Trunk

# VARIABLES

variables:

  DOCKER_BUILDKIT: 1

  DOCKER_DRIVER: overlay2

  DOCKER_HOST: tcp://localhost:2375

  DOCKER_TLS_CERTDIR: ""

include:

  project: 'tools/continuous-integration/docker/docker-pure-trunk-latest'

  file: 'gitlab-ci.yml'

##########################################################################################################

## PIPELINE DEFINITION

stages:

  - check

  - build

  - lint

  - pack

  - test

  - scan

  - release

##########################################################################################################

### COMMON SECTION

.common: &common

  image: registry.cyberbrain.pw/docker/docker

  services:

    - registry.cyberbrain.pw/docker/dind

  before_script:

    - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $CI_REGISTRY

    - function drr { (docker run --rm -v ${PWD}:${PWD} -w ${PWD} $@) }

    - function git { (docker run -ti --rm -v ${HOME}:/root -v $(pwd):/git alpine/git "$@") }

##########################################################################################################

#### CHECK SECTION

check:

  <<: *common

  stage: check

  variables:

    GIT_DEPTH: 1

  script:

    - drr registry.cyberbrain.pw/tools/linters/hadolint:latest hadolint --ignore DL3007 --ignore DL3018 --ignore SC2086 Dockerfile

##########################################################################################################

#### BUILD SECTION

build:

  <<: *common

  stage: build

  variables:

    GIT_DEPTH: 1

  script:

    - docker pull "${CI_REGISTRY_IMAGE}:latest" || true

    - echo "Runtime dependencies - [${DEPENDENCIES_RUNTIME}]"

    - docker build --network host --cache-from "${CI_REGISTRY_IMAGE}:latest" -t "${CI_REGISTRY_IMAGE}:temp-${CI_PIPELINE_IID}" -f ./Dockerfile --build-arg DEPENDENCIES_RUNTIME="${DEPENDENCIES_RUNTIME}" .

    - docker push "${CI_REGISTRY_IMAGE}:temp-$CI_PIPELINE_IID"

##########################################################################################################

#### TEST SECTION

test:

  <<: *common

  image: ${DOCKER_IMAGE}

  services:

    - ${DIND_IMAGE}

  stage: test

  variables:

    GIT_STRATEGY: "none"

  script:

    - drr "${CI_REGISTRY_IMAGE}:temp-$CI_PIPELINE_IID" ansible --version

    - drr "${CI_REGISTRY_IMAGE}:temp-$CI_PIPELINE_IID" ansible -m ping localhost

    - drr "${CI_REGISTRY_IMAGE}:temp-$CI_PIPELINE_IID" ansible-lint --version

    - drr "${CI_REGISTRY_IMAGE}:temp-$CI_PIPELINE_IID" ansible-lint .

##########################################################################################################

#### RELEASE SECTION

release:

  <<: *common

  stage: release

  variables:

    GIT_STRATEGY: "none"

  only:

    - /^trunk$/

    - /^staging$/

    - /^master$/

  script:

    - export VERSION_OLD=temp-$CI_PIPELINE_IID

    - export VERSION_NEW=$CI_COMMIT_REF_SLUG

    - test $CI_COMMIT_REF_SLUG = "master" && { export VERSION_NEW=latest; }

    - echo "Running [$VERSION_NEW] release from [$VERSION_OLD] build!"

    - docker pull $CI_REGISTRY_IMAGE:$VERSION_OLD && ( docker tag $CI_REGISTRY_IMAGE:$VERSION_OLD $CI_REGISTRY_IMAGE:$VERSION_NEW && docker push $CI_REGISTRY_IMAGE:$VERSION_NEW ) || true

    - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $CI_REGISTRY

    - alias drr="docker run --rm -v \${PWD}:\${PWD} -w \${PWD}"

    - drr "${CI_REGISTRY_IMAGE}:temp-${CI_COMMIT_SHORT_SHA}" ansible --version

    - drr "${CI_REGISTRY_IMAGE}:temp-${CI_COMMIT_SHORT_SHA}" ansible -m ping localhost

    - drr "${CI_REGISTRY_IMAGE}:temp-${CI_COMMIT_SHORT_SHA}" ansible-lint --version

    - drr "${CI_REGISTRY_IMAGE}:temp-${CI_COMMIT_SHORT_SHA}" ansible-lint .

FROM pipelinecomponents/ansible-lint:latest

ENV LANG C.UTF-8

ARG DEPENDENCIES_RUNTIME

#ARG DEPENDENCIES_RUNTIME="git openssh-client rsync"

RUN apk add --no-cache ${DEPENDENCIES_RUNTIME}

RUN apk add --no-cache git git-lfs openssh-client rsync

WORKDIR /opt/ansible