stages: # List of stages for jobs, and their order of execution - build-env - package-verapdf - test-package variables: VERAPDF_VERSION: "1.28.1" DOCKERFILE_DEB: "${CI_PROJECT_DIR}/gitlab-ci/Dockerfile_DEB" IMAGE_BASE_DEB: "sdvharbor.slub-dresden.de/replication/debian:bookworm-slim" IMAGE_TARGET_DEB: "${CI_REGISTRY_IMAGE}/debian12_verapdf_build_env" INSTALL_PATH_VERAPDF_DEB: "/usr/local/verapdf" .build-env-job: stage: build-env timeout: 10m tags: - "docker" image: # Use Kaniko base image to build a Docker image to use as the base image for later jobs. name: gcr.io/kaniko-project/executor:debug entrypoint: [""] # Do not run the before_script tasks here, they wouldn't be included in the Docker image. Instead, provide an empty list of tasks. before_script: [] # docu: https://docs.gitlab.com/ee/ci/docker/using_kaniko.html, this is basically copy-pasted from there script: - mkdir -p /kaniko/.docker - echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(printf "%s:%s" "$CI_REGISTRY_USER" "$CI_REGISTRY_PASSWORD" | base64 | tr -d '\n')\"},\"$(printf "%s" "$CI_DEPENDENCY_PROXY_SERVER" | cut -d':' -f1)\":{\"auth\":\"$(printf "%s:%s" "$CI_DEPENDENCY_PROXY_USER" "$CI_DEPENDENCY_PROXY_PASSWORD" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json # In this task, Kaniko executor is called to build the Image based on the Dockerfile provided with "--dockerfile". - echo "CI_PROJECT_DIR=${CI_PROJECT_DIR}" - >- /kaniko/executor --context "${CI_PROJECT_DIR}" --dockerfile "${DOCKERFILE}" --destination "${IMAGE_TARGET}:latest" --build-arg "GITDIR=${CI_PROJECT_DIR}" --cache=true --cache-repo=${CI_REGISTRY_IMAGE} --cache-copy-layers=true --snapshotMode=redo --use-new-run --ignore-var-run build-debian-env-job: extends: .build-env-job variables: DOCKERFILE: ${DOCKERFILE_DEB} IMAGE_TARGET: ${IMAGE_TARGET_DEB} package-debian-job: stage: package-verapdf timeout: 5m image: name: "${IMAGE_TARGET_DEB}:latest" tags: - "docker" script: # HINT: current working dir == '/builds/digital-preservation/verapdf_package_build' as root # download zipped verapdf installer # HINT: https://software.verapdf.org/rel/1.24/verapdf-greenfield-1.24.1-installer.zip - export VERAPDF_VERSION_WITHOUT_PATCHLEVEL="$(echo ${VERAPDF_VERSION} | sed "s#^\([0-9]*\.[0-9]*\).*#\1#g")" - export ZIPPED_VERAPDF_INSTALLER_URL="https://software.verapdf.org/rel/${VERAPDF_VERSION_WITHOUT_PATCHLEVEL}/verapdf-greenfield-${VERAPDF_VERSION}-installer.zip" - wget "${ZIPPED_VERAPDF_INSTALLER_URL}" # unpack installer - unzip verapdf-greenfield-${VERAPDF_VERSION}-installer.zip # set absolute file path to xml template for automated install # HINT: /builds/digital-preservation/verapdf_package_build/verapdf-greenfield-1.24.1 - export VERAPDF_UNZIP_DIR="$(pwd)/verapdf-greenfield-${VERAPDF_VERSION}" - export AUTO_INSTALL_XML_PATH="${VERAPDF_UNZIP_DIR}/auto-install.DEB.xml" # set installation path in xml template - sed "s#INSTALL_PATH#${INSTALL_PATH_VERAPDF_DEB}#g" gitlab-ci/auto-install.xml > "${AUTO_INSTALL_XML_PATH}" # run headless verapdf installation - ${VERAPDF_UNZIP_DIR}/verapdf-install "${AUTO_INSTALL_XML_PATH}" # test call verapdf - ${INSTALL_PATH_VERAPDF_DEB}/verapdf --version | grep "${VERAPDF_VERSION}" # retrieve or set additional version infos - REVISION="1" - ARCHITECTURE="all" - VERSION="${VERAPDF_VERSION}" # create build dir structure - DEB_BUILD_DIR="verapdf_${VERSION}-${REVISION}_${ARCHITECTURE}" - mkdir -p ${DEB_BUILD_DIR}/DEBIAN # copy project files to be packaged - mkdir -p "${DEB_BUILD_DIR}/${INSTALL_PATH_VERAPDF_DEB}" - cp -r "${INSTALL_PATH_VERAPDF_DEB}" "${DEB_BUILD_DIR}/${INSTALL_PATH_VERAPDF_DEB}/.." # create symlinks for ease-of-use - mkdir -p "${DEB_BUILD_DIR}/usr/local/bin" - ln -s "${INSTALL_PATH_VERAPDF_DEB}/verapdf" "${DEB_BUILD_DIR}/usr/local/bin/verapdf" - ln -s "${INSTALL_PATH_VERAPDF_DEB}/verapdf-gui" "${DEB_BUILD_DIR}/usr/local/bin/verapdf-gui" # create deb control file from template - sed "s#VERSION_PLACEHOLDER#${VERSION}-${REVISION}#g" gitlab-ci/verapdf.control > "${DEB_BUILD_DIR}/DEBIAN/control" - sed -i "s#ARCHITECTURE_PLACEHOLDER#${ARCHITECTURE}#g" "${DEB_BUILD_DIR}/DEBIAN/control" # add checksums - pushd ${DEB_BUILD_DIR} - find * -type f -not -path 'DEBIAN/*' -exec md5sum \{\} \; | sort -k2 > DEBIAN/md5sums - popd # build binary deb package - dpkg-deb --build --root-owner-group ${DEB_BUILD_DIR}/ artifacts: paths: # package name: verapdf_[VERSION]-[REVISION]_[ARCHITECTURE].deb - "*.deb" test-install-debian-job: stage: test-package timeout: 5m image: # HINT: debian base image to simulate an installation target name: "${IMAGE_BASE_DEB}" tags: - "docker" script: - apt update - apt install -y ./verapdf*.deb - ${INSTALL_PATH_VERAPDF_DEB}/verapdf --version | grep "${VERAPDF_VERSION}"