
- ord1-tenant
workflow:
rules:
- if: $CI_COMMIT_TAG
when: never
- if: '$CI_PIPELINE_SOURCE == "push" || $CI_PIPELINE_SOURCE == "web" || $CI_PIPELINE_SOURCE == "pipeline" || $CI_COMMIT_REF_NAME == "master"'
when: always
variables:
# kaniko caching docs: https://cloud.google.com/build/docs/kaniko-cache
# KANIKO_CACHE_HOST: "kaniko-cache-docker-registry.kaniko.svc"
# KANIKO_CACHE_PORT: "5000"
# KANIKO_CACHE_PROXY: "http://193.25.126.17:3128"
KANIKO_CACHE_REGISTRY: "${KANIKO_CACHE_HOST}:${KANIKO_CACHE_PORT}"
KANIKO_CACHE_REPO: "${KANIKO_CACHE_REGISTRY}/${CI_PROJECT_PATH}/cache"
KANIKO_PUSH_RETRY: "5"
.build_with_kaniko: &kaniko #Hidden job to use as an "extends" template
before_script:
- |
echo "Build triggered by $CI_PIPELINE_SOURCE"
mkdir -p /kaniko/.docker
echo "{\"auths\":{\"${CI_REGISTRY}\":{\"auth\":\"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
script:
- |
echo "Building and shipping image to $KANIKO_IMAGE"
#Build date for opencontainers
BUILDDATE="'$(date '+%FT%T%z' | sed -E -n 's/(\+[0-9]{2})([0-9]{2})$/\1:\2/p')'" #rfc 3339 date
IMAGE_LABELS="$KANIKO_IMAGE_LABELS --label org.opencontainers.image.created=$BUILDDATE --label build-date=$BUILDDATE"
ADDITIONALTAGLIST="$ADDITIONALTAGLIST $KANIKO_TAGS"
if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]] && [[ "$KANIKO_IMAGE" == "$CI_REGISTRY_IMAGE" ]]; then ADDITIONALTAGLIST="$ADDITIONALTAGLIST latest"; fi
if [[ -n "$ADDITIONALTAGLIST" ]]; then
for TAG in $ADDITIONALTAGLIST; do
FORMATTEDTAGLIST="${FORMATTEDTAGLIST} --tag $KANIKO_IMAGE:$TAG ";
done;
fi
#Reformat Docker tags to kaniko's --destination argument:
FORMATTEDTAGLIST=$(echo "${FORMATTEDTAGLIST}" | sed s/\-\-tag/\-\-destination/g)
- |
echo "Building image with kaniko:"
echo " --context=${KANIKO_CONTEXT}"
echo " --dockerfile=${KANIKO_DOCKERFILE}"
echo " ${KANIKO_ARGS}"
echo " ${FORMATTEDTAGLIST}"
echo " ${IMAGE_LABELS}"
- >-
HTTP_PROXY=${KANIKO_CACHE_PROXY}
NO_PROXY=${KANIKO_CACHE_HOST}
/kaniko/executor
--context ${KANIKO_CONTEXT}
--dockerfile ${KANIKO_DOCKERFILE}
${KANIKO_ARGS}
${FORMATTEDTAGLIST}
${IMAGE_LABELS}
.variables: &variables
KANIKO_CONTEXT: "${CI_PROJECT_DIR}"
KANIKO_DOCKERFILE: "${CI_PROJECT_DIR}/Dockerfile"
KANIKO_IMAGE: $CI_REGISTRY_IMAGE
KANIKO_TAGS: $CI_COMMIT_REF_SLUG-$PROJECT_VERSION-$DISTRO_IMAGE-$DISTRO_TAG $CI_COMMIT_SHORT_SHA-$PROJECT_VERSION-$DISTRO_IMAGE-$DISTRO_TAG
KANIKO_ARGS: >-
--cache=true
--cache-copy-layers=true
--cache-repo=${KANIKO_CACHE_REPO}
--cache-ttl=24h
--insecure
--log-timestamp
--push-retry=${KANIKO_PUSH_RETRY}
--skip-tls-verify
--snapshotMode=redo
--reproducible=true
--verbosity=${KANIKO_VERBOSITY}
--build-arg PROJECT_VERSION=$PROJECT_VERSION
--build-arg DISTRO_IMAGE=$DISTRO_IMAGE
--build-arg DISTRO_TAG=$DISTRO_TAG
KANIKO_IMAGE_LABELS: >-
--label org.opencontainers.image.vendor=$CI_SERVER_URL/$CI_PROJECT_NAMESPACE
--label org.opencontainers.image.authors=$CI_SERVER_URL/$CI_PROJECT_NAMESPACE
--label org.opencontainers.image.revision=$CI_COMMIT_SHA
--label org.opencontainers.image.source=$CI_PROJECT_URL
--label org.opencontainers.image.documentation=$CI_PROJECT_URL
--label org.opencontainers.image.licenses=$CI_PROJECT_URL
--label org.opencontainers.image.url=$CI_PROJECT_URL
--label vcs-url=$CI_PROJECT_URL
--label com.gitlab.ci.user=$CI_SERVER_URL/$GITLAB_USER_LOGIN
--label com.gitlab.ci.email=$GITLAB_USER_EMAIL
--label com.gitlab.ci.tagorbranch=$CI_COMMIT_REF_SLUG
--label com.gitlab.ci.pipelineurl=$CI_PIPELINE_URL
--label com.gitlab.ci.commiturl=$CI_PROJECT_URL/commit/$CI_COMMIT_SHA
--label com.gitlab.ci.cijoburl=$CI_JOB_URL
--label com.gitlab.ci.mrurl=$CI_PROJECT_URL/-/merge_requests/$CI_MERGE_REQUEST_ID
stages:
- build
- tag
build-samba-alpine:
<<: *kaniko
stage: build
rules:
- if: '$CI_COMMIT_REF_NAME != "master"'
when: manual
- if: '$CI_COMMIT_BRANCH == "master"'
when: always
variables:
<<: *variables
PROJECT_VERSION: 4.18.4-r0
DISTRO_IMAGE: alpine
DISTRO_TAG: edge
generate-release-version-tag:
needs: [build-samba-alpine]
image: node:16
stage: tag
tags:
- ord1-tenant
rules:
- if: '$CI_COMMIT_BRANCH == "master"'
before_script:
- npm install
script:
- CI_JOB_TOKEN=$CI_JOB_TOKEN npx semantic-release
artifacts:
expire_in: 1 day
paths:
- artifacts.env