Construction et diffusion des paquets/image de conteneur via Jenkins #4
3
.gitignore
vendored
3
.gitignore
vendored
@ -1,2 +1,5 @@
|
||||
/bin
|
||||
/dist
|
||||
/tools
|
||||
/.trivy
|
||||
.mktools/
|
@ -3,7 +3,7 @@
|
||||
# This source code is licensed under the MIT license found in the
|
||||
# LICENSE file in the root directory of this source tree.
|
||||
|
||||
FROM golang:1.13-alpine AS build
|
||||
FROM golang:1.21-alpine AS build
|
||||
|
||||
ARG VERSION
|
||||
ARG GOPROXY
|
||||
|
69
Jenkinsfile
vendored
69
Jenkinsfile
vendored
@ -1,50 +1,29 @@
|
||||
@Library('cadoles') _
|
||||
|
||||
pipeline {
|
||||
agent {
|
||||
dockerfile {
|
||||
label 'docker'
|
||||
filename 'Dockerfile'
|
||||
dir 'misc/ci'
|
||||
}
|
||||
}
|
||||
// Utilisation du pipeline "standard"
|
||||
// Voir https://forge.cadoles.com/Cadoles/Jenkins/src/branch/master/doc/tutorials/standard-make-pipeline.md
|
||||
standardMakePipeline([
|
||||
'dockerfileExtension': '''
|
||||
RUN apt-get update \
|
||||
&& apt-get install -y zip jq
|
||||
|
||||
stages {
|
||||
stage('Build and publish packages') {
|
||||
when {
|
||||
anyOf {
|
||||
branch 'master'
|
||||
branch 'develop'
|
||||
}
|
||||
}
|
||||
steps {
|
||||
script {
|
||||
List<String> packagers = ['deb', 'rpm']
|
||||
packagers.each { pkgr ->
|
||||
sh "make NFPM_PACKAGER='${pkgr}' build package"
|
||||
}
|
||||
RUN wget https://go.dev/dl/go1.21.5.linux-amd64.tar.gz \
|
||||
&& rm -rf /usr/local/go \
|
||||
&& tar -C /usr/local -xzf go1.21.5.linux-amd64.tar.gz
|
||||
|
||||
List<String> attachments = sh(returnStdout: true, script: "find dist -type f -name '*.deb' -or -name '*.rpm' -or -name '*.ipk'").split(' ')
|
||||
String releaseVersion = sh(returnStdout: true, script: "git describe --always | rev | cut -d '/' -f 1 | rev").trim()
|
||||
|
||||
String releaseBody = """
|
||||
_Publication automatisée réalisée par Jenkins._ [Voir le job](${env.RUN_DISPLAY_URL})
|
||||
"""
|
||||
|
||||
gitea.release('forge-jenkins', 'Cadoles', 'hydra-werther', [
|
||||
'attachments': attachments,
|
||||
'body': releaseBody,
|
||||
'releaseName': "${releaseVersion}",
|
||||
'releaseVersion': "${releaseVersion}"
|
||||
])
|
||||
ENV PATH="${PATH}:/usr/local/go/bin"
|
||||
''',
|
||||
'hooks': [
|
||||
'pre-release': {
|
||||
// Login into docker registry
|
||||
sh '''
|
||||
make .mktools
|
||||
echo "$MKT_GITEA_RELEASE_PASSWORD" | docker login --username "$MKT_GITEA_RELEASE_USERNAME" --password-stdin reg.cadoles.com
|
||||
'''
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
post {
|
||||
always {
|
||||
cleanWs()
|
||||
}
|
||||
}
|
||||
}
|
||||
],
|
||||
// Use credentials to push images to registry and pubish gitea release
|
||||
'credentials': [
|
||||
usernamePassword(credentialsId: 'kipp-credentials', usernameVariable: 'MKT_GITEA_RELEASE_USERNAME', passwordVariable: 'MKT_GITEA_RELEASE_PASSWORD')
|
||||
]
|
||||
])
|
78
Makefile
78
Makefile
@ -1,23 +1,77 @@
|
||||
PACKAGE_VERSION ?= $(shell git describe --always | rev | cut -d '/' -f 1 | rev)
|
||||
NFPM_PACKAGER ?= deb
|
||||
SHELL := /bin/bash
|
||||
|
||||
build: clean generate
|
||||
IMAGE_NAME := reg.cadoles.com/cadoles/hydra-werther
|
||||
|
||||
NFPM_VERSION ?= 2.20.0
|
||||
NFPM_PACKAGERS ?= deb rpm
|
||||
|
||||
MKT_GITEA_RELEASE_ORG ?= Cadoles
|
||||
MKT_GITEA_RELEASE_PROJECT ?= hydra-werther
|
||||
MKT_GITEA_RELEASE_VERSION ?= $(MKT_PROJECT_VERSION)
|
||||
|
||||
build: build-bin build-image
|
||||
|
||||
build-bin: clean generate
|
||||
CGO_ENABLED=0 misc/script/build
|
||||
|
||||
test: scan
|
||||
|
||||
generate:
|
||||
go generate ./...
|
||||
|
||||
clean:
|
||||
rm -rf bin
|
||||
|
||||
package: dist
|
||||
PACKAGE_VERSION=$(PACKAGE_VERSION) \
|
||||
nfpm package \
|
||||
--config misc/packaging/nfpm.yml \
|
||||
--target ./dist \
|
||||
--packager $(NFPM_PACKAGER)
|
||||
rm -rf bin dist
|
||||
|
||||
dist:
|
||||
mkdir -p dist
|
||||
|
||||
.PHONY: build
|
||||
package: clean build-bin $(foreach p,$(NFPM_PACKAGERS), package-$(p))
|
||||
|
||||
package-%: dist tools/nfpm/bin/nfpm
|
||||
PACKAGE_VERSION=$(MKT_PROJECT_VERSION) \
|
||||
tools/nfpm/bin/nfpm package \
|
||||
--config misc/packaging/nfpm.yml \
|
||||
--target ./dist \
|
||||
--packager $*
|
||||
|
||||
tools/nfpm/bin/nfpm:
|
||||
mkdir -p tools/nfpm/bin
|
||||
curl -L --output tools/nfpm/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz https://github.com/goreleaser/nfpm/releases/download/v$(NFPM_VERSION)/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz \
|
||||
&& tar -xzf tools/nfpm/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz -C tools/nfpm/bin \
|
||||
&& chmod +x tools/nfpm/bin/nfpm \
|
||||
&& rm -f tools/nfpm/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz
|
||||
|
||||
build-image:
|
||||
docker build \
|
||||
-t "${IMAGE_NAME}:latest" \
|
||||
.
|
||||
|
||||
scan: build-image tools/trivy/bin/trivy
|
||||
mkdir -p .trivy
|
||||
tools/trivy/bin/trivy --cache-dir .trivy/.cache image --ignorefile .trivyignore.yaml $(TRIVY_ARGS) $(IMAGE_NAME):latest
|
||||
|
||||
tools/trivy/bin/trivy:
|
||||
mkdir -p tools/trivy/bin
|
||||
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.47.0
|
||||
|
||||
release: release-image release-gitea
|
||||
|
||||
release-gitea: .mktools package
|
||||
@[ ! -z "$(MKT_PROJECT_VERSION)" ] || ( echo "Just downloaded mktools. Please re-run command."; exit 1 )
|
||||
$(MAKE) MKT_GITEA_RELEASE_ATTACHMENTS="$$(find dist/* -type f -printf '%p ')" mkt-gitea-release
|
||||
|
||||
release-image: .mktools
|
||||
@[ ! -z "$(MKT_PROJECT_VERSION)" ] || ( echo "Just downloaded mktools. Please re-run command."; exit 1 )
|
||||
docker tag "${IMAGE_NAME}:latest" "${IMAGE_NAME}:$(MKT_PROJECT_VERSION)"
|
||||
docker tag "${IMAGE_NAME}:latest" "${IMAGE_NAME}:$(MKT_PROJECT_SHORT_VERSION)"
|
||||
docker tag "${IMAGE_NAME}:latest" "${IMAGE_NAME}:$(MKT_PROJECT_VERSION_CHANNEL)-latest"
|
||||
|
||||
docker push "${IMAGE_NAME}:$(MKT_PROJECT_VERSION)"
|
||||
docker push "${IMAGE_NAME}:$(MKT_PROJECT_SHORT_VERSION)"
|
||||
docker push "${IMAGE_NAME}:$(MKT_PROJECT_VERSION_CHANNEL)-latest"
|
||||
|
||||
.mktools:
|
||||
rm -rf .mktools
|
||||
curl -q https://forge.cadoles.com/Cadoles/mktools/raw/branch/master/install.sh | TASKS="version gitea" $(SHELL)
|
||||
|
||||
-include .mktools/*.mk
|
23
go.mod
23
go.mod
@ -1,11 +1,8 @@
|
||||
module github.com/i-core/werther
|
||||
|
||||
require (
|
||||
github.com/OneOfOne/xxhash v1.2.2 // indirect
|
||||
github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883
|
||||
github.com/cespare/xxhash v1.0.0 // indirect
|
||||
github.com/coocood/freecache v1.0.1
|
||||
github.com/davecgh/go-spew v1.1.1 // indirect
|
||||
github.com/elazarl/go-bindata-assetfs v1.0.0
|
||||
github.com/go-ldap/ldap/v3 v3.2.3
|
||||
github.com/i-core/rlog v1.0.0
|
||||
@ -14,10 +11,24 @@ require (
|
||||
github.com/kelseyhightower/envconfig v1.3.0
|
||||
github.com/kevinburke/go-bindata v3.13.0+incompatible
|
||||
github.com/pkg/errors v0.8.1
|
||||
github.com/sergi/go-diff v1.0.0 // indirect
|
||||
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72 // indirect
|
||||
go.uber.org/zap v1.10.0
|
||||
golang.org/x/text v0.3.2
|
||||
)
|
||||
|
||||
go 1.13
|
||||
require (
|
||||
github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c // indirect
|
||||
github.com/OneOfOne/xxhash v1.2.2 // indirect
|
||||
github.com/cespare/xxhash v1.0.0 // indirect
|
||||
github.com/davecgh/go-spew v1.1.1 // indirect
|
||||
github.com/go-asn1-ber/asn1-ber v1.5.1 // indirect
|
||||
github.com/gofrs/uuid v3.2.0+incompatible // indirect
|
||||
github.com/julienschmidt/httprouter v1.2.0 // indirect
|
||||
github.com/justinas/alice v0.0.0-20171023064455-03f45bd4b7da // indirect
|
||||
github.com/sergi/go-diff v1.0.0 // indirect
|
||||
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72 // indirect
|
||||
go.uber.org/atomic v1.4.0 // indirect
|
||||
go.uber.org/multierr v1.1.0 // indirect
|
||||
golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9 // indirect
|
||||
)
|
||||
|
||||
go 1.21
|
||||
|
@ -1,9 +0,0 @@
|
||||
FROM alpine:3.16
|
||||
|
||||
RUN apk add --no-cache make git curl jq bash openssl go zip
|
||||
|
||||
RUN curl -k https://forge.cadoles.com/Cadoles/Jenkins/raw/branch/master/resources/com/cadoles/common/add-letsencrypt-ca.sh | bash
|
||||
|
||||
RUN wget https://github.com/goreleaser/nfpm/releases/download/v2.20.0/nfpm_2.20.0_Linux_x86_64.tar.gz \
|
||||
&& tar -xzf nfpm_2.20.0_Linux_x86_64.tar.gz -C /usr/local/bin \
|
||||
&& chmod +x /usr/local/bin/nfpm
|
@ -10,6 +10,7 @@ description: |
|
||||
vendor: "Cadoles"
|
||||
homepage: "https://forge.cadoles.com/Cadoles/postgres-backup"
|
||||
license: "AGPL-3.0"
|
||||
version_schema: none
|
||||
contents:
|
||||
- src: bin/werther_linux_amd64
|
||||
dst: /usr/bin/hydra-werther
|
||||
|
Loading…
Reference in New Issue
Block a user