feat: release docker and packages from jenkins
Cadoles/hydra-werther/pipeline/head This commit is unstable Details

This commit is contained in:
wpetit 2023-12-06 12:47:56 +01:00
parent d74f81224d
commit e40661b710
6 changed files with 121 additions and 20 deletions

5
.gitignore vendored
View File

@ -1,2 +1,5 @@
/bin
/dist
/dist
/tools
/.trivy
.mktools/

View File

@ -3,7 +3,7 @@
# This source code is licensed under the MIT license found in the
# LICENSE file in the root directory of this source tree.
FROM golang:1.13-alpine AS build
FROM golang:1.21-alpine AS build
ARG VERSION
ARG GOPROXY

34
Jenkinsfile vendored
View File

@ -1,5 +1,39 @@
@Library('cadoles') _
// Utilisation du pipeline "standard"
// Voir https://forge.cadoles.com/Cadoles/Jenkins/src/branch/master/doc/tutorials/standard-make-pipeline.md
standardMakePipeline([
'dockerfileExtension': '''
RUN apt-get update \
&& apt-get install -y zip
RUN wget https://go.dev/dl/go1.21.5.linux-amd64.tar.gz \
&& rm -rf /usr/local/go \
&& tar -C /usr/local -xzf go1.21.5.linux-amd64.tar.gz
ENV PATH="${PATH}:/usr/local/go/bin"
''',
'hooks': [
// Scan images for vulnerabilities before tests
'pre-test': {
sh '''
make scan
'''
},
'pre-release': {
// Login into docker registry
sh '''
make .mktools
echo "$DOCKER_REGISTRY_PASSWORD" | docker login --username "$DOCKER_REGISTRY_USERNAME" --password-stdin reg.cadoles.com
'''
}
],
// Use credentials to push images to registry
'credentials': [
usernamePassword(credentialsId: 'kipp-credentials', usernameVariable: 'DOCKER_REGISTRY_USERNAME', passwordVariable: 'DOCKER_REGISTRY_PASSWORD')
]
])
pipeline {
agent {
dockerfile {

View File

@ -1,23 +1,75 @@
PACKAGE_VERSION ?= $(shell git describe --always | rev | cut -d '/' -f 1 | rev)
NFPM_PACKAGER ?= deb
SHELL := /bin/bash
build: clean generate
IMAGE_NAME := reg.cadoles.com/cadoles/hydra-werther
NFPM_VERSION ?= 2.20.0
NFPM_PACKAGERS ?= deb rpm
MKT_GITEA_RELEASE_ORG ?= Cadoles
MKT_GITEA_RELEASE_PROJECT ?= hydra-werther
MKT_GITEA_RELEASE_VERSION ?= $(MKT_PROJECT_VERSION)
build: build-bin build-image
build-bin: clean generate
CGO_ENABLED=0 misc/script/build
generate:
go generate ./...
clean:
rm -rf bin
package: dist
PACKAGE_VERSION=$(PACKAGE_VERSION) \
nfpm package \
--config misc/packaging/nfpm.yml \
--target ./dist \
--packager $(NFPM_PACKAGER)
rm -rf bin dist
dist:
mkdir -p dist
.PHONY: build
package: clean build-bin $(foreach p,$(NFPM_PACKAGERS), package-$(p))
package-%: dist tools/nfpm/bin/nfpm
PACKAGE_VERSION=$(MKT_PROJECT_VERSION) \
tools/nfpm/bin/nfpm package \
--config misc/packaging/nfpm.yml \
--target ./dist \
--packager $*
tools/nfpm/bin/nfpm:
mkdir -p tools/nfpm/bin
curl -L --output tools/nfpm/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz https://github.com/goreleaser/nfpm/releases/download/v$(NFPM_VERSION)/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz \
&& tar -xzf tools/nfpm/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz -C tools/nfpm/bin \
&& chmod +x tools/nfpm/bin/nfpm \
&& rm -f tools/nfpm/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz
build-image:
docker build \
-t "${IMAGE_NAME}:latest" \
.
scan: tools/trivy/bin/trivy
mkdir -p .trivy
tools/trivy/bin/trivy --cache-dir .trivy/.cache image --ignorefile .trivyignore.yaml $(TRIVY_ARGS) $(IMAGE_NAME):latest
tools/trivy/bin/trivy:
mkdir -p tools/trivy/bin
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.47.0
release: release-image release-gitea
release-gitea: .mktools package
@[ ! -z "$(MKT_PROJECT_VERSION)" ] || ( echo "Just downloaded mktools. Please re-run command."; exit 1 )
$(MAKE) MKT_GITEA_RELEASE_ATTACHMENTS="$$(find dist/* -type f -printf '%p ')" mkt-gitea-release
release-image: .mktools
@[ ! -z "$(MKT_PROJECT_VERSION)" ] || ( echo "Just downloaded mktools. Please re-run command."; exit 1 )
docker tag "${IMAGE_NAME}:latest" "${IMAGE_NAME}:$(MKT_PROJECT_VERSION)"
docker tag "${IMAGE_NAME}:latest" "${IMAGE_NAME}:$(MKT_PROJECT_SHORT_VERSION)"
docker tag "${IMAGE_NAME}:latest" "${IMAGE_NAME}:$(MKT_PROJECT_VERSION_CHANNEL)-latest"
docker push "${IMAGE_NAME}:$(MKT_PROJECT_VERSION)"
docker push "${IMAGE_NAME}:$(MKT_PROJECT_SHORT_VERSION)"
docker push "${IMAGE_NAME}:$(MKT_PROJECT_VERSION_CHANNEL)-latest"
.mktools:
rm -rf .mktools
curl -q https://forge.cadoles.com/Cadoles/mktools/raw/branch/master/install.sh | TASKS="version gitea" $(SHELL)
-include .mktools/*.mk

23
go.mod
View File

@ -1,11 +1,8 @@
module github.com/i-core/werther
require (
github.com/OneOfOne/xxhash v1.2.2 // indirect
github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883
github.com/cespare/xxhash v1.0.0 // indirect
github.com/coocood/freecache v1.0.1
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/elazarl/go-bindata-assetfs v1.0.0
github.com/go-ldap/ldap/v3 v3.2.3
github.com/i-core/rlog v1.0.0
@ -14,10 +11,24 @@ require (
github.com/kelseyhightower/envconfig v1.3.0
github.com/kevinburke/go-bindata v3.13.0+incompatible
github.com/pkg/errors v0.8.1
github.com/sergi/go-diff v1.0.0 // indirect
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72 // indirect
go.uber.org/zap v1.10.0
golang.org/x/text v0.3.2
)
go 1.13
require (
github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c // indirect
github.com/OneOfOne/xxhash v1.2.2 // indirect
github.com/cespare/xxhash v1.0.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/go-asn1-ber/asn1-ber v1.5.1 // indirect
github.com/gofrs/uuid v3.2.0+incompatible // indirect
github.com/julienschmidt/httprouter v1.2.0 // indirect
github.com/justinas/alice v0.0.0-20171023064455-03f45bd4b7da // indirect
github.com/sergi/go-diff v1.0.0 // indirect
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72 // indirect
go.uber.org/atomic v1.4.0 // indirect
go.uber.org/multierr v1.1.0 // indirect
golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9 // indirect
)
go 1.21

View File

@ -10,6 +10,7 @@ description: |
vendor: "Cadoles"
homepage: "https://forge.cadoles.com/Cadoles/postgres-backup"
license: "AGPL-3.0"
version_schema: none
contents:
- src: bin/werther_linux_amd64
dst: /usr/bin/hydra-werther