From 3d6318d065d8ecb54441c63f31411bdd3e00579b Mon Sep 17 00:00:00 2001
From: Jens Steidl <Jens.Steidl@slub-dresden.de>
Date: Fri, 6 Oct 2023 17:13:12 +0200
Subject: [PATCH] - init ci packaging

---
 .gitlab-ci.yml                                | 96 +++++++++++++++++++
 gitlab-ci/Dockerfile_DEB                      |  8 ++
 .../slubarchiv-mediaconch-profiles.control    |  9 ++
 3 files changed, 113 insertions(+)
 create mode 100644 .gitlab-ci.yml
 create mode 100644 gitlab-ci/Dockerfile_DEB
 create mode 100644 gitlab-ci/slubarchiv-mediaconch-profiles.control

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..6bba449
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,96 @@
+stages:          # List of stages for jobs, and their order of execution
+  - build-env
+  - package-profiles
+  - test-package
+
+variables:
+  DOCKERFILE_DEB: "${CI_PROJECT_DIR}/gitlab-ci/Dockerfile_DEB"
+  IMAGE_BASE_DEB: "sdvharbor.slub-dresden.de/replication/debian:bookworm-slim"
+  IMAGE_TARGET_DEB: "${CI_REGISTRY_IMAGE}/debian12_mediaconch-profiles_build_env"
+
+.build-env-job:
+  stage: build-env
+  timeout: 10m
+  tags:
+    - "docker"
+  image:
+    # Use Kaniko base image to build a Docker image to use as the base image for later jobs.
+    name: gcr.io/kaniko-project/executor:debug
+    entrypoint: [""]
+  # Do not run the before_script tasks here, they wouldn't be included in the Docker image. Instead, provide an empty list of tasks.
+  before_script: []
+  # docu: https://docs.gitlab.com/ee/ci/docker/using_kaniko.html, this is basically copy-pasted from there
+  script:
+    - mkdir -p /kaniko/.docker
+    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(printf "%s:%s" "$CI_REGISTRY_USER" "$CI_REGISTRY_PASSWORD" | base64 | tr -d '\n')\"},\"$(printf "%s" "$CI_DEPENDENCY_PROXY_SERVER" | cut -d':' -f1)\":{\"auth\":\"$(printf "%s:%s" "$CI_DEPENDENCY_PROXY_USER" "$CI_DEPENDENCY_PROXY_PASSWORD" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
+    # In this task, Kaniko executor is called to build the Image based on the Dockerfile provided with "--dockerfile".
+    - echo "CI_PROJECT_DIR=${CI_PROJECT_DIR}"
+    - >-
+      /kaniko/executor
+      --context "${CI_PROJECT_DIR}"
+      --dockerfile "${DOCKERFILE}"
+      --destination "${IMAGE_TARGET}:latest"
+      --build-arg "GITDIR=${CI_PROJECT_DIR}"
+      --cache=true
+      --cache-repo=${CI_REGISTRY_IMAGE}
+      --cache-copy-layers=true
+      --snapshotMode=redo
+      --use-new-run
+      --ignore-var-run
+
+build-debian-env-job:
+  extends: .build-env-job
+  variables:
+    DOCKERFILE: ${DOCKERFILE_DEB}
+    IMAGE_TARGET: ${IMAGE_TARGET_DEB}
+
+package-debian-job:
+  stage: package-profiles
+  timeout: 5m
+  image:
+    name: "${IMAGE_TARGET_DEB}:latest"
+  tags:
+    - "docker"
+  script:
+    # HINT: current working dir == '/builds/digital-preservation/mediaconch-profile' as root
+    # retrieve version infos
+    - REVISION="1"
+    - BRANCH="$(([ -z "${CI_COMMIT_BRANCH}" ] && echo ${CI_COMMIT_TAG} || echo ${CI_COMMIT_BRANCH}) | sed "s#[^A-Za-z0-9\.~+-]##g")" # use tag name in tag pipelines, filter characters based on https://www.debian.org/doc/debian-policy/ch-controlfields.html#s-f-version
+    - VERSION="$(git rev-list HEAD --count)-${BRANCH}"
+    - ARCHITECTURE="all"
+    # create build dir structure
+    - DEB_BUILD_DIR="slubarchiv-mediaconch-profiles_${VERSION}-${REVISION}_${ARCHITECTURE}"
+    - mkdir -p ${DEB_BUILD_DIR}/DEBIAN
+    # create & copy profiles to be packaged
+    - build_all.sh
+    - DEB_BUILD_PROFILE_DIR="${DEB_BUILD_DIR}/usr/local/etc/mediaconch"
+    - mkdir -p ${DEB_BUILD_PROFILE_DIR}
+    - cp -a SLUB_*.xml "${DEB_BUILD_PROFILE_DIR}/"
+    - cp -a build/SLUB_*.xml "${DEB_BUILD_PROFILE_DIR}/"
+    # copy & rename deb control file template
+    - cp gitlab-ci/slubarchiv-mediaconch-profiles.control "${DEB_BUILD_DIR}/DEBIAN/control"
+    # set package version
+    - sed -i "s#VERSION_PLACEHOLDER#${VERSION}-${REVISION}#g" "${DEB_BUILD_DIR}/DEBIAN/control"
+    - sed -i "s#ARCHITECTURE_PLACEHOLDER#${ARCHITECTURE}#g" "${DEB_BUILD_DIR}/DEBIAN/control"
+    # add checksums
+    - pushd "${DEB_BUILD_DIR}"
+    - md5sum $(find * -type f -not -path 'DEBIAN/*') > DEBIAN/md5sums
+    - popd
+    # build binary deb package
+    - dpkg-deb --build --root-owner-group "${DEB_BUILD_DIR}/"
+  artifacts:
+    paths:
+      # package name: slubarchiv-mediaconch-profiles_[VERSION]-[REVISION]_[ARCHITECTURE].deb
+      - "*.deb"
+
+test-install-debian-job:
+  stage: test-package
+  timeout: 5m
+  image:
+    # HINT: debian base image to simulate an installation target
+    name: "${IMAGE_BASE_DEB}"
+  tags:
+    - "docker"
+  script:
+    - apt update
+    - apt install -y ./slubarchiv-mediaconch-profiles*.deb
diff --git a/gitlab-ci/Dockerfile_DEB b/gitlab-ci/Dockerfile_DEB
new file mode 100644
index 0000000..f8fb070
--- /dev/null
+++ b/gitlab-ci/Dockerfile_DEB
@@ -0,0 +1,8 @@
+FROM sdvharbor.slub-dresden.de/replication/debian:bookworm-slim
+
+ENV DEBIAN_FRONTEND=noninteractive
+RUN apt-get update && \
+    apt-get dist-upgrade -y && \
+    apt-get autoremove -y && \
+    apt-get install -y dash git coreutils sed findutils xsltproc && \
+    apt-get autoclean -y
diff --git a/gitlab-ci/slubarchiv-mediaconch-profiles.control b/gitlab-ci/slubarchiv-mediaconch-profiles.control
new file mode 100644
index 0000000..dda2261
--- /dev/null
+++ b/gitlab-ci/slubarchiv-mediaconch-profiles.control
@@ -0,0 +1,9 @@
+Package: slubarchiv-mediaconch-profiles
+Version: VERSION_PLACEHOLDER
+Architecture: ARCHITECTURE_PLACEHOLDER
+Maintainer: SLUBArchiv.digital <langzeitarchiv@slub-dresden.de>
+Description: A set of mediaconch profiles used by SLUBArchiv.digital.
+Homepage: https://git.slub-dresden.de/digital-preservation/mediaconch-profile
+Section: main
+Priority: optional
+Recommends: mediaconch
-- 
GitLab