-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
125 lines (117 loc) · 5.47 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
include:
- file: /Scan/trivy.yml
project: jitesoft/gitlab-ci-lib
stages:
- build
- containerize
- scan
- notify
build:alpine:
parallel:
matrix:
- { ARCH: "arm64", GOARCH: "arm64", GO111MODULE: "auto" }
- { ARCH: "amd64", GOARCH: "amd64", GO111MODULE: "auto" }
stage: build
image: registry.gitlab.com/jitesoft/dockerfiles/go:latest
before_script:
- export GO15VENDOREXPERIMENT=1
- apk add --no-cache grep wget gcc curl libstdc++ build-base binutils-gold jq
- mkdir binaries
- mkdir out
- VERSION=$(wget -qO- https://api.github.com/repos/keybase/client/releases | jq -r ".[].tag_name" | awk 'NR==1{print $1}')
- DL_URI=$(wget -qO- https://api.github.com/repos/keybase/client/releases | jq -r ".[].tarball_url" | awk 'NR==1{print $1}')
- echo ${VERSION} > binaries/version.txt
script:
- mkdir -p ${GOPATH}/src/github.com/keybase/client
- curl -L "${DL_URI}" -o /tmp/keybase.tar.gz
- tar -xzf /tmp/keybase.tar.gz -C "${GOPATH}/src/github.com/keybase/client" --strip-components=1
- BUILDMODE="-buildmode=pie"
- cd out
- go build -v -a -ldflags "-linkmode external -extldflags '-static' -s -w" ${BUILDMODE} -tags production github.com/keybase/client/go/keybase
- go build -v -a -ldflags "-linkmode external -extldflags '-static' -s -w" ${BUILDMODE} -tags production github.com/keybase/client/go/kbfs/redirector
- go build -v -a -ldflags "-linkmode external -extldflags '-static' -s -w" ${BUILDMODE} -tags production github.com/keybase/client/go/kbfs/kbfsfuse
- cd ${CI_PROJECT_DIR}
- cp Alpine/entrypoint out/
- $(cd out && tar -czf ${CI_PROJECT_DIR}/binaries/keybase-${ARCH}.tar.gz *)
artifacts:
paths:
- binaries
expire_in: 3 hours
build:ubuntu:
parallel:
matrix:
- { ARCH: "arm64", GOARCH: "arm64", GO111MODULE: "auto" }
- { ARCH: "amd64", GOARCH: "amd64", GO111MODULE: "auto" }
stage: build
image: registry.gitlab.com/jitesoft/dockerfiles/go/ubuntu:latest
before_script:
- export GO15VENDOREXPERIMENT=1
- apt-get update
- apt-get install -y curl tar gcc wget
- mkdir binaries
- mkdir out
- VERSION=$(wget -qO- https://api.github.com/repos/keybase/client/releases | jq -r ".[].tag_name" | awk 'NR==1{print $1}')
- DL_URI=$(wget -qO- https://api.github.com/repos/keybase/client/releases | jq -r ".[].tarball_url" | awk 'NR==1{print $1}')
- echo ${VERSION} > binaries/version.txt
script:
- mkdir -p ${GOPATH}/src/github.com/keybase/client
- curl -L "${DL_URI}" -o /tmp/keybase.tar.gz
- tar -xzf /tmp/keybase.tar.gz -C "${GOPATH}/src/github.com/keybase/client" --strip-components=1
- BUILDMODE="-buildmode=pie"
- cd out
- go build -v -a -ldflags "-linkmode external -extldflags '-static' -s -w" ${BUILDMODE} -tags production github.com/keybase/client/go/keybase
- go build -v -a -ldflags "-linkmode external -extldflags '-static' -s -w" ${BUILDMODE} -tags production github.com/keybase/client/go/kbfs/redirector
- go build -v -a -ldflags "-linkmode external -extldflags '-static' -s -w" ${BUILDMODE} -tags production github.com/keybase/client/go/kbfs/kbfsfuse
- cd ${CI_PROJECT_DIR}
- cp Ubuntu/entrypoint out/
- $(cd out && tar -czf ${CI_PROJECT_DIR}/binaries/keybase-${ARCH}.tar.gz *)
artifacts:
paths:
- binaries
expire_in: 3 hours
containerize:ubuntu:
stage: containerize
image: registry.gitlab.com/jitesoft/dockerfiles/misc:latest
variables:
DOCKER_BUILDKIT: 1
script:
- VERSION=$(cat binaries/version.txt)
- TAG_LIST=$(helper "${CI_REGISTRY_IMAGE}" "latest,${VERSION}")
- TAG_LIST="$(helper "jitesoft/keybase,ghcr.io/jitesoft/keybase" "latest,${VERSION}") ${TAG_LIST}"
- docker buildx build --platform "linux/amd64,linux/arm64" --build-arg VERSION="${VERSION}" -f Ubuntu/Dockerfile --progress plain --push ${TAG_LIST} .
- docker pull ${CI_REGISTRY_IMAGE}:latest
- helper multitag ${CI_REGISTRY_IMAGE}:latest quay.io/jitesoft/keybase:latest quay.io/jitesoft/keybase:${VERSION}
- helper multipush quay.io/jitesoft/keybase:latest quay.io/jitesoft/keybase:${VERSION}
tags: [ jitesoft, protected, buildx ]
containerize:alpine:
stage: containerize
image: registry.gitlab.com/jitesoft/dockerfiles/misc:latest
variables:
DOCKER_BUILDKIT: 1
script:
- VERSION=$(cat binaries/version.txt)
- TAG_LIST=$(helper "${CI_REGISTRY_IMAGE}/alpine" "latest,${VERSION}")
- TAG_LIST="$(helper "jitesoft/keybase,ghcr.io/jitesoft/keybase" "latest-alpine,${VERSION}-alpine") ${TAG_LIST}"
- docker buildx build --platform "linux/amd64,linux/arm64" --build-arg VERSION="${VERSION}" -f Alpine/Dockerfile --progress plain --push ${TAG_LIST} .
- docker pull ${CI_REGISTRY_IMAGE}/alpine:latest
- helper multitag ${CI_REGISTRY_IMAGE}/alpine:latest quay.io/jitesoft/keybase:alpine-latest quay.io/jitesoft/keybase:alpine-${VERSION}
- helper multipush quay.io/jitesoft/keybase:alpine-latest quay.io/jitesoft/keybase:alpine-${VERSION}
tags: [ jitesoft, protected, buildx ]
scan:
extends: .container_scanning
variables:
SCANNING_IMAGE_NAME: "${CI_REGISTRY_IMAGE}:latest"
scan:alpine:
extends: .container_scanning
variables:
SCANNING_IMAGE_NAME: "${CI_REGISTRY_IMAGE}/alpine:latest"
trigger_build:
image: registry.gitlab.com/jitesoft/dockerfiles/alpine:latest
stage: notify
before_script:
- apk add --no-cache curl
script:
- curl -X POST -F token=${NOTIFY_TOKEN} -F ref=master https://gitlab.com/api/v4/projects/14119338/trigger/pipeline
only:
refs:
- master