initial release

.github/workflows/main.yml

@@ -0,0 +1,51 @@
+name: build-and-release
+
+on:
+  push:
+    # not not consider simplec commit
+    branches:
+      - '!*'
+    # consider only release and pre-release tags
+    tags:
+      - 'v[0-9]+.[0-9]+.[0-9]+'
+      - 'v[0-9]+.[0-9]+.[0-9]+-rc[0-9]+'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: create bosh release
+        id: create-bosh-release
+        uses: orange-cloudfoundry/bosh-release-action@v1
+        if: success() && startsWith(github.ref, 'refs/tags/')
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          AWS_BOSH_ACCES_KEY_ID: ${{ secrets.AWS_BOSH_ACCES_KEY_ID }}
+          AWS_BOSH_SECRET_ACCES_KEY: ${{ secrets.AWS_BOSH_SECRET_ACCES_KEY }}
+
+      - name: create github release
+        id: create-github-release
+        if: success() && startsWith(github.ref, 'refs/tags/')
+        uses: actions/create-release@v1
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: ${{ github.ref }}
+          body: "cutting release ${{ steps.create-bosh-release.outputs.version }}"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: upload-assets
+        id: upload-release-asset
+        uses: actions/upload-release-asset@v1
+        with:
+          upload_url: ${{ steps.create-github-release.outputs.upload_url }}
+          asset_path: ./${{ steps.create-bosh-release.outputs.file }}
+          asset_name: ${{ steps.create-bosh-release.outputs.file }}
+          asset_content_type: application/zip
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -0,0 +1,20 @@
+config/dev.yml
+config/private.yml
+releases/*.tgz
+dev_releases
+blobs
+.blobs
+.dev_builds
+.idea
+.final_builds/jobs/**/*.tgz
+.final_builds/packages/**/*.tgz
+releases/**/*.tgz
+.DS_Store
+tmp
+*.swp
+*.tgz
+*.zip
+*~
+*#
+#*
+*.tar.gz

config/blobs.yml

@@ -0,0 +1,4 @@
+gitlab-runner-linux-amd64:
+  size: 56352065
+  object_id: 5ba1641b-b07e-435b-7da1-410e0cd17027
+  sha: sha256:746e207db9fed447fa280c8946a77b907a6f1c0dd90bd206b2e47e1c74580e24

config/final.yml

@@ -0,0 +1,5 @@
+name: gitlab-runner
+blobstore:
+  provider: s3
+  options:
+    bucket_name: orange-dfy-bosh-dev-releases

jobs/gitlab-runner/monit

@@ -0,0 +1,5 @@
+check process gitlab-runner
+  with pidfile   /var/vcap/sys/run/bpm/gitlab-runner/gitlab-runner.pid
+  start program "/var/vcap/jobs/bpm/bin/bpm start gitlab-runner"
+  stop program  "/var/vcap/jobs/bpm/bin/bpm stop  gitlab-runner"
+  group vcap

jobs/gitlab-runner/spec

@@ -0,0 +1,44 @@
+---
+name: gitlab-runner
+
+templates:
+  bpm.yml: config/bpm.yml
+  pre-start: bin/pre-start
+  drain: bin/drain
+
+packages:
+  - gitlab-runner
+
+properties:
+  runner.name:
+    description: Name of the runner as it will appear in Gitlab
+  runner.tags:
+    description: Array of runner tags
+  runner.registration.url:
+    description: URL of Gitlab server to register
+  runner.registration.token:
+    description: Registration token as provided by Gitlab
+  runner.executor:
+    description: Executor used to run builds
+    default: docker
+  runner.docker_image:
+    description: Base image for docker executor
+    default: ubuntu:20.04
+  runner.docker_host:
+    description: Host when using docker executor
+    default: unix:///var/vcap/sys/run/docker/docker.sock
+  runner.docker_privileged:
+    description: Should runner run in privileged mode for docker executor
+    default: true
+  runner.concurent:
+    description: Number of concurent builds
+    default: 10
+  runner.append_index:
+    description: Whether to append the instance group index to the runner name
+    default: false
+  env.http_proxy:
+    description: "HTTP proxy to use"
+  env.https_proxy:
+    description: "HTTPS proxy to use"
+  env.no_proxy:
+    description: "List of comma-separated hosts that should skip connecting to the proxy"

jobs/gitlab-runner/templates/bpm.yml

@@ -0,0 +1,24 @@
+processes:
+  - name: gitlab-runner
+    executable: /var/vcap/packages/gitlab-runner/bin/gitlab-runner
+    env:
+      http_proxy: "<%= p('env.http_proxy', '') %>"
+      https_proxy: "<%= p('env.https_proxy', '') %>"
+      no_proxy: "<%= p('env.no_proxy', '') %>"
+    args:
+      - run
+      - --config
+      - /var/vcap/store/gitlab-runner/config.toml
+      - --working-directory
+      - /var/vcap/store/gitlab-runner
+      - --user
+      - vcap
+    limits:
+      open_files: 1048576
+    persistent_disk: true
+    ephemeral_disk: true
+<% if p('runner.executor') == "docker" then -%>
+    additional_volumes:
+    - path: /var/vcap/sys/run/docker/docker.sock
+      writable: true
+<% end -%>

jobs/gitlab-runner/templates/drain

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+set -e
+
+STORE_DIR=/var/vcap/store/gitlab-runner
+
+<% if_p('env.http_proxy') do | proxy | -%>
+export http_proxy=<%= proxy %>
+<% end -%>
+<% if_p('env.https_proxy') do | proxy | -%>
+export https_proxy=<%= proxy %>
+<% end -%>
+<% if_p('env.no_proxy') do | proxy | -%>
+export no_proxy=<%= proxy %>
+<% end -%>
+
+/var/vcap/packages/gitlab-runner/bin/gitlab-runner unregister \
+  --config ${STORE_DIR}/config.toml \
+  --all-runners
+
+rm -f ${STORE_DIR}/config.toml
+
+echo 0 # sleep for zero seconds

jobs/gitlab-runner/templates/pre-start

@@ -0,0 +1,48 @@
+#!/bin/bash
+
+set -e
+
+STORE_DIR=/var/vcap/store/gitlab-runner
+BUILD_DIR=${STORE_DIR}/builds
+CACHE_DIR=${STORE_DIR}/cache
+
+mkdir -p $BUILD_DIR $CACHE_DIR
+chown -R vcap:vcap ${STORE_DIR}
+
+RUNNER_NAME="<%= p('runner.name') %><% if p("runner.append_index") -%>-<%= spec.index %><% end -%>"
+
+
+<% if_p('env.http_proxy') do | proxy | -%>
+export http_proxy=<%= proxy %>
+<% end -%>
+<% if_p('env.https_proxy') do | proxy | -%>
+export https_proxy=<%= proxy %>
+<% end -%>
+<% if_p('env.no_proxy') do | proxy | -%>
+export no_proxy=<%= proxy %>
+<% end -%>
+
+runuser -u vcap -- /var/vcap/packages/gitlab-runner/bin/gitlab-runner register \
+  --non-interactive \
+  --config ${STORE_DIR}/config.toml \
+  --name ${RUNNER_NAME} \
+  --executor "<%= p('runner.executor') %>" \
+<% if p('runner.executor') == "docker" then -%>
+  <% if p('runner.docker_privileged') then -%>
+  --docker-privileged \
+  <% end -%>
+  --docker-image <%= p('runner.docker_image') %> \
+  --docker-host <%= p('runner.docker_host') %> \
+<% end -%>
+  --url "<%= p('runner.registration.url') %>" \
+<% if_p('runner.tags') do | tags | -%>
+  --tag-list <%= tags.join(',') %> \
+<% end -%>
+  --builds-dir ${BUILD_DIR} \
+  --cache-dir ${CACHE_DIR} \
+  --env http_proxy="<%= p('env.http_proxy', '') %>" \
+  --env https_proxy="<%= p('env.https_proxy', '') %>" \
+  --env no_proxy="<%= p('env.no_proxy', '') %>" \
+  --registration-token <%= p('runner.registration.token') %>
+
+sed -i -e "s/concurrent *=.*/concurrent = <%= p('runner.concurent') %>/g" /var/vcap/store/gitlab-runner/config.toml

manifests/gitlab-runner.yml

@@ -0,0 +1,72 @@
+- type: replace
+  path: /releases/-
+  value:
+    name: docker
+    version: latest
+
+- type: replace
+  path: /releases/-
+  value:
+    name: gitlab-runner
+    version: latest
+
+- type: replace
+  path: /instance_groups/-
+  value:
+    name: gitlab-runner
+    instances: 1
+    azs: [z1,z2,z3]
+    jobs:
+    - name: bpm
+      release: bpm
+    - name: docker
+      release: docker
+      properties:
+        tcp_address: 0.0.0.0
+        tls_cacert: "((docker-tls.ca))"
+        tls_cert: "((docker-tls.certificate))"
+        tls_key: "((docker-tls.private_key))"
+        env:
+          http_proxy: ((http_proxy))
+          https_proxy: ((https_proxy))
+          no_proxy: ((no_proxy_str))
+    - name: gitlab-runner
+      release: gitlab-runner
+      properties:
+        runner:
+          name: wampaas
+          tags:
+            - wampaas
+          registration:
+            url: ((gitlab_url))
+            token: ((gitlab_runner_token))
+        env:
+          http_proxy: ((http_proxy))
+          https_proxy: ((https_proxy))
+          no_proxy: ((no_proxy_str))
+    networks:
+    - default: [dns,gateway]
+      name: default
+    stemcell: default
+    persistent_disk_type: 50GB
+    vm_type: large
+
+- type: replace
+  path: /variables/-
+  value:
+    name: docker-ca
+    type: certificate
+    options:
+      is_ca: true
+      common_name: dockerCA
+
+- type: replace
+  path: /variables/-
+  value:
+    name: docker-tls
+    type: certificate
+    options:
+      ca: docker-ca
+      common_name: docker
+      extended_key_usage:
+        - client_auth

packages/gitlab-runner/packaging

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+set -e
+
+mkdir -p ${BOSH_INSTALL_TARGET}/bin
+
+install gitlab-runner-linux-amd64 ${BOSH_INSTALL_TARGET}/bin/gitlab-runner

packages/gitlab-runner/spec

@@ -0,0 +1,7 @@
+---
+name: gitlab-runner
+
+dependencies: []
+
+files:
+  - gitlab-runner-linux-amd64