variables:
DOCKERFILE_DEB: "${CI_PROJECT_DIR}/gitlab-ci/Dockerfile_DEB"
IMAGE_TARGET_DEB: "${CI_REGISTRY_IMAGE}/debian12_validate_workflows_build_env"
IMAGE_BASE_DEB: "sdvharbor.slub-dresden.de/replication/debian:bookworm-slim"
stages: # List of stages for jobs, and their order of execution
- build-env
- test-tool
- package-tool
- test-package
.build-env-job:
stage: build-env
timeout: 10m
tags:
- "docker"
image:
# Use Kaniko base image to build a Docker image to use as the base image for later jobs.
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
# Do not run the before_script tasks here, they wouldn't be included in the Docker image. Instead, provide an empty list of tasks.
before_script: []
# docu: https://docs.gitlab.com/ee/ci/docker/using_kaniko.html, this is basically copy-pasted from there
script:
- mkdir -p /kaniko/.docker
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(printf "%s:%s" "$CI_REGISTRY_USER" "$CI_REGISTRY_PASSWORD" | base64 | tr -d '\n')\"},\"$(printf "%s" "$CI_DEPENDENCY_PROXY_SERVER" | cut -d':' -f1)\":{\"auth\":\"$(printf "%s:%s" "$CI_DEPENDENCY_PROXY_USER" "$CI_DEPENDENCY_PROXY_PASSWORD" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
# In this task, Kaniko executor is called to build the Image based on the Dockerfile provided with "--dockerfile".
- echo "CI_PROJECT_DIR=${CI_PROJECT_DIR}"
- >-
/kaniko/executor
--context "${CI_PROJECT_DIR}"
--dockerfile "${DOCKERFILE}"
--destination "${IMAGE_TARGET}:latest"
--build-arg "GITDIR=${CI_PROJECT_DIR}"
--cache=true
--cache-repo=${CI_REGISTRY_IMAGE}
--cache-copy-layers=true
--snapshotMode=redo
--use-new-run
--ignore-var-run
build-debian-env-job:
extends: .build-env-job
variables:
DOCKERFILE: ${DOCKERFILE_DEB}
IMAGE_TARGET: ${IMAGE_TARGET_DEB}
test-debian-job: # This job runs in the test stage.
stage: test-tool # It only starts when the job in the build stage completes successfully.
timeout: 5m
tags:
- "docker"
image:
name: "${IMAGE_TARGET_DEB}:latest"
script:
- shellcheck --color=always --shell=bash --enable=all --exclude=SC2317 "src/usr/local/bin/validate_workflow.sh"
package-debian-job:
stage: package-tool
timeout: 5m
image:
name: "${IMAGE_TARGET_DEB}:latest"
tags:
- "docker"
script:
# HINT: current working dir == '/builds/digital-preservation/validate_workflows' as root
# retrieve version infos
- REVISION="1"
- BRANCH="$(([ -z "${CI_COMMIT_BRANCH}" ] && echo ${CI_COMMIT_TAG} || echo ${CI_COMMIT_BRANCH}) | sed "s#[^A-Za-z0-9\.~+-]##g")" # use tag name in tag pipelines, filter characters based on https://www.debian.org/doc/debian-policy/ch-controlfields.html#s-f-version
- VERSION="$(git rev-list HEAD --count)-${BRANCH}"
- ARCHITECTURE="all"
# create build dir structure
- DEB_BUILD_DIR="validate_workflows_${VERSION}-${REVISION}_${ARCHITECTURE}"
- mkdir -p ${DEB_BUILD_DIR}/DEBIAN
# copy project files to be packaged
- cp -r src/* ${DEB_BUILD_DIR}/
# copy & rename deb control file template
- cp gitlab-ci/validate_workflows.control ${DEB_BUILD_DIR}/DEBIAN/control
# set package version
- sed -i "s#VERSION_PLACEHOLDER#${VERSION}-${REVISION}#g" ${DEB_BUILD_DIR}/DEBIAN/control
- sed -i "s#ARCHITECTURE_PLACEHOLDER#${ARCHITECTURE}#g" "${DEB_BUILD_DIR}/DEBIAN/control"
# add checksums
- pushd ${DEB_BUILD_DIR}
- md5sum $(find * -type f -not -path 'DEBIAN/*') > DEBIAN/md5sums
- popd
# build binary deb package
- dpkg-deb --build --root-owner-group ${DEB_BUILD_DIR}/
artifacts:
paths:
# package name: validate_workflows_[VERSION]-[REVISION]_[ARCHITECTURE].deb
- "*.deb"
test-install-debian-job:
stage: test-package
timeout: 5m
image:
# HINT: debian base image to simulate an installation target
name: "${IMAGE_BASE_DEB}"
tags:
- "docker"
script:
- apt update
- apt install -y ./validate_workflows*.deb
# - validate_workflow.sh -h"