0.7.0

Added

• Added gcip.addon.container.job.trivy.scan_local_image to scan local container images of vulnerabilities.
• Added set_config_file_path method to DockerClientConfig.
• Return own instance on each method call for DockerClientConfig instances.
• Added Registry class to gcip.addons.container.registry module. It contains constants of Container registries.
• Added gcip.core.sequence.Sequence.initialize_artifacts_paths() and gcip.core.sequence.Sequence.override_artifacts_paths().
• Added defaulting to git tag or git branch for image_tag in crane.push.
• Added default DockerClientConfig in crane.push
• Added |tee to get dive output to stdout and to dive.txt. Updload dive.txt to GitLab artifacts store.
• Added |tee to get trivy output to stdout and to trivy.txt. Updload trivy.txt to GitLab artifacts store.
• Added new container sequence. Container sequence build, scans and pushes an container image.
• Added full API documentation of the gcip.core.job module.
• Added full API documentation of the gcip.core.pipeline module.
• Added full API documentation of the gcip.core.image module.
• Added full API documentation of the gcip.core.include module.
• Added documentation to the gcip.core.variables module.
• Added @properties to all public Job attributes.
• New addons: aws to allow receiving AWS account id and region.
• New gcip.addons.container.registries.Registry.AWS() allows getting an ECR URL to be used in pipeline.
• Added crane.pull() function to gcip.addons.container.crane.
• Added new gcip.addons.security.sops module and added sops_export_decrypted_values function to sops module.

Changed

• Normalize config_file_path in gcip.addons.container.config.DockerClientConfig
• Line length check in flake8 linter to 160.
• BREAKING Removed arguments from DockerClientConfig constructor to set config file path, use set_config_file_path of DockerClientConfig instance.
• BREAKING Removed custom docker client config from kaniko job.
  Added DockerClientConfig as a optional client configuration to kaniko job.
  Simplyfied function and sorted initialisation tests an actuall composing of job.
• BREAKING Removed custom docker client config from kaniko job.
  Added DockerClientConfig as a optional client configuration to kaniko job.
  Simplyfied function and sorted initialisation tests an actuall composing of job.
• BREAKING Moved all function arguments of crane.push function to be keyword arguments.
• BREAKING Renamed dst to dst_registry in crane.push function.
• BREAKING Renamed image_path to tar_path keyword argument to aligne with kaniko module.
• BREAKING Renamed dst and src to dst_registry and src_registry.
• BREAKING dive: Replace "/" with "_" in image_name. Image names contains namespaces which are separated by "/" to ensure image name is a file instead of a directory structure.
• BREAKING trivy: Replace "/" with "_" in image_name. Image names contains namespaces which are separated by "/" to ensure image name is a file instead of a directory structure.
• BREAKING Renamed gitlab_executor_image to kaniko_image in kaniko.execute(). Moved argument to last argument in function signature.
• kaniko: Replaced "/" with "_" to convert image namspaces to filename instead of directory structure assigne it to image_path.
• core.cache: Changed PredefinedVariable from CI_PROJECT_PATH to CI_PROJECT_DIR to ensure its the directory instead of the "namespace" of the git repository.
• BREAKING Changed docker hub registry entry in Registry class.
• BREAKING Renamed all occurences of namespace to stage. Because 'stage' is what the current 'stage' really expresses. You could try following commands to align your
  gcip code with this breaking change:

  LC_ALL=C find . -type f ! -path './.git/*' ! -path '*/__pycache__/*' -exec sed -i '' s/Stage/Stage/g {} +
  LC_ALL=C find . -type f ! -path './.git/*' ! -path '*/__pycache__/*' -exec sed -i '' s/stage/stage/g {} +
  

Removed

• Removed date call from dive job.
• Removed gcip.core.pipeline.Pipeline.dump_yaml() method. There is no need to print a pipeline to stdout. You should use gcip.core.pipeline.Pipeline.write_yaml() instead.
• Removed -v flag from from gcp.addons.python.jobs.pip_install_requirements()

Fixed

• Several linter issues has been fixed
• Fixed kaniko build in gitlabci-local.sh
• Kankio job's tar_path behavior fixed. If you specified tar_path in kaniko.execute(), the tar_path was added to the same line as the executor. Now it gets added to a item bevor execute.
• Fixed PredefinedImages entrypoints for GitLab CI runner.
• Fixed crane image, latest image does not have sh available. Using debug tag.

0.6.1

Changed

• PredefinedVariables return in all cases a proxy object, which calls os.environ or os.getenv as late as possible.
  This helps when overriding (monkeypatching) variables in pytestes.

0.6.0

Added

• Added config.yml to .github dir to force using issue templates.
• Added gitlab_ci_environment_variables monkeypatch fixture. It allows patching environment variables.
• Added gitlab_ci_environmnet_variables fixture to tests.
• The gcip is now able to detect if two or more jobs would have the same name in the rendered pipeline
  and raises an ValueError to prevent undesirable pipeline behavior.
• Added new addon to check container optimization with dive
• Improved conftest.check() function. It tells the user how to create comparison files if the file not found exception.
• Improved conftest.check() function. Now AssertionError is handled, the user will get receive how to update comparison files.
• Added new class PredefinedImages in gcip.addons.container. Allows access to container images, that are widley used.
• Added new class which handels docker client config and renders it to a json string.
• Added gcip.addon.container.job.crane to allow copying container images between registries.

Changed

• BREAKING Renamed all occurences of 'job*sequence' to 'sequence'. Mainly this renames
  gcip.core.job_sequence.JobSequence to gcip.core.sequence.Sequence.
• Changed behavior how PredefinedVariables is handling environment variables.
  PredefinedVariables knows which environment variables are always present or under certain circumstances,
  like merge requests or if GitLab container registry is present.
  Variables marked with limited availabilty within official documentation returns String or None.
  All variables which are documented as always present return String.
• If the gcip code is executed outside a pipeline ($CI is empty) then for all expected CI_* variables
  a dummy string is returned instead of raising a KeyError.
• The gcip.Pipeline has now an add_services() method instead add_service() allowing to pass multiple
  services at once.
• Now jobs with hardcoded images, now using PredefinedImages images instead.

publishing to pypi.org

This release should build and push the pypi package as "gcip" to pypi.org.

image tag patch

• prefer PredefinedVariables.CI_COMMIT_TAG as default docker image tag

use tags not starting with 'v'

To ease up the pipeline we now use semver release tags

proper docker image build for pipelines

The Docker image starts with CMD instead of ENTRYPOINT, such it is usable for pipelines.

Gitlab CI Python pipeline which publishes the gcip Docker image on Docker Hub

This Release mainly has a working Gitlab CI Pipeline which builds an publishes the gcip Library wrappend in a Docker Image on Docker Hub. The Pipeline is executed on a Gitlab Repository mirror. The Docker repository is thomass/gcip.

first public version

We are happy to open source this project from our organizations repository to Github. And here it is - the first usable version of the gcip to the public. We hope this library will make friends :)