workspaces-images/ci-scripts/gitlab-ci.template

253 lines
6.4 KiB
Plaintext
Raw Normal View History

############
# Settings #
############
image: docker:24.0.6
services:
- docker:24.0.6-dind
stages:
- readme
- revert
- build
- test
- manifest
variables:
BASE_TAG: "{{ BASE_TAG }}"
USE_PRIVATE_IMAGES: {{ USE_PRIVATE_IMAGES }}
KASM_RELEASE: "{{ KASM_RELEASE }}"
DOCKER_HOST: tcp://docker:2375
DOCKER_TLS_CERTDIR: ""
TEST_INSTALLER: "{{ TEST_INSTALLER }}"
before_script:
- docker login --username $DOCKER_HUB_USERNAME --password $DOCKER_HUB_PASSWORD
- export SANITIZED_BRANCH="$(echo $CI_COMMIT_REF_NAME | sed -r 's#^release/##' | sed 's/\//_/g')"
- export BASE_TAG="{{ BASE_TAG }}"
###############################################
# Build Containers and push to cache endpoint #
###############################################
{% for IMAGE in multiImages %}
build_{{ IMAGE.name }}:
stage: build
script:
- apk add bash
- bash ci-scripts/build.sh "{{ IMAGE.name }}" "{{ IMAGE.base }}" "{{ IMAGE.dockerfile }}"
{% if FILE_LIMITS %}only:
changes:
{% for FILE in files %}- {{ FILE }}
{% endfor %}{% for FILE in IMAGE.changeFiles %}- {{ FILE }}
{% endfor %}{% endif %}
except:
variables:
- $README_USERNAME
- $README_PASSWORD
- $DOCKERHUB_REVERT
- $REVERT_IS_ROLLING
tags:
- ${TAG}
retry: 1
parallel:
matrix:
- TAG: [ oci-fixed-amd, oci-fixed-arm ]
{% endfor %}
{% for IMAGE in singleImages %}
build_{{ IMAGE.name }}:
stage: build
script:
- apk add bash
- bash ci-scripts/build.sh "{{ IMAGE.name }}" "{{ IMAGE.base }}" "{{ IMAGE.dockerfile }}"
{% if FILE_LIMITS %}only:
changes:
{% for FILE in files %}- {{ FILE }}
{% endfor %}{% for FILE in IMAGE.changeFiles %}- {{ FILE }}
{% endfor %}{% endif %}
except:
variables:
- $README_USERNAME
- $README_PASSWORD
- $DOCKERHUB_REVERT
- $REVERT_IS_ROLLING
tags:
- oci-fixed-amd
retry: 1
{% endfor %}
######################################
# Test containers and upload results #
######################################
{% for IMAGE in multiImages %}
test_{{ IMAGE.name }}:
stage: test
when: always
script:
- apk add bash
- bash ci-scripts/test.sh "{{ IMAGE.name }}" "{{ IMAGE.base }}" "{{ IMAGE.dockerfile }}" "${ARCH}" "${EC2_LAUNCHER_ID}" "${EC2_LAUNCHER_SECRET}"
{% if FILE_LIMITS %}only:
changes:
{% for FILE in files %}- {{ FILE }}
{% endfor %}{% for FILE in IMAGE.changeFiles %}- {{ FILE }}
{% endfor %}{% endif %}
except:
variables:
- $README_USERNAME
- $README_PASSWORD
- $DOCKERHUB_REVERT
- $REVERT_IS_ROLLING
needs:
- build_{{ IMAGE.name }}
when: on_success
tags:
- oci-fixed-amd
retry: 1
parallel:
matrix:
- ARCH: [ "x86_64", "aarch64" ]
{% endfor %}
{% for IMAGE in singleImages %}
test_{{ IMAGE.name }}:
stage: test
when: always
script:
- apk add bash
- bash ci-scripts/test.sh "{{ IMAGE.name }}" "{{ IMAGE.base }}" "{{ IMAGE.dockerfile }}" "x86_64" "${EC2_LAUNCHER_ID}" "${EC2_LAUNCHER_SECRET}"
{% if FILE_LIMITS %}only:
changes:
{% for FILE in files %}- {{ FILE }}
{% endfor %}{% for FILE in IMAGE.changeFiles %}- {{ FILE }}
{% endfor %}{% endif %}
except:
variables:
- $README_USERNAME
- $README_PASSWORD
- $DOCKERHUB_REVERT
- $REVERT_IS_ROLLING
needs:
- build_{{ IMAGE.name }}
when: on_success
tags:
- oci-fixed-amd
retry: 1
{% endfor %}
############################################
# Manifest Containers if their test passed #
############################################
{% for IMAGE in multiImages %}
manifest_{{ IMAGE.name }}:
stage: manifest
when: always
variables:
SCHEDULED: "{{ SCHEDULED }}"
SCHEDULE_NAME: "{{ SCHEDULE_NAME }}"
script:
- apk add bash tar
- bash ci-scripts/manifest.sh "{{ IMAGE.name }}" "multi"{% if IMAGE.singleapp %}
- bash ci-scripts/app-layer.sh "{{ IMAGE.name }}" "multi" "{{ IMAGE.base }}"{% endif %}
{% if FILE_LIMITS %}only:
changes:
{% for FILE in files %}- {{ FILE }}
{% endfor %}{% for FILE in IMAGE.changeFiles %}- {{ FILE }}
{% endfor %}{% endif %}
except:
variables:
- $README_USERNAME
- $README_PASSWORD
- $DOCKERHUB_REVERT
- $REVERT_IS_ROLLING
needs:
- test_{{ IMAGE.name }}
when: on_success
tags:
- oci-fixed-amd
{% endfor %}
{% for IMAGE in singleImages %}
manifest_{{ IMAGE.name }}:
stage: manifest
when: always
variables:
SCHEDULED: "{{ SCHEDULED }}"
SCHEDULE_NAME: "{{ SCHEDULE_NAME }}"
script:
- apk add bash tar
- bash ci-scripts/manifest.sh "{{ IMAGE.name }}" "single"{% if IMAGE.singleapp %}
- bash ci-scripts/app-layer.sh "{{ IMAGE.name }}" "single" "{{ IMAGE.base }}"{% endif %}
{% if FILE_LIMITS %}only:
changes:
{% for FILE in files %}- {{ FILE }}
{% endfor %}{% for FILE in IMAGE.changeFiles %}- {{ FILE }}
{% endfor %}{% endif %}
except:
variables:
- $README_USERNAME
- $README_PASSWORD
- $DOCKERHUB_REVERT
- $REVERT_IS_ROLLING
needs:
- test_{{ IMAGE.name }}
when: on_success
tags:
- oci-fixed-amd
{% endfor %}
####################
# Helper Functions #
####################
## Update Readmes ##
{% for IMAGE in multiImages %}
update_readmes_{{ IMAGE.name }}:
stage: readme
script:
- apk add bash
- bash ci-scripts/readme.sh "{{ IMAGE.name }}"
only:
variables:
- $README_USERNAME
- $README_PASSWORD
tags:
- oci-fixed-amd
{% endfor %}
{% for IMAGE in singleImages %}
update_readmes_{{ IMAGE.name }}:
stage: readme
script:
- apk add bash
- bash ci-scripts/readme.sh "{{ IMAGE.name }}"
only:
variables:
- $README_USERNAME
- $README_PASSWORD
tags:
- oci-fixed-amd
{% endfor %}
## Revert Images to specific build id ##
{% for IMAGE in multiImages %}
dockerhub_revert_{{ IMAGE.name }}:
stage: revert
script:
- /bin/bash ci-scripts/manifest.sh "{{ IMAGE.name }}" "multi" "${DOCKERHUB_REVERT}" "${REVERT_IS_ROLLING}"
only:
variables:
- $DOCKERHUB_REVERT
- $REVERT_IS_ROLLING
tags:
- oci-fixed-amd
{% endfor %}
{% for IMAGE in singleImages %}
dockerhub_revert_{{ IMAGE.name }}:
stage: revert
script:
- /bin/bash ci-scripts/manifest.sh "{{ IMAGE.name }}" "single" "${DOCKERHUB_REVERT}" "${REVERT_IS_ROLLING}"
only:
variables:
- $DOCKERHUB_REVERT
- $REVERT_IS_ROLLING
tags:
- oci-fixed-amd
{% endfor %}