diff options
-rw-r--r-- | .gitlab-ci.yml | 273 | ||||
-rw-r--r-- | .gitlab/ci/docker-images.gitlab-ci.yml | 271 |
2 files changed, 272 insertions, 272 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 3330ba6a..349e9ed4 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -3,6 +3,7 @@ include: file: templates/merge_request_pipelines.yml - template: Security/Dependency-Scanning.gitlab-ci.yml - template: Security/SAST.gitlab-ci.yml + - local: .gitlab/ci/*.gitlab-ci.yml - project: 'gitlab-org/quality/pipeline-common' file: - '/ci/danger-review.yml' @@ -569,278 +570,6 @@ pages: expire_in: 1d ############################################### -# Docker images builds # -############################################### - -# -# Reuse some common commands -# -.docker_prepare: - extends: - - .retry - image: docker:20.10.8 - tags: - - gitlab-org-docker - services: - - docker:20.10.8-dind - before_script: - - docker info - - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY - variables: - DOCKER_TLS_CERTDIR: "/certs" - -# -# Build and deploy the GitLab Docs linting (Markdown) Docker image -# -image:docs-lint-markdown: - extends: - - .rules_scheduled_manual - - .docker_prepare - stage: build-images - variables: - IMAGE_NAME: $CI_REGISTRY_IMAGE/lint-markdown:alpine-$ALPINE_VERSION-vale-$VALE_VERSION-markdownlint-$MARKDOWNLINT_VERSION - DOCKERFILE: dockerfiles/gitlab-docs-lint-markdown.Dockerfile - script: - - docker build - --build-arg ALPINE_VERSION=${ALPINE_VERSION} - --build-arg VALE_VERSION=${VALE_VERSION} - --build-arg MARKDOWNLINT_VERSION=${MARKDOWNLINT_VERSION} - --tag $IMAGE_NAME - --file $DOCKERFILE . - - docker push $IMAGE_NAME - environment: - name: registry/docs-lint-markdown - -# -# Test the GitLab Docs linting (Markdown) Docker image if changes are made to its Dockerfile -# -test:image:docs-lint-markdown: - extends: - - .docker_prepare - stage: test - needs: [] - variables: - DOCKERFILE: dockerfiles/gitlab-docs-lint-markdown.Dockerfile - rules: - - if: $CI_PIPELINE_SOURCE == "merge_request_event" - changes: - - $DOCKERFILE - script: - - docker build - --build-arg ALPINE_VERSION=${ALPINE_VERSION} - --build-arg VALE_VERSION=${VALE_VERSION} - --build-arg MARKDOWNLINT_VERSION=${MARKDOWNLINT_VERSION} - --file $DOCKERFILE . - -# -# Build and deploy the GitLab Docs linting (HTML) Docker image -# -image:docs-lint-html: - extends: - - .rules_scheduled_manual - - .docker_prepare - stage: build-images - variables: - IMAGE_NAME: $CI_REGISTRY_IMAGE/lint-html:alpine-$ALPINE_VERSION-ruby-$RUBY_VERSION-$CI_COMMIT_SHORT_SHA - DOCKERFILE: dockerfiles/gitlab-docs-lint-html.Dockerfile - script: - - docker build - --build-arg RUBY_VERSION=${RUBY_VERSION} - --build-arg ALPINE_VERSION=${ALPINE_VERSION} - --tag $IMAGE_NAME - --file $DOCKERFILE . - - docker push $IMAGE_NAME - environment: - name: registry/docs-lint-html - -# -# Test the GitLab Docs linting (HTML) Docker image if changes are made to its Dockerfile -# -test:image:docs-lint-html: - extends: - - .docker_prepare - stage: test - needs: [] - variables: - DOCKERFILE: dockerfiles/gitlab-docs-lint-html.Dockerfile - rules: - - if: $CI_PIPELINE_SOURCE == "merge_request_event" - changes: - - $DOCKERFILE - script: - - docker build - --build-arg RUBY_VERSION=${RUBY_VERSION} - --build-arg ALPINE_VERSION=${ALPINE_VERSION} - --file $DOCKERFILE . - -# -# Build and deploy the GitLab Docs base Docker image -# -image:gitlab-docs-base: - extends: - - .rules_scheduled_manual - - .docker_prepare - stage: build-images - variables: - IMAGE_NAME: $CI_REGISTRY_IMAGE/base:alpine-$ALPINE_VERSION-ruby-$RUBY_VERSION-$CI_COMMIT_SHORT_SHA - DOCKERFILE: dockerfiles/gitlab-docs-base.Dockerfile - script: - - docker build - --build-arg ALPINE_VERSION=${ALPINE_VERSION} - --build-arg RUBY_VERSION=${RUBY_VERSION} - --tag $IMAGE_NAME - --file $DOCKERFILE . - - docker push $IMAGE_NAME - environment: - name: registry/docs-base - -# -# Test the GitLab docs base Docker image if changes are made to its Dockerfile -# -test:image:gitlab-docs-base: - extends: - - .docker_prepare - stage: test - needs: [] - variables: - IMAGE_NAME: $CI_REGISTRY_IMAGE/base:alpine-$ALPINE_VERSION-ruby-$RUBY_VERSION-$CI_COMMIT_SHORT_SHA - DOCKERFILE: dockerfiles/gitlab-docs-base.Dockerfile - rules: - - if: $CI_PIPELINE_SOURCE == "merge_request_event" - changes: - - $DOCKERFILE - script: - - docker build - --build-arg ALPINE_VERSION=${ALPINE_VERSION} - --build-arg RUBY_VERSION=${RUBY_VERSION} - --tag $IMAGE_NAME - --file $DOCKERFILE . - -# -# Helper Docker image containing all build dependencies. -# It must be rebuilt every time Gemfile and/or Gemfile.lock changes. -# -image:bootstrap: - extends: - - .rules_scheduled_manual - - .docker_prepare - stage: build-images - variables: - IMAGE_NAME: $CI_REGISTRY_IMAGE:bootstrap - DOCKERFILE: dockerfiles/bootstrap.Dockerfile - script: - - docker build -t $IMAGE_NAME -f $DOCKERFILE . - - docker push $IMAGE_NAME - environment: - name: registry/docs-bootstrap - -# -# Helper Docker image that builds the gitlab-docs website -# -image:builder-onbuild: - extends: - - .rules_scheduled_manual - - .docker_prepare - stage: build-images - variables: - IMAGE_NAME: $CI_REGISTRY_IMAGE:builder-onbuild - DOCKERFILE: dockerfiles/builder.onbuild.Dockerfile - script: - - docker build -t $IMAGE_NAME -f $DOCKERFILE . - - docker push $IMAGE_NAME - environment: - name: registry/builder-onbuild - -# -# Helper Docker image that copies the final HTML files in a smaller image -# (no rubygems included) -# -image:nginx-onbuild: - extends: - - .rules_scheduled_manual - - .docker_prepare - stage: build-images - variables: - IMAGE_NAME: $CI_REGISTRY_IMAGE:nginx-onbuild - DOCKERFILE: dockerfiles/nginx.onbuild.Dockerfile - script: - - docker build -t $IMAGE_NAME -f $DOCKERFILE . - - docker push $IMAGE_NAME - environment: - name: registry/nginx-onbuild - -# -# Final Docker image containing a single version -# It is based on single.Dockerfile for each branch -# -image:docs-single: - extends: - - .docker_prepare - stage: pre-deploy - artifacts: {} - cache: {} - dependencies: [] - variables: - NANOC_ENV: 'production' - IMAGE_NAME: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME - DOCKERFILE: $CI_COMMIT_REF_NAME.Dockerfile - environment: - name: registry/$CI_COMMIT_REF_SLUG - script: - - docker build --build-arg NANOC_ENV=${NANOC_ENV} --build-arg CI_COMMIT_REF_NAME=${CI_COMMIT_REF_NAME} -t $IMAGE_NAME -f $DOCKERFILE . - - docker push $IMAGE_NAME - # Only branches with versions like 10.4 - rules: - - if: '$CI_COMMIT_BRANCH =~ /^\d{1,2}\.\d{1,2}$/' - -# -# Test the GitLab docs single version Docker image if changes made to its Dockerfile -# -test:image:docs-single: - extends: - - .docker_prepare - stage: test - variables: - DOCKERFILE: dockerfiles/single.Dockerfile - MAJOR_VERSION_GITLAB: '15' - MINOR_VERSION_GITLAB: '0' - MAJOR_VERSION_CHARTS: '6' - MINOR_VERSION_CHARTS: '0' - needs: [] - rules: - - if: $CI_PIPELINE_SOURCE == "merge_request_event" - changes: - - $DOCKERFILE - script: - # Update template with version numbers - - sed -i "s/X\.Y/${MAJOR_VERSION_GITLAB}\.${MINOR_VERSION_GITLAB}/" $DOCKERFILE - - sed -i "s/X-Y/${MAJOR_VERSION_GITLAB}-${MINOR_VERSION_GITLAB}/" $DOCKERFILE - - sed -i "s/W-Z/${MAJOR_VERSION_CHARTS}-${MINOR_VERSION_CHARTS}/" $DOCKERFILE - # Build the image - - docker build --file $DOCKERFILE . - -# -# Build master containing the online archives and latest docs (on schedules) -# -image:docs-latest: - extends: - - .rules_scheduled_manual - - .docker_prepare - stage: build-images - artifacts: {} - cache: {} - dependencies: [] - variables: - NANOC_ENV: 'production' - IMAGE_NAME: $CI_REGISTRY_IMAGE:latest - DOCKERFILE: latest.Dockerfile - environment: - name: registry/latest - script: - - docker build --build-arg NANOC_ENV=${NANOC_ENV} --build-arg CI_COMMIT_REF_NAME=${CI_COMMIT_REF_NAME} -t $IMAGE_NAME -f $DOCKERFILE . - - docker push $IMAGE_NAME - -############################################### # Security # ############################################### diff --git a/.gitlab/ci/docker-images.gitlab-ci.yml b/.gitlab/ci/docker-images.gitlab-ci.yml new file mode 100644 index 00000000..9263b7d5 --- /dev/null +++ b/.gitlab/ci/docker-images.gitlab-ci.yml @@ -0,0 +1,271 @@ +############################################### +# Docker images builds # +############################################### + +# +# Reuse some common commands +# +.docker_prepare: + extends: + - .retry + image: docker:20.10.8 + tags: + - gitlab-org-docker + services: + - docker:20.10.8-dind + before_script: + - docker info + - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY + variables: + DOCKER_TLS_CERTDIR: "/certs" + +# +# Build and deploy the GitLab Docs linting (Markdown) Docker image +# +image:docs-lint-markdown: + extends: + - .rules_scheduled_manual + - .docker_prepare + stage: build-images + variables: + IMAGE_NAME: $CI_REGISTRY_IMAGE/lint-markdown:alpine-$ALPINE_VERSION-vale-$VALE_VERSION-markdownlint-$MARKDOWNLINT_VERSION + DOCKERFILE: dockerfiles/gitlab-docs-lint-markdown.Dockerfile + script: + - docker build + --build-arg ALPINE_VERSION=${ALPINE_VERSION} + --build-arg VALE_VERSION=${VALE_VERSION} + --build-arg MARKDOWNLINT_VERSION=${MARKDOWNLINT_VERSION} + --tag $IMAGE_NAME + --file $DOCKERFILE . + - docker push $IMAGE_NAME + environment: + name: registry/docs-lint-markdown + +# +# Test the GitLab Docs linting (Markdown) Docker image if changes are made to its Dockerfile +# +test:image:docs-lint-markdown: + extends: + - .docker_prepare + stage: test + needs: [] + variables: + DOCKERFILE: dockerfiles/gitlab-docs-lint-markdown.Dockerfile + rules: + - if: $CI_PIPELINE_SOURCE == "merge_request_event" + changes: + - $DOCKERFILE + script: + - docker build + --build-arg ALPINE_VERSION=${ALPINE_VERSION} + --build-arg VALE_VERSION=${VALE_VERSION} + --build-arg MARKDOWNLINT_VERSION=${MARKDOWNLINT_VERSION} + --file $DOCKERFILE . + +# +# Build and deploy the GitLab Docs linting (HTML) Docker image +# +image:docs-lint-html: + extends: + - .rules_scheduled_manual + - .docker_prepare + stage: build-images + variables: + IMAGE_NAME: $CI_REGISTRY_IMAGE/lint-html:alpine-$ALPINE_VERSION-ruby-$RUBY_VERSION-$CI_COMMIT_SHORT_SHA + DOCKERFILE: dockerfiles/gitlab-docs-lint-html.Dockerfile + script: + - docker build + --build-arg RUBY_VERSION=${RUBY_VERSION} + --build-arg ALPINE_VERSION=${ALPINE_VERSION} + --tag $IMAGE_NAME + --file $DOCKERFILE . + - docker push $IMAGE_NAME + environment: + name: registry/docs-lint-html + +# +# Test the GitLab Docs linting (HTML) Docker image if changes are made to its Dockerfile +# +test:image:docs-lint-html: + extends: + - .docker_prepare + stage: test + needs: [] + variables: + DOCKERFILE: dockerfiles/gitlab-docs-lint-html.Dockerfile + rules: + - if: $CI_PIPELINE_SOURCE == "merge_request_event" + changes: + - $DOCKERFILE + script: + - docker build + --build-arg RUBY_VERSION=${RUBY_VERSION} + --build-arg ALPINE_VERSION=${ALPINE_VERSION} + --file $DOCKERFILE . + +# +# Build and deploy the GitLab Docs base Docker image +# +image:gitlab-docs-base: + extends: + - .rules_scheduled_manual + - .docker_prepare + stage: build-images + variables: + IMAGE_NAME: $CI_REGISTRY_IMAGE/base:alpine-$ALPINE_VERSION-ruby-$RUBY_VERSION-$CI_COMMIT_SHORT_SHA + DOCKERFILE: dockerfiles/gitlab-docs-base.Dockerfile + script: + - docker build + --build-arg ALPINE_VERSION=${ALPINE_VERSION} + --build-arg RUBY_VERSION=${RUBY_VERSION} + --tag $IMAGE_NAME + --file $DOCKERFILE . + - docker push $IMAGE_NAME + environment: + name: registry/docs-base + +# +# Test the GitLab docs base Docker image if changes are made to its Dockerfile +# +test:image:gitlab-docs-base: + extends: + - .docker_prepare + stage: test + needs: [] + variables: + IMAGE_NAME: $CI_REGISTRY_IMAGE/base:alpine-$ALPINE_VERSION-ruby-$RUBY_VERSION-$CI_COMMIT_SHORT_SHA + DOCKERFILE: dockerfiles/gitlab-docs-base.Dockerfile + rules: + - if: $CI_PIPELINE_SOURCE == "merge_request_event" + changes: + - $DOCKERFILE + script: + - docker build + --build-arg ALPINE_VERSION=${ALPINE_VERSION} + --build-arg RUBY_VERSION=${RUBY_VERSION} + --tag $IMAGE_NAME + --file $DOCKERFILE . + +# +# Helper Docker image containing all build dependencies. +# It must be rebuilt every time Gemfile and/or Gemfile.lock changes. +# +image:bootstrap: + extends: + - .rules_scheduled_manual + - .docker_prepare + stage: build-images + variables: + IMAGE_NAME: $CI_REGISTRY_IMAGE:bootstrap + DOCKERFILE: dockerfiles/bootstrap.Dockerfile + script: + - docker build -t $IMAGE_NAME -f $DOCKERFILE . + - docker push $IMAGE_NAME + environment: + name: registry/docs-bootstrap + +# +# Helper Docker image that builds the gitlab-docs website +# +image:builder-onbuild: + extends: + - .rules_scheduled_manual + - .docker_prepare + stage: build-images + variables: + IMAGE_NAME: $CI_REGISTRY_IMAGE:builder-onbuild + DOCKERFILE: dockerfiles/builder.onbuild.Dockerfile + script: + - docker build -t $IMAGE_NAME -f $DOCKERFILE . + - docker push $IMAGE_NAME + environment: + name: registry/builder-onbuild + +# +# Helper Docker image that copies the final HTML files in a smaller image +# (no rubygems included) +# +image:nginx-onbuild: + extends: + - .rules_scheduled_manual + - .docker_prepare + stage: build-images + variables: + IMAGE_NAME: $CI_REGISTRY_IMAGE:nginx-onbuild + DOCKERFILE: dockerfiles/nginx.onbuild.Dockerfile + script: + - docker build -t $IMAGE_NAME -f $DOCKERFILE . + - docker push $IMAGE_NAME + environment: + name: registry/nginx-onbuild + +# +# Final Docker image containing a single version +# It is based on single.Dockerfile for each branch +# +image:docs-single: + extends: + - .docker_prepare + stage: pre-deploy + artifacts: {} + cache: {} + dependencies: [] + variables: + NANOC_ENV: 'production' + IMAGE_NAME: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME + DOCKERFILE: $CI_COMMIT_REF_NAME.Dockerfile + environment: + name: registry/$CI_COMMIT_REF_SLUG + script: + - docker build --build-arg NANOC_ENV=${NANOC_ENV} --build-arg CI_COMMIT_REF_NAME=${CI_COMMIT_REF_NAME} -t $IMAGE_NAME -f $DOCKERFILE . + - docker push $IMAGE_NAME + # Only branches with versions like 10.4 + rules: + - if: '$CI_COMMIT_BRANCH =~ /^\d{1,2}\.\d{1,2}$/' + +# +# Test the GitLab docs single version Docker image if changes made to its Dockerfile +# +test:image:docs-single: + extends: + - .docker_prepare + stage: test + variables: + DOCKERFILE: dockerfiles/single.Dockerfile + MAJOR_VERSION_GITLAB: '15' + MINOR_VERSION_GITLAB: '0' + MAJOR_VERSION_CHARTS: '6' + MINOR_VERSION_CHARTS: '0' + needs: [] + rules: + - if: $CI_PIPELINE_SOURCE == "merge_request_event" + changes: + - $DOCKERFILE + script: + # Update template with version numbers + - sed -i "s/X\.Y/${MAJOR_VERSION_GITLAB}\.${MINOR_VERSION_GITLAB}/" $DOCKERFILE + - sed -i "s/X-Y/${MAJOR_VERSION_GITLAB}-${MINOR_VERSION_GITLAB}/" $DOCKERFILE + - sed -i "s/W-Z/${MAJOR_VERSION_CHARTS}-${MINOR_VERSION_CHARTS}/" $DOCKERFILE + # Build the image + - docker build --file $DOCKERFILE . + +# +# Build master containing the online archives and latest docs (on schedules) +# +image:docs-latest: + extends: + - .rules_scheduled_manual + - .docker_prepare + stage: build-images + artifacts: {} + cache: {} + dependencies: [] + variables: + NANOC_ENV: 'production' + IMAGE_NAME: $CI_REGISTRY_IMAGE:latest + DOCKERFILE: latest.Dockerfile + environment: + name: registry/latest + script: + - docker build --build-arg NANOC_ENV=${NANOC_ENV} --build-arg CI_COMMIT_REF_NAME=${CI_COMMIT_REF_NAME} -t $IMAGE_NAME -f $DOCKERFILE . + - docker push $IMAGE_NAME |