diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index efae57e75707e3c04433bc05ccf2d327b1305bb1..783fd31aab5fa3377e9283210f491582f804d8dc 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,6 +1,15 @@ +# variables in the GitLab CI/CD variables: + # GITLAB_TOKEN to support the semantic-release + # SONAR_TOKEN to support the sonar + # SONAR_HOST_URL to support the sonar + # CI_REGISTRY_USER to support the docker registry + # CI_REGISTRY_PASSWORD to support the docker registry + # DOCKER_AUTH_CONFIG to support the usage of private docker images as job docker image + # TBC_NAMESPACE: smartdatalab/public/ci-cd-components + include: # Golang template - - component: "git.code.tecnalia.com/smartdatalab/public/ci-cd-components/golang/gitlab-ci-golang@master" + - component: "$CI_SERVER_FQDN/$TBC_NAMESPACE/golang/gitlab-ci-golang@master" inputs: go-build-job-tags: ["docker"] go-test-job-tags: ["docker"] @@ -17,32 +26,50 @@ include: sbom-disabled: false vulncheck-disabled: false # semantic-release template - - component: "git.code.tecnalia.com/smartdatalab/public/ci-cd-components/semantic-release/gitlab-ci-semrel@3" + - component: "$CI_SERVER_FQDN/$TBC_NAMESPACE/semantic-release/gitlab-ci-semrel@3" inputs: auto-release-enabled: true release-disabled: false semantic-release-job-tags: ["docker"] branches-ref: "/^(master|main)$/" # sonar template - - component: "git.code.tecnalia.com/smartdatalab/public/ci-cd-components/sonar/gitlab-ci-sonar@master" + - component: "$CI_SERVER_FQDN/$TBC_NAMESPACE/sonar/gitlab-ci-sonar@master" inputs: sonar-job-tags: ["docker"] # gitleaks template - - component: "git.code.tecnalia.com/smartdatalab/public/ci-cd-components/gitleaks/gitlab-ci-gitleaks@master" + - component: "$CI_SERVER_FQDN/$TBC_NAMESPACE/gitleaks/gitlab-ci-gitleaks@master" inputs: gitleaks-job-tags: ["docker"] + # docker template + - component: "$CI_SERVER_FQDN/$TBC_NAMESPACE/docker/gitlab-ci-docker@master" + inputs: + healthcheck-disabled: true + trivy-disabled: true + build-args: "--cache-ttl=6h" + prod-publish-strategy: "auto" + release-extra-tags: "latest \\g<major>.\\g<minor>\\g<build> \\g<major>\\g<build>" + snapshot-image: $DOCKER_SNAPSHOT_IMAGE + release-image: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME + kaniko-build-job-tags: ["docker"] + docker-publish-job-tags: ["docker"] + # https://github.com/jfrog/artifactory-user-plugins/blob/master/cleanup/cleanDockerImages/README.md + metadata: >- + --label org.opencontainers.image.url=${CI_PROJECT_URL} + --label org.opencontainers.image.source=${CI_PROJECT_URL} + --label org.opencontainers.image.title=${CI_PROJECT_PATH} + --label org.opencontainers.image.ref.name=${CI_COMMIT_REF_NAME} + --label org.opencontainers.image.revision=${CI_COMMIT_SHA} + --label org.opencontainers.image.created=${CI_JOB_STARTED_AT} + --label com.jfrog.artifactory.retention.maxCount=4 + hadolint-disabled: true + docker-sbom-job-tags: ["docker"] variables: GIT_STRATEGY: clone - + CI_REGISTRY_IMAGE: cicd-docker-dev-local.artifact.tecnalia.com/yajsv + DOCKER_SNAPSHOT_IMAGE: cicd-docker-dev-local.artifact.tecnalia.com/yajsv/snapshot:$CI_COMMIT_REF_SLUG # LOG_LEVEL: debug -# variables in the GitLab CI/CD variables: - # GITLAB_TOKEN to support the semantic-release: it should have the api scope, read_repository, and write_repository permissions. It should act as maintainer if you have protected branches, and tags as it is the case. - # SONAR_TOKEN to support the sonar - # SONAR_HOST_URL to support the sonar - - # Pipeline steps stages: - build @@ -61,4 +88,3 @@ go-build-test: semantic-release: dependencies: - go-build-test - diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000000000000000000000000000000000000..dcc0a9a90852f240b179c1aaa726f9495a614eff --- /dev/null +++ b/Dockerfile @@ -0,0 +1,5 @@ +FROM alpine:3.20.2 + +COPY ./bin/linux/amd64/yajsv /usr/bin/yajsv + +RUN chmod +x /usr/bin/yajsv