Merge pull request 'Construction et diffusion des paquets/image de conteneur via Jenkins' (#4) from jenkins-release into develop
Cadoles/hydra-werther/pipeline/head This commit looks good Details

Reviewed-on: #4
This commit is contained in:
wpetit 2023-12-06 14:47:27 +01:00
commit 7edc889271
7 changed files with 114 additions and 75 deletions

3
.gitignore vendored
View File

@ -1,2 +1,5 @@
/bin /bin
/dist /dist
/tools
/.trivy
.mktools/

View File

@ -3,7 +3,7 @@
# This source code is licensed under the MIT license found in the # This source code is licensed under the MIT license found in the
# LICENSE file in the root directory of this source tree. # LICENSE file in the root directory of this source tree.
FROM golang:1.13-alpine AS build FROM golang:1.21-alpine AS build
ARG VERSION ARG VERSION
ARG GOPROXY ARG GOPROXY

71
Jenkinsfile vendored
View File

@ -1,50 +1,29 @@
@Library('cadoles') _ @Library('cadoles') _
pipeline { // Utilisation du pipeline "standard"
agent { // Voir https://forge.cadoles.com/Cadoles/Jenkins/src/branch/master/doc/tutorials/standard-make-pipeline.md
dockerfile { standardMakePipeline([
label 'docker' 'dockerfileExtension': '''
filename 'Dockerfile' RUN apt-get update \
dir 'misc/ci' && apt-get install -y zip jq
}
}
stages { RUN wget https://go.dev/dl/go1.21.5.linux-amd64.tar.gz \
stage('Build and publish packages') { && rm -rf /usr/local/go \
when { && tar -C /usr/local -xzf go1.21.5.linux-amd64.tar.gz
anyOf {
branch 'master' ENV PATH="${PATH}:/usr/local/go/bin"
branch 'develop' ''',
'hooks': [
'pre-release': {
// Login into docker registry
sh '''
make .mktools
echo "$MKT_GITEA_RELEASE_PASSWORD" | docker login --username "$MKT_GITEA_RELEASE_USERNAME" --password-stdin reg.cadoles.com
'''
} }
} ],
steps { // Use credentials to push images to registry and pubish gitea release
script { 'credentials': [
List<String> packagers = ['deb', 'rpm'] usernamePassword(credentialsId: 'kipp-credentials', usernameVariable: 'MKT_GITEA_RELEASE_USERNAME', passwordVariable: 'MKT_GITEA_RELEASE_PASSWORD')
packagers.each { pkgr -> ]
sh "make NFPM_PACKAGER='${pkgr}' build package" ])
}
List<String> attachments = sh(returnStdout: true, script: "find dist -type f -name '*.deb' -or -name '*.rpm' -or -name '*.ipk'").split(' ')
String releaseVersion = sh(returnStdout: true, script: "git describe --always | rev | cut -d '/' -f 1 | rev").trim()
String releaseBody = """
_Publication automatisée réalisée par Jenkins._ [Voir le job](${env.RUN_DISPLAY_URL})
"""
gitea.release('forge-jenkins', 'Cadoles', 'hydra-werther', [
'attachments': attachments,
'body': releaseBody,
'releaseName': "${releaseVersion}",
'releaseVersion': "${releaseVersion}"
])
}
}
}
}
post {
always {
cleanWs()
}
}
}

View File

@ -1,23 +1,77 @@
PACKAGE_VERSION ?= $(shell git describe --always | rev | cut -d '/' -f 1 | rev) SHELL := /bin/bash
NFPM_PACKAGER ?= deb
build: clean generate IMAGE_NAME := reg.cadoles.com/cadoles/hydra-werther
NFPM_VERSION ?= 2.20.0
NFPM_PACKAGERS ?= deb rpm
MKT_GITEA_RELEASE_ORG ?= Cadoles
MKT_GITEA_RELEASE_PROJECT ?= hydra-werther
MKT_GITEA_RELEASE_VERSION ?= $(MKT_PROJECT_VERSION)
build: build-bin build-image
build-bin: clean generate
CGO_ENABLED=0 misc/script/build CGO_ENABLED=0 misc/script/build
test: scan
generate: generate:
go generate ./... go generate ./...
clean: clean:
rm -rf bin rm -rf bin dist
package: dist
PACKAGE_VERSION=$(PACKAGE_VERSION) \
nfpm package \
--config misc/packaging/nfpm.yml \
--target ./dist \
--packager $(NFPM_PACKAGER)
dist: dist:
mkdir -p dist mkdir -p dist
.PHONY: build package: clean build-bin $(foreach p,$(NFPM_PACKAGERS), package-$(p))
package-%: dist tools/nfpm/bin/nfpm
PACKAGE_VERSION=$(MKT_PROJECT_VERSION) \
tools/nfpm/bin/nfpm package \
--config misc/packaging/nfpm.yml \
--target ./dist \
--packager $*
tools/nfpm/bin/nfpm:
mkdir -p tools/nfpm/bin
curl -L --output tools/nfpm/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz https://github.com/goreleaser/nfpm/releases/download/v$(NFPM_VERSION)/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz \
&& tar -xzf tools/nfpm/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz -C tools/nfpm/bin \
&& chmod +x tools/nfpm/bin/nfpm \
&& rm -f tools/nfpm/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz
build-image:
docker build \
-t "${IMAGE_NAME}:latest" \
.
scan: build-image tools/trivy/bin/trivy
mkdir -p .trivy
tools/trivy/bin/trivy --cache-dir .trivy/.cache image --ignorefile .trivyignore.yaml $(TRIVY_ARGS) $(IMAGE_NAME):latest
tools/trivy/bin/trivy:
mkdir -p tools/trivy/bin
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.47.0
release: release-image release-gitea
release-gitea: .mktools package
@[ ! -z "$(MKT_PROJECT_VERSION)" ] || ( echo "Just downloaded mktools. Please re-run command."; exit 1 )
$(MAKE) MKT_GITEA_RELEASE_ATTACHMENTS="$$(find dist/* -type f -printf '%p ')" mkt-gitea-release
release-image: .mktools
@[ ! -z "$(MKT_PROJECT_VERSION)" ] || ( echo "Just downloaded mktools. Please re-run command."; exit 1 )
docker tag "${IMAGE_NAME}:latest" "${IMAGE_NAME}:$(MKT_PROJECT_VERSION)"
docker tag "${IMAGE_NAME}:latest" "${IMAGE_NAME}:$(MKT_PROJECT_SHORT_VERSION)"
docker tag "${IMAGE_NAME}:latest" "${IMAGE_NAME}:$(MKT_PROJECT_VERSION_CHANNEL)-latest"
docker push "${IMAGE_NAME}:$(MKT_PROJECT_VERSION)"
docker push "${IMAGE_NAME}:$(MKT_PROJECT_SHORT_VERSION)"
docker push "${IMAGE_NAME}:$(MKT_PROJECT_VERSION_CHANNEL)-latest"
.mktools:
rm -rf .mktools
curl -q https://forge.cadoles.com/Cadoles/mktools/raw/branch/master/install.sh | TASKS="version gitea" $(SHELL)
-include .mktools/*.mk

23
go.mod
View File

@ -1,11 +1,8 @@
module github.com/i-core/werther module github.com/i-core/werther
require ( require (
github.com/OneOfOne/xxhash v1.2.2 // indirect
github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883 github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883
github.com/cespare/xxhash v1.0.0 // indirect
github.com/coocood/freecache v1.0.1 github.com/coocood/freecache v1.0.1
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/elazarl/go-bindata-assetfs v1.0.0 github.com/elazarl/go-bindata-assetfs v1.0.0
github.com/go-ldap/ldap/v3 v3.2.3 github.com/go-ldap/ldap/v3 v3.2.3
github.com/i-core/rlog v1.0.0 github.com/i-core/rlog v1.0.0
@ -14,10 +11,24 @@ require (
github.com/kelseyhightower/envconfig v1.3.0 github.com/kelseyhightower/envconfig v1.3.0
github.com/kevinburke/go-bindata v3.13.0+incompatible github.com/kevinburke/go-bindata v3.13.0+incompatible
github.com/pkg/errors v0.8.1 github.com/pkg/errors v0.8.1
github.com/sergi/go-diff v1.0.0 // indirect
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72 // indirect
go.uber.org/zap v1.10.0 go.uber.org/zap v1.10.0
golang.org/x/text v0.3.2 golang.org/x/text v0.3.2
) )
go 1.13 require (
github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c // indirect
github.com/OneOfOne/xxhash v1.2.2 // indirect
github.com/cespare/xxhash v1.0.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/go-asn1-ber/asn1-ber v1.5.1 // indirect
github.com/gofrs/uuid v3.2.0+incompatible // indirect
github.com/julienschmidt/httprouter v1.2.0 // indirect
github.com/justinas/alice v0.0.0-20171023064455-03f45bd4b7da // indirect
github.com/sergi/go-diff v1.0.0 // indirect
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72 // indirect
go.uber.org/atomic v1.4.0 // indirect
go.uber.org/multierr v1.1.0 // indirect
golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9 // indirect
)
go 1.21

View File

@ -1,9 +0,0 @@
FROM alpine:3.16
RUN apk add --no-cache make git curl jq bash openssl go zip
RUN curl -k https://forge.cadoles.com/Cadoles/Jenkins/raw/branch/master/resources/com/cadoles/common/add-letsencrypt-ca.sh | bash
RUN wget https://github.com/goreleaser/nfpm/releases/download/v2.20.0/nfpm_2.20.0_Linux_x86_64.tar.gz \
&& tar -xzf nfpm_2.20.0_Linux_x86_64.tar.gz -C /usr/local/bin \
&& chmod +x /usr/local/bin/nfpm

View File

@ -10,6 +10,7 @@ description: |
vendor: "Cadoles" vendor: "Cadoles"
homepage: "https://forge.cadoles.com/Cadoles/postgres-backup" homepage: "https://forge.cadoles.com/Cadoles/postgres-backup"
license: "AGPL-3.0" license: "AGPL-3.0"
version_schema: none
contents: contents:
- src: bin/werther_linux_amd64 - src: bin/werther_linux_amd64
dst: /usr/bin/hydra-werther dst: /usr/bin/hydra-werther