85 lines
5.3 KiB
YAML
85 lines
5.3 KiB
YAML
image: docker:24.0.6
|
|
services:
|
|
- docker:24.0.6-dind
|
|
|
|
#Global variables
|
|
variables:
|
|
GIT_STRATEGY: clone
|
|
FF_NETWORK_PER_BUILD: "true" # activate container-to-container networking. (don't define "network_mode" in docker runner config)
|
|
DOCKER_TLS_CERTDIR: ""
|
|
PROJECT_NAME: "DOCKER_IMAGE"
|
|
|
|
# Pas de merge request pipeline
|
|
workflow:
|
|
rules:
|
|
- if: $CI_PIPELINE_SOURCE != 'merge_request_event'
|
|
|
|
stages:
|
|
- Build
|
|
|
|
##############################################################################
|
|
###### STAGE BUILD ###########################################################
|
|
##############################################################################
|
|
build_image:
|
|
stage: Build
|
|
tags:
|
|
- dind
|
|
script:
|
|
- |
|
|
apk update && apk add curl bash git grep jq
|
|
|
|
# Install VDG CA
|
|
curl $IP_VDG_CERTIFICATE/certs/rootvdgca_ROOTVDG-CA.crt > /usr/local/share/ca-certificates/rootvdgca.crt
|
|
curl $IP_VDG_CERTIFICATE/certs/adsubca.crt > /usr/local/share/ca-certificates/adsubca.crt
|
|
update-ca-certificates
|
|
|
|
# Vérification du format du tag lié au commit
|
|
if ! [[ "$CI_COMMIT_TAG" =~ @ ]] ; then echo -e "\e[1;31mERROR - Bad commit tag (missing @) $CI_COMMIT_TAG\e[0m" ; exit 1 ; fi
|
|
if ! [[ "$CI_COMMIT_TAG" =~ % ]] ; then echo -e "\e[1;31mERROR - Bad commit tag (missing %) $CI_COMMIT_TAG\e[0m" ; exit 1 ; fi
|
|
|
|
# Traitement du tag - Supprime à partir du @xxx
|
|
IMG_TYPE_TAG="$(echo $CI_COMMIT_TAG | cut -f1 -d@)"
|
|
# Récupération du type d'image (p.ex drupal_php, musinfo_php,...)
|
|
IMG_TYPE="$(echo $IMG_TYPE_TAG | cut -f1 -d%)"
|
|
echo "$IMG_TYPE"
|
|
# Récupération du tag (p.ex 8.1-fpm-alpine, 8.1-fpm-alpine3.18, ...)
|
|
IMG_TAG="$(echo $IMG_TYPE_TAG | cut -f2 -d%)"
|
|
echo "$IMG_TAG"
|
|
|
|
# Vérification des formats pour que le nom de l'image soit correct
|
|
if ! [[ "$(echo "$IMG_TYPE" | grep -s -E '^[a-z]+_[a-z]+([a-z_-]+)?$')" ]] ; then echo -e "\e[1;31mERROR - Bad format for type $IMG_TYPE\e[0m" ; exit 1 ; fi
|
|
if ! [[ "$(echo "$IMG_TAG" | grep -s -E '^[0-9]+\.[0-9]+(\.[0-9]+)?-fpm-alpine([0-9]+\.[0-9]+)?$')" ]] ; then echo -e "\e[1;31mERROR - Bad format for tag $IMG_TAG\e[0m" ; exit 1 ; fi
|
|
if [ ! -d "src/$IMG_TYPE/$IMG_TAG" ]; then echo -e "\e[1;31mERROR - Le répertoire pour l'image de base $IMG_TYPE avec le tag $IMG_TAG n'existe pas.\e[0m" ; exit 1 ; fi
|
|
|
|
# Push on nexus and try to connect
|
|
docker login -u $NEXUS_3_USER -p $NEXUS_3_PASSWORD $NEXUS_3_DOCKER_REGISTRY
|
|
echo -e "\e[1;36mBuilding base image $IMG_TYPE with tag $IMG_TAG\e[0m"
|
|
docker build --build-arg IMG_TAG="$IMG_TAG" --build-arg DIR_ARG="src/${IMG_TYPE}/$IMG_TAG" --add-host gitlab.ville-geneve.ch:10.104.1.28 --pull --no-cache -t $NEXUS_3_DOCKER_REGISTRY/$SITE_CONTAINER_URL/$IMG_TYPE:$IMG_TAG -f ./src/${IMG_TYPE}/$IMG_TAG/Dockerfile . || exit 1
|
|
if curl -k -u $NEXUS_3_USER:$NEXUS_3_PASSWORD --silent -f -IlSL https://$NEXUS_3_DOCKER_REGISTRY/v2/$SITE_CONTAINER_URL/$IMG_TYPE/manifests/$IMG_TAG > /dev/null; then
|
|
echo -e "\e[1;33mDeleting previous image $IMG_TYPE with tag $IMG_TAG!\e[0m"
|
|
Manifest_SHA256=$(curl -u $NEXUS_3_USER:$NEXUS_3_PASSWORD -s "https://$NEXUS_3_SERVER/service/rest/v1/search?name=${SITE_CONTAINER_URL}/${IMG_TYPE}&version=$IMG_TAG" | jq '.items[].assets[].checksum.sha256' | sed -e 's|"||g')
|
|
echo "Manifest_SHA256=$Manifest_SHA256"
|
|
curl -u $NEXUS_3_USER:$NEXUS_3_PASSWORD -is -X DELETE "https://$NEXUS_3_DOCKER_REGISTRY/v2/$SITE_CONTAINER_URL/$IMG_TYPE/manifests/sha256:$Manifest_SHA256"
|
|
fi
|
|
docker push $NEXUS_3_DOCKER_REGISTRY/$SITE_CONTAINER_URL/$IMG_TYPE:$IMG_TAG || exit 1
|
|
echo -e "\e[1;36mBuilding tests image ${IMG_TYPE} with tag ${IMG_TAG}-tests\e[0m"
|
|
# To avoid error:
|
|
# 'Head "https://registry-docker.ville-geneve.ch/v2/devspe/docker-base-image/drupal_php/manifests/8.1-fpm-alpine3.18":
|
|
# x509: certificate signed by unknown authority'
|
|
# Need to force docker pull the base image from registy before!!!!
|
|
docker pull $NEXUS_3_DOCKER_REGISTRY/$SITE_CONTAINER_URL/$IMG_TYPE:$IMG_TAG || exit 1
|
|
docker build --build-arg IMG_TAG="$IMG_TAG" --build-arg DIR_ARG="src/${IMG_TYPE}/$IMG_TAG" --build-arg IMG_NAME="$NEXUS_3_DOCKER_REGISTRY/$SITE_CONTAINER_URL/$IMG_TYPE" --add-host gitlab.ville-geneve.ch:10.104.1.28 --no-cache -t $NEXUS_3_DOCKER_REGISTRY/$SITE_CONTAINER_URL/$IMG_TYPE:${IMG_TAG}-tests -f ./src/${IMG_TYPE}/$IMG_TAG/Dockerfile-tests . || exit 1
|
|
if curl -k -u $NEXUS_3_USER:$NEXUS_3_PASSWORD --silent -f -IlSL https://$NEXUS_3_DOCKER_REGISTRY/v2/$SITE_CONTAINER_URL/$IMG_TYPE/manifests/${IMG_TAG}-tests > /dev/null; then
|
|
echo -e "\e[1;33mDeleting previous image ${IMG_TYPE} with tag ${IMG_TAG}-tests!\e[0m"
|
|
Manifest_Tests_SHA256=$(curl -u $NEXUS_3_USER:$NEXUS_3_PASSWORD -s "https://$NEXUS_3_SERVER/service/rest/v1/search?name=${SITE_CONTAINER_URL}/${IMG_TYPE}&version=${IMG_TAG}-tests" | jq '.items[].assets[].checksum.sha256' | sed -e 's|"||g')
|
|
echo "Manifest_Tests_SHA256=$Manifest_Tests_SHA256"
|
|
curl -u $NEXUS_3_USER:$NEXUS_3_PASSWORD -is -X DELETE "https://$NEXUS_3_DOCKER_REGISTRY/v2/$SITE_CONTAINER_URL/$IMG_TYPE/manifests/sha256:$Manifest_Tests_SHA256"
|
|
fi
|
|
docker push $NEXUS_3_DOCKER_REGISTRY/$SITE_CONTAINER_URL/$IMG_TYPE:${IMG_TAG}-tests || exit 1
|
|
|
|
|
|
rules:
|
|
- if: $CI_COMMIT_TAG != null
|
|
when: manual
|
|
|