diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 95b4aa1e233e888cd90fc28c95b0502f906982e5..60b4edfc8a2a65a469087fdc75a330b53d6caea9 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,85 +1,31 @@ -# VARIABLES -variables: - DOCKER_BUILDKIT: 1 - DOCKER_DRIVER: overlay2 - DOCKER_HOST: tcp://localhost:2375 - DOCKER_TLS_CERTDIR: "" +include: + project: 'tools/continuous-integration/docker/docker-pure-trunk-latest' + file: 'gitlab-ci.yml' ########################################################################################################## ## PIPELINE DEFINITION stages: - - check - - build + - lint + - pack - test + - scan - release ########################################################################################################## -### COMMON SECTION -.common: &common - image: registry.cyberbrain.pw/docker/docker - services: - - registry.cyberbrain.pw/docker/dind - before_script: - - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $CI_REGISTRY - - function drr { (docker run --rm -v ${PWD}:${PWD} -w ${PWD} $@) } - - function git { (docker run -ti --rm -v ${HOME}:/root -v $(pwd):/git alpine/git "$@") } - -########################################################################################################## - -#### CHECK SECTION -check: - <<: *common - stage: check - variables: - GIT_DEPTH: 1 - script: - - drr registry.cyberbrain.pw/tools/linters/hadolint:latest hadolint --ignore DL3007 --ignore DL3018 --ignore SC2086 Dockerfile - -########################################################################################################## - -#### BUILD SECTION -build: - <<: *common - stage: build - variables: - GIT_DEPTH: 1 - script: - - docker pull "${CI_REGISTRY_IMAGE}:latest" || true - - echo "Runtime dependencies - [${DEPENDENCIES_RUNTIME}]" - - docker build --network host --cache-from "${CI_REGISTRY_IMAGE}:latest" -t "${CI_REGISTRY_IMAGE}:temp-${CI_PIPELINE_IID}" -f ./Dockerfile --build-arg DEPENDENCIES_RUNTIME="${DEPENDENCIES_RUNTIME}" . - - docker push "${CI_REGISTRY_IMAGE}:temp-$CI_PIPELINE_IID" - -########################################################################################################## - #### TEST SECTION test: - <<: *common + image: ${DOCKER_IMAGE} + services: + - ${DIND_IMAGE} stage: test variables: GIT_STRATEGY: "none" script: - - drr "${CI_REGISTRY_IMAGE}:temp-$CI_PIPELINE_IID" ansible --version - - drr "${CI_REGISTRY_IMAGE}:temp-$CI_PIPELINE_IID" ansible -m ping localhost - - drr "${CI_REGISTRY_IMAGE}:temp-$CI_PIPELINE_IID" ansible-lint --version - - drr "${CI_REGISTRY_IMAGE}:temp-$CI_PIPELINE_IID" ansible-lint . - -########################################################################################################## - -#### RELEASE SECTION -release: - <<: *common - stage: release - variables: - GIT_STRATEGY: "none" - only: - - /^trunk$/ - - /^staging$/ - - /^master$/ - script: - - export VERSION_OLD=temp-$CI_PIPELINE_IID - - export VERSION_NEW=$CI_COMMIT_REF_SLUG - - test $CI_COMMIT_REF_SLUG = "master" && { export VERSION_NEW=latest; } - - echo "Running [$VERSION_NEW] release from [$VERSION_OLD] build!" - - docker pull $CI_REGISTRY_IMAGE:$VERSION_OLD && ( docker tag $CI_REGISTRY_IMAGE:$VERSION_OLD $CI_REGISTRY_IMAGE:$VERSION_NEW && docker push $CI_REGISTRY_IMAGE:$VERSION_NEW ) || true + - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $CI_REGISTRY + - alias drr="docker run --rm -v \${PWD}:\${PWD} -w \${PWD}" + - drr "${CI_REGISTRY_IMAGE}:temp-${CI_COMMIT_SHORT_SHA}" ansible --version + - drr "${CI_REGISTRY_IMAGE}:temp-${CI_COMMIT_SHORT_SHA}" ansible -m ping localhost + - drr "${CI_REGISTRY_IMAGE}:temp-${CI_COMMIT_SHORT_SHA}" ansible-lint --version + - drr "${CI_REGISTRY_IMAGE}:temp-${CI_COMMIT_SHORT_SHA}" ansible-lint . diff --git a/Dockerfile b/Dockerfile index 0e7c7024b750b288f240c87119d1b225dbb62220..935b92850d75cfc429c718c5321fc0bc52ba4501 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,6 @@ FROM pipelinecomponents/ansible-lint:latest ENV LANG C.UTF-8 - -ARG DEPENDENCIES_RUNTIME -#ARG DEPENDENCIES_RUNTIME="git openssh-client rsync" -RUN apk add --no-cache ${DEPENDENCIES_RUNTIME} +RUN apk add --no-cache git git-lfs openssh-client rsync WORKDIR /opt/ansible