From 86ed4d38506a1f79553dda06040b616df1878810 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 4 Mar 2022 16:12:26 +0100 Subject: [PATCH 001/166] feat(Templates): Ideal eXXcellent Pipeline --- .gitlab-ci.yml | 43 ++++------ .idea/misc.xml | 3 + STD-variablen-Template.gitlab-ci.yml | 51 ----------- container-publish-snapshot.gitlab-ci.yml | 30 ------- container-publish.gitlab-ci.yml | 68 --------------- container-scan.gitlab-ci.yml | 69 --------------- docker-compose-validate.gitlab-ci.yml | 5 -- .../chapters/generalInformation.adoc | 71 --------------- .../pipelines/update-version-pipeline.adoc | 49 +++++------ .../chapters/templates/IaC/ansible.adoc | 36 ++++++++ .../templates/IaC/docker-compose.adoc | 80 +++++++++++++++++ .../ssh-transfer-data.adoc} | 4 +- documentation/chapters/templates/ansible.adoc | 33 ------- .../templates/common/common-ci-variablen.adoc | 25 ++++++ .../templates/container-publish-snapshot.adoc | 27 ------ .../chapters/templates/container-publish.adoc | 29 ------- .../templates/container/container-build.adoc | 34 ++++++++ .../container/container-publish.adoc | 22 +++++ .../{ => container}/container-scan.adoc | 21 +++-- .../templates/docker-compose-deploy.adoc | 70 --------------- .../templates/docker-compose-validate.adoc | 20 ----- .../tool-documentation-tool.adoc | 12 +++ .../templates/gradle-build-template.adoc | 18 ---- .../templates/gradle-test-template.adoc | 18 ---- .../java/gradle/gradle-build-template.adoc | 19 ++++ .../java/gradle/gradle-db-diff-template.adoc | 26 ++++++ .../java/gradle/gradle-test-template.adoc | 27 ++++++ .../maven}/maven-build-template.adoc | 4 +- .../java/maven/maven-db-diff-template.adoc | 20 +++++ .../maven/maven-dependencies-template.adoc | 17 ++++ .../java/maven/maven-verify-template.adoc | 27 ++++++ .../maven-dependencies-template.adoc | 17 ---- .../templates/maven-verify-template.adoc | 25 ------ .../{ => npm}/npm-build-template.adoc | 4 +- .../{ => npm}/npm-dependencies-template.adoc | 4 +- .../{ => npm}/npm-lint-template.adoc | 4 +- .../{ => npm}/npm-test-template.adoc | 4 +- .../chapters/templates/publish-image.adoc | 19 ---- .../chapters/templates/release-template.adoc | 19 ---- .../{ => releasing}/mail-template.adoc | 4 +- .../push-tag-and-version-template.adoc | 7 +- .../releasing/release-gitlab-template.adoc | 17 ++++ .../templates/releasing/release-template.adoc | 32 +++++++ .../{ => releasing}/set-version-template.adoc | 10 ++- .../{ => static-analysis}/repo-cve-scan.adoc | 4 +- .../tool-sonar.adoc} | 7 +- .../templates/tool-documentation-tool.adoc | 12 --- documentation/contribution.adoc | 20 +++++ documentation/document.adoc | 86 +++++++++++-------- documentation/generalInformation.adoc | 50 +++++++++++ pipelines/eXXcellent-release.gitlab-ci.yml | 31 +++++++ pipelines/java-maven.gitlab-ci.yml | 39 +++++++++ pipelines/license.gitlab-ci.yml | 23 +++++ .../update-version-pipeline.gitlab-ci.yml | 19 ---- pipelines/update-version.gitlab-ci.yml | 48 +++++++++++ release-template.gitlab-ci.yml | 13 --- release.gitlab-ci.yml | 13 +++ .../IaC/ansible.gitlab-ci.yml | 0 .../IaC/docker-compose.gitlab-ci.yml | 6 ++ .../IaC/ssh-transfer-data.gitlab-ci.yml | 0 .../common/common-ci-variablen.gitlab-ci.yml | 71 +++++++++++++++ .../container/container-build.gitlab-ci.yml | 37 ++++++++ .../container/container-publish.gitlab-ci.yml | 28 ++++++ .../container/container-scan.gitlab-ci.yml | 19 ++++ .../documentation.gitlab-ci.yml | 20 +++-- .../java/gradle/gradle-build.gitlab-ci.yml | 3 +- .../gradle/gradle-database-diff.gitlab-ci.yml | 13 +++ .../java/gradle/gradle-test.gitlab-ci.yml | 2 +- templates/java/java-common-db.gitlab-ci.yml | 13 +++ .../java/maven/maven-build.gitlab-ci.yml | 5 ++ .../maven/maven-database-diff.gitlab-ci.yml | 12 +++ .../maven/maven-dependencies.gitlab-ci.yml | 0 .../java/maven/maven-verify.gitlab-ci.yml | 2 +- .../npm/npm-build.gitlab-ci.yml | 7 ++ .../npm/npm-dependencies.gitlab-ci.yml | 0 .../npm/npm-lint.gitlab-ci.yml | 2 +- .../npm/npm-test.gitlab-ci.yml | 2 +- .../releasing/mail.gitlab-ci.yml | 2 +- .../push-tag-and-version.gitlab-ci.yml | 7 +- .../releasing/release-gitlab.gitlab-ci.yml | 15 ++++ templates/releasing/release.gitlab-ci.yml | 33 +++++++ .../releasing/set-version.gitlab-ci.yml | 9 +- .../static-analysis/license.gitlab-ci.yml | 11 +++ .../repo-cve-scan-trivy.gitlab-ci.yml | 6 +- .../static-analysis/sonar.gitlab-ci.yml | 6 +- 85 files changed, 1054 insertions(+), 786 deletions(-) delete mode 100644 STD-variablen-Template.gitlab-ci.yml delete mode 100644 container-publish-snapshot.gitlab-ci.yml delete mode 100644 container-publish.gitlab-ci.yml delete mode 100644 container-scan.gitlab-ci.yml delete mode 100644 docker-compose-validate.gitlab-ci.yml delete mode 100644 documentation/chapters/generalInformation.adoc create mode 100644 documentation/chapters/templates/IaC/ansible.adoc create mode 100644 documentation/chapters/templates/IaC/docker-compose.adoc rename documentation/chapters/templates/{ssh-transfer-data-template.adoc => IaC/ssh-transfer-data.adoc} (83%) delete mode 100644 documentation/chapters/templates/ansible.adoc create mode 100644 documentation/chapters/templates/common/common-ci-variablen.adoc delete mode 100644 documentation/chapters/templates/container-publish-snapshot.adoc delete mode 100644 documentation/chapters/templates/container-publish.adoc create mode 100644 documentation/chapters/templates/container/container-build.adoc create mode 100644 documentation/chapters/templates/container/container-publish.adoc rename documentation/chapters/templates/{ => container}/container-scan.adoc (54%) delete mode 100644 documentation/chapters/templates/docker-compose-deploy.adoc delete mode 100644 documentation/chapters/templates/docker-compose-validate.adoc create mode 100644 documentation/chapters/templates/documentation/tool-documentation-tool.adoc delete mode 100644 documentation/chapters/templates/gradle-build-template.adoc delete mode 100644 documentation/chapters/templates/gradle-test-template.adoc create mode 100644 documentation/chapters/templates/java/gradle/gradle-build-template.adoc create mode 100644 documentation/chapters/templates/java/gradle/gradle-db-diff-template.adoc create mode 100644 documentation/chapters/templates/java/gradle/gradle-test-template.adoc rename documentation/chapters/templates/{ => java/maven}/maven-build-template.adoc (67%) create mode 100644 documentation/chapters/templates/java/maven/maven-db-diff-template.adoc create mode 100644 documentation/chapters/templates/java/maven/maven-dependencies-template.adoc create mode 100644 documentation/chapters/templates/java/maven/maven-verify-template.adoc delete mode 100644 documentation/chapters/templates/maven-dependencies-template.adoc delete mode 100644 documentation/chapters/templates/maven-verify-template.adoc rename documentation/chapters/templates/{ => npm}/npm-build-template.adoc (70%) rename documentation/chapters/templates/{ => npm}/npm-dependencies-template.adoc (75%) rename documentation/chapters/templates/{ => npm}/npm-lint-template.adoc (68%) rename documentation/chapters/templates/{ => npm}/npm-test-template.adoc (65%) delete mode 100644 documentation/chapters/templates/publish-image.adoc delete mode 100644 documentation/chapters/templates/release-template.adoc rename documentation/chapters/templates/{ => releasing}/mail-template.adoc (89%) rename documentation/chapters/templates/{ => releasing}/push-tag-and-version-template.adoc (87%) create mode 100644 documentation/chapters/templates/releasing/release-gitlab-template.adoc create mode 100644 documentation/chapters/templates/releasing/release-template.adoc rename documentation/chapters/templates/{ => releasing}/set-version-template.adoc (64%) rename documentation/chapters/templates/{ => static-analysis}/repo-cve-scan.adoc (85%) rename documentation/chapters/templates/{tool-sonar7.adoc => static-analysis/tool-sonar.adoc} (91%) delete mode 100644 documentation/chapters/templates/tool-documentation-tool.adoc create mode 100644 documentation/contribution.adoc create mode 100644 documentation/generalInformation.adoc create mode 100644 pipelines/eXXcellent-release.gitlab-ci.yml create mode 100644 pipelines/java-maven.gitlab-ci.yml create mode 100644 pipelines/license.gitlab-ci.yml delete mode 100644 pipelines/update-version-pipeline.gitlab-ci.yml create mode 100644 pipelines/update-version.gitlab-ci.yml delete mode 100644 release-template.gitlab-ci.yml create mode 100644 release.gitlab-ci.yml rename ansible.gitlab-ci.yml => templates/IaC/ansible.gitlab-ci.yml (100%) rename docker-compose-deploy.gitlab-ci.yml => templates/IaC/docker-compose.gitlab-ci.yml (89%) rename ssh-transfer-data-template.gitlab-ci.yml => templates/IaC/ssh-transfer-data.gitlab-ci.yml (100%) create mode 100644 templates/common/common-ci-variablen.gitlab-ci.yml create mode 100644 templates/container/container-build.gitlab-ci.yml create mode 100644 templates/container/container-publish.gitlab-ci.yml create mode 100644 templates/container/container-scan.gitlab-ci.yml rename tool-documentation.gitlab-ci.yml => templates/documentations/documentation.gitlab-ci.yml (73%) rename gradle-build-template.gitlab-ci.yml => templates/java/gradle/gradle-build.gitlab-ci.yml (51%) create mode 100644 templates/java/gradle/gradle-database-diff.gitlab-ci.yml rename gradle-test-template.gitlab-ci.yml => templates/java/gradle/gradle-test.gitlab-ci.yml (92%) create mode 100644 templates/java/java-common-db.gitlab-ci.yml rename maven-build-template.gitlab-ci.yml => templates/java/maven/maven-build.gitlab-ci.yml (52%) create mode 100644 templates/java/maven/maven-database-diff.gitlab-ci.yml rename maven-dependencies-template.gitlab-ci.yml => templates/java/maven/maven-dependencies.gitlab-ci.yml (100%) rename maven-verify-template.gitlab-ci.yml => templates/java/maven/maven-verify.gitlab-ci.yml (93%) rename npm-build-template.gitlab-ci.yml => templates/npm/npm-build.gitlab-ci.yml (50%) rename npm-dependencies-template.gitlab-ci.yml => templates/npm/npm-dependencies.gitlab-ci.yml (100%) rename npm-lint-template.gitlab-ci.yml => templates/npm/npm-lint.gitlab-ci.yml (93%) rename npm-test-template.gitlab-ci.yml => templates/npm/npm-test.gitlab-ci.yml (89%) rename mail-template.gitlab-ci.yml => templates/releasing/mail.gitlab-ci.yml (94%) rename push-tag-and-version-template.gitlab-ci.yml => templates/releasing/push-tag-and-version.gitlab-ci.yml (84%) create mode 100644 templates/releasing/release-gitlab.gitlab-ci.yml create mode 100644 templates/releasing/release.gitlab-ci.yml rename set-version-template.gitlab-ci.yml => templates/releasing/set-version.gitlab-ci.yml (67%) create mode 100644 templates/static-analysis/license.gitlab-ci.yml rename repo-cve-scan.gitlab-ci.yml => templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml (95%) rename tool-sonar7.gitlab-ci.yml => templates/static-analysis/sonar.gitlab-ci.yml (96%) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 707edce..dfdf203 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,23 +1,26 @@ stages: - - test - - generate-docs + - verify + - documentation - release include: - - local: 'release-template.gitlab-ci.yml' - - local: 'tool-documentation.gitlab-ci.yml' + - local: 'templates/releasing/release.gitlab-ci.yml' + - local: 'templates/releasing/release-gitlab.gitlab-ci.yml' + - local: 'templates/documentations/documentation.gitlab-ci.yml' Test-Java-Backend: - stage: test + stage: verify rules: - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH when: always - - when: never + - when: manual trigger: project: gilden/ci/java-backend-template + branch: "Templates2.0" strategy: depend check_confluence_validity: + extends: .documentation-ckeck-confluence-validity variables: DOCUMENT_ROOT: "documentation" INPUT_FILE: "document.adoc" @@ -28,9 +31,9 @@ check_confluence_validity: TEXT_GENERATED_HINT: 'This is a generated page, do not edit! All changes must happen in the Repository .' FILE_INPUT: "index.html,107524048,CI Templates" - extends: .check_confluence_validity-template pages: + extends: .documentation-publish variables: DOCUMENT_ROOT: "documentation" INPUT_FILE: "document.adoc" @@ -41,35 +44,25 @@ pages: TEXT_GENERATED_HINT: 'This is a generated page, do not edit! All changes must happen in the Repository .' FILE_INPUT: "index.html,107524048,CI Templates" - extends: .pages-template -.release-template: - trigger: - include: pipelines/update-version-pipeline.gitlab-ci.yml - strategy: depend - a.major-release: - extends: .release-template + extends: + - .release-default variables: BUMP_VERSION: "major" b.minor-release: - extends: .release-template + extends: + - .release-default variables: BUMP_VERSION: "minor" c.patch-release: - extends: .release-template + extends: + - .release-default variables: BUMP_VERSION: "patch" -d.prerelease-release: - extends: .release-template - variables: - BUMP_VERSION: "prerelease" - -e.build-release: - extends: .release-template - variables: - BUMP_VERSION: "build" +create-gitlab-release: + extends: .release-create-gitlab \ No newline at end of file diff --git a/.idea/misc.xml b/.idea/misc.xml index 639900d..d79bd4e 100644 --- a/.idea/misc.xml +++ b/.idea/misc.xml @@ -3,4 +3,7 @@ + + \ No newline at end of file diff --git a/STD-variablen-Template.gitlab-ci.yml b/STD-variablen-Template.gitlab-ci.yml deleted file mode 100644 index 0757752..0000000 --- a/STD-variablen-Template.gitlab-ci.yml +++ /dev/null @@ -1,51 +0,0 @@ -stages: - - dependencies - - build - - test - - set-version - - publish - - post-process - - package - - -cache: - key: "$CI_JOB_NAME" - paths: - # Cache Maven - - .m2/repository - # Cache NPM - - $FRONTEND_DIR/dist - # Cache Gradle - - .gradle - - build - -variables: - CI_REGISTRY: gitlab.exxcellent.de:4567 - - ##NPM / Node Settings - NODE_IMAGE: node:16-alpine3.15 - - ##Global Variables we use in our CI scripts when using maven - MAVEN_IMAGE: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-java-maven-base-image:java11-maven3.8.3_latest - MAVEN_OPTS: > - -Dhttps.protocols=TLSv1.2 - -Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository - -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN - -Dorg.slf4j.simpleLogger.showDateTime=true - -Djava.awt.headless=true - MAVEN_CLI_OPTS: > - --batch-mode - --errors - --fail-at-end - --show-version - -DinstallAtEnd=true - -DdeployAtEnd=true - - ##Global Variables we use in our CI scripts when using Gradle - GRADLE_OPTS: "-Dorg.gradle.daemon=false" - GRADLE_IMAGE: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-java-maven-base-image:java11-maven3.8.3_latest - # Currently we use the Maven image and use the Gradle Wrapper. This is slower but saver at the moment - - ##Set default directories for frontend and backend templates - FRONTEND_DIR: $CI_PROJECT_DIR - BACKEND_DIR: $CI_PROJECT_DIR diff --git a/container-publish-snapshot.gitlab-ci.yml b/container-publish-snapshot.gitlab-ci.yml deleted file mode 100644 index c01fad3..0000000 --- a/container-publish-snapshot.gitlab-ci.yml +++ /dev/null @@ -1,30 +0,0 @@ -include: - - local: 'container-publish.gitlab-ci.yml' - -.container-publish-snapshot-rules: &container-publish-snapshot-rules - stage: snapshot - rules: - - if: "$CI_PIPELINE_SOURCE == 'merge_request_event'" - when: never - - if: '$CI_COMMIT_REF_NAME =~ /^feature/' - variables: - IMAGE_TAG: $CI_COMMIT_REF_SLUG - - if: '$CI_COMMIT_REF_NAME =~ /^refactor/' - variables: - IMAGE_TAG: $CI_COMMIT_REF_SLUG - - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH - variables: - IMAGE_TAG: "latest" - - when: never - -.publish-image-jib-maven-snapshot: - <<: *container-publish-snapshot-rules - extends: .publish-image-jib-maven - -.publish-image-jib-gradle-snapshot: - <<: *container-publish-snapshot-rules - extends: .publish-image-jib-gradle - -.publish-image-kaniko-snapshot: - <<: *container-publish-snapshot-rules - extends: .publish-image-kaniko \ No newline at end of file diff --git a/container-publish.gitlab-ci.yml b/container-publish.gitlab-ci.yml deleted file mode 100644 index d405e30..0000000 --- a/container-publish.gitlab-ci.yml +++ /dev/null @@ -1,68 +0,0 @@ -.container-publish-common-variables: &container-publish-common-variables - DOCKER_REGISTRY: $CI_REGISTRY_IMAGE - DOCKER_REGISTRY_USER: $CI_REGISTRY_USER - DOCKER_REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD - EXTRA_ARGS: "" - USE_VERSIONFILE: "false" - ARTIFACT: "version" - -.container-publish-common: &container-publish-common - before_script: - - if [ "$USE_VERSIONFILE" == "true" ]; then IMAGE_TAG=$(cat ./"$ARTIFACT"); fi - - export PARSED_VERSION=$(echo $IMAGE_TAG | sed -r 's/\+/_/g') # Replace + sign since this is not valid in a docker tag - - echo $PARSED_VERSION - stage: package - rules: - - if: $CI_COMMIT_TAG - variables: - IMAGE_TAG: $CI_COMMIT_TAG - - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH - variables: - USE_VERSIONFILE: "true" - - when: never - -.publish-image-jib-maven: - image: $MAVEN_IMAGE - <<: *container-publish-common - variables: - <<: *container-publish-common-variables - MVN_VERSION: "true" - script: - - > - if [ "${MVN_VERSION}" == "true" ]; then - mvn versions:set -DnewVersion=$PARSED_VERSION -DgenerateBackupPoms=false - fi - - mvn $MAVEN_CLI_OPTS compile jib:build $EXTRA_ARGS - "-DskipTests" - "-Djib.to.image=$DOCKER_REGISTRY:$PARSED_VERSION" - "-Djib.to.auth.username=$DOCKER_REGISTRY_USER" - "-Djib.to.auth.password=$DOCKER_REGISTRY_PASSWORD" - -.publish-image-jib-gradle: - image: $GRADLE_IMAGE - <<: *container-publish-common - variables: - <<: *container-publish-common-variables - EXTRA_ARGS: $GRADLE_EXTRA_ARGS - script: - - echo $PARSED_VERSION - - ./gradlew assemble jib $GRADLE_CLI_OPTS $EXTRA_ARGS - "-DskipTests" - "-Djib.to.image=$DOCKER_REGISTRY:$PARSED_VERSION"" - "-Djib.to.auth.username=$DOCKER_REGISTRY_USER" - "-Djib.to.auth.password=$DOCKER_REGISTRY_PASSWORD" - -.publish-image-kaniko: - image: - name: gcr.io/kaniko-project/executor:v1.6.0-debug - entrypoint: [ "" ] - <<: *container-publish-common - variables: - <<: *container-publish-common-variables - PROJECT_DIR: $CI_PROJECT_DIR - DOCKERFILE_LOCATION: $CI_PROJECT_DIR/Dockerfile - CONTEXT_LOCATION: $CI_PROJECT_DIR - script: - - mkdir -p /kaniko/.docker - - echo "{\"auths\":{\"$DOCKER_REGISTRY\":{\"username\":\"$DOCKER_REGISTRY_USER\",\"password\":\"$DOCKER_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json - - /kaniko/executor --context $CONTEXT_LOCATION --dockerfile $DOCKERFILE_LOCATION --destination $CI_REGISTRY_IMAGE:$PARSED_VERSION $EXTRA_ARGS --registry-mirror nexus.corp.exxcellent.de:18000 --skip-tls-verify-registry nexus.corp.exxcellent.de:18000 --skip-tls-verify diff --git a/container-scan.gitlab-ci.yml b/container-scan.gitlab-ci.yml deleted file mode 100644 index 6818e82..0000000 --- a/container-scan.gitlab-ci.yml +++ /dev/null @@ -1,69 +0,0 @@ -.scan-container-jib: - image: $MAVEN_IMAGE - stage: test - variables: - TRIVY_VERSION: 0.25.1 - EXITCODE: 1 - TRIVY_EXTRA_ARGS: "--no-progress --ignore-unfixed" - before_script: - - curl -L "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" --output trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz - - tar zxvf trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz - script: - - mvn $MAVEN_CLI_OPTS compile jib:buildTar -DskipTests - - ./trivy --cache-dir .trivycache/ image --timeout 15m $TRIVY_EXTRA_ARGS --exit-code 0 --severity HIGH,CRITICAL --format template --template "@contrib/junit.tpl" -o junit-report.xml --input target/jib-image.tar - - ./trivy --cache-dir .trivycache/ image --timeout 15m $TRIVY_EXTRA_ARGS --exit-code $EXITCODE --severity HIGH,CRITICAL --input target/jib-image.tar - cache: - paths: - - .trivycache/ - artifacts: - reports: - junit: junit-report.xml - -.scan-container-jib-gradle: - image: $GRADLE_IMAGE - stage: test - variables: - TRIVY_VERSION: 0.25.1 - EXITCODE: 1 - PROJECT_DIR: $CI_PROJECT_DIR/build - TRIVY_EXTRA_ARGS: "--no-progress --ignore-unfixed" - before_script: - - export GRADLE_USER_HOME=`pwd`/.gradle - - curl -L "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" --output trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz - - tar zxvf trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz - script: - - ./gradlew $GRADLE_CLI_OPTS jibBuildTar -DskipTests - - ./trivy --cache-dir .trivycache/ image --timeout 15m $TRIVY_EXTRA_ARGS --exit-code 0 --severity HIGH,CRITICAL --format template --template "@contrib/junit.tpl" -o junit-report.xml --input $PROJECT_DIR/jib-image.tar - - ./trivy --cache-dir .trivycache/ image --timeout 15m $TRIVY_EXTRA_ARGS --exit-code $EXITCODE --severity HIGH,CRITICAL --input $PROJECT_DIR/jib-image.tar - cache: - paths: - - .trivycache/ - artifacts: - reports: - junit: junit-report.xml - -.scan-container-kaniko: - stage: test - image: - name: gcr.io/kaniko-project/executor:v1.6.0-debug - entrypoint: [ "" ] - variables: - TRIVY_VERSION: 0.25.1 - PROJECT_DIR: $CI_PROJECT_DIR - DOCKERFILE_LOCATION: $CI_PROJECT_DIR/Dockerfile - CONTEXT_LOCATION: $CI_PROJECT_DIR - EXITCODE: 1 - TRIVY_EXTRA_ARGS: "--no-progress --ignore-unfixed" - before_script: - - wget "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" - - tar zxvf trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz - script: - - /kaniko/executor --context $CONTEXT_LOCATION --dockerfile $DOCKERFILE_LOCATION $KANIKO_EXTRA_ARGS --cache-dir cache/image --tarPath image.tar --no-push --destination image --registry-mirror nexus.corp.exxcellent.de:18000 --skip-tls-verify-registry nexus.corp.exxcellent.de:18000 --skip-tls-verify - - ./trivy --cache-dir .trivycache/ image --timeout 15m $TRIVY_EXTRA_ARGS --exit-code 0 --severity HIGH,CRITICAL --format template --template "@contrib/junit.tpl" -o junit-report.xml --input image.tar - - ./trivy --cache-dir .trivycache/ image --timeout 15m $TRIVY_EXTRA_ARGS --exit-code $EXITCODE --severity HIGH,CRITICAL --input image.tar - cache: - paths: - - .trivycache/ - artifacts: - reports: - junit: junit-report.xml diff --git a/docker-compose-validate.gitlab-ci.yml b/docker-compose-validate.gitlab-ci.yml deleted file mode 100644 index e0aa668..0000000 --- a/docker-compose-validate.gitlab-ci.yml +++ /dev/null @@ -1,5 +0,0 @@ -.docker-compose-validate: - image: docker/compose:alpine-1.29.1 - stage: test - script: - - docker-compose $COMPOSE_EXTRA_ARGS config diff --git a/documentation/chapters/generalInformation.adoc b/documentation/chapters/generalInformation.adoc deleted file mode 100644 index 9056a70..0000000 --- a/documentation/chapters/generalInformation.adoc +++ /dev/null @@ -1,71 +0,0 @@ -:sourcedir: ../../ -= General Information - -== Templates und Pipelines - -In dieser Repository sind Templates und Pipeline-Templates zu finden. -Templates sind vorgefertigte Jobs die jeweils einen Use-Case abbilden sollen und direkt importiert werde können. - -Da eine CI jedoch aus Pipelines besteht und Gitlab die Möglichkeit Multiprojekt- und child-Pipelines zu benutzen werden hier auch vorgefertigte bereit gestellt. -Diese Pipeline-Templates bilden komplexere Use-Cases ab. -Pipelines sind in dem dafür vorgesehenen Pipeline Ordner zu finden. - -== Wie können Templates benutzt werden - -Um die Templates in deinem Projekt zu benutzten musst du folgendes machen: - -1. `Include` das Template file in deinem `.gitlab-ci.yaml` File. -2. Jetzt kannst du `extend` benutzen, um das Template zu integrieren. -Es ist möglich weitere Veränderungen vorzunehmen. - -[source,yaml] ----- -stages: - - test-image - -include: - - project: 'gilden/ci/gitlab-ci-templates' - ref: '1.0.0' - file: - - 'maven-build-template.gitlab-ci.yml' - - 'maven-dependencies-template.gitlab-ci.yml' - - 'maven-verify-template.gitlab-ci.yml' - - 'npm-build-template.gitlab-ci.yml' - - 'npm-dependencies-template.gitlab-ci.yml' - - 'npm-lint-template.gitlab-ci.yml' - - 'npm-test-template.gitlab-ci.yml' - - 'container-publish.gitlab-ci.yml' - - 'container-scan.gitlab-ci.yml' - - 'set-version-template.gitlab-ci.yml' - - 'push-tag-and-version-template.gitlab-ci.yml' - - -test-image: - stage: test-image - extends: .build-image - when: manual - except: - - master - - tags - before_script: - - cd ImportantPath ----- - -[[Generel-Variablen]] -== Generelle Variablen - -Bitte folgende Variablen in `.gitlab-ci.yaml` setzen - -|=== -|Name |Description -|CI_REGISTRY| Registry der CI -|MAVE_IMAGE| Das Image das benutzt werden soll für Jobs die Maven benötigen. -|NODE_IMAGE| Das Image das benutzt werden soll für Jobs die NPM benötigen -|MAVEN_OPTS| Generelle optionen um Maven zu verändern -|MAVEN_CLI_OPTS| Optionen um Maven beim Bauen zu verbessern. -|FRONTEND_DIR| Wenn das Projekt ein Frontend besitzt, muss der Pfad definiert werden, wo die note module gespeichert werden. -|=== - ----- -include::{sourcedir}/STD-variablen-Template.gitlab-ci.yml[] ----- diff --git a/documentation/chapters/pipelines/update-version-pipeline.adoc b/documentation/chapters/pipelines/update-version-pipeline.adoc index 23c922f..ad1e97c 100644 --- a/documentation/chapters/pipelines/update-version-pipeline.adoc +++ b/documentation/chapters/pipelines/update-version-pipeline.adoc @@ -4,7 +4,10 @@ ifndef::imagesdir[] :imagesdir: ../../images endif::[] -= update-version-pipeline +[#_pipeline_release] += Release Version Pipeline + +//todo umschreiben auf tag pipelines. This pipeline provides the jobs to increase the version, create a new tag and updates the changed files (version) the repository. @@ -59,30 +62,35 @@ include: - project: 'gilden/ci/gitlab-ci-templates' ref: 'master' file: - - 'release-template.gitlab-ci.yml' + - 'templates/releasing/release.gitlab-ci.yml' a.major-release: - extends: .release-template + #Pressent in all Pipelines + extends: .release-common variables: BUMP_VERSION: "major" b.minor-release: - extends: .release-template + #Pressent only on Default Branch + extends: .release-default variables: BUMP_VERSION: "minor" c.patch-release: - extends: .release-template + #Pressent only on Release Branches + extends: .release-release-branch variables: BUMP_VERSION: "patch" d.prerelease-release: - extends: .release-template + #Pressent only on Release Branches + extends: .release-release-branch variables: BUMP_VERSION: "prerelease" e.build-release: - extends: .release-template + #Pressent only on Release Branches + extends: .release-release-branch variables: BUMP_VERSION: "build" @@ -102,30 +110,13 @@ include: - project: 'gilden/ci/gitlab-ci-templates' ref: 'master' file: - - 'pipelines/update-version-pipeline.gitlab-ci.yml' - - 'push-image.yml' - -# This is optional -push-docker-image: - extends: .publish-image-kaniko - stage: release - # You only need NEED if you use a artifact from your parent pipeline to build the image - needs: - - pipeline: $PARENT_PIPELINE_ID - job: Build - - job: increase-version - - job: push-tag-and-version - rules: - - when: always - before_script: - - "[ -f ./version ] && export LATEST_VERSION=$(cat ./version)" - - export PARSED_VERSION=$(echo $LATEST_VERSION | sed -r 's/\+/_/g') # Replace + sign since this is not valid in a docker tag - - export IMAGE_NAME=$CI_REGISTRY_IMAGE:$PARSED_VERSION + - 'pipelines/update-version.gitlab-ci.yml' ---- You pipeline then looks like the following: .Release Pipeline +//todo update image for tag pipelines image::Release-Docker-Image-Pipeline.png[] == Pipeline @@ -133,7 +124,7 @@ image::Release-Docker-Image-Pipeline.png[] .update-version-pipeline [source, yaml] ---- -include::{sourcedir}/update-version-pipeline.gitlab-ci.yml[] +include::{sourcedir}/update-version.gitlab-ci.yml[] ---- == Usage with release branches @@ -152,7 +143,7 @@ include: - project: 'gilden/ci/gitlab-ci-templates' ref: 'master' file: - - 'release-template.gitlab-ci.yml' + - 'release.gitlab-ci.yml' # Creates next major prerelease on master (e.g.: 2.0.0-rc.1 --> 3.0.0-rc.1) a.major-prerelease: @@ -204,7 +195,7 @@ include: - project: 'gilden/ci/gitlab-ci-templates' ref: 'master' file: - - 'pipelines/update-version-pipeline.gitlab-ci.yml' + - 'pipelines/update-version.gitlab-ci.yml' - 'push-image.yml' # This is optional diff --git a/documentation/chapters/templates/IaC/ansible.adoc b/documentation/chapters/templates/IaC/ansible.adoc new file mode 100644 index 0000000..e7ddd3d --- /dev/null +++ b/documentation/chapters/templates/IaC/ansible.adoc @@ -0,0 +1,36 @@ +:sourcedir: ../../../../templates + += Ansible Template + +A Template Collection to simplify the deployment automation with Ansible. + +All Templates need a $SSH_PRIVATE_KEY variable to be set in den Gitlab CI Variablen. + +.Provided Templates: +|=== +|Name |Description +| +.ansible_lint | Calls the Ansible Linter for static analysis. +Output will be shown in CI output and can be used to optimize the Ansible manifests. +|.ansible_playbook_validate | Executes the Ansible-check, provides inside if the execution of Ansible is possible and syntactically correct. +|.ansible_playbook_run | Executes a defined Ansible playbooks. +|=== + +.Variables +|=== +|Name |Description | Default Value +|SSH_PRIVATE_KEY | The SSH key that will be used to access the remote maschine. +!! +DO NOT set this variable in your Repository. +Use the Gitlab CI variables so not everyone has access to this Secret. Only Maintainer will have access to those Settings +| NOT SET. Has to be set in the gitlab CI variables settings UI. +|PLAYBOOK_PATH | Path to the playbook that should be executed | "playbook.yml" +|INVENTORY_PATH | Path to the inventory that should be executed | "inventory.yml" +|EXTRA_ARGS | Additional Arguments that will be used from Ansible | "" +|=== + +.Ansible Collection +[source,yaml] +---- +include::{sourcedir}/IaC/ansible.gitlab-ci.yml[] +---- \ No newline at end of file diff --git a/documentation/chapters/templates/IaC/docker-compose.adoc b/documentation/chapters/templates/IaC/docker-compose.adoc new file mode 100644 index 0000000..a809387 --- /dev/null +++ b/documentation/chapters/templates/IaC/docker-compose.adoc @@ -0,0 +1,80 @@ +:sourcedir: ../../../../templates + += Docker-Compose Template + +.Provided Templates: +|=== +|Name |Description +|.docker-compose-deploy | Executes Docker Compose against a remote maschine. +|.docker-compose-validate | Validates the syntactic correctness of your compose files. Still can have execution Problems. +|=== + +Copy files with scp onto from your Repo to the Remote system. +Then executes Docker-compose over a SSH connection. +For this SSH connection you have to Provide a SSH Key under a CI-CD-Variable with the name $SSH_PRIVATE_KEY. +If you already have a different $SSH_PRIVATE_KEY you can overwrite the Variable SSH_PRIVATE_KEY_DEPLOY. + +To Parametrise the Docker-Compose File you can use a .env File. +The .env File should not contain any Secrets. +For this reason you can create a .env file dynamically. +To generate a .env file you can provide a script under the path ENV_SETUP_FILE. + +.Beispiel für ein setup_env.sh +---- +#!/bin/sh + +#Prints all Enviroments into the .env File. +printenv >> .env + +#to set a diffrent Project Prefix use this ENV +echo COMPOSE_PROJECT_NAME=project-prefix >>.env + +#Secrets +#Some Secret is a Variable within the gitlab CI Variable +echo SOME_PASSWORD="$SOME_PASSWORD" >>.env +---- + +.Variables +|=== + +|Name |Description | Default Value +| SSH_PRIVATE_KEY_DEPLOY +| Private key to access remote system. +| $SSH_PRIVATE_KEY (In den CI-CD variablen) + +| SSH_URL +| URL of the remote server. +| - + +| SSH_USER +| The user that is used to login into the remote maschine. +| - + +| DOCKER_REGISTRY +| The Container Registry that will be used to pull images. +| "$CI_REGISTRY" + +| ENV_SETUP_FILE +| If you want to use a .env file, this skript can be used to create one. +Secrets should not be stored within your repository. Use the CI-CD Variables in the setting page. +| "setup_env.sh" + +| SCP_DESTINATION +| Target path for scp to push files to. +| - + +| SCP_SOURCE +| Path you want to copy to the remote System. +| $CI_PROJECT_DIR + +| COMPOSE_EXTRA_ARGS +| Additional arguments you want to send to Docker Compose. +For example multiple `-f compose.file.extra` definitions. +| - +|=== + +.Docker Templates +[source,yaml] +---- +include::{sourcedir}/IaC/docker-compose.gitlab-ci.yml[] +---- diff --git a/documentation/chapters/templates/ssh-transfer-data-template.adoc b/documentation/chapters/templates/IaC/ssh-transfer-data.adoc similarity index 83% rename from documentation/chapters/templates/ssh-transfer-data-template.adoc rename to documentation/chapters/templates/IaC/ssh-transfer-data.adoc index 7134238..edb5ba3 100644 --- a/documentation/chapters/templates/ssh-transfer-data-template.adoc +++ b/documentation/chapters/templates/IaC/ssh-transfer-data.adoc @@ -1,4 +1,4 @@ -:sourcedir: ../../../ +:sourcedir: ../../../../templates/ = ssh-transfer-data-template @@ -16,5 +16,5 @@ For more details: https://gitlab.exxcellent.de/gilden/ci/exxcellent-ssh-tool#use .ssh-transfer-data-template [source, yaml] ---- -include::{sourcedir}/ssh-transfer-data-template.gitlab-ci.yml[] +include::{sourcedir}IaC/ssh-transfer-data.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/ansible.adoc b/documentation/chapters/templates/ansible.adoc deleted file mode 100644 index 5055fd7..0000000 --- a/documentation/chapters/templates/ansible.adoc +++ /dev/null @@ -1,33 +0,0 @@ -:sourcedir: ../../../ - -= Ansible-template - -Template Sammlung zur einfachen automation mit Ansible innerhalb der Gitlab CI. - -Erwartet das $SSH_PRIVATE_KEY in den Gitlab CI Variablen gesetzt ist. - -.Angebotene Templates: -|=== -|Name |Description -|.ansible_lint | Ruft den Linter von Ansible auf. -Der Output wird dann in der CI gezeigt und kann den Stil der Playbooks verbessern. -|.ansible_playbook_validate | Validiert, ob die Playbooks ausgeführt werden können und syntaktisch Sinn ergeben. -|.ansible_playbook_run | Führt die Playbooks auf dem Inventar aus. -|=== - -.Variables -|=== -|Name |Description | Default Value -|SSH_PRIVATE_KEY | SSH Key der von Ansible benutzt wird, um sich im Inventar anzumelden. -!! -Nicht in .gitlab.yml setzen. Statt dessen durch den CI Maintainer in den Gitlab Settings setzen lassen. | Nicht gesetzt. Muss in den Gitlab CI Variablen in den Settings gesetzt werden. -|PLAYBOOK_PATH | Path zum Playbook das ausgeführt werden soll | "playbook.yml" -|INVENTORY_PATH | Path zum Inventory das ausgeführt werden soll | "inventory.yml" -|EXTRA_ARGS | Extra Argumente für die Scripte | "" -|=== - -.Ansible-template -[source,yaml] ----- -include::{sourcedir}/ansible.gitlab-ci.yml[] ----- \ No newline at end of file diff --git a/documentation/chapters/templates/common/common-ci-variablen.adoc b/documentation/chapters/templates/common/common-ci-variablen.adoc new file mode 100644 index 0000000..8973738 --- /dev/null +++ b/documentation/chapters/templates/common/common-ci-variablen.adoc @@ -0,0 +1,25 @@ +:sourcedir: ../../../../templates + +:gitlab-ci-file: /common/common-ci-variablen.gitlab-ci.yml + +[[Generel-Variablen]] +== Generelle Variablen + +Wir stellen von uns empfohlene CI-Variablen in `{gitlab-ci-file}` zur verfügung. +Diese werden von uns gepflegt und bekommen von verschiedenen Projekten Feedback. +Es ist möglich das File direkt einzubinden. +Bitte folgende Variablen in `.gitlab-ci.yaml` setzen + +|=== +|Name |Description +|MAVE_IMAGE| Das Image das benutzt werden soll für Jobs die Maven benötigen. +|NODE_IMAGE| Das Image das benutzt werden soll für Jobs die NPM benötigen +|MAVEN_OPTS| Generelle optionen um Maven zu verändern +|MAVEN_CLI_OPTS| Optionen um Maven beim Bauen zu verbessern. +|FRONTEND_DIR| Wenn das Projekt ein Frontend besitzt, muss der Pfad definiert werden, damit die NPM Templates, das die Files finden kann. +|BACKEND_DIR| Wenn das Projekt ein Backend besitzt, muss der Pfad definiert werden. So kann gradle/maven an der richtigen Stelle ausgeführt werden. +|=== + +---- +include::{sourcedir}{gitlab-ci-file}[] +---- diff --git a/documentation/chapters/templates/container-publish-snapshot.adoc b/documentation/chapters/templates/container-publish-snapshot.adoc deleted file mode 100644 index b52163e..0000000 --- a/documentation/chapters/templates/container-publish-snapshot.adoc +++ /dev/null @@ -1,27 +0,0 @@ -:sourcedir: ../../../ - -= Container-Publish-Snapshot - -Dieses Template funktioniert genauso wie das <<_container_publish, Container Publish>> Template. -Es wird jedoch in folgenden Branches ausgeführt. -Dabei sind die Imagenamen der Container abhängig von den Branchnamen. - -.Ausführung -|=== -|Branch |Container Image name -|DEFAULT BRANCH (master/main) |DOCKER_REGISTRY:latest -|feature/* |$DOCKER_REGISTRY:feature/(Branch-postfix) -|refactor/* |$DOCKER_REGISTRY:refactor/(Branch-postfix) -|=== - -.Variables -|=== -|Name |Description | Default Value -|| Siehe <<_container_publish, Container Publish>> | -|=== - -.container-publish-snapshot -[source,yaml] ----- -include::{sourcedir}/container-publish-snapshot.gitlab-ci.yml[] ----- \ No newline at end of file diff --git a/documentation/chapters/templates/container-publish.adoc b/documentation/chapters/templates/container-publish.adoc deleted file mode 100644 index e39c3c0..0000000 --- a/documentation/chapters/templates/container-publish.adoc +++ /dev/null @@ -1,29 +0,0 @@ -:sourcedir: ../../../ - -= Container-Publish - -Baut mithilfe von jib oder kaniko ein Docker Image und läd das Image in der Docker Registry des Projekts hoch. -Dieser Schritt wird nur ausgeführt, wenn ein Tag gesetzt wird. -Wenn das Template ohne Tags benutzt werden soll, müssen die Rules vererbt werden. - -Ein Snapshot Template bieten wir hier an: <<_container-publish-snapshot>> - -.Variables -|=== -|Name |Description | Default Value -|MVN_VERSION | Bestimmt, ob die version von MAVEN gesetzt werden soll. -Falls das Projekt aus mehreren Poms besteht, kann `before_script:` benutzt werden. | "true" -|DOCKER_REGISTRY | Definiert die Registry an zu dem das Image veröffentlicht werden soll | $CI_REGISTRY_IMAGE -|DOCKER_REGISTRY_USER | Definiert den User der benutzt werden soll | $CI_REGISTRY_USER -|DOCKER_REGISTRY_PASSWORD | Definiert das Passwort des Benutzers | $CI_REGISTRY_PASSWORD -|EXTRA_ARGS | Weitere Argumente die an den jeweiligen Job gegeben werden sollen. | "" -|USE_VERSIONFILE | Wenn true, dann wird zur Versionierung das ./version file aus dem set-version tool verwendet | "false" -|ARTIFACT | Der Name des Versionfiles aus dem set-version tool | "version" -|GRADLE_CLI_OPTS | Zusätzliche CLI Opts für Gradle | "" -|=== - -.container-publish -[source,yaml] ----- -include::{sourcedir}/container-publish.gitlab-ci.yml[] ----- \ No newline at end of file diff --git a/documentation/chapters/templates/container/container-build.adoc b/documentation/chapters/templates/container/container-build.adoc new file mode 100644 index 0000000..43ff119 --- /dev/null +++ b/documentation/chapters/templates/container/container-build.adoc @@ -0,0 +1,34 @@ +:sourcedir: ../../../../templates + += Build + +.Provided Templates: +|=== +|Name |Description +| .container-build-jib-maven | Baut Container mit dem Jib Plugin für Maven +| .container-build-jib-gradle | Baut Container mit dem Jib Plugin für Gradle +| .container-build-kaniko | Baut Container mit dem Kaniko +|=== + +Erlaubt es das einfache bauen von Container Images. +Die Images werden als Tar in den CI-Artifacten abgelegt damit es einfach an weitere Pipeline-Schritte übergeben werden kann. +Für das Veröffentlichen des Images ist das Template ContainerPublish[Container Publish] zuständig. + +.Variables +|=== +|Name |Description | Default Value +|CONTEXT_LOCATION | Der Context des Dockerfiles. Im Fall von Jib ist dies der Path wo Maven/Gradle ausgeführt wird. | $CI_PROJECT_DIR + +| EXTRA_ARGS | Weitere Argumente die an das Tool geschickt werden soll | "" + +| Nur bei Kaniko |- |- +| DOCKERFILE_LOCATION | Pfad zum Dockerfile | $CI_PROJECT_DIR/Dockerfile + +| REGISTRY_MIRROR | Welcher Mirror benutzt werden soll | Nexus von exxcellent +|=== + +.Container Build Templates +[source,yaml] +---- +include::{sourcedir}/container/container-build.gitlab-ci.yml[] +---- \ No newline at end of file diff --git a/documentation/chapters/templates/container/container-publish.adoc b/documentation/chapters/templates/container/container-publish.adoc new file mode 100644 index 0000000..32bf360 --- /dev/null +++ b/documentation/chapters/templates/container/container-publish.adoc @@ -0,0 +1,22 @@ +:sourcedir: ../../../../templates + += Container Publish + +Moves a container from the filesystem to a remote repository. +Needs a build container on the path `image.tar`. Use one of the Container build templates for this. + +.Variables +|=== +|Name |Description | Default Value +| CONTAINER_REGISTRY | Url to the remote Registry | $CI_REGISTRY_IMAGE +| CONTAINER_REGISTRY_USER | the user that should be used | $CI_REGISTRY_USER +| CONTAINER_REGISTRY_PASSWORD | the passwort for the remote registry | $CI_REGISTRY_PASSWORD +| EXTRA_PATH | Extra path that should be between the registry path and the image tag | "" +| IMAGE_TAG | the Tag the image should be found on | Depends on the current path. Look at the rules of the Job. +|=== + +.container-publish +[source,yaml] +---- +include::{sourcedir}/container/container-publish.gitlab-ci.yml[] +---- diff --git a/documentation/chapters/templates/container-scan.adoc b/documentation/chapters/templates/container/container-scan.adoc similarity index 54% rename from documentation/chapters/templates/container-scan.adoc rename to documentation/chapters/templates/container/container-scan.adoc index ff1bead..9233580 100644 --- a/documentation/chapters/templates/container-scan.adoc +++ b/documentation/chapters/templates/container/container-scan.adoc @@ -1,16 +1,21 @@ -:sourcedir: ../../../ +:sourcedir: ../../../../templates/ -= Container-Scan += Container CVE Scanner -Baut ein Image mithilfe von jib oder Kaniko welches im Anschluss gescanned wird. Dieser Schritt wird ausgeführt, wenn ein Tag gesetzt wird. Die Ergebnisse des Scans können genutzt werden den Build failen zu lassen, falls gewünscht (vgl. `EXITCODE_ON_HIGH` und `EXITCODE_ON_CRITICAL`). +Uses Trivy to scan for CVE Problems within your Image. +Needs a build container on the path `image.tar`. Use one of the Container build templates for this. + +==== +NOTE: NPM +Trivy can not find CVE's within Frontend containes that do not have a dependencie-lock file. +This file should not be part of the Image. +We provide an additional static CVE-Analyser-Template that can find these CVE's within your Repo. +We also have the https://gitlab.exxcellent.de/gilden/ci/security-scanner/security-scanner[Security-Scanner] if you have more than one image to scan. +==== .Variables |=== |Name |Description | Default Value -|TRIVY_VERSION -| Version von Trivy die benutzt werden soll. -| - - |EXITCODE_ON_HIGH | Bestimmt den Exit code der ausgegeben werden soll, wenn ein CVE der als HIGH markiert wurde, gefunden werden konnte. Wenn 0 benutzt wird, läuft die CI weiter. @@ -30,5 +35,5 @@ Benutzte `allow_failure: true` damit die CI weiter läuft aber ein Failure angez .container scan template [source, yaml] ---- -include::{sourcedir}/container-scan.gitlab-ci.yml[] +include::{sourcedir}container/container-scan.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/docker-compose-deploy.adoc b/documentation/chapters/templates/docker-compose-deploy.adoc deleted file mode 100644 index ab61fd2..0000000 --- a/documentation/chapters/templates/docker-compose-deploy.adoc +++ /dev/null @@ -1,70 +0,0 @@ -:sourcedir: ../../../ - -= Docker-Compose-Deploy - - Kopiert Daten mithilfe von scp aus dem Repo auf ein Deployment-System. - Dort wird über SSH Docker-compose up ausgeführt. - Für die SSH Verbindung muss ein Private-Key in den CI-CD Variablen unter dem Namen $SSH_PRIVATE_KEY abgelegt werden. - Wenn bereits andere SSH Keys vorhanden sind kann SSH_PRIVATE_KEY_DEPLOY in den Varibalen überschrieben werden. - -Um die Compose-Files zu parametrisieren kann ein .env File benutzt werden. -Dieses sollte mit einem Skript das unter der Variable ENV_SETUP_FILE hinterlegt ist erstellt werden. -.env File sollten nicht in der Repo liegen da keine Passwörter in der Repo liegen sollten. - -.Beispiel für ein setup_env.sh ----- -#!/bin/sh - -#Printed alle Umgebungsvariablen in das .env File. -printenv >> .env - -echo COMPOSE_PROJECT_NAME=project-prefix >>.env - -#Secrets -echo SOME_PASSWORD="$SOME_PASSWORD" >>.env ----- - -.Variables -|=== - -|Name |Description | Default Value -| SSH_PRIVATE_KEY_DEPLOY -| Private key der Zugriff auf den Deployment Server hat. -| $SSH_PRIVATE_KEY (In den CI-CD variablen) - -| SSH_URL -| URL des Servers auf den Docker-Compose ausgeführt werden soll. -| - - -| SSH_USER -| Der Passende SSH User zu der SSH Verbindung. -| - - -| DOCKER_REGISTRY -| Die Docker Registry die benutzt werden soll um Images zu pullen. -| "$CI_REGISTRY" - -| ENV_SETUP_FILE -| Falls ein .env file benutzt werden soll, kann es mit einem sh script erstellt werden. -Secrets sollten nicht in der Repository liegen, sondern in den CI-CD Variablen der Repository settings. -| "setup_env.sh" - -| SCP_DESTINATION -| Ziel Pfad wo Daten mit SCP hin kopiert werden sollen. -| - - -| SCP_SOURCE -| Pfad zu den daten die mithilfe von SCP kopiert werden sollen. -| $CI_PROJECT_DIR - -| COMPOSE_EXTRA_ARGS -| Weitere argumente die an Docker-Compose geschickt werden können. -| - -|=== - -.Docker compose deploy -[source,yaml] ----- -include::{sourcedir}/docker-compose-deploy.gitlab-ci.yml[] ----- - diff --git a/documentation/chapters/templates/docker-compose-validate.adoc b/documentation/chapters/templates/docker-compose-validate.adoc deleted file mode 100644 index ce55809..0000000 --- a/documentation/chapters/templates/docker-compose-validate.adoc +++ /dev/null @@ -1,20 +0,0 @@ -:sourcedir: ../../../ - -= Docker-Compose-Validate - -Validiert die semantische Korrektheit eines Docker-Compose files. - -.Variables -|=== -|Name |Description | Default Value -| COMPOSE_EXTRA_ARGS -| Weitere argumente die an Docker-Compose geschickt werden können. -| - - -|=== - -.Docker compose validate -[source,yaml] ----- -include::{sourcedir}/docker-compose-validate.gitlab-ci.yml[] ----- \ No newline at end of file diff --git a/documentation/chapters/templates/documentation/tool-documentation-tool.adoc b/documentation/chapters/templates/documentation/tool-documentation-tool.adoc new file mode 100644 index 0000000..ebcae36 --- /dev/null +++ b/documentation/chapters/templates/documentation/tool-documentation-tool.adoc @@ -0,0 +1,12 @@ +:sourcedir: ../../../../templates/ + += Dokumentation-Tool-template + +The Dokumentation tool template. +More details and Variables can be found here: https://gitlab.exxcellent.de/gilden/ci/exxcellent-documentation-tool[Gilde CI/CD: exxcellent-documentation-tool]. + +.dokumentation-tool +[source,yaml] +---- +include::{sourcedir}documentations/documentation.gitlab-ci.yml[] +---- \ No newline at end of file diff --git a/documentation/chapters/templates/gradle-build-template.adoc b/documentation/chapters/templates/gradle-build-template.adoc deleted file mode 100644 index 11ccecf..0000000 --- a/documentation/chapters/templates/gradle-build-template.adoc +++ /dev/null @@ -1,18 +0,0 @@ -:sourcedir: ../../../ - -= Gradle-build-template - -Dieses Template lädt die Dependencies herunter und baut das Projekt. -Die Ergebnisse werden als Artifact gespeichert. - -.Variables -|=== -|Name |Description | Default Value -|GRADLE_CLI_OPTS | Zusätzliche CLI Opts für Gradle | "" -|=== - -.gradle-build-template -[source,yaml] ----- -include::{sourcedir}/gradle-build-template.gitlab-ci.yml[] ----- \ No newline at end of file diff --git a/documentation/chapters/templates/gradle-test-template.adoc b/documentation/chapters/templates/gradle-test-template.adoc deleted file mode 100644 index b609da1..0000000 --- a/documentation/chapters/templates/gradle-test-template.adoc +++ /dev/null @@ -1,18 +0,0 @@ -:sourcedir: ../../../ - -= Gradle-test-template - -Dieses Template startet den Test Task in gradle. -Die Ergebnisse werden als Artifact gespeichert. - -.Variables -|=== -|Name |Description | Default Value -|GRADLE_CLI_OPTS | Zusätzliche CLI Opts für Gradle | "" -|=== - -.gradle-test-template -[source,yaml] ----- -include::{sourcedir}/gradle-test-template.gitlab-ci.yml[] ----- \ No newline at end of file diff --git a/documentation/chapters/templates/java/gradle/gradle-build-template.adoc b/documentation/chapters/templates/java/gradle/gradle-build-template.adoc new file mode 100644 index 0000000..bb4073f --- /dev/null +++ b/documentation/chapters/templates/java/gradle/gradle-build-template.adoc @@ -0,0 +1,19 @@ +:sourcedir: ../../../../../templates/ + += Gradle-build-template + +This template resolves the gradle dependencies of your project and builds the project. +The result will be cached when you include the common CI variables. +The resulting build files will be published as artefacts. + +.Variables +|=== +|Name |Description | Default Value +|GRADLE_CLI_OPTS | Additional Options that will be passed to Gradle | "" +|=== + +.gradle-build-template +[source,yaml] +---- +include::{sourcedir}java/gradle/gradle-build.gitlab-ci.yml[] +---- \ No newline at end of file diff --git a/documentation/chapters/templates/java/gradle/gradle-db-diff-template.adoc b/documentation/chapters/templates/java/gradle/gradle-db-diff-template.adoc new file mode 100644 index 0000000..6a01af9 --- /dev/null +++ b/documentation/chapters/templates/java/gradle/gradle-db-diff-template.adoc @@ -0,0 +1,26 @@ +:sourcedir: ../../../../../templates/ + += Gradle Database Diff + +This template generates a diff between the Liquibase schema and the Hibernate model of a database. +The resulting xml can be used as a base for schema changes. +Please look at the resulting changelog since it can have errors. + +//#todo add documentation how to run agains real server oder service +//#If you wand to run against a real server. +//#overrite -Dvariable.liquibase.database.url= in the script section +//#add a service with your desired Database container. +//#use the alias in the service to define the alias for the database url + +.Variables +|=== +|Name |Description | Default Value +|GRADLE_CLI_OPTS | Additional options send to gradle | "" +| PATH_TO_DIFF | Path to the resulting diff is defined in gradle config, this will also be exposed as the artefact of the Job. | "build/db-diff.xml" +|=== + +.Gradle Liquibase Diff +[source,yaml] +---- +include::{sourcedir}java/gradle/gradle-database-diff.gitlab-ci.yml[] +---- \ No newline at end of file diff --git a/documentation/chapters/templates/java/gradle/gradle-test-template.adoc b/documentation/chapters/templates/java/gradle/gradle-test-template.adoc new file mode 100644 index 0000000..9408765 --- /dev/null +++ b/documentation/chapters/templates/java/gradle/gradle-test-template.adoc @@ -0,0 +1,27 @@ +:sourcedir: ../../../../../templates/ + +ifndef::imagesdir[] +:imagesdir: ../../../../images/ +endif::[] + += Gradle Database Diff + +This templates starts `gradle test` and saves the results as Artifacts. + +When Junit Reports are generated they will be published as Artefacts within the Pipelines. +You can get a detailed view when clicking on Tests. +For more information look into the official https://docs.gitlab.com/ee/ci/unit_test_reports.html[Documentation]. + +image::GitlabCiTest.png[] + +.Variables +|=== +|Name |Description | Default Value +|GRADLE_CLI_OPTS | Zusätzliche CLI Opts für Gradle | "" +|=== + +.gradle-test-template +[source,yaml] +---- +include::{sourcedir}java/gradle/gradle-test.gitlab-ci.yml[] +---- \ No newline at end of file diff --git a/documentation/chapters/templates/maven-build-template.adoc b/documentation/chapters/templates/java/maven/maven-build-template.adoc similarity index 67% rename from documentation/chapters/templates/maven-build-template.adoc rename to documentation/chapters/templates/java/maven/maven-build-template.adoc index 7670432..9050c74 100644 --- a/documentation/chapters/templates/maven-build-template.adoc +++ b/documentation/chapters/templates/java/maven/maven-build-template.adoc @@ -1,4 +1,4 @@ -:sourcedir: ../../../ +:sourcedir: ../../../../../templates/ = maven-build-template @@ -12,5 +12,5 @@ Dieses Template baut die .jar Files und speichert die Ergebnisse als Artifact. .mvn-build-template [source, yaml] ---- -include::{sourcedir}/maven-build-template.gitlab-ci.yml[] +include::{sourcedir}java/maven/maven-build.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/java/maven/maven-db-diff-template.adoc b/documentation/chapters/templates/java/maven/maven-db-diff-template.adoc new file mode 100644 index 0000000..3fe7db7 --- /dev/null +++ b/documentation/chapters/templates/java/maven/maven-db-diff-template.adoc @@ -0,0 +1,20 @@ +:sourcedir: ../../../../../templates/ + += Maven Database Diff + +This template generates a diff between the Liquibase schema and the Hibernate model of a database. +The resulting xml can be used as a base for schema changes. +Please look at the resulting changelog since it can have errors. + +.Variables +|=== +|Name |Description | Default Value +|GRADLE_CLI_OPTS | Additional options send to gradle | "" +| PATH_TO_DIFF | Path to the resulting diff is defined in gradle config, this will also be exposed as the artefact of the Job. | "target/db-diff.xml" +|=== + +.gradle-build-template +[source,yaml] +---- +include::{sourcedir}java/maven/maven-database-diff.gitlab-ci.yml[] +---- \ No newline at end of file diff --git a/documentation/chapters/templates/java/maven/maven-dependencies-template.adoc b/documentation/chapters/templates/java/maven/maven-dependencies-template.adoc new file mode 100644 index 0000000..a01389a --- /dev/null +++ b/documentation/chapters/templates/java/maven/maven-dependencies-template.adoc @@ -0,0 +1,17 @@ +:sourcedir: ../../../../../templates/ + += Gradle Dependencies Template + +This Template resolves the Maven Dependencies of your Projekt. +The result will be cached when you include the common CI variables. + +.Variables +|=== +|Name |Description | Default Value +|=== + +.mvn-dependencies-template +[source, yaml] +---- +include::{sourcedir}java/maven/maven-dependencies.gitlab-ci.yml[] +---- \ No newline at end of file diff --git a/documentation/chapters/templates/java/maven/maven-verify-template.adoc b/documentation/chapters/templates/java/maven/maven-verify-template.adoc new file mode 100644 index 0000000..7b25536 --- /dev/null +++ b/documentation/chapters/templates/java/maven/maven-verify-template.adoc @@ -0,0 +1,27 @@ +:sourcedir: ../../../../../templates/ + +ifndef::imagesdir[] +:imagesdir: ../../../../images/ +endif::[] + += maven-verify-template + +This templates starts `mvn verify` and saves the results as Artifacts. + +When Junit Reports are generated they will be published as Artefacts within the Pipelines. +You can get a detailed view when clicking on Tests. +For more information look into the official https://docs.gitlab.com/ee/ci/unit_test_reports.html[Documentation]. + +image::GitlabCiTest.png[] + + +.Variables +|=== +|Name |Description | Default Value +|=== + +.mvn-verify-template +[source, yaml] +---- +include::{sourcedir}/java/maven/maven-verify.gitlab-ci.yml[] +---- \ No newline at end of file diff --git a/documentation/chapters/templates/maven-dependencies-template.adoc b/documentation/chapters/templates/maven-dependencies-template.adoc deleted file mode 100644 index d767fae..0000000 --- a/documentation/chapters/templates/maven-dependencies-template.adoc +++ /dev/null @@ -1,17 +0,0 @@ -:sourcedir: ../../../ - -= maven-dependencies-template - -Dieses Template lädt die Maven Abhängigkeiten des Projekts runter. -Bitte den Cache hinzufügen. Siehe xref:Generel-Variablen[Generelle Variablen] - -.Variables -|=== -|Name |Description | Default Value -|=== - -.mvn-dependencies-template -[source, yaml] ----- -include::{sourcedir}/maven-dependencies-template.gitlab-ci.yml[] ----- \ No newline at end of file diff --git a/documentation/chapters/templates/maven-verify-template.adoc b/documentation/chapters/templates/maven-verify-template.adoc deleted file mode 100644 index f0b4017..0000000 --- a/documentation/chapters/templates/maven-verify-template.adoc +++ /dev/null @@ -1,25 +0,0 @@ -:sourcedir: ../../../ - -ifndef::imagesdir[] -:imagesdir: ../../images -endif::[] - -= maven-verify-template - -Dieses Template startet `mvn verify` und speichert die Ergebnisse als Artifact. - -Wenn Junit Report XML files generiert und als Artefakte innerhalb der Pipeline hochgeladen wurden, können diese innerhalb der Pipelines Detail Seite angezeigt werden. Für mehr Dokumentation klicke https://docs.gitlab.com/ee/ci/unit_test_reports.html[hier]. - -image::GitlabCiTest.png[] - - -.Variables -|=== -|Name |Description | Default Value -|=== - -.mvn-verify-template -[source, yaml] ----- -include::{sourcedir}/maven-verify-template.gitlab-ci.yml[] ----- \ No newline at end of file diff --git a/documentation/chapters/templates/npm-build-template.adoc b/documentation/chapters/templates/npm/npm-build-template.adoc similarity index 70% rename from documentation/chapters/templates/npm-build-template.adoc rename to documentation/chapters/templates/npm/npm-build-template.adoc index 4169d70..d79abf0 100644 --- a/documentation/chapters/templates/npm-build-template.adoc +++ b/documentation/chapters/templates/npm/npm-build-template.adoc @@ -1,4 +1,4 @@ -:sourcedir: ../../../ +:sourcedir: ../../../../templates/ = npm-build-template @@ -12,5 +12,5 @@ Dieses Template baut das NPM projekt und speichert die Ergebnisse als Artifact. .npm-build-template [source, yaml] ---- -include::{sourcedir}/npm-build-template.gitlab-ci.yml[] +include::{sourcedir}npm/npm-build.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/npm-dependencies-template.adoc b/documentation/chapters/templates/npm/npm-dependencies-template.adoc similarity index 75% rename from documentation/chapters/templates/npm-dependencies-template.adoc rename to documentation/chapters/templates/npm/npm-dependencies-template.adoc index 383e624..6689f4c 100644 --- a/documentation/chapters/templates/npm-dependencies-template.adoc +++ b/documentation/chapters/templates/npm/npm-dependencies-template.adoc @@ -1,4 +1,4 @@ -:sourcedir: ../../../ +:sourcedir: ../../../../templates/ = npm-dependencies-template @@ -13,5 +13,5 @@ Bitte den Cache hinzufügen. Siehe xref:Generel-Variablen[Generelle Variablen] .npm-dependencies-template [source, yaml] ---- -include::{sourcedir}/npm-dependencies-template.gitlab-ci.yml[] +include::{sourcedir}npm/npm-dependencies.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/npm-lint-template.adoc b/documentation/chapters/templates/npm/npm-lint-template.adoc similarity index 68% rename from documentation/chapters/templates/npm-lint-template.adoc rename to documentation/chapters/templates/npm/npm-lint-template.adoc index f559f09..9d74a00 100644 --- a/documentation/chapters/templates/npm-lint-template.adoc +++ b/documentation/chapters/templates/npm/npm-lint-template.adoc @@ -1,4 +1,4 @@ -:sourcedir: ../../../ +:sourcedir: ../../../../templates/ = npm-lint-template @@ -12,5 +12,5 @@ Dieses Template durchläuft den Linter des NPM Projekts. .npm-lint-template [source, yaml] ---- -include::{sourcedir}/npm-lint-template.gitlab-ci.yml[] +include::{sourcedir}npm/npm-lint.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/npm-test-template.adoc b/documentation/chapters/templates/npm/npm-test-template.adoc similarity index 65% rename from documentation/chapters/templates/npm-test-template.adoc rename to documentation/chapters/templates/npm/npm-test-template.adoc index 94d7d07..7a67dd8 100644 --- a/documentation/chapters/templates/npm-test-template.adoc +++ b/documentation/chapters/templates/npm/npm-test-template.adoc @@ -1,4 +1,4 @@ -:sourcedir: ../../../ +:sourcedir: ../../../../templates/ = npm-test-template @@ -12,5 +12,5 @@ Dieses Template baut das NPM Projekt. .npm-test-template [source, yaml] ---- -include::{sourcedir}/npm-test-template.gitlab-ci.yml[] +include::{sourcedir}npm/npm-test.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/publish-image.adoc b/documentation/chapters/templates/publish-image.adoc deleted file mode 100644 index 0126c78..0000000 --- a/documentation/chapters/templates/publish-image.adoc +++ /dev/null @@ -1,19 +0,0 @@ -:sourcedir: ../../../ - -= Publish-Image-jib - -Baut mithilfe von jib ein Docker Image und läd es in die Docker Registry des Projekts hoch. -Dieser Schritt wird nur ausgeführt, wenn ein Tag gesetzt wird. - -.Variables -|=== -|Name |Description | Default Value -|MVN_VERSION | Bestimmt, ob die version von MAVEN gesetzt werden soll. -Falls das Projekt aus mehreren Poms besteht, kann `bevor_script:` benutzt werden. | "true" -|=== - -.publish-image-jib-template -[source,yaml] ----- -include::{sourcedir}/container-publish.gitlab-ci.yml[] ----- \ No newline at end of file diff --git a/documentation/chapters/templates/release-template.adoc b/documentation/chapters/templates/release-template.adoc deleted file mode 100644 index 6201492..0000000 --- a/documentation/chapters/templates/release-template.adoc +++ /dev/null @@ -1,19 +0,0 @@ -:sourcedir: ../../../ - -= release-template - -This template provides a template for including the child release pipeline. - -For more information see the `update-version-pipeline` documentation. - -.Variables -|=== -|Name |Description | Default Value -|PARENT_PIPELINE_ID | The if of the parent pipeline. Needed to be able to use artifacts in the child pipeline | $CI_PIPELINE_ID -|=== - -.release-template -[source, yaml] ----- -include::{sourcedir}/release-template.gitlab-ci.yml[] ----- \ No newline at end of file diff --git a/documentation/chapters/templates/mail-template.adoc b/documentation/chapters/templates/releasing/mail-template.adoc similarity index 89% rename from documentation/chapters/templates/mail-template.adoc rename to documentation/chapters/templates/releasing/mail-template.adoc index 8803db8..ff095d4 100644 --- a/documentation/chapters/templates/mail-template.adoc +++ b/documentation/chapters/templates/releasing/mail-template.adoc @@ -1,4 +1,4 @@ -:sourcedir: ../../../ +:sourcedir: ../../../../templates/ = mail-template @@ -18,5 +18,5 @@ NOTE: The template uses the port 25 config as a default which doesn't need a smt .mail-template [source, yaml] ---- -include::{sourcedir}/mail-template.gitlab-ci.yml[] +include::{sourcedir}releasing/mail.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/push-tag-and-version-template.adoc b/documentation/chapters/templates/releasing/push-tag-and-version-template.adoc similarity index 87% rename from documentation/chapters/templates/push-tag-and-version-template.adoc rename to documentation/chapters/templates/releasing/push-tag-and-version-template.adoc index a2d9c7b..b9676c1 100644 --- a/documentation/chapters/templates/push-tag-and-version-template.adoc +++ b/documentation/chapters/templates/releasing/push-tag-and-version-template.adoc @@ -1,9 +1,8 @@ -:sourcedir: ../../../ +:sourcedir: ../../../../templates/ -= push-tag-and-version-template += Push Tag and Version Template This template creates a new tag und updates the version of your project in the repository. Additionally, the template builds a new artifact with the `mvn package` command after setting the version which then can be exported with the gitlab-ci _artifacts_ keyword and used in subsequent stages. - For more details: https://gitlab.exxcellent.de/gilden/ci/exxcellent-ssh-tool[Gilde CI/CD: exxcellent-ssh-tool]. .Variables @@ -17,5 +16,5 @@ For more details: https://gitlab.exxcellent.de/gilden/ci/exxcellent-ssh-tool[Gil .push-tag-and-version-template [source, yaml] ---- -include::{sourcedir}/push-tag-and-version-template.gitlab-ci.yml[] +include::{sourcedir}releasing/push-tag-and-version.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/releasing/release-gitlab-template.adoc b/documentation/chapters/templates/releasing/release-gitlab-template.adoc new file mode 100644 index 0000000..d1f77e6 --- /dev/null +++ b/documentation/chapters/templates/releasing/release-gitlab-template.adoc @@ -0,0 +1,17 @@ +:sourcedir: ../../../../templates/ + += Gitlab Release Template + +This Template makes it easier to create Gitlab Release from the CI + +.Variables +|=== +|Name |Description | Default Value +|DESCRIPTION | The Content that has changed in the last release. Can be changed manual afterwards | "" +|=== + +.Template +[source, yaml] +---- +include::{sourcedir}releasing/release-gitlab.gitlab-ci.yml[] +---- \ No newline at end of file diff --git a/documentation/chapters/templates/releasing/release-template.adoc b/documentation/chapters/templates/releasing/release-template.adoc new file mode 100644 index 0000000..6569d24 --- /dev/null +++ b/documentation/chapters/templates/releasing/release-template.adoc @@ -0,0 +1,32 @@ +:sourcedir: ../../../../templates/ + += Release Template + +This collection provides multiple templated to make publish releases of your Software as easy as possible. + + + +.Angebotene Templates: +|=== +|Name |Description +| .release-common | This template contains a trigger for an additional release Pipeline. It will execute all Jobs defined in your release.gitlab-ci.yml file as a child pipeline +For more information see the <<_pipeline_release>> documentation. + +| .release-default: | Builds upon .release-common defines rules, so it will only be executed on your default branch. + +| .release-release-branch: | Builds upon .release-common defines rules, so it will only be executed on release branches. + +|=== + + +.Variables +|=== +|Name |Description | Default Value +|PARENT_PIPELINE_ID | The if of the parent pipeline. Needed to be able to use artifacts in the child pipeline | $CI_PIPELINE_ID +|=== + +.release-template +[source, yaml] +---- +include::{sourcedir}releasing/release.gitlab-ci.yml[] +---- \ No newline at end of file diff --git a/documentation/chapters/templates/set-version-template.adoc b/documentation/chapters/templates/releasing/set-version-template.adoc similarity index 64% rename from documentation/chapters/templates/set-version-template.adoc rename to documentation/chapters/templates/releasing/set-version-template.adoc index d2f7393..8f68815 100644 --- a/documentation/chapters/templates/set-version-template.adoc +++ b/documentation/chapters/templates/releasing/set-version-template.adoc @@ -1,6 +1,7 @@ -:sourcedir: ../../../ +:sourcedir: ../../../../templates/ -= set-version-template + += set-version This template provides the job for increasing the tag version. For more details look at https://gitlab.exxcellent.de/gilden/ci/exxcellent-increase-version-tool[Gilde CI/CD: exxcellent-increase-version-tool]. @@ -11,7 +12,8 @@ For more details look at https://gitlab.exxcellent.de/gilden/ci/exxcellent-incre |Name |Description | Default Value |BUMP_VERSION | defines the version bump | "major" |PREFIX | the prefix for the tag | "" -|OUTPUT | defines where the updated version is written to | version +|OUTPUT | defines where the updated version is written to. Default case is an env File named Version. +Following Jobs will have set the $VERSION variable to the next version. | version.env |SIMPLIFY a| * "false": @@ -23,5 +25,5 @@ a| .set-version-template [source, yaml] ---- -include::{sourcedir}/set-version-template.gitlab-ci.yml[] +include::{sourcedir}/releasing/set-version.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/repo-cve-scan.adoc b/documentation/chapters/templates/static-analysis/repo-cve-scan.adoc similarity index 85% rename from documentation/chapters/templates/repo-cve-scan.adoc rename to documentation/chapters/templates/static-analysis/repo-cve-scan.adoc index 5c8e5a8..2b49111 100644 --- a/documentation/chapters/templates/repo-cve-scan.adoc +++ b/documentation/chapters/templates/static-analysis/repo-cve-scan.adoc @@ -1,4 +1,4 @@ -:sourcedir: ../../../ +:sourcedir: ../../../../templates/ = Repo-CVE-Scan @@ -26,5 +26,5 @@ Bei 0 läuft die Pipeline durch, auch wenn Probleme gefunden werden. .Repo CVE scan template [source, yaml] ---- -include::{sourcedir}/repo-cve-scan.gitlab-ci.yml[] +include::{sourcedir}static-analysis/repo-cve-scan-trivy.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/tool-sonar7.adoc b/documentation/chapters/templates/static-analysis/tool-sonar.adoc similarity index 91% rename from documentation/chapters/templates/tool-sonar7.adoc rename to documentation/chapters/templates/static-analysis/tool-sonar.adoc index a642419..5f4ce24 100644 --- a/documentation/chapters/templates/tool-sonar7.adoc +++ b/documentation/chapters/templates/static-analysis/tool-sonar.adoc @@ -1,6 +1,5 @@ -:sourcedir: ../../../ - -= Sonar 7 template +:sourcedir: ../../../../templates/ += sonar-template Ruft den Sonar Job für das Projekt auf. Mehr Details zu finden hier: https://gitlab.exxcellent.de/gilden/ci/exxcellent-sonar-tool[Gilde CI/CD: exxcellent-sonar-tool]. @@ -25,5 +24,5 @@ Wenn der Build nicht gebrochen werden soll, kann es weggelassen werden. .sonar-template [source,yaml] ---- -include::{sourcedir}/tool-sonar7.gitlab-ci.yml[] +include::{sourcedir}static-analysis/sonar.gitlab-ci.yml[] ---- diff --git a/documentation/chapters/templates/tool-documentation-tool.adoc b/documentation/chapters/templates/tool-documentation-tool.adoc deleted file mode 100644 index 97f8299..0000000 --- a/documentation/chapters/templates/tool-documentation-tool.adoc +++ /dev/null @@ -1,12 +0,0 @@ -:sourcedir: ../../../ - -= Dokumentation-Tool-template - -Das Dokumentation-Tool template. -Mehr Details und die Variablendokumentation sind hier zu finden: https://gitlab.exxcellent.de/gilden/ci/exxcellent-documentation-tool[Gilde CI/CD: exxcellent-documentation-tool]. - -.dokumentation-tool -[source,yaml] ----- -include::{sourcedir}/tool-documentation.gitlab-ci.yml[] ----- \ No newline at end of file diff --git a/documentation/contribution.adoc b/documentation/contribution.adoc new file mode 100644 index 0000000..e342e38 --- /dev/null +++ b/documentation/contribution.adoc @@ -0,0 +1,20 @@ +:sourcedir: ../../../../templates + +:gitlab-ci-file: /common/common-ci-variablen.gitlab-ci.yml + +Im Folgenden sind ein paar Regeln wie die Repo aufgebaut ist um ein möglicht einfaches einarbeiten und zusammenarbeiten zu ermöglichen. + + +== Template Names convention + +Template Namen fangen immer mit dem Prefix des Files an, in dem sie sich befinden. +Wenn in dem File mehrere Templates enthalten sind, wird an den Filenamen ein Suffix gehängt der, die Funktion des Templates zusammenfasst. +Das machen mir damit die CI Files und die Templates eine Verbindung zueinander haben. +Die Erfahrung hat gezeigt das es sonst schwer wird die Templates mit den Imports zu verbinden. + +==== +Beispiel: + +fuu.gitlab-ci.yml enthält template die anfangen mit .fuu-feature1 und .fuu-feature2 +==== + diff --git a/documentation/document.adoc b/documentation/document.adoc index 8841d74..e1e257e 100644 --- a/documentation/document.adoc +++ b/documentation/document.adoc @@ -32,65 +32,77 @@ toc::[] // Attribut leveloffset addiert die gegebene Zahl zu den Überschriften im Dokument // Alle Überschriften erscheinen also eine Ebene tiefer // ########################################################################### -include::chapters/generalInformation.adoc[leveloffset=1] +== General Information -== Ansible Templates +include::generalInformation.adoc[leveloffset=1] +include::chapters/templates/common/common-ci-variablen.adoc[leveloffset=1] + +== Contribution + +include::contribution.adoc[leveloffset=1] + +== Deployment - IaC + +include::chapters/templates/IaC/ansible.adoc[leveloffset=2] +include::chapters/templates/IaC/docker-compose.adoc[leveloffset=2] +include::chapters/templates/IaC/ssh-transfer-data.adoc[leveloffset=2] -include::chapters/templates/ansible.adoc[leveloffset=2] == Container Templates -include::chapters/templates/container-publish.adoc[leveloffset=2] -include::chapters/templates/container-publish-snapshot.adoc[leveloffset=2] -include::chapters/templates/container-scan.adoc[leveloffset=2] -include::chapters/templates/docker-compose-validate.adoc[leveloffset=2] -include::chapters/templates/docker-compose-deploy.adoc[leveloffset=2] +include::chapters/templates/container/container-build.adoc[leveloffset=2] +include::chapters/templates/container/container-publish.adoc[leveloffset=2] +include::chapters/templates/container/container-scan.adoc[leveloffset=2] -== Versionierungs Templates + +== Releasing Templates Im folgende sind erweiterte Templates zu finden für das https://gitlab.exxcellent.de/gilden/ci/exxcellent-increase-version-tool[Increase-Version-Tool] der CI Gilde. -Es enthält auch eine Child-Pipeline-Konfiguration um den Versionierungsprozess innerhalb einer Pipeline darzustellen. +Für vorgegebene Release Pipelines bitte im Abschnitt <<_pipelines>> gucken. - -=== Templates - -include::chapters/templates/push-tag-and-version-template.adoc[leveloffset=3] -include::chapters/templates/set-version-template.adoc[leveloffset=3] -include::chapters/templates/release-template.adoc[leveloffset=3] - -=== Pipeline - -include::chapters/pipelines/update-version-pipeline.adoc[leveloffset=3] +include::chapters/templates/releasing/push-tag-and-version-template.adoc[leveloffset=3] +include::chapters/templates/releasing/set-version-template.adoc[leveloffset=3] +include::chapters/templates/releasing/release-template.adoc[leveloffset=3] +include::chapters/templates/releasing/release-gitlab-template.adoc[leveloffset=3] +include::chapters/templates/releasing/mail-template.adoc[leveloffset=3] == NPM Templates -include::chapters/templates/npm-dependencies-template.adoc[leveloffset=2] -include::chapters/templates/npm-build-template.adoc[leveloffset=2] -include::chapters/templates/npm-lint-template.adoc[leveloffset=2] -include::chapters/templates/npm-test-template.adoc[leveloffset=2] +include::chapters/templates/npm/npm-dependencies-template.adoc[leveloffset=2] +include::chapters/templates/npm/npm-build-template.adoc[leveloffset=2] +include::chapters/templates/npm/npm-lint-template.adoc[leveloffset=2] +include::chapters/templates/npm/npm-test-template.adoc[leveloffset=2] == Maven Templates -include::chapters/templates/maven-dependencies-template.adoc[leveloffset=2] -include::chapters/templates/maven-build-template.adoc[leveloffset=2] -include::chapters/templates/maven-verify-template.adoc[leveloffset=2] +include::chapters/templates/java/maven/maven-dependencies-template.adoc[leveloffset=2] +include::chapters/templates/java/maven/maven-build-template.adoc[leveloffset=2] +include::chapters/templates/java/maven/maven-verify-template.adoc[leveloffset=2] == Gradle Templates Aktuell gehen wir davon das der Gradle Wrapper in dem Projekt vorhanden ist. Sollte dieser noch nicht vorhanden sein kann er mit dem Befehl `gradle wrapper` erstellt werden. -include::chapters/templates/gradle-build-template.adoc[leveloffset=2] -include::chapters/templates/gradle-test-template.adoc[leveloffset=2] +include::chapters/templates/java/gradle/gradle-build-template.adoc[leveloffset=2] +include::chapters/templates/java/gradle/gradle-test-template.adoc[leveloffset=2] +include::chapters/templates/java/gradle/gradle-db-diff-template.adoc[leveloffset=2] -== Misc +== Static Analysis -include::chapters/templates/repo-cve-scan.adoc[leveloffset=2] +include::chapters/templates/static-analysis/repo-cve-scan.adoc[leveloffset=2] +include::chapters/templates/static-analysis/tool-sonar.adoc[leveloffset=2] -== Weitere Gilden-Tools +== Documentation -include::chapters/templates/tool-sonar7.adoc[leveloffset=2] -include::chapters/templates/tool-sonar8.adoc[leveloffset=2] -include::chapters/templates/tool-documentation-tool.adoc[leveloffset=2] -include::chapters/templates/mail-template.adoc[leveloffset=2] -include::chapters/templates/ssh-transfer-data-template.adoc[leveloffset=2] +include::chapters/templates/documentation/tool-documentation-tool.adoc[leveloffset=2] + +[#_pipelines] +=== Pipelines + +include::chapters/pipelines/update-version-pipeline.adoc[leveloffset=3] + +//todo docs for new pipelines +//In particular docs for the keyword needs hinzufügen. needs container build step. artefacts true + +//todo licensing documentieren \ No newline at end of file diff --git a/documentation/generalInformation.adoc b/documentation/generalInformation.adoc new file mode 100644 index 0000000..645c6fa --- /dev/null +++ b/documentation/generalInformation.adoc @@ -0,0 +1,50 @@ +:sourcedir: ../../../../templates + +== Templates und Pipelines + +In dieser Repository sind CI Templates und CI Pipeline-Templates zu finden. +Templates sind vorgefertigte Jobs, die jeweils einen Use-Case abbilden sollen und in dein Projekt importiert werden können. Die meisten Templates haben kein abhängigkeiten untereinander. Wenn doch, werden die Abhängigkeiten dokumentiert. +Alle Templates sind im Ordner Templates zu finden. + +Da eine CI jedoch aus Pipelines besteht und Gitlab die Möglichkeit Multi-Projekt- und Child-Pipelines zu benutzen, werden hier auch vorgefertigte Pipelines bereitgestellt. +Diese Pipeline-Templates bilden komplexere Use-Cases ab. +Pipelines sind in dem dafür vorgesehenen Pipeline Ordner zu finden. + +== Wie können Templates benutzt werden + +Damit du die Templates in deinem Projekt zu benutzten kannst, musst du folgendes machen: + +1. `Include` das Template file das du benutzen willst in deinem `.gitlab-ci.yaml` File. +2. Jetzt kannst du in von dir gewählten Job das Template mit dem keyword `extend` als Ausgangspunkt benutzen. +3. Du kannst den Job für deinen Anwendungszweck weitere verändern indem du diese bei dir Überschreibst. + +==== +Bei dem folgenden Beispiel wurde als ref der Tag 1.0.0 gesetzt. +Wir empfehlen diesen Tag zu setzen damit Änderungen von uns nicht eure CI Skripte kaputt machen. +Um automatisch mitzubekommen, wenn sich die CI verändert empfehlen wir das Benutzen von Renovate +==== + +[source,yaml] +---- +stages: + - test-image + +include: + - project: 'gilden/ci/gitlab-ci-templates' + ref: '1.0.0' + file: + - '/templates/java/maven/maven-verify.gitlab-ci.yml' + +test-image: + stage: test-image + extends: .maven-verify + rules: + - if: $NURAUFMEINEMBRANCH + before_script: + - echo "meine änderungen" +---- + +== Wie können Pipelines benutzt werden + +Um Pipelines zu benutzen, müssen diese nur mit `Include` importiert werden. +Für weitere Informationen ließ bitte die Doku der Pipelines selbst. diff --git a/pipelines/eXXcellent-release.gitlab-ci.yml b/pipelines/eXXcellent-release.gitlab-ci.yml new file mode 100644 index 0000000..29627c3 --- /dev/null +++ b/pipelines/eXXcellent-release.gitlab-ci.yml @@ -0,0 +1,31 @@ +include: + - local: 'templates/releasing/release.gitlab-ci.yml' + - local: 'templates/releasing/release-gitlab.gitlab-ci.yml' + +a.major-release: + extends: .release-default + variables: + BUMP_VERSION: "major" + +b.minor-release: + extends: .release-release-branch + variables: + BUMP_VERSION: "minor" + +c.patch-release: + extends: .release-release-branch + variables: + BUMP_VERSION: "patch" + +d.prerelease-release: + extends: .release-release-branch + variables: + BUMP_VERSION: "prerelease" + +e.build-release: + extends: .release-release-branch + variables: + BUMP_VERSION: "build" + +Create-Gitlab-Release: + extends: .release-create-gitlab \ No newline at end of file diff --git a/pipelines/java-maven.gitlab-ci.yml b/pipelines/java-maven.gitlab-ci.yml new file mode 100644 index 0000000..c495f89 --- /dev/null +++ b/pipelines/java-maven.gitlab-ci.yml @@ -0,0 +1,39 @@ +include: + - '/templates/java/maven/maven-dependencies.gitlab-ci.yml' + - '/templates/java/maven/maven-build.gitlab-ci.yml' + - '/templates/java/maven/maven-verify.gitlab-ci.yml' + - '/templates/java/maven/maven-database-diff.gitlab-ci.yml' + +Dependencies-Java: + extends: .maven-dependencies + +Build-Java: + extends: .maven-build + needs: + - job: "Dependencies-Java" + artifacts: true + +Test-Java: + extends: .maven-test + needs: + - job: "Build-Java" + artifacts: true + +Database-Diff: + extends: + - .maven-database-diff + needs: + - job: "Build-Java" + artifacts: true + +Repo-CVE-Scan: + allow_failure: true + extends: .repo-cve-scan-trivy + +sonar: + extends: .sonar-maven + needs: + - job: "Build-Java" + artifacts: true + variables: + SONAR_PROJECT_KEY: "gilde.ci.cd.restservice:java-backend-template" \ No newline at end of file diff --git a/pipelines/license.gitlab-ci.yml b/pipelines/license.gitlab-ci.yml new file mode 100644 index 0000000..93bd4b3 --- /dev/null +++ b/pipelines/license.gitlab-ci.yml @@ -0,0 +1,23 @@ +stages: + - bom + - asciidoc + +License-Bom: + image: maven:3-jdk-11 + stage: bom + script: + - mvn cyclonedx:makeBom + artifacts: + when: always + paths: + - target/bom.json + +license-asciidoc: + image: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-license-tools + stage: asciidoc + script: + - licenseBom2Adoc --bom target/bom.json --adoc target/licenses.adoc + artifacts: + when: always + paths: + - target/licenses.adoc diff --git a/pipelines/update-version-pipeline.gitlab-ci.yml b/pipelines/update-version-pipeline.gitlab-ci.yml deleted file mode 100644 index 174b433..0000000 --- a/pipelines/update-version-pipeline.gitlab-ci.yml +++ /dev/null @@ -1,19 +0,0 @@ -stages: - - set-version - - push-tag-and-version - -include: - - local: 'set-version-template.gitlab-ci.yml' - - local: 'push-tag-and-version-template.gitlab-ci.yml' - -variables: - BUMP_VERSION: "major" - -increase-version: - stage: set-version - extends: .set-version - -push-tag-and-version: - stage: push-tag-and-version - extends: .push-tag-and-version - diff --git a/pipelines/update-version.gitlab-ci.yml b/pipelines/update-version.gitlab-ci.yml new file mode 100644 index 0000000..ca2d94a --- /dev/null +++ b/pipelines/update-version.gitlab-ci.yml @@ -0,0 +1,48 @@ +stages: + - set-version + - push-tag + +include: + - local: 'templates/releasing/set-version.gitlab-ci.yml' + +variables: + BUMP_VERSION: "major" + +increase-version: + extends: .set-version + +push-tag-and-branch: + stage: push-tag + image: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-ssh-tool:1.4.0 + rules: + - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH + - if: $CI_COMMIT_REF_NAME == 'Templates2.0' + before_script: + - setup-ssh + - echo $VERSION + - pull + script: + - git checkout -b RELEASE-$VERSION + - git push origin RELEASE-$VERSION $VERSION + +#I would like to use this. +#I think this could be more stable in the long run +#But it is not working: https://github.com/jdalrymple/gitbeaker/issues/2398 +#push-tag-and-branch: +# stage: push-tag +# image: node:lts-buster-slim +# variables: +# GITLAB_HOST: $CI_SERVER_URL +# CI_DEBUG_TRACE: "true" +# rules: +# - if: $CI_COMMIT_REF_NAME == 'Templates2.0' +# script: +# - echo "Create version $VERSION" +# - npm -g install @gitbeaker/cli +# - > +# NODE_EXTRA_CA_CERTS=$CI_SERVER_TLS_CA_FILE gitbeaker branches create +# --project-id $CI_PROJECT_ID +# --branch-name RELEASE-$VERSION +# --ref $CI_COMMIT_SHA +# --gb-job-token="$CI_JOB_TOKEN" +# - NODE_EXTRA_CA_CERTS=$CI_SERVER_TLS_CA_FILE gitbeaker tag create --project-id $CI_PROJECT_ID --tag-name $VERSION --ref $CI_COMMIT_SHA \ No newline at end of file diff --git a/release-template.gitlab-ci.yml b/release-template.gitlab-ci.yml deleted file mode 100644 index 229cd48..0000000 --- a/release-template.gitlab-ci.yml +++ /dev/null @@ -1,13 +0,0 @@ -.release-template: - stage: release - rules: - - if: '$CI_PIPELINE_SOURCE == "pipeline"' - when: never - - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH - when: manual - - when: never - variables: - PARENT_PIPELINE_ID: $CI_PIPELINE_ID - trigger: - include: release.gitlab-ci.yml - strategy: depend diff --git a/release.gitlab-ci.yml b/release.gitlab-ci.yml new file mode 100644 index 0000000..5ed7a80 --- /dev/null +++ b/release.gitlab-ci.yml @@ -0,0 +1,13 @@ +include: + - local: 'templates/releasing/set-version.gitlab-ci.yml' + - local: 'templates/releasing/release.gitlab-ci.yml' + +stages: + - set-version + +increase-version: + extends: .set-version + before_script: + - setup-ssh + variables: + TAG: "true" \ No newline at end of file diff --git a/ansible.gitlab-ci.yml b/templates/IaC/ansible.gitlab-ci.yml similarity index 100% rename from ansible.gitlab-ci.yml rename to templates/IaC/ansible.gitlab-ci.yml diff --git a/docker-compose-deploy.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml similarity index 89% rename from docker-compose-deploy.gitlab-ci.yml rename to templates/IaC/docker-compose.gitlab-ci.yml index bd6983b..40df723 100644 --- a/docker-compose-deploy.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -26,3 +26,9 @@ script: - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi - DOCKER_HOST=ssh://$SSH_USER@$SSH_URL docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans + +.docker-compose-validate: + image: docker/compose:alpine-1.29.1 + stage: verify + script: + - docker-compose $COMPOSE_EXTRA_ARGS config diff --git a/ssh-transfer-data-template.gitlab-ci.yml b/templates/IaC/ssh-transfer-data.gitlab-ci.yml similarity index 100% rename from ssh-transfer-data-template.gitlab-ci.yml rename to templates/IaC/ssh-transfer-data.gitlab-ci.yml diff --git a/templates/common/common-ci-variablen.gitlab-ci.yml b/templates/common/common-ci-variablen.gitlab-ci.yml new file mode 100644 index 0000000..ac1bf81 --- /dev/null +++ b/templates/common/common-ci-variablen.gitlab-ci.yml @@ -0,0 +1,71 @@ +stages: + - dependencies + - build + - test + - documentation + - post-process + - send-mail + - release + + +cache: + key: "$CI_JOB_NAME" + paths: + # Cache Maven + - .m2/repository + # Cache NPM + - $FRONTEND_DIR/dist + # Cache Gradle + - .gradle + - build + +variables: + + ##NPM / Node Settings + NODE_IMAGE: + value: node:16-alpine3.15 + description: The node image that will be used from the CI. + + ##Global Variables we use in our CI scripts when using maven + MAVEN_IMAGE: + value: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-java-maven-base-image:java11-maven3.8.3_latest + description: The Maven image that will be used from the CI. + + MAVEN_OPTS: + value: > + -Dhttps.protocols=TLSv1.2 + -Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository + -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN + -Dorg.slf4j.simpleLogger.showDateTime=true + -Djava.awt.headless=true + description: "Additional options that are passed to Maven for faster/stable execution" + + MAVEN_CLI_OPTS: + value: > + --batch-mode + --errors + --fail-at-end + --show-version + -DinstallAtEnd=true + -DdeployAtEnd=true + description: "Additional options that are passed to Maven for faster/stable execution" + + ##Global Variables we use in our CI scripts when using Gradle + GRADLE_OPTS: + value: "-Dorg.gradle.daemon=false" + description: "Additional options that are passed to gradle for faster/stable execution" + + GRADLE_IMAGE: + value: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-java-maven-base-image:java11-maven3.8.3_latest + description: "Default Image to use in Gradle Jobs" + # Currently, we use the Maven image and use the Gradle Wrapper. This is slower but more compatible to your gradle scripts. + # Please Update your Gradle Wrapper from time to time. Use Renovate to automat that task. + + ##Set default directories for frontend and backend templates + FRONTEND_DIR: + value: $CI_PROJECT_DIR + description: "Default directories for the Frontend when having a frontend and a backend within your repo" + + BACKEND_DIR: + value: $CI_PROJECT_DIR + description: "Default directories for the Backend when having a frontend and a backend within your repo" diff --git a/templates/container/container-build.gitlab-ci.yml b/templates/container/container-build.gitlab-ci.yml new file mode 100644 index 0000000..33a776d --- /dev/null +++ b/templates/container/container-build.gitlab-ci.yml @@ -0,0 +1,37 @@ +.container-build-common: + stage: build + variables: + CONTEXT_LOCATION: $CI_PROJECT_DIR + EXTRA_ARGS: "" + artifacts: + paths: + - image.tar + +.container-build-jib-maven: + extends: .container-build-common + image: $MAVEN_IMAGE + script: + - cd $CONTEXT_LOCATION + - mvn $MAVEN_CLI_OPTS jib:buildTar -DskipTests $EXTRA_ARGS + +.container-build-jib-gradle: + extends: .container-build-common + image: $GRADLE_IMAGE + variables: + EXTRA_ARGS: $GRADLE_EXTRA_ARGS + script: + - cd $CONTEXT_LOCATION + - ./gradlew $GRADLE_CLI_OPTS jibBuildTar -DskipTests $EXTRA_ARGS + +.container-build-kaniko: + extends: .container-build-common + image: + name: gcr.io/kaniko-project/executor:v1.8.0-debug + entrypoint: [ "" ] + variables: + DOCKERFILE_LOCATION: $CI_PROJECT_DIR/Dockerfile + REGISTRY_MIRROR: --registry-mirror nexus.corp.exxcellent.de:18000 --skip-tls-verify-registry nexus.corp.exxcellent.de:18000 --skip-tls-verify + script: + - mkdir -p /kaniko/.docker + - echo "{\"auths\":{\"$DOCKER_REGISTRY\":{\"username\":\"$DOCKER_REGISTRY_USER\",\"password\":\"$DOCKER_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json + - /kaniko/executor --context $CONTEXT_LOCATION --dockerfile $DOCKERFILE_LOCATION --no-push --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA $EXTRA_ARGS $REGISTRY_MIRROR --tarPath image.tar diff --git a/templates/container/container-publish.gitlab-ci.yml b/templates/container/container-publish.gitlab-ci.yml new file mode 100644 index 0000000..b249aba --- /dev/null +++ b/templates/container/container-publish.gitlab-ci.yml @@ -0,0 +1,28 @@ +.container-publish: + stage: release + image: + name: quay.io/containers/skopeo:v1.5.2 + entrypoint: [ "" ] + variables: + CONTAINER_REGISTRY: $CI_REGISTRY_IMAGE + CONTAINER_REGISTRY_USER: $CI_REGISTRY_USER + CONTAINER_REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD + EXTRA_PATH: "" + rules: + - if: $CI_COMMIT_TAG + variables: + IMAGE_TAG: $CI_COMMIT_TAG + - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH + variables: + IMAGE_TAG: $CI_COMMIT_SHORT_SHA + EXTRA_PATH: "/snapshot" + - if: $CI_COMMIT_REF_NAME ~= "feat" + variables: + IMAGE_TAG: $CI_COMMIT_SHORT_SHA + EXTRA_PATH: "/feat/$CI_COMMIT_REF_NAME" + - when: never + script: + - skopeo login --username $CONTAINER_REGISTRY_USER --password $CONTAINER_REGISTRY_PASSWORD $CONTAINER_REGISTRY --tls-verify=false + - skopeo copy "docker-archive:image.tar" "docker://${CONTAINER_REGISTRY}${EXTRA_PATH}:${IMAGE_TAG}" --dest-tls-verify=false + +#TODO wir müssen noch den aktuell Tag bekommen damit wir den setzen können. (in default oder feat ausgeführt wird) \ No newline at end of file diff --git a/templates/container/container-scan.gitlab-ci.yml b/templates/container/container-scan.gitlab-ci.yml new file mode 100644 index 0000000..9fcf095 --- /dev/null +++ b/templates/container/container-scan.gitlab-ci.yml @@ -0,0 +1,19 @@ +.container-scan-trivy: + image: + name: docker.io/aquasec/trivy:0.24.2 + entrypoint: [ "" ] + stage: verify + variables: + IMAGE_PATH: $CI_PROJECT_DIR/image.tar + EXITCODE: 1 + TRIVY_EXTRA_ARGS: "--no-progress --ignore-unfixed --severity HIGH,CRITICAL --input image.tar" + cache: + paths: + - .trivycache/ + artifacts: + reports: + junit: junit-report.xml + script: + # Builds report and puts it in the default workdir $CI_PROJECT_DIR, so artifacts: can take it from there + - trivy --cache-dir .trivycache/ image --timeout 15m $TRIVY_EXTRA_ARGS --exit-code 0 --format template --template "/contrib/junit.tpl" -o junit-report.xml + - trivy --cache-dir .trivycache/ image --timeout 15m $TRIVY_EXTRA_ARGS --exit-code $EXITCODE \ No newline at end of file diff --git a/tool-documentation.gitlab-ci.yml b/templates/documentations/documentation.gitlab-ci.yml similarity index 73% rename from tool-documentation.gitlab-ci.yml rename to templates/documentations/documentation.gitlab-ci.yml index 1b43490..362bf3d 100644 --- a/tool-documentation.gitlab-ci.yml +++ b/templates/documentations/documentation.gitlab-ci.yml @@ -1,4 +1,4 @@ -.documentation-tool-template: +.documentation-tool-common: image: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-documentation-tool:1.6.1 variables: REV_NUMBER: $CI_COMMIT_SHORT_SHA @@ -12,21 +12,23 @@ - generate --type html - generate --type pdf -.check_confluence_validity-template: - extends: .documentation-tool-template - stage: generate-docs +.documentation-ckeck-confluence-validity: + extends: .documentation-tool-common + stage: verify + needs: [] variables: OUTPUT_DIR: merge_requests - script: - - check-validity artifacts: paths: [ merge_requests/ ] rules: - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' + - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH + script: + - check-validity -.pages-template: - extends: .documentation-tool-template - stage: generate-docs +.documentation-publish: + extends: .documentation-tool-common + stage: documentation variables: OUTPUT_DIR: public script: diff --git a/gradle-build-template.gitlab-ci.yml b/templates/java/gradle/gradle-build.gitlab-ci.yml similarity index 51% rename from gradle-build-template.gitlab-ci.yml rename to templates/java/gradle/gradle-build.gitlab-ci.yml index 9cd44e8..4bec052 100644 --- a/gradle-build-template.gitlab-ci.yml +++ b/templates/java/gradle/gradle-build.gitlab-ci.yml @@ -2,7 +2,8 @@ stage: build image: $GRADLE_IMAGE script: - - "./gradlew --build-cache clean assemble $GRADLE_CLI_OPTS" + # todo increase version like maven set. OR Define Gradle skript to use ENV + - "./gradlew --build-cache assemble $GRADLE_CLI_OPTS" artifacts: expire_in: 2 weeks when: on_success diff --git a/templates/java/gradle/gradle-database-diff.gitlab-ci.yml b/templates/java/gradle/gradle-database-diff.gitlab-ci.yml new file mode 100644 index 0000000..194230c --- /dev/null +++ b/templates/java/gradle/gradle-database-diff.gitlab-ci.yml @@ -0,0 +1,13 @@ +include: + local: "templates/java/java-common-db.gitlab-ci.yml" + +.gradle-database-diff: + extends: + - .database-diff-common + image: $GRADLE_IMAGE + variables: + GRADLE_EXTRA_OPTS: "" + PATH_TO_DIFF: "build/db-diff.xml" + script: + - ./gradlew liquibase:update liquibase:diff $GRADLE_EXTRA_OPTS + diff --git a/gradle-test-template.gitlab-ci.yml b/templates/java/gradle/gradle-test.gitlab-ci.yml similarity index 92% rename from gradle-test-template.gitlab-ci.yml rename to templates/java/gradle/gradle-test.gitlab-ci.yml index ca83ff4..c1cb1e2 100644 --- a/gradle-test-template.gitlab-ci.yml +++ b/templates/java/gradle/gradle-test.gitlab-ci.yml @@ -1,6 +1,6 @@ .gradle-test: image: $GRADLE_IMAGE - stage: test + stage: verify script: - "./gradlew --build-cache test $GRADLE_CLI_OPTS" artifacts: diff --git a/templates/java/java-common-db.gitlab-ci.yml b/templates/java/java-common-db.gitlab-ci.yml new file mode 100644 index 0000000..ed3f9ba --- /dev/null +++ b/templates/java/java-common-db.gitlab-ci.yml @@ -0,0 +1,13 @@ +.database-diff-common: + stage: verify + artifacts: + when: on_failure + expire_in: 2 weeks + paths: + - $PATH_TO_DIFF + after_script: + - > + if grep -x '' $PATH_TO_DIFF; + then printf 'Found no Difference in DB-Diff.\n'; exit 0; + else printf 'DB-Diff has Found changes.\n'; exit 1; + fi diff --git a/maven-build-template.gitlab-ci.yml b/templates/java/maven/maven-build.gitlab-ci.yml similarity index 52% rename from maven-build-template.gitlab-ci.yml rename to templates/java/maven/maven-build.gitlab-ci.yml index 59c9c60..8887e24 100644 --- a/maven-build-template.gitlab-ci.yml +++ b/templates/java/maven/maven-build.gitlab-ci.yml @@ -1,6 +1,11 @@ .maven-build: stage: build image: $MAVEN_IMAGE + before_script: + - > + if [ "$CI_COMMIT_TAG" != "" ]; then + mvn $MVN_EXTRA_ARGS $MAVEN_CLI_OPTS versions:set -DnewVersion=$CI_COMMIT_TAG -DgenerateBackupPoms=false + fi script: - mvn $MAVEN_CLI_OPTS package -DskipTests artifacts: diff --git a/templates/java/maven/maven-database-diff.gitlab-ci.yml b/templates/java/maven/maven-database-diff.gitlab-ci.yml new file mode 100644 index 0000000..b6487ad --- /dev/null +++ b/templates/java/maven/maven-database-diff.gitlab-ci.yml @@ -0,0 +1,12 @@ +include: + local: "templates/java/java-common-db.gitlab-ci.yml" + +.maven-database-diff: + extends: + - .database-diff-common + image: $MAVEN_IMAGE + variables: + MAVEN_EXTRA_OPTS: "" + PATH_TO_DIFF: "target/db-diff.xml" + script: + - mvn compile liquibase:update liquibase:diff $MAVEN_EXTRA_OPTS diff --git a/maven-dependencies-template.gitlab-ci.yml b/templates/java/maven/maven-dependencies.gitlab-ci.yml similarity index 100% rename from maven-dependencies-template.gitlab-ci.yml rename to templates/java/maven/maven-dependencies.gitlab-ci.yml diff --git a/maven-verify-template.gitlab-ci.yml b/templates/java/maven/maven-verify.gitlab-ci.yml similarity index 93% rename from maven-verify-template.gitlab-ci.yml rename to templates/java/maven/maven-verify.gitlab-ci.yml index db37363..1208c67 100644 --- a/maven-verify-template.gitlab-ci.yml +++ b/templates/java/maven/maven-verify.gitlab-ci.yml @@ -1,6 +1,6 @@ .maven-test: image: $MAVEN_IMAGE - stage: test + stage: verify script: - mvn $MAVEN_CLI_OPTS verify artifacts: diff --git a/npm-build-template.gitlab-ci.yml b/templates/npm/npm-build.gitlab-ci.yml similarity index 50% rename from npm-build-template.gitlab-ci.yml rename to templates/npm/npm-build.gitlab-ci.yml index faa159c..f0d9f17 100644 --- a/npm-build-template.gitlab-ci.yml +++ b/templates/npm/npm-build.gitlab-ci.yml @@ -1,6 +1,13 @@ .npm-build: image: $NODE_IMAGE stage: build + before_script: + #Todo this needs Testing!! + - > + if [ "$CI_COMMIT_TAG" != "" ]; then + npm --no-git-tag-version version from-git + fi + #Testing END script: - npm install - npm run build diff --git a/npm-dependencies-template.gitlab-ci.yml b/templates/npm/npm-dependencies.gitlab-ci.yml similarity index 100% rename from npm-dependencies-template.gitlab-ci.yml rename to templates/npm/npm-dependencies.gitlab-ci.yml diff --git a/npm-lint-template.gitlab-ci.yml b/templates/npm/npm-lint.gitlab-ci.yml similarity index 93% rename from npm-lint-template.gitlab-ci.yml rename to templates/npm/npm-lint.gitlab-ci.yml index f9562b2..dccfd49 100644 --- a/npm-lint-template.gitlab-ci.yml +++ b/templates/npm/npm-lint.gitlab-ci.yml @@ -1,6 +1,6 @@ .npm-lint: image: $NODE_IMAGE - stage: test + stage: verify before_script: script: - npm install -g eslint diff --git a/npm-test-template.gitlab-ci.yml b/templates/npm/npm-test.gitlab-ci.yml similarity index 89% rename from npm-test-template.gitlab-ci.yml rename to templates/npm/npm-test.gitlab-ci.yml index 34d4948..f97a62b 100644 --- a/npm-test-template.gitlab-ci.yml +++ b/templates/npm/npm-test.gitlab-ci.yml @@ -1,6 +1,6 @@ .npm-test: image: $NODE_IMAGE - stage: test + stage: verify before_script: - npm install -g rimraf karma script: diff --git a/mail-template.gitlab-ci.yml b/templates/releasing/mail.gitlab-ci.yml similarity index 94% rename from mail-template.gitlab-ci.yml rename to templates/releasing/mail.gitlab-ci.yml index 318e944..1a749f5 100644 --- a/mail-template.gitlab-ci.yml +++ b/templates/releasing/mail.gitlab-ci.yml @@ -1,4 +1,4 @@ -.send-mail: +.mail-send: image: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-mail-tool:1.1.0 stage: send-mail variables: diff --git a/push-tag-and-version-template.gitlab-ci.yml b/templates/releasing/push-tag-and-version.gitlab-ci.yml similarity index 84% rename from push-tag-and-version-template.gitlab-ci.yml rename to templates/releasing/push-tag-and-version.gitlab-ci.yml index a04a546..9b9afe1 100644 --- a/push-tag-and-version-template.gitlab-ci.yml +++ b/templates/releasing/push-tag-and-version.gitlab-ci.yml @@ -8,8 +8,10 @@ before_script: - setup-ssh script: - - export VERSION="0.0.0" - - "[ -f ./$ARTIFACT ] && export VERSION=$(cat ./$ARTIFACT)" + - | + if [ -z ${VERSION+x} ]; then + [ -f ./$ARTIFACT ] && export VERSION=$(cat ./$ARTIFACT); + fi - echo $VERSION - pull - echo $VERSION > $ARTIFACT @@ -20,3 +22,4 @@ mvn $MVN_EXTRA_ARGS $MAVEN_CLI_OPTS package fi - push $VERSION + diff --git a/templates/releasing/release-gitlab.gitlab-ci.yml b/templates/releasing/release-gitlab.gitlab-ci.yml new file mode 100644 index 0000000..f144885 --- /dev/null +++ b/templates/releasing/release-gitlab.gitlab-ci.yml @@ -0,0 +1,15 @@ +.release-create-gitlab: + stage: release + image: registry.gitlab.com/gitlab-org/release-cli:v0.11.0 + rules: + - if: $CI_COMMIT_TAG + script: + - echo "running release_job" + - echo $DESCRIPTION + variables: + ADDITIONAL_CA_CERT_BUNDLE: $CI_SERVER_TLS_CA_FILE + release: + name: 'Release $CI_COMMIT_TAG' + description: "$DESCRIPTION" + tag_name: '$CI_COMMIT_TAG' + ref: '$CI_COMMIT_TAG' diff --git a/templates/releasing/release.gitlab-ci.yml b/templates/releasing/release.gitlab-ci.yml new file mode 100644 index 0000000..f93d284 --- /dev/null +++ b/templates/releasing/release.gitlab-ci.yml @@ -0,0 +1,33 @@ +.release-common: + stage: release + variables: + PARENT_PIPELINE_ID: $CI_PIPELINE_ID + trigger: + include: release.gitlab-ci.yml + strategy: depend + +.release-default: + extends: .release-common + rules: + # Do not create Release Job when the job was triggered in a manual job + # This is so depending triggers can run successfully. + - if: '$CI_PIPELINE_SOURCE == "pipeline"' + when: never + - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH + when: manual + - if: $CI_COMMIT_REF_NAME == 'Templates2.0' + when: manual + #Do not make releases available in TAG CIs + - if: $CI_COMMIT_TAG + when: never + - when: never + +.release-release-branch: + extends: .release-common + rules: + - if: $CI_COMMIT_REF_NAME =~ 'RELEASE' + when: manual + #Do not make releases available in TAG CIs + - if: $CI_COMMIT_TAG + when: never + - when: never diff --git a/set-version-template.gitlab-ci.yml b/templates/releasing/set-version.gitlab-ci.yml similarity index 67% rename from set-version-template.gitlab-ci.yml rename to templates/releasing/set-version.gitlab-ci.yml index bff6dc6..8d88049 100644 --- a/set-version-template.gitlab-ci.yml +++ b/templates/releasing/set-version.gitlab-ci.yml @@ -4,12 +4,15 @@ variables: BUMP_VERSION: "major" PREFIX: "" - OUTPUT: version + OUTPUT: "version.env" SIMPLIFY: "false" TAG: "false" MODE: "next_version" script: - increase-version + - echo "VERSION=$(cat $OUTPUT)" > $OUTPUT + - cat $OUTPUT artifacts: - paths: - - $OUTPUT + reports: + dotenv: + - $OUTPUT diff --git a/templates/static-analysis/license.gitlab-ci.yml b/templates/static-analysis/license.gitlab-ci.yml new file mode 100644 index 0000000..dc04fd8 --- /dev/null +++ b/templates/static-analysis/license.gitlab-ci.yml @@ -0,0 +1,11 @@ +.license-license: + stage: verify + rules: + - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH + - if: $CI_COMMIT_REF_NAME =~ "RELEASE" + - if: $CI_COMMIT_REF_NAME == "Templates2.0" + - when: never + needs: [] + trigger: + include: license.gitlab-ci.yml + strategy: depend \ No newline at end of file diff --git a/repo-cve-scan.gitlab-ci.yml b/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml similarity index 95% rename from repo-cve-scan.gitlab-ci.yml rename to templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml index f1b5dd3..e0b6bc6 100644 --- a/repo-cve-scan.gitlab-ci.yml +++ b/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml @@ -1,13 +1,13 @@ -.repo_cve_scan: +.repo-cve-scan-trivy: image: name: docker.io/aquasec/trivy:0.25.1 entrypoint: [ "" ] - stage: test + stage: verify needs: [] variables: + SCAN_PATH: "." EXITCODE: 1 TRIVY_EXTRA_ARGS: "--no-progress --ignore-unfixed --severity HIGH,CRITICAL" - SCAN_PATH: "." cache: paths: - .trivycache/ diff --git a/tool-sonar7.gitlab-ci.yml b/templates/static-analysis/sonar.gitlab-ci.yml similarity index 96% rename from tool-sonar7.gitlab-ci.yml rename to templates/static-analysis/sonar.gitlab-ci.yml index c5fbc24..3e4b881 100644 --- a/tool-sonar7.gitlab-ci.yml +++ b/templates/static-analysis/sonar.gitlab-ci.yml @@ -1,5 +1,5 @@ .sonar-template-common: - stage: test + stage: verify variables: SONAR_HOST_URL: http://sonar7.exxcellent.de/sonar7 SONAR_PROJECT_KEY: "" @@ -9,7 +9,7 @@ SONAR_QUERY_MAX_ATTEMPTS_BUILD_BREAKER: "30" SONAR_QUERY_INTERVAL_BUILD_BREAKER: "10000" -.sonar-template: +.sonar-maven: extends: .sonar-template-common image: $MAVEN_IMAGE script: @@ -23,7 +23,7 @@ "-Dsonar.buildbreaker.queryMaxAttempts=$SONAR_QUERY_MAX_ATTEMPTS_BUILD_BREAKER" "-Dsonar.buildbreaker.queryInterval=$SONAR_QUERY_INTERVAL_BUILD_BREAKER" -.sonar-template-gradle: +.sonar-gradle: extends: .sonar-template-common image: $GRADLE_IMAGE script: From dd34b9884a6b278205008207985b1716ea877534 Mon Sep 17 00:00:00 2001 From: Karina Date: Fri, 1 Apr 2022 14:11:41 +0200 Subject: [PATCH 002/166] fix(container): remove --skip-tls-verify on image.tar build, rename CONTAINER_REGISTRY to CONTAINER_REGISTRY_IMAGE --- .../templates/container/container-publish.adoc | 5 +++-- templates/container/container-build.gitlab-ci.yml | 14 ++++++++++---- .../container/container-publish.gitlab-ci.yml | 7 ++++--- 3 files changed, 17 insertions(+), 9 deletions(-) diff --git a/documentation/chapters/templates/container/container-publish.adoc b/documentation/chapters/templates/container/container-publish.adoc index 32bf360..744ceb3 100644 --- a/documentation/chapters/templates/container/container-publish.adoc +++ b/documentation/chapters/templates/container/container-publish.adoc @@ -8,9 +8,10 @@ Needs a build container on the path `image.tar`. Use one of the Container build .Variables |=== |Name |Description | Default Value -| CONTAINER_REGISTRY | Url to the remote Registry | $CI_REGISTRY_IMAGE +| CONTAINER_REGISTRY | The address of the Container Registry | $CI_REGISTRY +| CONTAINER_REGISTRY_IMAGE | The address of the project’s Container Registry. | $CI_REGISTRY_IMAGE | CONTAINER_REGISTRY_USER | the user that should be used | $CI_REGISTRY_USER -| CONTAINER_REGISTRY_PASSWORD | the passwort for the remote registry | $CI_REGISTRY_PASSWORD +| CONTAINER_REGISTRY_PASSWORD | the password for the remote registry | $CI_REGISTRY_PASSWORD | EXTRA_PATH | Extra path that should be between the registry path and the image tag | "" | IMAGE_TAG | the Tag the image should be found on | Depends on the current path. Look at the rules of the Job. |=== diff --git a/templates/container/container-build.gitlab-ci.yml b/templates/container/container-build.gitlab-ci.yml index 33a776d..e24c162 100644 --- a/templates/container/container-build.gitlab-ci.yml +++ b/templates/container/container-build.gitlab-ci.yml @@ -30,8 +30,14 @@ entrypoint: [ "" ] variables: DOCKERFILE_LOCATION: $CI_PROJECT_DIR/Dockerfile - REGISTRY_MIRROR: --registry-mirror nexus.corp.exxcellent.de:18000 --skip-tls-verify-registry nexus.corp.exxcellent.de:18000 --skip-tls-verify + REGISTRY_MIRROR: --registry-mirror nexus.corp.exxcellent.de:18000 --skip-tls-verify-registry nexus.corp.exxcellent.de:18000 script: - - mkdir -p /kaniko/.docker - - echo "{\"auths\":{\"$DOCKER_REGISTRY\":{\"username\":\"$DOCKER_REGISTRY_USER\",\"password\":\"$DOCKER_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json - - /kaniko/executor --context $CONTEXT_LOCATION --dockerfile $DOCKERFILE_LOCATION --no-push --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA $EXTRA_ARGS $REGISTRY_MIRROR --tarPath image.tar + - >- + /kaniko/executor + --context $CONTEXT_LOCATION + --dockerfile $DOCKERFILE_LOCATION + --no-push + --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA + $EXTRA_ARGS + $REGISTRY_MIRROR + --tarPath image.tar diff --git a/templates/container/container-publish.gitlab-ci.yml b/templates/container/container-publish.gitlab-ci.yml index b249aba..2de3b57 100644 --- a/templates/container/container-publish.gitlab-ci.yml +++ b/templates/container/container-publish.gitlab-ci.yml @@ -4,7 +4,8 @@ name: quay.io/containers/skopeo:v1.5.2 entrypoint: [ "" ] variables: - CONTAINER_REGISTRY: $CI_REGISTRY_IMAGE + CONTAINER_REGISTRY: $CI_REGISTRY + CONTAINER_REGISTRY_IMAGE: $CI_REGISTRY_IMAGE CONTAINER_REGISTRY_USER: $CI_REGISTRY_USER CONTAINER_REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD EXTRA_PATH: "" @@ -22,7 +23,7 @@ EXTRA_PATH: "/feat/$CI_COMMIT_REF_NAME" - when: never script: - - skopeo login --username $CONTAINER_REGISTRY_USER --password $CONTAINER_REGISTRY_PASSWORD $CONTAINER_REGISTRY --tls-verify=false - - skopeo copy "docker-archive:image.tar" "docker://${CONTAINER_REGISTRY}${EXTRA_PATH}:${IMAGE_TAG}" --dest-tls-verify=false + - skopeo login --username $CONTAINER_REGISTRY_USER --password $CONTAINER_REGISTRY_PASSWORD $CONTAINER_REGISTRY_IMAGE --tls-verify=false + - skopeo copy "docker-archive:image.tar" "docker://${CONTAINER_REGISTRY_IMAGE}${EXTRA_PATH}:${IMAGE_TAG}" --dest-tls-verify=false #TODO wir müssen noch den aktuell Tag bekommen damit wir den setzen können. (in default oder feat ausgeführt wird) \ No newline at end of file From 4a22b664abc4514c19cd257caa2d249b62aae7ec Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 4 Mar 2022 16:12:26 +0100 Subject: [PATCH 003/166] feat(Templates): Ideal eXXcellent Pipeline --- .../templates/container/container-publish.adoc | 5 ++--- .../templates/container/container-scan.adoc | 2 -- pipelines/java-maven.gitlab-ci.yml | 18 +++++++++++------- .../container/container-build.gitlab-ci.yml | 14 ++++---------- .../container/container-publish.gitlab-ci.yml | 11 ++++------- .../container/container-scan.gitlab-ci.yml | 2 +- .../java/gradle/gradle-build.gitlab-ci.yml | 5 ++++- .../repo-cve-scan-trivy.gitlab-ci.yml | 2 +- 8 files changed, 27 insertions(+), 32 deletions(-) diff --git a/documentation/chapters/templates/container/container-publish.adoc b/documentation/chapters/templates/container/container-publish.adoc index 744ceb3..32bf360 100644 --- a/documentation/chapters/templates/container/container-publish.adoc +++ b/documentation/chapters/templates/container/container-publish.adoc @@ -8,10 +8,9 @@ Needs a build container on the path `image.tar`. Use one of the Container build .Variables |=== |Name |Description | Default Value -| CONTAINER_REGISTRY | The address of the Container Registry | $CI_REGISTRY -| CONTAINER_REGISTRY_IMAGE | The address of the project’s Container Registry. | $CI_REGISTRY_IMAGE +| CONTAINER_REGISTRY | Url to the remote Registry | $CI_REGISTRY_IMAGE | CONTAINER_REGISTRY_USER | the user that should be used | $CI_REGISTRY_USER -| CONTAINER_REGISTRY_PASSWORD | the password for the remote registry | $CI_REGISTRY_PASSWORD +| CONTAINER_REGISTRY_PASSWORD | the passwort for the remote registry | $CI_REGISTRY_PASSWORD | EXTRA_PATH | Extra path that should be between the registry path and the image tag | "" | IMAGE_TAG | the Tag the image should be found on | Depends on the current path. Look at the rules of the Job. |=== diff --git a/documentation/chapters/templates/container/container-scan.adoc b/documentation/chapters/templates/container/container-scan.adoc index 9233580..a448496 100644 --- a/documentation/chapters/templates/container/container-scan.adoc +++ b/documentation/chapters/templates/container/container-scan.adoc @@ -28,8 +28,6 @@ Wenn 0 benutzt wird, läuft die CI weiter. Benutzte `allow_failure: true` damit die CI weiter läuft aber ein Failure angezeigt wird. | - |GRADLE_CLI_OPTS | Zusätzliche CLI Opts für Gradle | "" - -|KANIKO_EXTRA_ARGS | Extra Arguments for the build of the image with Kaniko | "" |=== .container scan template diff --git a/pipelines/java-maven.gitlab-ci.yml b/pipelines/java-maven.gitlab-ci.yml index c495f89..aeac153 100644 --- a/pipelines/java-maven.gitlab-ci.yml +++ b/pipelines/java-maven.gitlab-ci.yml @@ -1,8 +1,14 @@ include: - - '/templates/java/maven/maven-dependencies.gitlab-ci.yml' - - '/templates/java/maven/maven-build.gitlab-ci.yml' - - '/templates/java/maven/maven-verify.gitlab-ci.yml' - - '/templates/java/maven/maven-database-diff.gitlab-ci.yml' + - '/templates/java/maven/maven-dependencies.gitlab-ci.yml' + - '/templates/java/maven/maven-build.gitlab-ci.yml' + - '/templates/java/maven/maven-verify.gitlab-ci.yml' + - '/templates/java/maven/maven-database-diff.gitlab-ci.yml' + - '/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml' + - '/templates/static-analysis/sonar.gitlab-ci.yml' + +# todo doc welche Variablen gesetzt werden müssen.before_script: +# variables: +# SONAR_PROJECT_KEY: "gilde.ci.cd.restservice:java-backend-template" Dependencies-Java: extends: .maven-dependencies @@ -30,10 +36,8 @@ Repo-CVE-Scan: allow_failure: true extends: .repo-cve-scan-trivy -sonar: +Sonar: extends: .sonar-maven needs: - job: "Build-Java" artifacts: true - variables: - SONAR_PROJECT_KEY: "gilde.ci.cd.restservice:java-backend-template" \ No newline at end of file diff --git a/templates/container/container-build.gitlab-ci.yml b/templates/container/container-build.gitlab-ci.yml index e24c162..33a776d 100644 --- a/templates/container/container-build.gitlab-ci.yml +++ b/templates/container/container-build.gitlab-ci.yml @@ -30,14 +30,8 @@ entrypoint: [ "" ] variables: DOCKERFILE_LOCATION: $CI_PROJECT_DIR/Dockerfile - REGISTRY_MIRROR: --registry-mirror nexus.corp.exxcellent.de:18000 --skip-tls-verify-registry nexus.corp.exxcellent.de:18000 + REGISTRY_MIRROR: --registry-mirror nexus.corp.exxcellent.de:18000 --skip-tls-verify-registry nexus.corp.exxcellent.de:18000 --skip-tls-verify script: - - >- - /kaniko/executor - --context $CONTEXT_LOCATION - --dockerfile $DOCKERFILE_LOCATION - --no-push - --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA - $EXTRA_ARGS - $REGISTRY_MIRROR - --tarPath image.tar + - mkdir -p /kaniko/.docker + - echo "{\"auths\":{\"$DOCKER_REGISTRY\":{\"username\":\"$DOCKER_REGISTRY_USER\",\"password\":\"$DOCKER_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json + - /kaniko/executor --context $CONTEXT_LOCATION --dockerfile $DOCKERFILE_LOCATION --no-push --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA $EXTRA_ARGS $REGISTRY_MIRROR --tarPath image.tar diff --git a/templates/container/container-publish.gitlab-ci.yml b/templates/container/container-publish.gitlab-ci.yml index 2de3b57..77ea02c 100644 --- a/templates/container/container-publish.gitlab-ci.yml +++ b/templates/container/container-publish.gitlab-ci.yml @@ -4,8 +4,7 @@ name: quay.io/containers/skopeo:v1.5.2 entrypoint: [ "" ] variables: - CONTAINER_REGISTRY: $CI_REGISTRY - CONTAINER_REGISTRY_IMAGE: $CI_REGISTRY_IMAGE + CONTAINER_REGISTRY: $CI_REGISTRY_IMAGE CONTAINER_REGISTRY_USER: $CI_REGISTRY_USER CONTAINER_REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD EXTRA_PATH: "" @@ -19,11 +18,9 @@ EXTRA_PATH: "/snapshot" - if: $CI_COMMIT_REF_NAME ~= "feat" variables: - IMAGE_TAG: $CI_COMMIT_SHORT_SHA + IMAGE_TAG: "latest" EXTRA_PATH: "/feat/$CI_COMMIT_REF_NAME" - when: never script: - - skopeo login --username $CONTAINER_REGISTRY_USER --password $CONTAINER_REGISTRY_PASSWORD $CONTAINER_REGISTRY_IMAGE --tls-verify=false - - skopeo copy "docker-archive:image.tar" "docker://${CONTAINER_REGISTRY_IMAGE}${EXTRA_PATH}:${IMAGE_TAG}" --dest-tls-verify=false - -#TODO wir müssen noch den aktuell Tag bekommen damit wir den setzen können. (in default oder feat ausgeführt wird) \ No newline at end of file + - skopeo login --username $CONTAINER_REGISTRY_USER --password $CONTAINER_REGISTRY_PASSWORD $CONTAINER_REGISTRY --tls-verify=false + - skopeo copy "docker-archive:image.tar" "docker://${CONTAINER_REGISTRY}${EXTRA_PATH}:${IMAGE_TAG}" --dest-tls-verify=false \ No newline at end of file diff --git a/templates/container/container-scan.gitlab-ci.yml b/templates/container/container-scan.gitlab-ci.yml index 9fcf095..d4958e1 100644 --- a/templates/container/container-scan.gitlab-ci.yml +++ b/templates/container/container-scan.gitlab-ci.yml @@ -1,6 +1,6 @@ .container-scan-trivy: image: - name: docker.io/aquasec/trivy:0.24.2 + name: docker.io/aquasec/trivy:0.25.0 entrypoint: [ "" ] stage: verify variables: diff --git a/templates/java/gradle/gradle-build.gitlab-ci.yml b/templates/java/gradle/gradle-build.gitlab-ci.yml index 4bec052..617cbf5 100644 --- a/templates/java/gradle/gradle-build.gitlab-ci.yml +++ b/templates/java/gradle/gradle-build.gitlab-ci.yml @@ -2,7 +2,10 @@ stage: build image: $GRADLE_IMAGE script: - # todo increase version like maven set. OR Define Gradle skript to use ENV + # todo increase version like maven set. OR Define Gradle skript to use ENV Ideen: + # wir überlassen den Projekten das wie sie die Version hoch zählen. + # wir definieren eine Variable die beim aufruf von gradle gesetzt werden kann um die Version zu bekommen. + # wir sagen das hier das plugin von palantir benutzt werden soll. - "./gradlew --build-cache assemble $GRADLE_CLI_OPTS" artifacts: expire_in: 2 weeks diff --git a/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml b/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml index e0b6bc6..f284466 100644 --- a/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml +++ b/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml @@ -1,6 +1,6 @@ .repo-cve-scan-trivy: image: - name: docker.io/aquasec/trivy:0.25.1 + name: docker.io/aquasec/trivy:0.25.0 entrypoint: [ "" ] stage: verify needs: [] From 5b3b2fdfd036c286f2f6379729c00fa9b023e4a4 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 4 Mar 2022 16:12:26 +0100 Subject: [PATCH 004/166] feat(Templates): Ideal eXXcellent Pipeline --- .../chapters/pipelines/update-version.adoc | 225 ++++++++++++++++++ 1 file changed, 225 insertions(+) create mode 100644 documentation/chapters/pipelines/update-version.adoc diff --git a/documentation/chapters/pipelines/update-version.adoc b/documentation/chapters/pipelines/update-version.adoc new file mode 100644 index 0000000..d67a4b9 --- /dev/null +++ b/documentation/chapters/pipelines/update-version.adoc @@ -0,0 +1,225 @@ +:sourcedir: ../../../pipelines + +ifndef::imagesdir[] +:imagesdir: ../../images +endif::[] + +[#_pipeline_release] += Release Version Pipeline + + +This pipeline is a drop-in pipeline meant to make releases of your software as easy as possible. +The pipeline is split into a main and a child pipeline. + +The main pipeline provides infrastructure to create Gitlab-releases and the triggers for the child pipeline. + +The child pipeline is meant to create a new git tag with an increased Version. +You can easily extend the child pipeline to publish Artefacts. +Although this is possible we recommend using tagged pipelines. + +== Overview diagram + +[mermaid] +.... +graph TB +.gitlab-ci.yml-->release-template.gitlab-ci.yml +release-template.gitlab-ci.yml-- release-->release.gitlab-ci.yml +release.gitlab-ci.yml-->pipelines/update-version-pipeline.gitlab-ci.yml +release.gitlab-ci.yml-->container-publish.gitlab-ci.yml +.gitlab-ci.yml--test-->container-scan.gitlab-ci.yml + +subgraph project +.gitlab-ci.yml-->release.gitlab-ci.yml + +end + +subgraph Gitlab-CI-templates +release-template.gitlab-ci.yml + +pipelines/update-version-pipeline.gitlab-ci.yml-->push-tag-and-version-template.gitlab-ci.yml +pipelines/update-version-pipeline.gitlab-ci.yml-->set-version-template.gitlab-ci.yml +set-version-template.gitlab-ci.yml-->exxcellent-increase-version-tool/increase-version + +container-publish.gitlab-ci.yml-->.publish-image-kaniko + +container-scan.gitlab-ci.yml +end + +.... + +== Setup + +This pipeline should be included as a child-pipeline in your gitlab-ci pipeline. +You then can add an individual release job for each kind of version bump. + +NOTE: You only need the variable `PARENT_PIPELINE_ID` , if you use an https://docs.gitlab.com/ee/ci/yaml/README.html#artifact-downloads-to-child-pipelines[artifact of you parent-pipeline in your child pipeline] + +In your gitlab-ci.yml include the following + +.gitlab-ci.yml +[source, yaml] +---- +stages: + - release + +include: + - project: 'gilden/ci/gitlab-ci-templates' + ref: 'master' + file: + - 'templates/releasing/release.gitlab-ci.yml' + +a.major-release: + #Pressent in all Pipelines + extends: .release-common + variables: + BUMP_VERSION: "major" + +b.minor-release: + #Pressent only on Default Branch + extends: .release-default + variables: + BUMP_VERSION: "minor" + +c.patch-release: + #Pressent only on Release Branches + extends: .release-release-branch + variables: + BUMP_VERSION: "patch" + +d.prerelease-release: + #Pressent only on Release Branches + extends: .release-release-branch + variables: + BUMP_VERSION: "prerelease" + +e.build-release: + #Pressent only on Release Branches + extends: .release-release-branch + variables: + BUMP_VERSION: "build" + +---- + +Create a child-pipeline file called `release.gitlab-ci.yml` and include the following: + +.release.gitlab-ci.yml +[source, yaml] +---- +stages: + - set-version + - push-tag-and-version + - release + +include: + - project: 'gilden/ci/gitlab-ci-templates' + ref: 'master' + file: + - 'pipelines/eXXcellent-release-Child.gitlab-ci.yml' +---- + +You pipeline then looks like the following: + +.Release Pipeline +//todo update image for tag pipelines +image::Release-Docker-Image-Pipeline.png[] + +== Pipeline + +.update-version-pipeline +[source, yaml] +---- +include::{sourcedir}/update-version.gitlab-ci.yml[] +---- + +== Usage with release branches + +The `update version template` can be used to create a pipeline which supports releasing of artifacts from a release branch instead of the master branch. The https://gitlab.exxcellent.de/gilden/ci/exxcellent-increase-version-tool[exxcellent-versioning-tool] takes care of creating the next reasonable version numbers. + +If you want to realise this topic you can use the template the following way: + +.gitlab-ci.yml +[source, yaml] +---- +stages: + - release + +include: + - project: 'gilden/ci/gitlab-ci-templates' + ref: 'master' + file: + - 'release.gitlab-ci.yml' + +# Creates next major prerelease on master (e.g.: 2.0.0-rc.1 --> 3.0.0-rc.1) +a.major-prerelease: + extends: .release-template + variables: + BUMP_VERSION: "major prerelease" + MODE: "bump" + +# Creates next minor prerelease on master (e.g.: 2.0.0-rc.1 --> 2.1.0-rc.1) +b.minor-prerelease: + extends: .release-template + variables: + BUMP_VERSION: "minor prerelease" + MODE: "bump" + +# Creates release on release branch (e.g.: 2.0.0-rc.1 --> 2.0.0) +a.create-release: + extends: .release-template + variables: + BUMP_VERSION: "patch" + MODE: "next_version" + rules: + - if: $CI_COMMIT_REF_NAME =~ /^release/ + when: manual + - when: never + +# Creates next prerelease on release branch (e.g.: 2.0.0 --> 2.0.1-rc.1 or 2.0.0-rc.1 --> 2.0.1-rc.2) +b.create-prerelease: + extends: .release-template + variables: + BUMP_VERSION: "prerelease" + MODE: "next_version" + rules: + - if: $CI_COMMIT_REF_NAME =~ /^release/ + when: manual + - when: never + +---- + +.release.gitlab-ci.yml +[source, yaml] +---- +stages: + - set-version + - push-tag-and-version + - release + +include: + - project: 'gilden/ci/gitlab-ci-templates' + ref: 'master' + file: + - 'pipelines/eXXcellent-release-Child.gitlab-ci.yml' + - 'push-image.yml' + +# This is optional +push-docker-image: + extends: .publish-image-kaniko + stage: release + # You only need NEED if you use a artifact from your parent pipeline to build the image + needs: + - pipeline: $PARENT_PIPELINE_ID + job: Build + - job: increase-version + - job: push-tag-and-version + rules: + - when: always + before_script: + - "[ -f ./version ] && export LATEST_VERSION=$(cat ./version)" + - export PARSED_VERSION=$(echo $LATEST_VERSION | sed -r 's/\+/_/g') # Replace + sign since this is not valid in a docker tag + - export IMAGE_NAME=$CI_REGISTRY_IMAGE:$PARSED_VERSION +---- + +More information on this topic and a more detailed instructions can be found in our https://gitlab.exxcellent.de/gilden/ci/exxcellent-branching-template[exxcellent-branching-template]. + + From a6463cffaba534f001a14efe20c82bb0cc9bc95f Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Fri, 1 Apr 2022 17:03:19 +0200 Subject: [PATCH 005/166] feat(exx-Pipeline): add gradle template --- pipelines/java-gradle.gitlab-ci.yml | 32 +++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 pipelines/java-gradle.gitlab-ci.yml diff --git a/pipelines/java-gradle.gitlab-ci.yml b/pipelines/java-gradle.gitlab-ci.yml new file mode 100644 index 0000000..a59a9bc --- /dev/null +++ b/pipelines/java-gradle.gitlab-ci.yml @@ -0,0 +1,32 @@ +include: + - '/templates/java/gradle/gradle-build.gitlab-ci.yml' + - '/templates/java/gradle/gradle-test.gitlab-ci.yml' + - '/templates/java/gradle/gradle-database-diff.gitlab-ci.yml' + - '/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml' + - '/templates/static-analysis/sonar.gitlab-ci.yml' + +Build-Java: + extends: .gradle-build + +Test-Java: + extends: .gradle-test + needs: + - job: "Build-Java" + artifacts: true + +Database-Diff: + extends: + - .gradle-database-diff + needs: + - job: "Build-Java" + artifacts: true + +Repo-CVE-Scan: + allow_failure: true + extends: .repo-cve-scan-trivy + +sonar: + extends: .sonar-gradle + needs: + - job: "Build-Java" + artifacts: true \ No newline at end of file From c827e39fc5c074938cd2fe014cb7aec2431af560 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Fri, 1 Apr 2022 18:53:18 +0200 Subject: [PATCH 006/166] feat(exx-Pipeline): add sonar default vars --- pipelines/java-gradle.gitlab-ci.yml | 5 ++++- pipelines/java-maven.gitlab-ci.yml | 3 +++ templates/static-analysis/sonar.gitlab-ci.yml | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/pipelines/java-gradle.gitlab-ci.yml b/pipelines/java-gradle.gitlab-ci.yml index a59a9bc..37409a6 100644 --- a/pipelines/java-gradle.gitlab-ci.yml +++ b/pipelines/java-gradle.gitlab-ci.yml @@ -29,4 +29,7 @@ sonar: extends: .sonar-gradle needs: - job: "Build-Java" - artifacts: true \ No newline at end of file + artifacts: true + variables: + SONAR_PROJECT_KEY: $CI_PROJECT_NAME + SONAR_PROJECT_NAME: $CI_PROJECT_NAME \ No newline at end of file diff --git a/pipelines/java-maven.gitlab-ci.yml b/pipelines/java-maven.gitlab-ci.yml index aeac153..1e7ca52 100644 --- a/pipelines/java-maven.gitlab-ci.yml +++ b/pipelines/java-maven.gitlab-ci.yml @@ -41,3 +41,6 @@ Sonar: needs: - job: "Build-Java" artifacts: true + variables: + SONAR_PROJECT_KEY: $CI_PROJECT_NAME + SONAR_PROJECT_NAME: $CI_PROJECT_NAME diff --git a/templates/static-analysis/sonar.gitlab-ci.yml b/templates/static-analysis/sonar.gitlab-ci.yml index 3e4b881..b9f7f0e 100644 --- a/templates/static-analysis/sonar.gitlab-ci.yml +++ b/templates/static-analysis/sonar.gitlab-ci.yml @@ -4,7 +4,7 @@ SONAR_HOST_URL: http://sonar7.exxcellent.de/sonar7 SONAR_PROJECT_KEY: "" SONAR_PROJECT_NAME: "" - SONAR_EXCLUSIONS: "**/target/**,**/src/test/**" + SONAR_EXCLUSIONS: "**/target/**,**/src/test/**,**/generated/**,**/i18n/**" SONAR_SKIP_BUILD_BREAKER: "true" SONAR_QUERY_MAX_ATTEMPTS_BUILD_BREAKER: "30" SONAR_QUERY_INTERVAL_BUILD_BREAKER: "10000" From 5c6060da9dbeeab17c5dbdb54edd621d98a708a0 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 4 Apr 2022 14:01:50 +0200 Subject: [PATCH 007/166] feat(Pipeline-eXXcellent-Release): Document releasing Pipeline. --- .../pipelines/eXXcellent-release.adoc | 129 ++++++++++ .../pipelines/update-version-pipeline.adoc | 221 ----------------- .../chapters/pipelines/update-version.adoc | 225 ------------------ .../releasing/release-gitlab-template.adoc | 1 + .../templates/releasing/release-template.adoc | 3 +- documentation/document.adoc | 2 +- documentation/generalInformation.adoc | 2 + .../eXXcellent-release-Child.gitlab-ci.yml | 34 +++ .../eXXcellent-release-Main.gitlab-ci.yml} | 0 pipelines/update-version.gitlab-ci.yml | 48 ---- 10 files changed, 168 insertions(+), 497 deletions(-) create mode 100644 documentation/chapters/pipelines/eXXcellent-release.adoc delete mode 100644 documentation/chapters/pipelines/update-version-pipeline.adoc delete mode 100644 documentation/chapters/pipelines/update-version.adoc create mode 100644 pipelines/release/eXXcellent-release-Child.gitlab-ci.yml rename pipelines/{eXXcellent-release.gitlab-ci.yml => release/eXXcellent-release-Main.gitlab-ci.yml} (100%) delete mode 100644 pipelines/update-version.gitlab-ci.yml diff --git a/documentation/chapters/pipelines/eXXcellent-release.adoc b/documentation/chapters/pipelines/eXXcellent-release.adoc new file mode 100644 index 0000000..48f0653 --- /dev/null +++ b/documentation/chapters/pipelines/eXXcellent-release.adoc @@ -0,0 +1,129 @@ +:sourcedir: ../../../pipelines + +ifndef::imagesdir[] +:imagesdir: ../../images +endif::[] + +[#_pipeline_release] += Release Version Pipeline + +This pipeline is a drop-in pipeline meant to make releases of your software as easy as possible. +The pipeline is split into a main and a child pipeline. +You also can use the pipelines independently. + +The main-pipeline provides infrastructure to create Gitlab-releases and the triggers for the child pipeline. + +The child pipeline is meant to create a new git tag with an increased Version. +When executed on it also creates a new Release Branch. + +You can easily extend the child pipeline to publish Artefacts. +Although this is possible we recommend using tagged pipelines to publish Artefacts. +Tagged pipelines have the benefit that your pipelines are linked to a tag. +This makes publishing out of order or hotfixes simpler. +Since you do not relly on prior CI artefacts. + +== Overview diagram + +The following diagram shows how the pipelines works. +The imported Main pipeline triggers a child-pipeline. +This child pipeline is defined by a yaml file within your repository named release.gitlab-ci.yml Within this file you can define your skripts like in the normal .gitlab-ci.yml file. +We suggest importing the child pipeline. + +[mermaid] +.... +graph TB +main-project[.gitlab-ci.yml] -- Imports --> main +release[release.gitlab-ci.yml] -- Imports --> child +main -. Triggers Child Pipeline .-> release + +subgraph project [Your project] +main-project +release + +end + +subgraph Gitlab-CI-templates [Gitlab-CI templates] + +main[pipelines/release/eXXcellent-release-Main.gitlab-ci.yml] +child[pipelines/release/eXXcellent-release-Child.gitlab-ci.yml] + +end +.... + +== Deep dive + +=== Main + +The main mainly imports jobs from the release.gitlab-ci.yml file. +On your default branch (Main/Master) it provides a job to increase the Major version. +On all branches that have RELEASE in their name it will provide jobs for all other versions. +This will Trigger your release.gitlab-ci.yml file. +Please read the documentation on <<_release_template>> if you need more information. + +It also contains a job to create a Gitlab-Release. +It is only executed within tagged pipelines, since we want to create releases from these Tags. +For More Information about this please read <<_release_gitlab_template>>. + +.pipelines/release/eXXcellent-release-Main.gitlab-ci.yml +[source,yaml] +---- +include::../../../pipelines/release/eXXcellent-release-Main.gitlab-ci.yml[] +---- + +=== Child + +The child pipeline manly imports the set-version Template. +it consists of two Jobs. The increase-version Job and the Push Tag and Branch Job. + +The increase version job searches the latest tag on the branch that is checked out and increases the version according to the passed version type (Major,Minor,usw...). +On release-branches the tag will be pushed from this job. Since we do not need to do more. +On the default branch the push-tag-and-branch will push the tag. +It will also push a RELEASE branch. + +When pushing a tag a new tagged pipeline is created. +The release will then be created from this pipeline. +In this pipeline the $CI_COMMIT_TAG variable will be set with the content of the tag. + +You can do additional work and publishing here. + +.pipelines/release/eXXcellent-release-Child.gitlab-ci.yml +[source,yaml] +---- +include::../../../pipelines/release/eXXcellent-release-Child.gitlab-ci.yml[] +---- + +== Setup + +1. to get started you have to prepair the repository so we can push Tags and Branches. +please read this documentation https://www.exxcellent.de/confluence/pages/viewpage.action?pageId=111183261[Getting Started - Version Tool] + +2. Then Import the main pipeline into your .gitlab-ci.yml file: + +.gitlab-ci.yml +[source,yaml] +---- +stages: + - release #Should be the last stage within you pipeline. + +include: + - project: 'gilden/ci/gitlab-ci-templates' + ref: '2.0' + file: + - 'pipelines/release/eXXcellent-release-Main.gitlab-ci.yml' +---- + +3. Create a child-pipeline file called `release.gitlab-ci.yml` and include the following: + +.release.gitlab-ci.yml +[source,yaml] +---- +include: + - project: 'gilden/ci/gitlab-ci-templates' + ref: '2.0' + file: + - 'pipelines/release/eXXcellent-release-Child.gitlab-ci.yml' + +#add more jobs here if needed. +---- + + diff --git a/documentation/chapters/pipelines/update-version-pipeline.adoc b/documentation/chapters/pipelines/update-version-pipeline.adoc deleted file mode 100644 index ad1e97c..0000000 --- a/documentation/chapters/pipelines/update-version-pipeline.adoc +++ /dev/null @@ -1,221 +0,0 @@ -:sourcedir: ../../../pipelines - -ifndef::imagesdir[] -:imagesdir: ../../images -endif::[] - -[#_pipeline_release] -= Release Version Pipeline - -//todo umschreiben auf tag pipelines. - -This pipeline provides the jobs to increase the version, create a new tag and updates the changed files (version) the repository. - -It can be extended to push a docker image to a docker registry. - -== Overview diagram - -[mermaid] -.... -graph TB -.gitlab-ci.yml-->release-template.gitlab-ci.yml -release-template.gitlab-ci.yml-- release-->release.gitlab-ci.yml -release.gitlab-ci.yml-->pipelines/update-version-pipeline.gitlab-ci.yml -release.gitlab-ci.yml-->container-publish.gitlab-ci.yml -.gitlab-ci.yml--test-->container-scan.gitlab-ci.yml - -subgraph project -.gitlab-ci.yml-->release.gitlab-ci.yml - -end - -subgraph Gitlab-CI-templates -release-template.gitlab-ci.yml - -pipelines/update-version-pipeline.gitlab-ci.yml-->push-tag-and-version-template.gitlab-ci.yml -pipelines/update-version-pipeline.gitlab-ci.yml-->set-version-template.gitlab-ci.yml -set-version-template.gitlab-ci.yml-->exxcellent-increase-version-tool/increase-version - -container-publish.gitlab-ci.yml-->.publish-image-kaniko - -container-scan.gitlab-ci.yml -end - -.... - -== Setup - -This pipeline should be included as a child-pipeline in your gitlab-ci pipeline. -You then can add an individual release job for each kind of version bump. - -NOTE: You only need the variable `PARENT_PIPELINE_ID` , if you use an https://docs.gitlab.com/ee/ci/yaml/README.html#artifact-downloads-to-child-pipelines[artifact of you parent-pipeline in your child pipeline] - -In your gitlab-ci.yml include the following - -.gitlab-ci.yml -[source, yaml] ----- -stages: - - release - -include: - - project: 'gilden/ci/gitlab-ci-templates' - ref: 'master' - file: - - 'templates/releasing/release.gitlab-ci.yml' - -a.major-release: - #Pressent in all Pipelines - extends: .release-common - variables: - BUMP_VERSION: "major" - -b.minor-release: - #Pressent only on Default Branch - extends: .release-default - variables: - BUMP_VERSION: "minor" - -c.patch-release: - #Pressent only on Release Branches - extends: .release-release-branch - variables: - BUMP_VERSION: "patch" - -d.prerelease-release: - #Pressent only on Release Branches - extends: .release-release-branch - variables: - BUMP_VERSION: "prerelease" - -e.build-release: - #Pressent only on Release Branches - extends: .release-release-branch - variables: - BUMP_VERSION: "build" - ----- - -Create a child-pipeline file called `release.gitlab-ci.yml` and include the following: - -.release.gitlab-ci.yml -[source, yaml] ----- -stages: - - set-version - - push-tag-and-version - - release - -include: - - project: 'gilden/ci/gitlab-ci-templates' - ref: 'master' - file: - - 'pipelines/update-version.gitlab-ci.yml' ----- - -You pipeline then looks like the following: - -.Release Pipeline -//todo update image for tag pipelines -image::Release-Docker-Image-Pipeline.png[] - -== Pipeline - -.update-version-pipeline -[source, yaml] ----- -include::{sourcedir}/update-version.gitlab-ci.yml[] ----- - -== Usage with release branches - -The `update version template` can be used to create a pipeline which supports releasing of artifacts from a release branch instead of the master branch. The https://gitlab.exxcellent.de/gilden/ci/exxcellent-increase-version-tool[exxcellent-versioning-tool] takes care of creating the next reasonable version numbers. - -If you want to realise this topic you can use the template the following way: - -.gitlab-ci.yml -[source, yaml] ----- -stages: - - release - -include: - - project: 'gilden/ci/gitlab-ci-templates' - ref: 'master' - file: - - 'release.gitlab-ci.yml' - -# Creates next major prerelease on master (e.g.: 2.0.0-rc.1 --> 3.0.0-rc.1) -a.major-prerelease: - extends: .release-template - variables: - BUMP_VERSION: "major prerelease" - MODE: "bump" - -# Creates next minor prerelease on master (e.g.: 2.0.0-rc.1 --> 2.1.0-rc.1) -b.minor-prerelease: - extends: .release-template - variables: - BUMP_VERSION: "minor prerelease" - MODE: "bump" - -# Creates release on release branch (e.g.: 2.0.0-rc.1 --> 2.0.0) -a.create-release: - extends: .release-template - variables: - BUMP_VERSION: "patch" - MODE: "next_version" - rules: - - if: $CI_COMMIT_REF_NAME =~ /^release/ - when: manual - - when: never - -# Creates next prerelease on release branch (e.g.: 2.0.0 --> 2.0.1-rc.1 or 2.0.0-rc.1 --> 2.0.1-rc.2) -b.create-prerelease: - extends: .release-template - variables: - BUMP_VERSION: "prerelease" - MODE: "next_version" - rules: - - if: $CI_COMMIT_REF_NAME =~ /^release/ - when: manual - - when: never - ----- - -.release.gitlab-ci.yml -[source, yaml] ----- -stages: - - set-version - - push-tag-and-version - - release - -include: - - project: 'gilden/ci/gitlab-ci-templates' - ref: 'master' - file: - - 'pipelines/update-version.gitlab-ci.yml' - - 'push-image.yml' - -# This is optional -push-docker-image: - extends: .publish-image-kaniko - stage: release - # You only need NEED if you use a artifact from your parent pipeline to build the image - needs: - - pipeline: $PARENT_PIPELINE_ID - job: Build - - job: increase-version - - job: push-tag-and-version - rules: - - when: always - before_script: - - "[ -f ./version ] && export LATEST_VERSION=$(cat ./version)" - - export PARSED_VERSION=$(echo $LATEST_VERSION | sed -r 's/\+/_/g') # Replace + sign since this is not valid in a docker tag - - export IMAGE_NAME=$CI_REGISTRY_IMAGE:$PARSED_VERSION ----- - -More information on this topic and a more detailed instructions can be found in our https://gitlab.exxcellent.de/gilden/ci/exxcellent-branching-template[exxcellent-branching-template]. - - diff --git a/documentation/chapters/pipelines/update-version.adoc b/documentation/chapters/pipelines/update-version.adoc deleted file mode 100644 index d67a4b9..0000000 --- a/documentation/chapters/pipelines/update-version.adoc +++ /dev/null @@ -1,225 +0,0 @@ -:sourcedir: ../../../pipelines - -ifndef::imagesdir[] -:imagesdir: ../../images -endif::[] - -[#_pipeline_release] -= Release Version Pipeline - - -This pipeline is a drop-in pipeline meant to make releases of your software as easy as possible. -The pipeline is split into a main and a child pipeline. - -The main pipeline provides infrastructure to create Gitlab-releases and the triggers for the child pipeline. - -The child pipeline is meant to create a new git tag with an increased Version. -You can easily extend the child pipeline to publish Artefacts. -Although this is possible we recommend using tagged pipelines. - -== Overview diagram - -[mermaid] -.... -graph TB -.gitlab-ci.yml-->release-template.gitlab-ci.yml -release-template.gitlab-ci.yml-- release-->release.gitlab-ci.yml -release.gitlab-ci.yml-->pipelines/update-version-pipeline.gitlab-ci.yml -release.gitlab-ci.yml-->container-publish.gitlab-ci.yml -.gitlab-ci.yml--test-->container-scan.gitlab-ci.yml - -subgraph project -.gitlab-ci.yml-->release.gitlab-ci.yml - -end - -subgraph Gitlab-CI-templates -release-template.gitlab-ci.yml - -pipelines/update-version-pipeline.gitlab-ci.yml-->push-tag-and-version-template.gitlab-ci.yml -pipelines/update-version-pipeline.gitlab-ci.yml-->set-version-template.gitlab-ci.yml -set-version-template.gitlab-ci.yml-->exxcellent-increase-version-tool/increase-version - -container-publish.gitlab-ci.yml-->.publish-image-kaniko - -container-scan.gitlab-ci.yml -end - -.... - -== Setup - -This pipeline should be included as a child-pipeline in your gitlab-ci pipeline. -You then can add an individual release job for each kind of version bump. - -NOTE: You only need the variable `PARENT_PIPELINE_ID` , if you use an https://docs.gitlab.com/ee/ci/yaml/README.html#artifact-downloads-to-child-pipelines[artifact of you parent-pipeline in your child pipeline] - -In your gitlab-ci.yml include the following - -.gitlab-ci.yml -[source, yaml] ----- -stages: - - release - -include: - - project: 'gilden/ci/gitlab-ci-templates' - ref: 'master' - file: - - 'templates/releasing/release.gitlab-ci.yml' - -a.major-release: - #Pressent in all Pipelines - extends: .release-common - variables: - BUMP_VERSION: "major" - -b.minor-release: - #Pressent only on Default Branch - extends: .release-default - variables: - BUMP_VERSION: "minor" - -c.patch-release: - #Pressent only on Release Branches - extends: .release-release-branch - variables: - BUMP_VERSION: "patch" - -d.prerelease-release: - #Pressent only on Release Branches - extends: .release-release-branch - variables: - BUMP_VERSION: "prerelease" - -e.build-release: - #Pressent only on Release Branches - extends: .release-release-branch - variables: - BUMP_VERSION: "build" - ----- - -Create a child-pipeline file called `release.gitlab-ci.yml` and include the following: - -.release.gitlab-ci.yml -[source, yaml] ----- -stages: - - set-version - - push-tag-and-version - - release - -include: - - project: 'gilden/ci/gitlab-ci-templates' - ref: 'master' - file: - - 'pipelines/eXXcellent-release-Child.gitlab-ci.yml' ----- - -You pipeline then looks like the following: - -.Release Pipeline -//todo update image for tag pipelines -image::Release-Docker-Image-Pipeline.png[] - -== Pipeline - -.update-version-pipeline -[source, yaml] ----- -include::{sourcedir}/update-version.gitlab-ci.yml[] ----- - -== Usage with release branches - -The `update version template` can be used to create a pipeline which supports releasing of artifacts from a release branch instead of the master branch. The https://gitlab.exxcellent.de/gilden/ci/exxcellent-increase-version-tool[exxcellent-versioning-tool] takes care of creating the next reasonable version numbers. - -If you want to realise this topic you can use the template the following way: - -.gitlab-ci.yml -[source, yaml] ----- -stages: - - release - -include: - - project: 'gilden/ci/gitlab-ci-templates' - ref: 'master' - file: - - 'release.gitlab-ci.yml' - -# Creates next major prerelease on master (e.g.: 2.0.0-rc.1 --> 3.0.0-rc.1) -a.major-prerelease: - extends: .release-template - variables: - BUMP_VERSION: "major prerelease" - MODE: "bump" - -# Creates next minor prerelease on master (e.g.: 2.0.0-rc.1 --> 2.1.0-rc.1) -b.minor-prerelease: - extends: .release-template - variables: - BUMP_VERSION: "minor prerelease" - MODE: "bump" - -# Creates release on release branch (e.g.: 2.0.0-rc.1 --> 2.0.0) -a.create-release: - extends: .release-template - variables: - BUMP_VERSION: "patch" - MODE: "next_version" - rules: - - if: $CI_COMMIT_REF_NAME =~ /^release/ - when: manual - - when: never - -# Creates next prerelease on release branch (e.g.: 2.0.0 --> 2.0.1-rc.1 or 2.0.0-rc.1 --> 2.0.1-rc.2) -b.create-prerelease: - extends: .release-template - variables: - BUMP_VERSION: "prerelease" - MODE: "next_version" - rules: - - if: $CI_COMMIT_REF_NAME =~ /^release/ - when: manual - - when: never - ----- - -.release.gitlab-ci.yml -[source, yaml] ----- -stages: - - set-version - - push-tag-and-version - - release - -include: - - project: 'gilden/ci/gitlab-ci-templates' - ref: 'master' - file: - - 'pipelines/eXXcellent-release-Child.gitlab-ci.yml' - - 'push-image.yml' - -# This is optional -push-docker-image: - extends: .publish-image-kaniko - stage: release - # You only need NEED if you use a artifact from your parent pipeline to build the image - needs: - - pipeline: $PARENT_PIPELINE_ID - job: Build - - job: increase-version - - job: push-tag-and-version - rules: - - when: always - before_script: - - "[ -f ./version ] && export LATEST_VERSION=$(cat ./version)" - - export PARSED_VERSION=$(echo $LATEST_VERSION | sed -r 's/\+/_/g') # Replace + sign since this is not valid in a docker tag - - export IMAGE_NAME=$CI_REGISTRY_IMAGE:$PARSED_VERSION ----- - -More information on this topic and a more detailed instructions can be found in our https://gitlab.exxcellent.de/gilden/ci/exxcellent-branching-template[exxcellent-branching-template]. - - diff --git a/documentation/chapters/templates/releasing/release-gitlab-template.adoc b/documentation/chapters/templates/releasing/release-gitlab-template.adoc index d1f77e6..0cceb41 100644 --- a/documentation/chapters/templates/releasing/release-gitlab-template.adoc +++ b/documentation/chapters/templates/releasing/release-gitlab-template.adoc @@ -1,5 +1,6 @@ :sourcedir: ../../../../templates/ +[#_release_gitlab_template] = Gitlab Release Template This Template makes it easier to create Gitlab Release from the CI diff --git a/documentation/chapters/templates/releasing/release-template.adoc b/documentation/chapters/templates/releasing/release-template.adoc index 6569d24..7d9df96 100644 --- a/documentation/chapters/templates/releasing/release-template.adoc +++ b/documentation/chapters/templates/releasing/release-template.adoc @@ -1,11 +1,10 @@ :sourcedir: ../../../../templates/ +[#_release_template] = Release Template This collection provides multiple templated to make publish releases of your Software as easy as possible. - - .Angebotene Templates: |=== |Name |Description diff --git a/documentation/document.adoc b/documentation/document.adoc index e1e257e..0a3acce 100644 --- a/documentation/document.adoc +++ b/documentation/document.adoc @@ -100,7 +100,7 @@ include::chapters/templates/documentation/tool-documentation-tool.adoc[leveloffs [#_pipelines] === Pipelines -include::chapters/pipelines/update-version-pipeline.adoc[leveloffset=3] +include::chapters/pipelines/eXXcellent-release.adoc[leveloffset=3] //todo docs for new pipelines //In particular docs for the keyword needs hinzufügen. needs container build step. artefacts true diff --git a/documentation/generalInformation.adoc b/documentation/generalInformation.adoc index 645c6fa..e9c3295 100644 --- a/documentation/generalInformation.adoc +++ b/documentation/generalInformation.adoc @@ -48,3 +48,5 @@ test-image: Um Pipelines zu benutzen, müssen diese nur mit `Include` importiert werden. Für weitere Informationen ließ bitte die Doku der Pipelines selbst. + + diff --git a/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml b/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml new file mode 100644 index 0000000..151a515 --- /dev/null +++ b/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml @@ -0,0 +1,34 @@ +stages: + - set-version + - push-tag + +include: + - local: 'templates/releasing/set-version.gitlab-ci.yml' + +variables: + BUMP_VERSION: "major" + +increase-version: + rules: + - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH + - if: $CI_COMMIT_REF_NAME == 'Templates2.0' + - if: $CI_COMMIT_REF_NAME ~= 'RELEASE' + variables: + TAG: "true" + before_script: + - setup-ssh + extends: .set-version + +push-tag-and-branch: + stage: push-tag + image: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-ssh-tool:1.4.0 + rules: + - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH + - if: $CI_COMMIT_REF_NAME == 'Templates2.0' + before_script: + - setup-ssh + - echo $VERSION + - pull + script: + - git checkout -b RELEASE-$VERSION + - git push origin RELEASE-$VERSION $VERSION \ No newline at end of file diff --git a/pipelines/eXXcellent-release.gitlab-ci.yml b/pipelines/release/eXXcellent-release-Main.gitlab-ci.yml similarity index 100% rename from pipelines/eXXcellent-release.gitlab-ci.yml rename to pipelines/release/eXXcellent-release-Main.gitlab-ci.yml diff --git a/pipelines/update-version.gitlab-ci.yml b/pipelines/update-version.gitlab-ci.yml deleted file mode 100644 index ca2d94a..0000000 --- a/pipelines/update-version.gitlab-ci.yml +++ /dev/null @@ -1,48 +0,0 @@ -stages: - - set-version - - push-tag - -include: - - local: 'templates/releasing/set-version.gitlab-ci.yml' - -variables: - BUMP_VERSION: "major" - -increase-version: - extends: .set-version - -push-tag-and-branch: - stage: push-tag - image: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-ssh-tool:1.4.0 - rules: - - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH - - if: $CI_COMMIT_REF_NAME == 'Templates2.0' - before_script: - - setup-ssh - - echo $VERSION - - pull - script: - - git checkout -b RELEASE-$VERSION - - git push origin RELEASE-$VERSION $VERSION - -#I would like to use this. -#I think this could be more stable in the long run -#But it is not working: https://github.com/jdalrymple/gitbeaker/issues/2398 -#push-tag-and-branch: -# stage: push-tag -# image: node:lts-buster-slim -# variables: -# GITLAB_HOST: $CI_SERVER_URL -# CI_DEBUG_TRACE: "true" -# rules: -# - if: $CI_COMMIT_REF_NAME == 'Templates2.0' -# script: -# - echo "Create version $VERSION" -# - npm -g install @gitbeaker/cli -# - > -# NODE_EXTRA_CA_CERTS=$CI_SERVER_TLS_CA_FILE gitbeaker branches create -# --project-id $CI_PROJECT_ID -# --branch-name RELEASE-$VERSION -# --ref $CI_COMMIT_SHA -# --gb-job-token="$CI_JOB_TOKEN" -# - NODE_EXTRA_CA_CERTS=$CI_SERVER_TLS_CA_FILE gitbeaker tag create --project-id $CI_PROJECT_ID --tag-name $VERSION --ref $CI_COMMIT_SHA \ No newline at end of file From 592932cd75f81b42485eb65030bf4f50bc67abd7 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Wed, 13 Apr 2022 11:49:06 +0000 Subject: [PATCH 008/166] chore(IdealPipe): Remove liqui from default gradle --- pipelines/java-gradle.gitlab-ci.yml | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/pipelines/java-gradle.gitlab-ci.yml b/pipelines/java-gradle.gitlab-ci.yml index 37409a6..e99b20a 100644 --- a/pipelines/java-gradle.gitlab-ci.yml +++ b/pipelines/java-gradle.gitlab-ci.yml @@ -1,7 +1,6 @@ include: - '/templates/java/gradle/gradle-build.gitlab-ci.yml' - '/templates/java/gradle/gradle-test.gitlab-ci.yml' - - '/templates/java/gradle/gradle-database-diff.gitlab-ci.yml' - '/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml' - '/templates/static-analysis/sonar.gitlab-ci.yml' @@ -14,13 +13,6 @@ Test-Java: - job: "Build-Java" artifacts: true -Database-Diff: - extends: - - .gradle-database-diff - needs: - - job: "Build-Java" - artifacts: true - Repo-CVE-Scan: allow_failure: true extends: .repo-cve-scan-trivy @@ -32,4 +24,4 @@ sonar: artifacts: true variables: SONAR_PROJECT_KEY: $CI_PROJECT_NAME - SONAR_PROJECT_NAME: $CI_PROJECT_NAME \ No newline at end of file + SONAR_PROJECT_NAME: $CI_PROJECT_NAME From adcc57f61a0bd2037f502879cd3e8fca43d3bf98 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 19 Apr 2022 16:32:20 +0200 Subject: [PATCH 009/166] feat(exx-Pipeline): fix wrong order of marks --- pipelines/release/eXXcellent-release-Child.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml b/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml index 151a515..7b7e743 100644 --- a/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml +++ b/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml @@ -12,7 +12,7 @@ increase-version: rules: - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH - if: $CI_COMMIT_REF_NAME == 'Templates2.0' - - if: $CI_COMMIT_REF_NAME ~= 'RELEASE' + - if: $CI_COMMIT_REF_NAME =~ 'RELEASE' variables: TAG: "true" before_script: From f70330a035eb31e9af896854502553563d455ae7 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 25 Apr 2022 07:50:29 +0000 Subject: [PATCH 010/166] chore(Container Publish): Add extra Arguments to copy --- templates/container/container-publish.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/container/container-publish.gitlab-ci.yml b/templates/container/container-publish.gitlab-ci.yml index 77ea02c..270bca7 100644 --- a/templates/container/container-publish.gitlab-ci.yml +++ b/templates/container/container-publish.gitlab-ci.yml @@ -23,4 +23,4 @@ - when: never script: - skopeo login --username $CONTAINER_REGISTRY_USER --password $CONTAINER_REGISTRY_PASSWORD $CONTAINER_REGISTRY --tls-verify=false - - skopeo copy "docker-archive:image.tar" "docker://${CONTAINER_REGISTRY}${EXTRA_PATH}:${IMAGE_TAG}" --dest-tls-verify=false \ No newline at end of file + - skopeo copy "docker-archive:image.tar" "docker://${CONTAINER_REGISTRY}${EXTRA_PATH}:${IMAGE_TAG}" $EXTRA_ARGS --dest-tls-verify=false From 4fede8a0fb976d405331d75948c42b97cc993c96 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 2 May 2022 12:41:21 +0000 Subject: [PATCH 011/166] Update eXXcellent-release-Child.gitlab-ci.yml --- pipelines/release/eXXcellent-release-Child.gitlab-ci.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml b/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml index 7b7e743..903179f 100644 --- a/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml +++ b/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml @@ -31,4 +31,5 @@ push-tag-and-branch: - pull script: - git checkout -b RELEASE-$VERSION - - git push origin RELEASE-$VERSION $VERSION \ No newline at end of file + - git tag $VERSION + - git push origin RELEASE-$VERSION $VERSION From 79f97374002d73cfc7199c045146807df65e3c41 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 3 May 2022 10:40:48 +0200 Subject: [PATCH 012/166] feat(IaC-Docker-Compose) update to new version of Docker Compose --- templates/IaC/docker-compose.gitlab-ci.yml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index 40df723..81fa8e7 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -1,5 +1,5 @@ .docker-compose-deploy: - image: docker/compose:alpine-1.29.1 + image: docker:20.10.14-alpine3.15 stage: deploy variables: SCP_DESTINATION: "" @@ -9,7 +9,7 @@ SSH_USER: "" DOCKER_REGISTRY: "$CI_REGISTRY" ENV_SETUP_FILE: "setup_env.sh" - SSH_PRIVATE_KEY_DEPLOY: $SSH_PRIVATE_KEY + SSH_PRIVATE_KEY_DEPLOY: $SSH_PRIVATE_KEY rules: - when: manual # https://docs.gitlab.com/ee/ci/ssh_keys/ @@ -23,12 +23,18 @@ # Add keys to known hosts for Docker Compose - ssh-keyscan $SSH_URL >> ~/.ssh/known_hosts - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi + #Install docker Compose, from release directly + - wget https://github.com/docker/compose/releases/download/v2.4.1/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose + - chmod +x /usr/local/bin/docker-compose script: - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi - DOCKER_HOST=ssh://$SSH_USER@$SSH_URL docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans .docker-compose-validate: - image: docker/compose:alpine-1.29.1 + image: docker:20.10.14-alpine3.15 stage: verify + before_script: + - curl -SL https://github.com/docker/compose/releases/download/v2.4.1/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose + - chmod +x /usr/local/bin/docker-compose script: - docker-compose $COMPOSE_EXTRA_ARGS config From 0ba54351509b62ab86273e46d4a707fafdc1bac3 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 3 May 2022 14:37:47 +0000 Subject: [PATCH 013/166] fix(IaC-Docker-compose): switch from curl to wget in validate --- templates/IaC/docker-compose.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index 81fa8e7..a41401b 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -34,7 +34,7 @@ image: docker:20.10.14-alpine3.15 stage: verify before_script: - - curl -SL https://github.com/docker/compose/releases/download/v2.4.1/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose + - wget https://github.com/docker/compose/releases/download/v2.4.1/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose - chmod +x /usr/local/bin/docker-compose script: - docker-compose $COMPOSE_EXTRA_ARGS config From 0e57f4cce1314345d50df7aa6c694276eda66f9e Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Thu, 5 May 2022 15:14:56 +0200 Subject: [PATCH 014/166] feat(exx-Pipeline): fix RELEASE Commmit Ref --- pipelines/release/eXXcellent-release-Child.gitlab-ci.yml | 2 +- templates/releasing/release.gitlab-ci.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml b/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml index 903179f..b336cb6 100644 --- a/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml +++ b/pipelines/release/eXXcellent-release-Child.gitlab-ci.yml @@ -12,7 +12,7 @@ increase-version: rules: - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH - if: $CI_COMMIT_REF_NAME == 'Templates2.0' - - if: $CI_COMMIT_REF_NAME =~ 'RELEASE' + - if: $CI_COMMIT_REF_NAME =~ /^RELEASE.*/ variables: TAG: "true" before_script: diff --git a/templates/releasing/release.gitlab-ci.yml b/templates/releasing/release.gitlab-ci.yml index f93d284..f76e4cc 100644 --- a/templates/releasing/release.gitlab-ci.yml +++ b/templates/releasing/release.gitlab-ci.yml @@ -25,7 +25,7 @@ .release-release-branch: extends: .release-common rules: - - if: $CI_COMMIT_REF_NAME =~ 'RELEASE' + - if: $CI_COMMIT_REF_NAME =~ /^RELEASE.*/ when: manual #Do not make releases available in TAG CIs - if: $CI_COMMIT_TAG From d515a0256d851984db767393380481508c11be58 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Fri, 6 May 2022 13:46:48 +0200 Subject: [PATCH 015/166] feat(exx-Pipeline): set gradle.version in Gradle Build and move minor version trigger to default branch --- .../release/eXXcellent-release-Main.gitlab-ci.yml | 2 +- templates/java/gradle/gradle-build.gitlab-ci.yml | 11 +++++++---- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/pipelines/release/eXXcellent-release-Main.gitlab-ci.yml b/pipelines/release/eXXcellent-release-Main.gitlab-ci.yml index 29627c3..6f78e37 100644 --- a/pipelines/release/eXXcellent-release-Main.gitlab-ci.yml +++ b/pipelines/release/eXXcellent-release-Main.gitlab-ci.yml @@ -8,7 +8,7 @@ a.major-release: BUMP_VERSION: "major" b.minor-release: - extends: .release-release-branch + extends: .release-default variables: BUMP_VERSION: "minor" diff --git a/templates/java/gradle/gradle-build.gitlab-ci.yml b/templates/java/gradle/gradle-build.gitlab-ci.yml index 617cbf5..b960eec 100644 --- a/templates/java/gradle/gradle-build.gitlab-ci.yml +++ b/templates/java/gradle/gradle-build.gitlab-ci.yml @@ -1,11 +1,14 @@ .gradle-build: stage: build image: $GRADLE_IMAGE + before_script: + # Replace version in Gradle file with $CI_COMMIT_TAG + - > + if [[ "$CI_COMMIT_TAG" != "" && "$PATH_TO_VERSION_FILE != ""]]; then + export GRADLE_VERSION=$(awk '/^version/{print $NF}' $PATH_TO_VERSION_FILE) + $(sed -i /^version/s/$GRADLE_VERSION/\'$CI_COMMIT_TAG\'/ $PATH_TO_VERSION_FILE) + fi script: - # todo increase version like maven set. OR Define Gradle skript to use ENV Ideen: - # wir überlassen den Projekten das wie sie die Version hoch zählen. - # wir definieren eine Variable die beim aufruf von gradle gesetzt werden kann um die Version zu bekommen. - # wir sagen das hier das plugin von palantir benutzt werden soll. - "./gradlew --build-cache assemble $GRADLE_CLI_OPTS" artifacts: expire_in: 2 weeks From 4988c42d014cbfb8155769079e808a7de03f3f35 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Fri, 6 May 2022 14:56:21 +0200 Subject: [PATCH 016/166] feat(exx-Pipeline): add main.Prerelease --- ...lent-release-Main-Prerelease.gitlab-ci.yml | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 pipelines/release/eXXcellent-release-Main-Prerelease.gitlab-ci.yml diff --git a/pipelines/release/eXXcellent-release-Main-Prerelease.gitlab-ci.yml b/pipelines/release/eXXcellent-release-Main-Prerelease.gitlab-ci.yml new file mode 100644 index 0000000..c8c7223 --- /dev/null +++ b/pipelines/release/eXXcellent-release-Main-Prerelease.gitlab-ci.yml @@ -0,0 +1,34 @@ +include: + - local: 'templates/releasing/release.gitlab-ci.yml' + - local: 'templates/releasing/release-gitlab.gitlab-ci.yml' + +# Creates next major prerelease on master (e.g.: 2.0.0-rc.1 --> 3.0.0-rc.1) +a.major-prerelease: + extends: .release-default + variables: + BUMP_VERSION: "major prerelease" + MODE: "bump" + +# Creates next minor prerelease on master (e.g.: 2.0.0-rc.1 --> 2.1.0-rc.1) +b.minor-prerelease: + extends: .release-default + variables: + BUMP_VERSION: "minor prerelease" + MODE: "bump" + +# Creates release on release branch (e.g.: 2.0.0-rc.1 --> 2.0.0) +c.patch-release: + extends: .release-release-branch + variables: + BUMP_VERSION: "patch" + MODE: "next_version" + +# Creates next prerelease on release branch (e.g.: 2.0.0 --> 2.0.1-rc.1 or 2.0.0-rc.1 --> 2.0.0-rc.2) +d.patch-prerelease: + extends: .release-release-branch + variables: + BUMP_VERSION: "prerelease" + MODE: "next_version" + +Create-Gitlab-Release: + extends: .release-create-gitlab \ No newline at end of file From 08e6519afce1fb9374241a722f8dfb5c84caa732 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Fri, 6 May 2022 14:59:22 +0200 Subject: [PATCH 017/166] feat(exx-Pipeline): add simplify --- pipelines/release/eXXcellent-release-Main.gitlab-ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pipelines/release/eXXcellent-release-Main.gitlab-ci.yml b/pipelines/release/eXXcellent-release-Main.gitlab-ci.yml index 6f78e37..5f1992c 100644 --- a/pipelines/release/eXXcellent-release-Main.gitlab-ci.yml +++ b/pipelines/release/eXXcellent-release-Main.gitlab-ci.yml @@ -21,11 +21,13 @@ d.prerelease-release: extends: .release-release-branch variables: BUMP_VERSION: "prerelease" + SIMPLIFY: "true" e.build-release: extends: .release-release-branch variables: BUMP_VERSION: "build" + SIMPLIFY: "true" Create-Gitlab-Release: extends: .release-create-gitlab \ No newline at end of file From 6cccbbacb40a56b2c65abb33f8a2e8d4726407ff Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Fri, 6 May 2022 15:19:09 +0200 Subject: [PATCH 018/166] feat(exx-Pipeline): add missing mark --- templates/java/gradle/gradle-build.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/java/gradle/gradle-build.gitlab-ci.yml b/templates/java/gradle/gradle-build.gitlab-ci.yml index b960eec..729c8c6 100644 --- a/templates/java/gradle/gradle-build.gitlab-ci.yml +++ b/templates/java/gradle/gradle-build.gitlab-ci.yml @@ -4,7 +4,7 @@ before_script: # Replace version in Gradle file with $CI_COMMIT_TAG - > - if [[ "$CI_COMMIT_TAG" != "" && "$PATH_TO_VERSION_FILE != ""]]; then + if [[ "$CI_COMMIT_TAG" != "" && "$PATH_TO_VERSION_FILE" != ""]]; then export GRADLE_VERSION=$(awk '/^version/{print $NF}' $PATH_TO_VERSION_FILE) $(sed -i /^version/s/$GRADLE_VERSION/\'$CI_COMMIT_TAG\'/ $PATH_TO_VERSION_FILE) fi From 5f09f8d85350e0108c76253ef111c5dda1d6e48e Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Fri, 6 May 2022 15:24:18 +0200 Subject: [PATCH 019/166] feat(exx-Pipeline): exclude MRs rule --- templates/releasing/release.gitlab-ci.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/templates/releasing/release.gitlab-ci.yml b/templates/releasing/release.gitlab-ci.yml index f76e4cc..28be70d 100644 --- a/templates/releasing/release.gitlab-ci.yml +++ b/templates/releasing/release.gitlab-ci.yml @@ -13,6 +13,8 @@ # This is so depending triggers can run successfully. - if: '$CI_PIPELINE_SOURCE == "pipeline"' when: never + - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' + when: never - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH when: manual - if: $CI_COMMIT_REF_NAME == 'Templates2.0' @@ -25,6 +27,8 @@ .release-release-branch: extends: .release-common rules: + - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' + when: never - if: $CI_COMMIT_REF_NAME =~ /^RELEASE.*/ when: manual #Do not make releases available in TAG CIs From e8138846c52d2cd9e70d3a106ec593cf8da5547d Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Fri, 6 May 2022 16:14:25 +0200 Subject: [PATCH 020/166] feat(exx-Pipeline): fix syntax error --- templates/java/gradle/gradle-build.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/java/gradle/gradle-build.gitlab-ci.yml b/templates/java/gradle/gradle-build.gitlab-ci.yml index 729c8c6..a26a0ae 100644 --- a/templates/java/gradle/gradle-build.gitlab-ci.yml +++ b/templates/java/gradle/gradle-build.gitlab-ci.yml @@ -4,7 +4,7 @@ before_script: # Replace version in Gradle file with $CI_COMMIT_TAG - > - if [[ "$CI_COMMIT_TAG" != "" && "$PATH_TO_VERSION_FILE" != ""]]; then + if ["$CI_COMMIT_TAG" != ""] && ["$PATH_TO_VERSION_FILE" != ""]; then export GRADLE_VERSION=$(awk '/^version/{print $NF}' $PATH_TO_VERSION_FILE) $(sed -i /^version/s/$GRADLE_VERSION/\'$CI_COMMIT_TAG\'/ $PATH_TO_VERSION_FILE) fi From 6e19b649fa788adc6bcc0bc965e12362efbc7ec7 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Fri, 6 May 2022 16:23:30 +0200 Subject: [PATCH 021/166] feat(exx-Pipeline): test multi line --- templates/java/gradle/gradle-build.gitlab-ci.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/templates/java/gradle/gradle-build.gitlab-ci.yml b/templates/java/gradle/gradle-build.gitlab-ci.yml index a26a0ae..edbb657 100644 --- a/templates/java/gradle/gradle-build.gitlab-ci.yml +++ b/templates/java/gradle/gradle-build.gitlab-ci.yml @@ -6,7 +6,6 @@ - > if ["$CI_COMMIT_TAG" != ""] && ["$PATH_TO_VERSION_FILE" != ""]; then export GRADLE_VERSION=$(awk '/^version/{print $NF}' $PATH_TO_VERSION_FILE) - $(sed -i /^version/s/$GRADLE_VERSION/\'$CI_COMMIT_TAG\'/ $PATH_TO_VERSION_FILE) fi script: - "./gradlew --build-cache assemble $GRADLE_CLI_OPTS" From 87d6480f53009d971e408fb580cbd12c993c34eb Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Fri, 6 May 2022 16:36:39 +0200 Subject: [PATCH 022/166] feat(exx-Pipeline): test multi line --- templates/java/gradle/gradle-build.gitlab-ci.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/templates/java/gradle/gradle-build.gitlab-ci.yml b/templates/java/gradle/gradle-build.gitlab-ci.yml index edbb657..58dd5d6 100644 --- a/templates/java/gradle/gradle-build.gitlab-ci.yml +++ b/templates/java/gradle/gradle-build.gitlab-ci.yml @@ -5,7 +5,11 @@ # Replace version in Gradle file with $CI_COMMIT_TAG - > if ["$CI_COMMIT_TAG" != ""] && ["$PATH_TO_VERSION_FILE" != ""]; then + echo "HELLO" + echo "$CI_COMMIT_TAG" + echo "$PATH_TO_VERSION_FILE" export GRADLE_VERSION=$(awk '/^version/{print $NF}' $PATH_TO_VERSION_FILE) + $(sed -i /^version/s/$GRADLE_VERSION/\'$CI_COMMIT_TAG\'/ $PATH_TO_VERSION_FILE) fi script: - "./gradlew --build-cache assemble $GRADLE_CLI_OPTS" From a698eecf858ef2dd913c1152024cb1b5a4c3a125 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Fri, 6 May 2022 16:42:36 +0200 Subject: [PATCH 023/166] feat(exx-Pipeline): test multi line --- templates/java/gradle/gradle-build.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/java/gradle/gradle-build.gitlab-ci.yml b/templates/java/gradle/gradle-build.gitlab-ci.yml index 58dd5d6..c4cb336 100644 --- a/templates/java/gradle/gradle-build.gitlab-ci.yml +++ b/templates/java/gradle/gradle-build.gitlab-ci.yml @@ -4,7 +4,7 @@ before_script: # Replace version in Gradle file with $CI_COMMIT_TAG - > - if ["$CI_COMMIT_TAG" != ""] && ["$PATH_TO_VERSION_FILE" != ""]; then + if [ ! -z "$CI_COMMIT_TAG" ] && [ ! -z "$PATH_TO_VERSION_FILE" ]; then echo "HELLO" echo "$CI_COMMIT_TAG" echo "$PATH_TO_VERSION_FILE" From a8a15e56d35d8cce2c35332bbd2a9a342ad3408f Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Fri, 6 May 2022 16:48:57 +0200 Subject: [PATCH 024/166] feat(exx-Pipeline): test multi line --- templates/java/maven/maven-build.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/java/maven/maven-build.gitlab-ci.yml b/templates/java/maven/maven-build.gitlab-ci.yml index 8887e24..9cc43a2 100644 --- a/templates/java/maven/maven-build.gitlab-ci.yml +++ b/templates/java/maven/maven-build.gitlab-ci.yml @@ -3,7 +3,7 @@ image: $MAVEN_IMAGE before_script: - > - if [ "$CI_COMMIT_TAG" != "" ]; then + if [ ! -z "$CI_COMMIT_TAG" ]; then mvn $MVN_EXTRA_ARGS $MAVEN_CLI_OPTS versions:set -DnewVersion=$CI_COMMIT_TAG -DgenerateBackupPoms=false fi script: From 5c2bb72630204afaccd53b89fdbd2ca304b96baf Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Fri, 6 May 2022 16:50:01 +0200 Subject: [PATCH 025/166] feat(exx-Pipeline): remove comments --- templates/java/gradle/gradle-build.gitlab-ci.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/templates/java/gradle/gradle-build.gitlab-ci.yml b/templates/java/gradle/gradle-build.gitlab-ci.yml index c4cb336..d9fab40 100644 --- a/templates/java/gradle/gradle-build.gitlab-ci.yml +++ b/templates/java/gradle/gradle-build.gitlab-ci.yml @@ -5,9 +5,6 @@ # Replace version in Gradle file with $CI_COMMIT_TAG - > if [ ! -z "$CI_COMMIT_TAG" ] && [ ! -z "$PATH_TO_VERSION_FILE" ]; then - echo "HELLO" - echo "$CI_COMMIT_TAG" - echo "$PATH_TO_VERSION_FILE" export GRADLE_VERSION=$(awk '/^version/{print $NF}' $PATH_TO_VERSION_FILE) $(sed -i /^version/s/$GRADLE_VERSION/\'$CI_COMMIT_TAG\'/ $PATH_TO_VERSION_FILE) fi From 8df7067f176d5d04ad53cacbce0c8a085d318d57 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 10 May 2022 11:16:18 +0200 Subject: [PATCH 026/166] feat(exx-Pipeline): add gradle licencing --- pipelines/licence/license-gradle.gitlab-ci.yml | 11 +++++++++++ .../license-maven.gitlab-ci.yml} | 0 .../java/gradle/gradle-licence.gitlab-ci.yml | 12 ++++++++++++ templates/license/license.gitlab-ci.yml | 15 +++++++++++++++ 4 files changed, 38 insertions(+) create mode 100644 pipelines/licence/license-gradle.gitlab-ci.yml rename pipelines/{license.gitlab-ci.yml => licence/license-maven.gitlab-ci.yml} (100%) create mode 100644 templates/java/gradle/gradle-licence.gitlab-ci.yml create mode 100644 templates/license/license.gitlab-ci.yml diff --git a/pipelines/licence/license-gradle.gitlab-ci.yml b/pipelines/licence/license-gradle.gitlab-ci.yml new file mode 100644 index 0000000..e0e4411 --- /dev/null +++ b/pipelines/licence/license-gradle.gitlab-ci.yml @@ -0,0 +1,11 @@ +include: + - '/templates/java/gradle/gradle-licence.gitlab-ci.yml' + - '/templates/licence/licence.gitlab-ci.yml' + +License-Bom: + extends: .gradle-licence + +License-Adoc: + extends: .license-asciidoc + variables: + BOM_FILE: build/reports/bom.json diff --git a/pipelines/license.gitlab-ci.yml b/pipelines/licence/license-maven.gitlab-ci.yml similarity index 100% rename from pipelines/license.gitlab-ci.yml rename to pipelines/licence/license-maven.gitlab-ci.yml diff --git a/templates/java/gradle/gradle-licence.gitlab-ci.yml b/templates/java/gradle/gradle-licence.gitlab-ci.yml new file mode 100644 index 0000000..11cde80 --- /dev/null +++ b/templates/java/gradle/gradle-licence.gitlab-ci.yml @@ -0,0 +1,12 @@ +.gradle-licence: + image: $GRADLE_IMAGE + stage: post-process + before_script: + - "cd $BACKEND_DIR" + script: + - "./gradlew --build-cache cyclonedxBom $GRADLE_CLI_OPTS" + artifacts: + expire_in: 2 weeks + reports: + junit: + - "$BACKEND_DIR/build/reports/bom.json" diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml new file mode 100644 index 0000000..4441621 --- /dev/null +++ b/templates/license/license.gitlab-ci.yml @@ -0,0 +1,15 @@ +.license-asciidoc: + image: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-license-tools + stage: post-process + variables: + BOM_FILE: bom.json + LICENSE_FILE: licenses.adoc + before_script: + - "cd $BACKEND_DIR" + script: + - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_ADOC_FILE + artifacts: + when: always + expire_in: 2 weeks + paths: + - $LICENSE_ADOC_FILE \ No newline at end of file From c208448907700787a50b6ec03672a53897f22a1a Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 9 May 2022 13:53:34 +0200 Subject: [PATCH 027/166] feat(IaC-Docker-Compose) update to new version of Docker Compose --- templates/IaC/docker-compose.gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index a41401b..ee6d369 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -24,7 +24,7 @@ - ssh-keyscan $SSH_URL >> ~/.ssh/known_hosts - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi #Install docker Compose, from release directly - - wget https://github.com/docker/compose/releases/download/v2.4.1/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose + - wget https://github.com/docker/compose/releases/download/v2.5.0/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose - chmod +x /usr/local/bin/docker-compose script: - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi @@ -34,7 +34,7 @@ image: docker:20.10.14-alpine3.15 stage: verify before_script: - - wget https://github.com/docker/compose/releases/download/v2.4.1/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose + - curl -SL https://github.com/docker/compose/releases/download/v2.5.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose - chmod +x /usr/local/bin/docker-compose script: - docker-compose $COMPOSE_EXTRA_ARGS config From e70980a2fb0151016d9ee6cf5abd44f678b91ad1 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 10 May 2022 10:00:54 +0200 Subject: [PATCH 028/166] feat(IaC-Docker-Compose) Add workaround for broken-ssh-connections --- .../chapters/templates/IaC/docker-compose.adoc | 6 +++++- templates/IaC/docker-compose.gitlab-ci.yml | 11 ++++++++++- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/documentation/chapters/templates/IaC/docker-compose.adoc b/documentation/chapters/templates/IaC/docker-compose.adoc index a809387..d46ac2f 100644 --- a/documentation/chapters/templates/IaC/docker-compose.adoc +++ b/documentation/chapters/templates/IaC/docker-compose.adoc @@ -40,12 +40,16 @@ echo SOME_PASSWORD="$SOME_PASSWORD" >>.env |Name |Description | Default Value | SSH_PRIVATE_KEY_DEPLOY | Private key to access remote system. -| $SSH_PRIVATE_KEY (In den CI-CD variablen) +| $SSH_PRIVATE_KEY (In den CI-CD variablen) | SSH_URL | URL of the remote server. | - +| SSH_PORT +| SSH port of the remote server. +| 22 + | SSH_USER | The user that is used to login into the remote maschine. | - diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index ee6d369..72b63aa 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -7,6 +7,7 @@ COMPOSE_EXTRA_ARGS: "" SSH_URL: "" SSH_USER: "" + SSH_PORT: "22" DOCKER_REGISTRY: "$CI_REGISTRY" ENV_SETUP_FILE: "setup_env.sh" SSH_PRIVATE_KEY_DEPLOY: $SSH_PRIVATE_KEY @@ -28,7 +29,15 @@ - chmod +x /usr/local/bin/docker-compose script: - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi - - DOCKER_HOST=ssh://$SSH_USER@$SSH_URL docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans + - DOCKER_HOST=ssh://$SSH_USER@$SSH_URL:$SSH_PORT docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans + +.broken-ssh-connection-workaround: &broken-ssh-connection-workaround + - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi + # Tunnel Docker socket from remote Maschine to local Maschine. This should be more stable than the current SSH Implementation of Docker + - rm -f /tmp/docker.sock + - ssh -M -S docker-ctrl-socket -fnNT -L /tmp/docker.sock:/var/run/docker.sock "$SSH_USER@$SSH_URL" -p $SSH_PORT -o ControlPersist=no + - DOCKER_HOST=unix:///tmp/docker.sock docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans + .docker-compose-validate: image: docker:20.10.14-alpine3.15 From 757dbde1994a097cd6c58f3f9a400ae0780e3c02 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 10 May 2022 10:24:18 +0200 Subject: [PATCH 029/166] feat(IaC-Docker-Compose) change workaround because anchors are not usable from include --- .../chapters/templates/IaC/docker-compose.adoc | 10 ++++++++++ templates/IaC/docker-compose.gitlab-ci.yml | 13 +++++++------ 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/documentation/chapters/templates/IaC/docker-compose.adoc b/documentation/chapters/templates/IaC/docker-compose.adoc index d46ac2f..383a37b 100644 --- a/documentation/chapters/templates/IaC/docker-compose.adoc +++ b/documentation/chapters/templates/IaC/docker-compose.adoc @@ -34,6 +34,16 @@ echo COMPOSE_PROJECT_NAME=project-prefix >>.env echo SOME_PASSWORD="$SOME_PASSWORD" >>.env ---- +== SSH Problem workaround + +Sometimes there is a problem with some SSH servers and Docker. +We have a workaround for this, please override your script with the following: + +---- + script: + - !reference [.broken-ssh-connection-workaround, script] +---- + .Variables |=== diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index 72b63aa..9b8e9b9 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -31,12 +31,13 @@ - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi - DOCKER_HOST=ssh://$SSH_USER@$SSH_URL:$SSH_PORT docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans -.broken-ssh-connection-workaround: &broken-ssh-connection-workaround - - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi - # Tunnel Docker socket from remote Maschine to local Maschine. This should be more stable than the current SSH Implementation of Docker - - rm -f /tmp/docker.sock - - ssh -M -S docker-ctrl-socket -fnNT -L /tmp/docker.sock:/var/run/docker.sock "$SSH_USER@$SSH_URL" -p $SSH_PORT -o ControlPersist=no - - DOCKER_HOST=unix:///tmp/docker.sock docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans +.broken-ssh-connection-workaround: + script: + - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi + # Tunnel Docker socket from remote Maschine to local Maschine. This should be more stable than the current SSH Implementation of Docker + - rm -f /tmp/docker.sock + - ssh -M -S docker-ctrl-socket -fnNT -L /tmp/docker.sock:/var/run/docker.sock "$SSH_USER@$SSH_URL" -p $SSH_PORT -o ControlPersist=no + - DOCKER_HOST=unix:///tmp/docker.sock docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans .docker-compose-validate: From b734da2cc9366f1261d1d47fb5fdf630e09fed8d Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 10 May 2022 11:10:33 +0200 Subject: [PATCH 030/166] feat(IaC-Docker-Compose) Fix Docker Compose install --- templates/IaC/docker-compose.gitlab-ci.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index 9b8e9b9..426d205 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -39,12 +39,13 @@ - ssh -M -S docker-ctrl-socket -fnNT -L /tmp/docker.sock:/var/run/docker.sock "$SSH_USER@$SSH_URL" -p $SSH_PORT -o ControlPersist=no - DOCKER_HOST=unix:///tmp/docker.sock docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans - +#todo add docker compose renovate updater .docker-compose-validate: image: docker:20.10.14-alpine3.15 stage: verify before_script: - - curl -SL https://github.com/docker/compose/releases/download/v2.5.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose + #Install docker Compose, from release directly + - wget https://github.com/docker/compose/releases/download/v2.5.0/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose - chmod +x /usr/local/bin/docker-compose script: - docker-compose $COMPOSE_EXTRA_ARGS config From 9d963bc5c48dee68ddc5119b6acce31fd90a441d Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 10 May 2022 11:24:19 +0200 Subject: [PATCH 031/166] feat(exx-Pipeline): add gradle licencing --- pipelines/licence/license-gradle.gitlab-ci.yml | 4 ++-- ...dle-licence.gitlab-ci.yml => gradle-license.gitlab-ci.yml} | 0 2 files changed, 2 insertions(+), 2 deletions(-) rename templates/java/gradle/{gradle-licence.gitlab-ci.yml => gradle-license.gitlab-ci.yml} (100%) diff --git a/pipelines/licence/license-gradle.gitlab-ci.yml b/pipelines/licence/license-gradle.gitlab-ci.yml index e0e4411..9322596 100644 --- a/pipelines/licence/license-gradle.gitlab-ci.yml +++ b/pipelines/licence/license-gradle.gitlab-ci.yml @@ -1,6 +1,6 @@ include: - - '/templates/java/gradle/gradle-licence.gitlab-ci.yml' - - '/templates/licence/licence.gitlab-ci.yml' + - '/templates/java/gradle/gradle-license.gitlab-ci.yml' + - '/templates/license/license.gitlab-ci.yml' License-Bom: extends: .gradle-licence diff --git a/templates/java/gradle/gradle-licence.gitlab-ci.yml b/templates/java/gradle/gradle-license.gitlab-ci.yml similarity index 100% rename from templates/java/gradle/gradle-licence.gitlab-ci.yml rename to templates/java/gradle/gradle-license.gitlab-ci.yml From b433643c85d97f5ed7e9feaa31be764837fbc10a Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 10 May 2022 15:00:26 +0200 Subject: [PATCH 032/166] feat(exx-Pipeline): add needs for lice --- templates/java/gradle/gradle-license.gitlab-ci.yml | 4 ++-- templates/license/license.gitlab-ci.yml | 6 ++++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/templates/java/gradle/gradle-license.gitlab-ci.yml b/templates/java/gradle/gradle-license.gitlab-ci.yml index 11cde80..3e339a1 100644 --- a/templates/java/gradle/gradle-license.gitlab-ci.yml +++ b/templates/java/gradle/gradle-license.gitlab-ci.yml @@ -1,10 +1,10 @@ .gradle-licence: image: $GRADLE_IMAGE stage: post-process - before_script: - - "cd $BACKEND_DIR" script: + - "cd $BACKEND_DIR" - "./gradlew --build-cache cyclonedxBom $GRADLE_CLI_OPTS" + needs: [] artifacts: expire_in: 2 weeks reports: diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index 4441621..112f0d7 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -4,10 +4,12 @@ variables: BOM_FILE: bom.json LICENSE_FILE: licenses.adoc - before_script: - - "cd $BACKEND_DIR" script: + - "cd $BACKEND_DIR" - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_ADOC_FILE + needs: + - job: "License-Bom" + artifacts: true artifacts: when: always expire_in: 2 weeks From f054069ff1bf033967ae0300b1c7ef0fe58381ed Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 10 May 2022 15:09:13 +0200 Subject: [PATCH 033/166] feat(exx-Pipeline): add needs for lice 2 --- templates/license/license.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index 112f0d7..a418654 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -6,7 +6,7 @@ LICENSE_FILE: licenses.adoc script: - "cd $BACKEND_DIR" - - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_ADOC_FILE + - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_FILE needs: - job: "License-Bom" artifacts: true From f7649b4835d7d178c11ac2640fa1026a26937c52 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 10 May 2022 15:32:40 +0200 Subject: [PATCH 034/166] feat(exx-Pipeline): add needs for lice 3 --- templates/license/license.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index a418654..edfa90d 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -6,7 +6,7 @@ LICENSE_FILE: licenses.adoc script: - "cd $BACKEND_DIR" - - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_FILE + - licenseBom2Adoc --bom $BACKEND_DIR/$BOM_FILE --adoc $LICENSE_FILE needs: - job: "License-Bom" artifacts: true From 1312460eb95b241a8ce09801fa49987cfe1b0876 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Wed, 11 May 2022 06:57:13 +0000 Subject: [PATCH 035/166] Update container-scan.gitlab-ci.yml --- templates/container/container-scan.gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/container/container-scan.gitlab-ci.yml b/templates/container/container-scan.gitlab-ci.yml index d4958e1..74e1ac1 100644 --- a/templates/container/container-scan.gitlab-ci.yml +++ b/templates/container/container-scan.gitlab-ci.yml @@ -1,6 +1,6 @@ .container-scan-trivy: image: - name: docker.io/aquasec/trivy:0.25.0 + name: docker.io/aquasec/trivy:0.27.1 entrypoint: [ "" ] stage: verify variables: @@ -16,4 +16,4 @@ script: # Builds report and puts it in the default workdir $CI_PROJECT_DIR, so artifacts: can take it from there - trivy --cache-dir .trivycache/ image --timeout 15m $TRIVY_EXTRA_ARGS --exit-code 0 --format template --template "/contrib/junit.tpl" -o junit-report.xml - - trivy --cache-dir .trivycache/ image --timeout 15m $TRIVY_EXTRA_ARGS --exit-code $EXITCODE \ No newline at end of file + - trivy --cache-dir .trivycache/ image --timeout 15m $TRIVY_EXTRA_ARGS --exit-code $EXITCODE From bf99a5374cb433d824d2917f89ab90945dbaaaaf Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Wed, 11 May 2022 06:57:57 +0000 Subject: [PATCH 036/166] chore(Static code analysis) Update repo-cve-scan-trivy.gitlab-ci.yml to trivy version 0.27.1 --- templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml b/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml index f284466..7346f6c 100644 --- a/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml +++ b/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml @@ -1,6 +1,6 @@ .repo-cve-scan-trivy: image: - name: docker.io/aquasec/trivy:0.25.0 + name: docker.io/aquasec/trivy:0.27.1 entrypoint: [ "" ] stage: verify needs: [] From 8829767c77745e90a75cf8b2bf54bc6e3b460907 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 13 May 2022 12:19:24 +0200 Subject: [PATCH 037/166] feat(IaC-Docker-Compose): Update execution Image. Add Docker Compose Version to Renovate config --- renovate.json | 11 +++++++++++ templates/IaC/docker-compose.gitlab-ci.yml | 9 +++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/renovate.json b/renovate.json index 7154bb7..6a91c13 100644 --- a/renovate.json +++ b/renovate.json @@ -27,6 +27,17 @@ "depNameTemplate": "aquasecurity/trivy", "datasourceTemplate": "github-releases", "extractVersionTemplate": "^v(?.*)$" + }, + { + "fileMatch": [ + "docker-compose.gitlab-ci.yml$" + ], + "matchStrings": [ + "DOCKER_COMPOSE_VERSION: (?.*)\\s" + ], + "depNameTemplate": "docker/compose", + "datasourceTemplate": "github-releases", + "extractVersionTemplate": "^v(?.*)$" } ] } diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index 426d205..32ca29a 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -1,7 +1,8 @@ .docker-compose-deploy: - image: docker:20.10.14-alpine3.15 + image: docker:20.10.16-alpine3.15 stage: deploy variables: + DOCKER_COMPOSE_VERSION: v2.5.0 SCP_DESTINATION: "" SCP_SOURCE: $CI_PROJECT_DIR COMPOSE_EXTRA_ARGS: "" @@ -25,7 +26,7 @@ - ssh-keyscan $SSH_URL >> ~/.ssh/known_hosts - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi #Install docker Compose, from release directly - - wget https://github.com/docker/compose/releases/download/v2.5.0/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose + - wget https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose - chmod +x /usr/local/bin/docker-compose script: - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi @@ -41,11 +42,11 @@ #todo add docker compose renovate updater .docker-compose-validate: - image: docker:20.10.14-alpine3.15 + image: docker:20.10.16-alpine3.15 stage: verify before_script: #Install docker Compose, from release directly - - wget https://github.com/docker/compose/releases/download/v2.5.0/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose + - wget https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose - chmod +x /usr/local/bin/docker-compose script: - docker-compose $COMPOSE_EXTRA_ARGS config From 75799e32fc5e2948fc180fadd7dcf55d3b7d1d66 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 13 May 2022 14:41:02 +0200 Subject: [PATCH 038/166] Docs(*): Translate everything to english Correction of some paths --- .../templates/common/common-ci-variablen.adoc | 22 ++++--- .../templates/container/container-build.adoc | 29 ++++++--- .../container/container-publish.adoc | 2 +- .../templates/container/container-scan.adoc | 28 ++++----- .../tool-documentation-tool.adoc | 28 +++++++++ .../java/gradle/gradle-test-template.adoc | 2 +- .../java/maven/maven-build-template.adoc | 2 +- .../java/maven/maven-verify-template.adoc | 2 +- .../templates/npm/npm-build-template.adoc | 7 ++- .../npm/npm-dependencies-template.adoc | 9 ++- .../templates/npm/npm-lint-template.adoc | 7 ++- .../templates/npm/npm-test-template.adoc | 7 ++- .../releasing/set-version-template.adoc | 2 +- .../static-analysis/repo-cve-scan.adoc | 24 +++++--- .../templates/static-analysis/tool-sonar.adoc | 14 ++--- documentation/contribution.adoc | 30 ++++++--- documentation/document.adoc | 29 ++++++--- documentation/generalInformation.adoc | 61 ++++++++++++------- pipelines/java-maven.gitlab-ci.yml | 2 +- .../container/container-build.gitlab-ci.yml | 4 +- .../java/maven/maven-build.gitlab-ci.yml | 3 +- .../maven/maven-database-diff.gitlab-ci.yml | 1 + .../maven/maven-dependencies.gitlab-ci.yml | 1 + .../java/maven/maven-verify.gitlab-ci.yml | 5 +- templates/npm/npm-build.gitlab-ci.yml | 3 + templates/npm/npm-dependencies.gitlab-ci.yml | 5 ++ templates/npm/npm-lint.gitlab-ci.yml | 6 +- templates/npm/npm-test.gitlab-ci.yml | 4 +- .../repo-cve-scan-trivy.gitlab-ci.yml | 7 ++- 29 files changed, 234 insertions(+), 112 deletions(-) diff --git a/documentation/chapters/templates/common/common-ci-variablen.adoc b/documentation/chapters/templates/common/common-ci-variablen.adoc index 8973738..4ffeb92 100644 --- a/documentation/chapters/templates/common/common-ci-variablen.adoc +++ b/documentation/chapters/templates/common/common-ci-variablen.adoc @@ -5,19 +5,21 @@ [[Generel-Variablen]] == Generelle Variablen -Wir stellen von uns empfohlene CI-Variablen in `{gitlab-ci-file}` zur verfügung. -Diese werden von uns gepflegt und bekommen von verschiedenen Projekten Feedback. -Es ist möglich das File direkt einzubinden. -Bitte folgende Variablen in `.gitlab-ci.yaml` setzen +Getting the correct and best variables and configurations can be very hard. +Within the `{gitlab-ci-file}` file we provide common CI-Variablen. +These variables collect best practices from different projekts and the official Gitlab-CI documentation. +It is possible to include this file directly within your project. +Some of our Templates and Pipelines rely on the following variables. |=== |Name |Description -|MAVE_IMAGE| Das Image das benutzt werden soll für Jobs die Maven benötigen. -|NODE_IMAGE| Das Image das benutzt werden soll für Jobs die NPM benötigen -|MAVEN_OPTS| Generelle optionen um Maven zu verändern -|MAVEN_CLI_OPTS| Optionen um Maven beim Bauen zu verbessern. -|FRONTEND_DIR| Wenn das Projekt ein Frontend besitzt, muss der Pfad definiert werden, damit die NPM Templates, das die Files finden kann. -|BACKEND_DIR| Wenn das Projekt ein Backend besitzt, muss der Pfad definiert werden. So kann gradle/maven an der richtigen Stelle ausgeführt werden. +|MAVE_IMAGE| The container image that will be used in jobs using Maven. We provide a https://www.exxcellent.de/confluence/pages/viewpage.action?pageId=119212963[Maven Base] Image with the eXXcellent Certificate. +|NODE_IMAGE| The container image that will be used in jobs using NPM. +|MAVEN_OPTS| Generell options to change the Maven configurations. +|MAVEN_CLI_OPTS| Options to change the Maven configurations on build time. +|GRADLE_OPTS| Generell options to change the Gradle configurations. +|FRONTEND_DIR| Directory where the frontend code can be found. This is useful when the repository contains frontend and backend Code. +|BACKEND_DIR| Directory where the backend code can be found. This is useful when the repository contains frontend and backend Code. |=== ---- diff --git a/documentation/chapters/templates/container/container-build.adoc b/documentation/chapters/templates/container/container-build.adoc index 43ff119..d279c69 100644 --- a/documentation/chapters/templates/container/container-build.adoc +++ b/documentation/chapters/templates/container/container-build.adoc @@ -10,21 +10,34 @@ | .container-build-kaniko | Baut Container mit dem Kaniko |=== -Erlaubt es das einfache bauen von Container Images. -Die Images werden als Tar in den CI-Artifacten abgelegt damit es einfach an weitere Pipeline-Schritte übergeben werden kann. -Für das Veröffentlichen des Images ist das Template ContainerPublish[Container Publish] zuständig. +Allows the simple building of Container Images. +We use Kaniko because it is faster than Docker builds and has less security problems. +The generated image will be passed as a Tar-Artefact between stages. +This allows us to make forder manipulations and scan jobs on one container Image. + +The template <<_container_publish>> allows you to publish the build image to a registry .Variables |=== |Name |Description | Default Value -|CONTEXT_LOCATION | Der Context des Dockerfiles. Im Fall von Jib ist dies der Path wo Maven/Gradle ausgeführt wird. | $CI_PROJECT_DIR -| EXTRA_ARGS | Weitere Argumente die an das Tool geschickt werden soll | "" +|CONTEXT_LOCATION +| Defines the context of the container build. In case of jib this Path should point to the location of your Gradle/Maven projects. +| $CI_PROJECT_DIR -| Nur bei Kaniko |- |- -| DOCKERFILE_LOCATION | Pfad zum Dockerfile | $CI_PROJECT_DIR/Dockerfile +| EXTRA_ARGS +| Additional argument that will be passed to the used tool. +| "" -| REGISTRY_MIRROR | Welcher Mirror benutzt werden soll | Nexus von exxcellent +| Only with Kaniko |- |- + +| DOCKERFILE_LOCATION +| Path to the Dockerfile +| $CI_PROJECT_DIR/Dockerfile + +| REGISTRY_MIRROR +| Define the container Mirror that should be used +| exxcellent Nexus |=== .Container Build Templates diff --git a/documentation/chapters/templates/container/container-publish.adoc b/documentation/chapters/templates/container/container-publish.adoc index 32bf360..93db1cf 100644 --- a/documentation/chapters/templates/container/container-publish.adoc +++ b/documentation/chapters/templates/container/container-publish.adoc @@ -1,5 +1,5 @@ :sourcedir: ../../../../templates - +[#_container_publish] = Container Publish Moves a container from the filesystem to a remote repository. diff --git a/documentation/chapters/templates/container/container-scan.adoc b/documentation/chapters/templates/container/container-scan.adoc index a448496..761f19f 100644 --- a/documentation/chapters/templates/container/container-scan.adoc +++ b/documentation/chapters/templates/container/container-scan.adoc @@ -3,11 +3,11 @@ = Container CVE Scanner Uses Trivy to scan for CVE Problems within your Image. -Needs a build container on the path `image.tar`. Use one of the Container build templates for this. +Needs a build container on the path `image.tar`. +Use one of the Container build templates for this. ==== -NOTE: NPM -Trivy can not find CVE's within Frontend containes that do not have a dependencie-lock file. +NOTE: NPM Trivy can not find CVE's within Frontend containes that do not have a dependencie-lock file. This file should not be part of the Image. We provide an additional static CVE-Analyser-Template that can find these CVE's within your Repo. We also have the https://gitlab.exxcellent.de/gilden/ci/security-scanner/security-scanner[Security-Scanner] if you have more than one image to scan. @@ -16,22 +16,20 @@ We also have the https://gitlab.exxcellent.de/gilden/ci/security-scanner/securit .Variables |=== |Name |Description | Default Value -|EXITCODE_ON_HIGH -| Bestimmt den Exit code der ausgegeben werden soll, wenn ein CVE der als HIGH markiert wurde, gefunden werden konnte. -Wenn 0 benutzt wird, läuft die CI weiter. -Benutzte `allow_failure: true` damit die CI weiter läuft aber ein Failure angezeigt wird. -| - +|EXITCODE +| Define the exit code Trivy uses when finding a CVE of the High category. +When using 0 the CI will run not exit when finding CVEs +Please consider using `allow_failure: true` instead of 0. The CI will show you an error but not fail. +| 1 + +| TRIVY_EXTRA_ARGS +| Extra arguments to pass to Trivy +| Please see Template -|EXITCODE_ON_CRITICAL -| Bestimmt den Exit code der ausgegeben werden soll, wenn ein CVE der als CRITICAL markiert wurde, gefunden werden konnte. -Wenn 0 benutzt wird, läuft die CI weiter. -Benutzte `allow_failure: true` damit die CI weiter läuft aber ein Failure angezeigt wird. -| - -|GRADLE_CLI_OPTS | Zusätzliche CLI Opts für Gradle | "" |=== .container scan template -[source, yaml] +[source,yaml] ---- include::{sourcedir}container/container-scan.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/documentation/tool-documentation-tool.adoc b/documentation/chapters/templates/documentation/tool-documentation-tool.adoc index ebcae36..f18abd2 100644 --- a/documentation/chapters/templates/documentation/tool-documentation-tool.adoc +++ b/documentation/chapters/templates/documentation/tool-documentation-tool.adoc @@ -5,6 +5,34 @@ The Dokumentation tool template. More details and Variables can be found here: https://gitlab.exxcellent.de/gilden/ci/exxcellent-documentation-tool[Gilde CI/CD: exxcellent-documentation-tool]. +The following variables have to be set and are not optional. + +//todo these Variables hav to describet. +.Variables +|=== +|Name |Description | Default Value + +| FILE_INPUT +| A triplet of the converted html name followed by the page id of the confluence page we should generate below followed by the title of the parent page. Also supports multiple files separated by pipes: ".html,,\|.html,," +| NO DEFAULT + +| CONFLUENCE_SPACE +| Space Key of the target space e.g. RANDI for the Research and Innovation space +| NO DEFAULT + +| CONFLUENCE_USER +| Username in Confluence +| NO DEFAULT SET IN SECRETS + +| CONFLUENCE_PASSWORD +| Password in Confluence +| NO DEFAULT SET IN SECRETS + +| OPTIONAL +| https://gitlab.exxcellent.de/gilden/ci/exxcellent-documentation-tool/-/blob/master/documentation/chapters/general-information.adoc#user-content-confluence[Read Here] for more information. +| - +|=== + .dokumentation-tool [source,yaml] ---- diff --git a/documentation/chapters/templates/java/gradle/gradle-test-template.adoc b/documentation/chapters/templates/java/gradle/gradle-test-template.adoc index 9408765..ec4b0e7 100644 --- a/documentation/chapters/templates/java/gradle/gradle-test-template.adoc +++ b/documentation/chapters/templates/java/gradle/gradle-test-template.adoc @@ -6,7 +6,7 @@ endif::[] = Gradle Database Diff -This templates starts `gradle test` and saves the results as Artifacts. +These templates starts `gradle test` and saves the results as Artifacts. When Junit Reports are generated they will be published as Artefacts within the Pipelines. You can get a detailed view when clicking on Tests. diff --git a/documentation/chapters/templates/java/maven/maven-build-template.adoc b/documentation/chapters/templates/java/maven/maven-build-template.adoc index 9050c74..7e2c299 100644 --- a/documentation/chapters/templates/java/maven/maven-build-template.adoc +++ b/documentation/chapters/templates/java/maven/maven-build-template.adoc @@ -2,7 +2,7 @@ = maven-build-template -Dieses Template baut die .jar Files und speichert die Ergebnisse als Artifact. +These Templates will build a .jar file with Maven and provides it as an Artifact .Variables |=== diff --git a/documentation/chapters/templates/java/maven/maven-verify-template.adoc b/documentation/chapters/templates/java/maven/maven-verify-template.adoc index 7b25536..75796bf 100644 --- a/documentation/chapters/templates/java/maven/maven-verify-template.adoc +++ b/documentation/chapters/templates/java/maven/maven-verify-template.adoc @@ -4,7 +4,7 @@ ifndef::imagesdir[] :imagesdir: ../../../../images/ endif::[] -= maven-verify-template += Maven verify template This templates starts `mvn verify` and saves the results as Artifacts. diff --git a/documentation/chapters/templates/npm/npm-build-template.adoc b/documentation/chapters/templates/npm/npm-build-template.adoc index d79abf0..4790f55 100644 --- a/documentation/chapters/templates/npm/npm-build-template.adoc +++ b/documentation/chapters/templates/npm/npm-build-template.adoc @@ -1,12 +1,15 @@ :sourcedir: ../../../../templates/ -= npm-build-template += NPM Build Template -Dieses Template baut das NPM projekt und speichert die Ergebnisse als Artifact. +This template will build a NPM project and saved the artifacts for the next build step. .Variables |=== |Name |Description | Default Value +|ADDITIONAL_GLOBAL_PACKAGES +| Additional packages that should be installed in the before script +| "" |=== .npm-build-template diff --git a/documentation/chapters/templates/npm/npm-dependencies-template.adoc b/documentation/chapters/templates/npm/npm-dependencies-template.adoc index 6689f4c..6218f10 100644 --- a/documentation/chapters/templates/npm/npm-dependencies-template.adoc +++ b/documentation/chapters/templates/npm/npm-dependencies-template.adoc @@ -1,13 +1,16 @@ :sourcedir: ../../../../templates/ -= npm-dependencies-template += NPM Dependencies template -Dieses Template läd die NPM Abhängigkeiten des Projekts runter. -Bitte den Cache hinzufügen. Siehe xref:Generel-Variablen[Generelle Variablen] +This template loads the NPM dependencies of the project. +Please add the NPM cache. Look xref:Generel-Variablen[generell Variables] .Variables |=== |Name |Description | Default Value +|ADDITIONAL_GLOBAL_PACKAGES +| Additional packages that should be installed in the before script +| "" |=== .npm-dependencies-template diff --git a/documentation/chapters/templates/npm/npm-lint-template.adoc b/documentation/chapters/templates/npm/npm-lint-template.adoc index 9d74a00..1ea7ebd 100644 --- a/documentation/chapters/templates/npm/npm-lint-template.adoc +++ b/documentation/chapters/templates/npm/npm-lint-template.adoc @@ -1,12 +1,15 @@ :sourcedir: ../../../../templates/ -= npm-lint-template += NPM Lint template -Dieses Template durchläuft den Linter des NPM Projekts. +This template starts the linter of your NPM project. .Variables |=== |Name |Description | Default Value +|ADDITIONAL_GLOBAL_PACKAGES +| Additional packages that should be installed in the before script +| "" |=== .npm-lint-template diff --git a/documentation/chapters/templates/npm/npm-test-template.adoc b/documentation/chapters/templates/npm/npm-test-template.adoc index 7a67dd8..8e61106 100644 --- a/documentation/chapters/templates/npm/npm-test-template.adoc +++ b/documentation/chapters/templates/npm/npm-test-template.adoc @@ -1,12 +1,15 @@ :sourcedir: ../../../../templates/ -= npm-test-template += NPM Test Template -Dieses Template baut das NPM Projekt. +This template will run your NPM unit tests .Variables |=== |Name |Description | Default Value +|ADDITIONAL_GLOBAL_PACKAGES +| Additional packages that should be installed in the before script +| "" |=== .npm-test-template diff --git a/documentation/chapters/templates/releasing/set-version-template.adoc b/documentation/chapters/templates/releasing/set-version-template.adoc index 8f68815..68f6b4b 100644 --- a/documentation/chapters/templates/releasing/set-version-template.adoc +++ b/documentation/chapters/templates/releasing/set-version-template.adoc @@ -1,7 +1,7 @@ :sourcedir: ../../../../templates/ -= set-version += Set Version This template provides the job for increasing the tag version. For more details look at https://gitlab.exxcellent.de/gilden/ci/exxcellent-increase-version-tool[Gilde CI/CD: exxcellent-increase-version-tool]. diff --git a/documentation/chapters/templates/static-analysis/repo-cve-scan.adoc b/documentation/chapters/templates/static-analysis/repo-cve-scan.adoc index 2b49111..211ec3a 100644 --- a/documentation/chapters/templates/static-analysis/repo-cve-scan.adoc +++ b/documentation/chapters/templates/static-analysis/repo-cve-scan.adoc @@ -1,30 +1,34 @@ :sourcedir: ../../../../templates/ -= Repo-CVE-Scan += Repo CVE Scan -Scanned die gesamte Repo mit Trivy auf CVEs und Konfigurationsproblemen in Deployment files. +This template uses Trivy to scan for CVEs, Configuration Problems and Secrets within your Repository. .Variables |=== |Name |Description | Default Value |EXITCODE -| Definiert den Exitcode der benutzt wird, wenn Trivy Probleme findet. -Bei 0 läuft die Pipeline durch, auch wenn Probleme gefunden werden. -Überlege, ob du die Flag `allow_failure: false` benutzen willst. +| Define the exit code Trivy uses when finding a CVE of the High category. +When using 0 the CI will run not exit when finding CVEs +Please consider using `allow_failure: true` instead of 0. The CI will show you an error but not fail. | 1 |TRIVY_EXTRA_ARGS -| Weitere Argumente die du an Trivy übergeben kannst. +| Extra arguments to pass to Trivy | --no-progress --ignore-unfixed --severity HIGH,CRITICAL -|SCAN_PATH -| Der Path ab dem Trivy die Repo scannen soll. -| Root der Repository +| TRIVY_CKECKS +| Allows you to configure what checks will be executed on your Repository +| "vuln,config,secret" + +| SCAN_PATH +| Path where Trivy should scan for security errors. +| $CI_PROJECT_DIR |=== .Repo CVE scan template -[source, yaml] +[source,yaml] ---- include::{sourcedir}static-analysis/repo-cve-scan-trivy.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/static-analysis/tool-sonar.adoc b/documentation/chapters/templates/static-analysis/tool-sonar.adoc index 5f4ce24..445b9b9 100644 --- a/documentation/chapters/templates/static-analysis/tool-sonar.adoc +++ b/documentation/chapters/templates/static-analysis/tool-sonar.adoc @@ -1,18 +1,16 @@ :sourcedir: ../../../../templates/ = sonar-template -Ruft den Sonar Job für das Projekt auf. -Mehr Details zu finden hier: https://gitlab.exxcellent.de/gilden/ci/exxcellent-sonar-tool[Gilde CI/CD: exxcellent-sonar-tool]. +The following templates provide integrations for Sonar .Variables |=== |Name |Description | Default Value -|SONAR_HOST_URL | Die URL des eXXcellent sonar servers | http://sonar7.exxcellent.de/sonar7 -|SONAR_TOKEN | Token um geschützte Sonar Funktionen auszuführen | "" -|SONAR_PROJECT_KEY | Der Sonar-Projekt-Key. | "" -|SONAR_PROJECT_NAME | Der Sonar-Projekt-Name. | "" (Es wird dann standardmäßig der Maven project.name verwendet) -|SONAR_EXCLUSIONS | Von Sonar auszuschließende Bereiche | **/target/**,**/src/test/** -|GRADLE_CLI_OPTS | Zusätzliche CLI Opts für Gradle | "" +|SONAR_HOST_URL | The Url for the Sonar server | http://sonar7.exxcellent.de/sonar7 +|SONAR_TOKEN | The Sonar token to call protected sonar funtkions | "" +|SONAR_PROJECT_KEY | The Sonar-Projekt-Key of your Project. | "" +|SONAR_PROJECT_NAME | The Sonar-Projekt-Name. | "" (If you set project.name in maven the POM value will be used if this is empty) +|SONAR_EXCLUSIONS | Paths that will not be scanned by Sonar | **/target/**,**/src/test/** |=== diff --git a/documentation/contribution.adoc b/documentation/contribution.adoc index e342e38..fbd0d7a 100644 --- a/documentation/contribution.adoc +++ b/documentation/contribution.adoc @@ -2,19 +2,33 @@ :gitlab-ci-file: /common/common-ci-variablen.gitlab-ci.yml -Im Folgenden sind ein paar Regeln wie die Repo aufgebaut ist um ein möglicht einfaches einarbeiten und zusammenarbeiten zu ermöglichen. - +Please follow the these rules to provide excellent templates. +We found that these rules will lead to better and more usable templates. == Template Names convention -Template Namen fangen immer mit dem Prefix des Files an, in dem sie sich befinden. -Wenn in dem File mehrere Templates enthalten sind, wird an den Filenamen ein Suffix gehängt der, die Funktion des Templates zusammenfasst. -Das machen mir damit die CI Files und die Templates eine Verbindung zueinander haben. -Die Erfahrung hat gezeigt das es sonst schwer wird die Templates mit den Imports zu verbinden. +Template Names should begin with the Prefix of the file there are contained in. +If a Template File contains more than on template a Suffix should be provided. +This Suffix should describe the functionality of the Template as good as posible. + +This rules makes it easy to find the file within our repositories. If you only have a yml definition. +Our experience told us it can be hard to find the File a Template Job is in. ==== -Beispiel: +Example: -fuu.gitlab-ci.yml enthält template die anfangen mit .fuu-feature1 und .fuu-feature2 +The file `fuu.gitlab-ci.yml` contains the template that start with `.fuu*` +It could Container the Templates `.fuu-feature1` or `.fuu-feature2` ==== +== Mono Repo support + +We try to give as much Mono-Repo support as possible. +Because of this, the execution path of jobs should be variable. +Use a `cd $SOME_VAR_TO_PATH` within your `script` or `before_script` definitions. +The default path to should point to `$CI_PROJECT_DIR`. + +== Use of Before/After script + +avoid using `before_script` and `after_script` within a template. +these scripts should be overridable by the template user. diff --git a/documentation/document.adoc b/documentation/document.adoc index 0a3acce..6d4391a 100644 --- a/documentation/document.adoc +++ b/documentation/document.adoc @@ -19,9 +19,8 @@ endif::[] :classification: Intern :author: Marcel Feix -Diese Repository enthält alle generellen CI Templates der CI Gilde. -Templates für Tools werden in den Repositorys der Tools gepflegt. - +This Repository contains all CI Templates maintained by the CI-Gilde. +It also provides templates for simpler integration of CI-Gilde Tools. // ########################################################################### // Das Inhaltsverzeichnis ist nur im generierten HTML/PDF sichtbar (immer an erster Stelle, technisch bedingt) @@ -43,6 +42,9 @@ include::contribution.adoc[leveloffset=1] == Deployment - IaC +Our collection of Infrastructure as Code (IaC) Templates. +For Terraform Template please use the https://docs.gitlab.com/ee/user/infrastructure/iac/[official Templates] provided by Gitlab. + include::chapters/templates/IaC/ansible.adoc[leveloffset=2] include::chapters/templates/IaC/docker-compose.adoc[leveloffset=2] include::chapters/templates/IaC/ssh-transfer-data.adoc[leveloffset=2] @@ -50,6 +52,8 @@ include::chapters/templates/IaC/ssh-transfer-data.adoc[leveloffset=2] == Container Templates +Our collection of Container Templates. + include::chapters/templates/container/container-build.adoc[leveloffset=2] include::chapters/templates/container/container-publish.adoc[leveloffset=2] include::chapters/templates/container/container-scan.adoc[leveloffset=2] @@ -57,8 +61,8 @@ include::chapters/templates/container/container-scan.adoc[leveloffset=2] == Releasing Templates -Im folgende sind erweiterte Templates zu finden für das https://gitlab.exxcellent.de/gilden/ci/exxcellent-increase-version-tool[Increase-Version-Tool] der CI Gilde. -Für vorgegebene Release Pipelines bitte im Abschnitt <<_pipelines>> gucken. +The following Templates provide an simpler integration into the https://gitlab.exxcellent.de/gilden/ci/exxcellent-increase-version-tool[Increase-Version-Tool] of the CI-Gilde. +We also provide finished Pipelines in our <<_pipelines>> section. We highly recommend using those Pipelines since this is our reference Implementation. include::chapters/templates/releasing/push-tag-and-version-template.adoc[leveloffset=3] include::chapters/templates/releasing/set-version-template.adoc[leveloffset=3] @@ -68,6 +72,8 @@ include::chapters/templates/releasing/mail-template.adoc[leveloffset=3] == NPM Templates +Our collection of NPM Templates. + include::chapters/templates/npm/npm-dependencies-template.adoc[leveloffset=2] include::chapters/templates/npm/npm-build-template.adoc[leveloffset=2] include::chapters/templates/npm/npm-lint-template.adoc[leveloffset=2] @@ -75,14 +81,19 @@ include::chapters/templates/npm/npm-test-template.adoc[leveloffset=2] == Maven Templates +Our collection of Maven Templates. + include::chapters/templates/java/maven/maven-dependencies-template.adoc[leveloffset=2] include::chapters/templates/java/maven/maven-build-template.adoc[leveloffset=2] include::chapters/templates/java/maven/maven-verify-template.adoc[leveloffset=2] == Gradle Templates -Aktuell gehen wir davon das der Gradle Wrapper in dem Projekt vorhanden ist. -Sollte dieser noch nicht vorhanden sein kann er mit dem Befehl `gradle wrapper` erstellt werden. +Our collection of Gradle Templates. +Currently, we start our Templates from the Gradle Wrapper within your Projekt. +If you do not have a wrapper you can create on with the command `gradle wrapper`. +Please keep in mind updating the wrapper from time to time. +We recommend using https://www.exxcellent.de/confluence/x/S4WCC[Renovate] for this task. include::chapters/templates/java/gradle/gradle-build-template.adoc[leveloffset=2] include::chapters/templates/java/gradle/gradle-test-template.adoc[leveloffset=2] @@ -90,11 +101,15 @@ include::chapters/templates/java/gradle/gradle-db-diff-template.adoc[leveloffset == Static Analysis +With the following collection we provide Static code and Artefact analysis tools. + include::chapters/templates/static-analysis/repo-cve-scan.adoc[leveloffset=2] include::chapters/templates/static-analysis/tool-sonar.adoc[leveloffset=2] == Documentation +This collection provides templates to simplify your dokumentation prozess. + include::chapters/templates/documentation/tool-documentation-tool.adoc[leveloffset=2] [#_pipelines] diff --git a/documentation/generalInformation.adoc b/documentation/generalInformation.adoc index e9c3295..b8a5223 100644 --- a/documentation/generalInformation.adoc +++ b/documentation/generalInformation.adoc @@ -1,27 +1,40 @@ :sourcedir: ../../../../templates -== Templates und Pipelines +== Templates and Pipelines -In dieser Repository sind CI Templates und CI Pipeline-Templates zu finden. -Templates sind vorgefertigte Jobs, die jeweils einen Use-Case abbilden sollen und in dein Projekt importiert werden können. Die meisten Templates haben kein abhängigkeiten untereinander. Wenn doch, werden die Abhängigkeiten dokumentiert. -Alle Templates sind im Ordner Templates zu finden. +Within this Repository all CI Templates and CI Pipeline-Templates of the CI-Gilde can be found. +Templates are predefined Jobs. +These jobs implement one Use-Case as good as possible. +There mend to be imported to your project as simple as possible and provide best practises learned in multiple projects. +Most Templates do not have dependencies between Jobs. +If Jobs have dependencies the documentation will tell you how to integrate it. +Templates can be found in the Directory `Templates`. -Da eine CI jedoch aus Pipelines besteht und Gitlab die Möglichkeit Multi-Projekt- und Child-Pipelines zu benutzen, werden hier auch vorgefertigte Pipelines bereitgestellt. -Diese Pipeline-Templates bilden komplexere Use-Cases ab. -Pipelines sind in dem dafür vorgesehenen Pipeline Ordner zu finden. +We also provide finished Pipeline-Templates to integrate into your project. +Gitlab-CI has the possibility to execute Multi-Project- and Child-Pipelines that can be hard to integrate. +We have Pipline-Templates that implement common CI-Problems we found in different projekts. +These Piplines-Templates are not as Dynamic as templates but allow to integrate a lot of functionality within a short time. +Pipeline-Templates can be found in the Directory `Pipeline`. -== Wie können Templates benutzt werden +== How to use Templates? -Damit du die Templates in deinem Projekt zu benutzten kannst, musst du folgendes machen: +To use our Templates in your project you have to do the following: -1. `Include` das Template file das du benutzen willst in deinem `.gitlab-ci.yaml` File. -2. Jetzt kannst du in von dir gewählten Job das Template mit dem keyword `extend` als Ausgangspunkt benutzen. -3. Du kannst den Job für deinen Anwendungszweck weitere verändern indem du diese bei dir Überschreibst. +1. `Include` the Template file you want to use within your `.gitlab-ci.yaml` File. +2. Now you have access to the template within your CI file. +Use the keyword `extend` to extend on the imported Template. +3. Most of the time you also have to provide additional variables within you CI Configuration. +To change or override a functionality of the gitlab Template just configure your gitlab-ci Job normally. +Read more about the `extend` keyword https://docs.gitlab.com/ee/ci/yaml/yaml_optimization.html#use-extends-to-reuse-configuration-sections[here] ==== -Bei dem folgenden Beispiel wurde als ref der Tag 1.0.0 gesetzt. -Wir empfehlen diesen Tag zu setzen damit Änderungen von uns nicht eure CI Skripte kaputt machen. -Um automatisch mitzubekommen, wenn sich die CI verändert empfehlen wir das Benutzen von Renovate +The following example has the key `ref` set to the Tag `2.0.0`. +We recommend setting the `ref` to a Tag of the repository. +Changes on Master will not destroy your CI-Skripts. +To update this `ref` we recommend using Renovate. +You can also follow the Main branch of this repository. +We try not to break your stuff. +We are still learning a lot of stuff. ==== [source,yaml] @@ -31,22 +44,28 @@ stages: include: - project: 'gilden/ci/gitlab-ci-templates' - ref: '1.0.0' + ref: '2.0.0' file: - '/templates/java/maven/maven-verify.gitlab-ci.yml' test-image: stage: test-image extends: .maven-verify +#Example overriding Variable + variables: + GRADLE_CLI_OPTS: "$SOME_VARIABLE" +#Example overriding rules rules: - - if: $NURAUFMEINEMBRANCH + - if: $SOME_VARIABLE +#Example overriding scripts before_script: - - echo "meine änderungen" + - echo "my overriding changes" ---- -== Wie können Pipelines benutzt werden +== How to use Pipeline-Templates? -Um Pipelines zu benutzen, müssen diese nur mit `Include` importiert werden. -Für weitere Informationen ließ bitte die Doku der Pipelines selbst. +Most Pipelines Templates just have to be `included` within your CI File. +These have a high integration and are not really dynamic. +Please read the Dokumentation of every pipeline-template. diff --git a/pipelines/java-maven.gitlab-ci.yml b/pipelines/java-maven.gitlab-ci.yml index 1e7ca52..7e32e7f 100644 --- a/pipelines/java-maven.gitlab-ci.yml +++ b/pipelines/java-maven.gitlab-ci.yml @@ -8,7 +8,7 @@ include: # todo doc welche Variablen gesetzt werden müssen.before_script: # variables: -# SONAR_PROJECT_KEY: "gilde.ci.cd.restservice:java-backend-template" +# SONAR_PROJECT_KEY: "" Dependencies-Java: extends: .maven-dependencies diff --git a/templates/container/container-build.gitlab-ci.yml b/templates/container/container-build.gitlab-ci.yml index 33a776d..c5c5af0 100644 --- a/templates/container/container-build.gitlab-ci.yml +++ b/templates/container/container-build.gitlab-ci.yml @@ -11,7 +11,7 @@ extends: .container-build-common image: $MAVEN_IMAGE script: - - cd $CONTEXT_LOCATION + - "cd $CONTEXT_LOCATION" - mvn $MAVEN_CLI_OPTS jib:buildTar -DskipTests $EXTRA_ARGS .container-build-jib-gradle: @@ -20,7 +20,7 @@ variables: EXTRA_ARGS: $GRADLE_EXTRA_ARGS script: - - cd $CONTEXT_LOCATION + - "cd $CONTEXT_LOCATION" - ./gradlew $GRADLE_CLI_OPTS jibBuildTar -DskipTests $EXTRA_ARGS .container-build-kaniko: diff --git a/templates/java/maven/maven-build.gitlab-ci.yml b/templates/java/maven/maven-build.gitlab-ci.yml index 9cc43a2..764594e 100644 --- a/templates/java/maven/maven-build.gitlab-ci.yml +++ b/templates/java/maven/maven-build.gitlab-ci.yml @@ -2,6 +2,7 @@ stage: build image: $MAVEN_IMAGE before_script: + - "cd $BACKEND_DIR" - > if [ ! -z "$CI_COMMIT_TAG" ]; then mvn $MVN_EXTRA_ARGS $MAVEN_CLI_OPTS versions:set -DnewVersion=$CI_COMMIT_TAG -DgenerateBackupPoms=false @@ -12,4 +13,4 @@ expire_in: 2 weeks when: always paths: - - $BACKEND_DIR/target/*.jar + - "**/target/*.jar" diff --git a/templates/java/maven/maven-database-diff.gitlab-ci.yml b/templates/java/maven/maven-database-diff.gitlab-ci.yml index b6487ad..ade5154 100644 --- a/templates/java/maven/maven-database-diff.gitlab-ci.yml +++ b/templates/java/maven/maven-database-diff.gitlab-ci.yml @@ -9,4 +9,5 @@ include: MAVEN_EXTRA_OPTS: "" PATH_TO_DIFF: "target/db-diff.xml" script: + - "cd $BACKEND_DIR" - mvn compile liquibase:update liquibase:diff $MAVEN_EXTRA_OPTS diff --git a/templates/java/maven/maven-dependencies.gitlab-ci.yml b/templates/java/maven/maven-dependencies.gitlab-ci.yml index 3f938a4..5296dea 100644 --- a/templates/java/maven/maven-dependencies.gitlab-ci.yml +++ b/templates/java/maven/maven-dependencies.gitlab-ci.yml @@ -2,4 +2,5 @@ stage: dependencies image: $MAVEN_IMAGE script: + - "cd $BACKEND_DIR" - "mvn $MAVEN_CLI_OPTS dependency:resolve" \ No newline at end of file diff --git a/templates/java/maven/maven-verify.gitlab-ci.yml b/templates/java/maven/maven-verify.gitlab-ci.yml index 1208c67..6ecd5dc 100644 --- a/templates/java/maven/maven-verify.gitlab-ci.yml +++ b/templates/java/maven/maven-verify.gitlab-ci.yml @@ -2,11 +2,12 @@ image: $MAVEN_IMAGE stage: verify script: + - "cd $BACKEND_DIR" - mvn $MAVEN_CLI_OPTS verify artifacts: expire_in: 2 weeks reports: junit: - - target/surefire-reports/TEST-*.xml - - target/failsafe-reports/TEST-*.xml + - "**/target/surefire-reports/TEST-*.xml" + - "**/target/failsafe-reports/TEST-*.xml" diff --git a/templates/npm/npm-build.gitlab-ci.yml b/templates/npm/npm-build.gitlab-ci.yml index f0d9f17..905b357 100644 --- a/templates/npm/npm-build.gitlab-ci.yml +++ b/templates/npm/npm-build.gitlab-ci.yml @@ -1,7 +1,10 @@ .npm-build: image: $NODE_IMAGE stage: build + variables: + ADDITIONAL_GLOBAL_PACKAGES: "" before_script: + - npm install -g $ADDITIONAL_GLOBAL_PACKAGES #Todo this needs Testing!! - > if [ "$CI_COMMIT_TAG" != "" ]; then diff --git a/templates/npm/npm-dependencies.gitlab-ci.yml b/templates/npm/npm-dependencies.gitlab-ci.yml index 0980d89..758313d 100644 --- a/templates/npm/npm-dependencies.gitlab-ci.yml +++ b/templates/npm/npm-dependencies.gitlab-ci.yml @@ -1,5 +1,10 @@ .npm-dependencies: image: $NODE_IMAGE stage: dependencies + variables: + ADDITIONAL_GLOBAL_PACKAGES: "" + before_script: + - npm install -g $ADDITIONAL_GLOBAL_PACKAGES script: + - "cd $FRONTEND_DIR" - npm install diff --git a/templates/npm/npm-lint.gitlab-ci.yml b/templates/npm/npm-lint.gitlab-ci.yml index dccfd49..bddd8ac 100644 --- a/templates/npm/npm-lint.gitlab-ci.yml +++ b/templates/npm/npm-lint.gitlab-ci.yml @@ -1,9 +1,13 @@ .npm-lint: image: $NODE_IMAGE stage: verify + variables: + ADDITIONAL_GLOBAL_PACKAGES: "" before_script: - script: + - npm install -g $ADDITIONAL_GLOBAL_PACKAGES + - "cd $FRONTEND_DIR" - npm install -g eslint + script: - npm run lint # artifacts: todo add lint results in artifact if posible # expire_in: 2 weeks diff --git a/templates/npm/npm-test.gitlab-ci.yml b/templates/npm/npm-test.gitlab-ci.yml index f97a62b..922c992 100644 --- a/templates/npm/npm-test.gitlab-ci.yml +++ b/templates/npm/npm-test.gitlab-ci.yml @@ -1,8 +1,10 @@ .npm-test: image: $NODE_IMAGE stage: verify + variables: + ADDITIONAL_GLOBAL_PACKAGES: "karma" before_script: - - npm install -g rimraf karma + - npm install -g $ADDITIONAL_GLOBAL_PACKAGES script: - cd $FRONTEND_DIR - npm run test-ci \ No newline at end of file diff --git a/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml b/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml index 7346f6c..e3e6ad6 100644 --- a/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml +++ b/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml @@ -5,9 +5,10 @@ stage: verify needs: [] variables: - SCAN_PATH: "." + SCAN_PATH: $CI_PROJECT_DIR EXITCODE: 1 TRIVY_EXTRA_ARGS: "--no-progress --ignore-unfixed --severity HIGH,CRITICAL" + TRIVY_CKECKS: "vuln,config,secret" cache: paths: - .trivycache/ @@ -16,5 +17,5 @@ junit: junit-report.xml script: # Builds report and puts it in the default workdir $CI_PROJECT_DIR, so artifacts: can take it from there - - trivy --cache-dir .trivycache/ fs --timeout 15m $TRIVY_EXTRA_ARGS --exit-code 0 --security-checks vuln,config --format template --format template --template "/contrib/junit.tpl" -o junit-report.xml $SCAN_PATH - - trivy --cache-dir .trivycache/ fs --timeout 15m $TRIVY_EXTRA_ARGS --exit-code $EXITCODE --security-checks vuln,config $SCAN_PATH + - trivy --cache-dir .trivycache/ fs --timeout 15m $TRIVY_EXTRA_ARGS --exit-code 0 --security-checks $TRIVY_CKECKS --format template --format template --template "/contrib/junit.tpl" -o junit-report.xml $SCAN_PATH + - trivy --cache-dir .trivycache/ fs --timeout 15m $TRIVY_EXTRA_ARGS --exit-code $EXITCODE --security-checks $TRIVY_CKECKS $SCAN_PATH From b34da659e9f2c24d2e77835af23dcb2ddecfd901 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 13 May 2022 15:44:09 +0200 Subject: [PATCH 039/166] feat(NPM): Add Additional Packages install to NPM script --- templates/npm/npm-build.gitlab-ci.yml | 6 +++++- templates/npm/npm-dependencies.gitlab-ci.yml | 5 ++++- templates/npm/npm-lint.gitlab-ci.yml | 10 ++++++---- templates/npm/npm-test.gitlab-ci.yml | 7 +++++-- 4 files changed, 20 insertions(+), 8 deletions(-) diff --git a/templates/npm/npm-build.gitlab-ci.yml b/templates/npm/npm-build.gitlab-ci.yml index 905b357..0b9405a 100644 --- a/templates/npm/npm-build.gitlab-ci.yml +++ b/templates/npm/npm-build.gitlab-ci.yml @@ -4,7 +4,10 @@ variables: ADDITIONAL_GLOBAL_PACKAGES: "" before_script: - - npm install -g $ADDITIONAL_GLOBAL_PACKAGES + - > + if [ "$ADDITIONAL_GLOBAL_PACKAGES" != "" ]; then + npm install -g $ADDITIONAL_GLOBAL_PACKAGES + fi #Todo this needs Testing!! - > if [ "$CI_COMMIT_TAG" != "" ]; then @@ -12,6 +15,7 @@ fi #Testing END script: + - "cd $FRONTEND_DIR" - npm install - npm run build artifacts: diff --git a/templates/npm/npm-dependencies.gitlab-ci.yml b/templates/npm/npm-dependencies.gitlab-ci.yml index 758313d..d7f40c5 100644 --- a/templates/npm/npm-dependencies.gitlab-ci.yml +++ b/templates/npm/npm-dependencies.gitlab-ci.yml @@ -4,7 +4,10 @@ variables: ADDITIONAL_GLOBAL_PACKAGES: "" before_script: - - npm install -g $ADDITIONAL_GLOBAL_PACKAGES + - > + if [ "$ADDITIONAL_GLOBAL_PACKAGES" != "" ]; then + npm install -g $ADDITIONAL_GLOBAL_PACKAGES + fi script: - "cd $FRONTEND_DIR" - npm install diff --git a/templates/npm/npm-lint.gitlab-ci.yml b/templates/npm/npm-lint.gitlab-ci.yml index bddd8ac..18ad525 100644 --- a/templates/npm/npm-lint.gitlab-ci.yml +++ b/templates/npm/npm-lint.gitlab-ci.yml @@ -2,12 +2,14 @@ image: $NODE_IMAGE stage: verify variables: - ADDITIONAL_GLOBAL_PACKAGES: "" + ADDITIONAL_GLOBAL_PACKAGES: "eslint" before_script: - - npm install -g $ADDITIONAL_GLOBAL_PACKAGES - - "cd $FRONTEND_DIR" - - npm install -g eslint + - > + if [ "$ADDITIONAL_GLOBAL_PACKAGES" != "" ]; then + npm install -g $ADDITIONAL_GLOBAL_PACKAGES + fi script: + - "cd $FRONTEND_DIR" - npm run lint # artifacts: todo add lint results in artifact if posible # expire_in: 2 weeks diff --git a/templates/npm/npm-test.gitlab-ci.yml b/templates/npm/npm-test.gitlab-ci.yml index 922c992..ab0d48f 100644 --- a/templates/npm/npm-test.gitlab-ci.yml +++ b/templates/npm/npm-test.gitlab-ci.yml @@ -4,7 +4,10 @@ variables: ADDITIONAL_GLOBAL_PACKAGES: "karma" before_script: - - npm install -g $ADDITIONAL_GLOBAL_PACKAGES + - > + if [ "$ADDITIONAL_GLOBAL_PACKAGES" != "" ]; then + npm install -g $ADDITIONAL_GLOBAL_PACKAGES + fi script: - - cd $FRONTEND_DIR + - "cd $FRONTEND_DIR" - npm run test-ci \ No newline at end of file From b6bc0667fcdebe16f4601e55fffd4bfea5be7f44 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 13 May 2022 15:46:46 +0200 Subject: [PATCH 040/166] chorel(MAVEN): Change Path to maven Test Template --- .../chapters/templates/java/maven/maven-verify-template.adoc | 2 +- documentation/generalInformation.adoc | 2 +- pipelines/java-maven.gitlab-ci.yml | 2 +- templates/java/maven/maven-database-diff.gitlab-ci.yml | 5 +++++ .../{maven-verify.gitlab-ci.yml => maven-test.gitlab-ci.yml} | 0 5 files changed, 8 insertions(+), 3 deletions(-) rename templates/java/maven/{maven-verify.gitlab-ci.yml => maven-test.gitlab-ci.yml} (100%) diff --git a/documentation/chapters/templates/java/maven/maven-verify-template.adoc b/documentation/chapters/templates/java/maven/maven-verify-template.adoc index 75796bf..c971c4e 100644 --- a/documentation/chapters/templates/java/maven/maven-verify-template.adoc +++ b/documentation/chapters/templates/java/maven/maven-verify-template.adoc @@ -23,5 +23,5 @@ image::GitlabCiTest.png[] .mvn-verify-template [source, yaml] ---- -include::{sourcedir}/java/maven/maven-verify.gitlab-ci.yml[] +include::{sourcedir}/java/maven/maven-test.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/generalInformation.adoc b/documentation/generalInformation.adoc index b8a5223..93d951e 100644 --- a/documentation/generalInformation.adoc +++ b/documentation/generalInformation.adoc @@ -46,7 +46,7 @@ include: - project: 'gilden/ci/gitlab-ci-templates' ref: '2.0.0' file: - - '/templates/java/maven/maven-verify.gitlab-ci.yml' + - '/templates/java/maven/maven-test.gitlab-ci.yml' test-image: stage: test-image diff --git a/pipelines/java-maven.gitlab-ci.yml b/pipelines/java-maven.gitlab-ci.yml index 7e32e7f..e9eda45 100644 --- a/pipelines/java-maven.gitlab-ci.yml +++ b/pipelines/java-maven.gitlab-ci.yml @@ -1,7 +1,7 @@ include: - '/templates/java/maven/maven-dependencies.gitlab-ci.yml' - '/templates/java/maven/maven-build.gitlab-ci.yml' - - '/templates/java/maven/maven-verify.gitlab-ci.yml' + - '/templates/java/maven/maven-test.gitlab-ci.yml' - '/templates/java/maven/maven-database-diff.gitlab-ci.yml' - '/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml' - '/templates/static-analysis/sonar.gitlab-ci.yml' diff --git a/templates/java/maven/maven-database-diff.gitlab-ci.yml b/templates/java/maven/maven-database-diff.gitlab-ci.yml index ade5154..58eccd8 100644 --- a/templates/java/maven/maven-database-diff.gitlab-ci.yml +++ b/templates/java/maven/maven-database-diff.gitlab-ci.yml @@ -11,3 +11,8 @@ include: script: - "cd $BACKEND_DIR" - mvn compile liquibase:update liquibase:diff $MAVEN_EXTRA_OPTS + artifacts: + when: on_failure + expire_in: 2 weeks + paths: + - $BACKEND_DIR/target/db-diff.xml \ No newline at end of file diff --git a/templates/java/maven/maven-verify.gitlab-ci.yml b/templates/java/maven/maven-test.gitlab-ci.yml similarity index 100% rename from templates/java/maven/maven-verify.gitlab-ci.yml rename to templates/java/maven/maven-test.gitlab-ci.yml From 01f06d85075d6f5d0236da8a405a05fc49c78ae4 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 13 May 2022 16:18:53 +0200 Subject: [PATCH 041/166] chorel(Verify Stages): rename the Test stages to verify --- .../chapters/templates/java/gradle/gradle-test-template.adoc | 2 +- .../chapters/templates/java/maven/maven-verify-template.adoc | 2 +- documentation/chapters/templates/npm/npm-test-template.adoc | 2 +- documentation/generalInformation.adoc | 2 +- pipelines/java-gradle.gitlab-ci.yml | 2 +- pipelines/java-maven.gitlab-ci.yml | 2 +- .../{gradle-test.gitlab-ci.yml => gradle-verify.gitlab-ci.yml} | 2 +- templates/java/maven/maven-build.gitlab-ci.yml | 1 + .../{maven-test.gitlab-ci.yml => maven-verify.gitlab-ci.yml} | 2 +- .../npm/{npm-test.gitlab-ci.yml => npm-verify.gitlab-ci.yml} | 2 +- 10 files changed, 10 insertions(+), 9 deletions(-) rename templates/java/gradle/{gradle-test.gitlab-ci.yml => gradle-verify.gitlab-ci.yml} (93%) rename templates/java/maven/{maven-test.gitlab-ci.yml => maven-verify.gitlab-ci.yml} (94%) rename templates/npm/{npm-test.gitlab-ci.yml => npm-verify.gitlab-ci.yml} (95%) diff --git a/documentation/chapters/templates/java/gradle/gradle-test-template.adoc b/documentation/chapters/templates/java/gradle/gradle-test-template.adoc index ec4b0e7..3572476 100644 --- a/documentation/chapters/templates/java/gradle/gradle-test-template.adoc +++ b/documentation/chapters/templates/java/gradle/gradle-test-template.adoc @@ -23,5 +23,5 @@ image::GitlabCiTest.png[] .gradle-test-template [source,yaml] ---- -include::{sourcedir}java/gradle/gradle-test.gitlab-ci.yml[] +include::{sourcedir}java/gradle/gradle-verify.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/java/maven/maven-verify-template.adoc b/documentation/chapters/templates/java/maven/maven-verify-template.adoc index c971c4e..75796bf 100644 --- a/documentation/chapters/templates/java/maven/maven-verify-template.adoc +++ b/documentation/chapters/templates/java/maven/maven-verify-template.adoc @@ -23,5 +23,5 @@ image::GitlabCiTest.png[] .mvn-verify-template [source, yaml] ---- -include::{sourcedir}/java/maven/maven-test.gitlab-ci.yml[] +include::{sourcedir}/java/maven/maven-verify.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/chapters/templates/npm/npm-test-template.adoc b/documentation/chapters/templates/npm/npm-test-template.adoc index 8e61106..764b755 100644 --- a/documentation/chapters/templates/npm/npm-test-template.adoc +++ b/documentation/chapters/templates/npm/npm-test-template.adoc @@ -15,5 +15,5 @@ This template will run your NPM unit tests .npm-test-template [source, yaml] ---- -include::{sourcedir}npm/npm-test.gitlab-ci.yml[] +include::{sourcedir}npm/npm-verify.gitlab-ci.yml[] ---- \ No newline at end of file diff --git a/documentation/generalInformation.adoc b/documentation/generalInformation.adoc index 93d951e..b8a5223 100644 --- a/documentation/generalInformation.adoc +++ b/documentation/generalInformation.adoc @@ -46,7 +46,7 @@ include: - project: 'gilden/ci/gitlab-ci-templates' ref: '2.0.0' file: - - '/templates/java/maven/maven-test.gitlab-ci.yml' + - '/templates/java/maven/maven-verify.gitlab-ci.yml' test-image: stage: test-image diff --git a/pipelines/java-gradle.gitlab-ci.yml b/pipelines/java-gradle.gitlab-ci.yml index e99b20a..dd75ade 100644 --- a/pipelines/java-gradle.gitlab-ci.yml +++ b/pipelines/java-gradle.gitlab-ci.yml @@ -1,6 +1,6 @@ include: - '/templates/java/gradle/gradle-build.gitlab-ci.yml' - - '/templates/java/gradle/gradle-test.gitlab-ci.yml' + - '/templates/java/gradle/gradle-verify.gitlab-ci.yml' - '/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml' - '/templates/static-analysis/sonar.gitlab-ci.yml' diff --git a/pipelines/java-maven.gitlab-ci.yml b/pipelines/java-maven.gitlab-ci.yml index e9eda45..7e32e7f 100644 --- a/pipelines/java-maven.gitlab-ci.yml +++ b/pipelines/java-maven.gitlab-ci.yml @@ -1,7 +1,7 @@ include: - '/templates/java/maven/maven-dependencies.gitlab-ci.yml' - '/templates/java/maven/maven-build.gitlab-ci.yml' - - '/templates/java/maven/maven-test.gitlab-ci.yml' + - '/templates/java/maven/maven-verify.gitlab-ci.yml' - '/templates/java/maven/maven-database-diff.gitlab-ci.yml' - '/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml' - '/templates/static-analysis/sonar.gitlab-ci.yml' diff --git a/templates/java/gradle/gradle-test.gitlab-ci.yml b/templates/java/gradle/gradle-verify.gitlab-ci.yml similarity index 93% rename from templates/java/gradle/gradle-test.gitlab-ci.yml rename to templates/java/gradle/gradle-verify.gitlab-ci.yml index c1cb1e2..d8fd92d 100644 --- a/templates/java/gradle/gradle-test.gitlab-ci.yml +++ b/templates/java/gradle/gradle-verify.gitlab-ci.yml @@ -1,4 +1,4 @@ -.gradle-test: +.gradle-verify: image: $GRADLE_IMAGE stage: verify script: diff --git a/templates/java/maven/maven-build.gitlab-ci.yml b/templates/java/maven/maven-build.gitlab-ci.yml index 764594e..01efa35 100644 --- a/templates/java/maven/maven-build.gitlab-ci.yml +++ b/templates/java/maven/maven-build.gitlab-ci.yml @@ -8,6 +8,7 @@ mvn $MVN_EXTRA_ARGS $MAVEN_CLI_OPTS versions:set -DnewVersion=$CI_COMMIT_TAG -DgenerateBackupPoms=false fi script: + - "cd $BACKEND_DIR" - mvn $MAVEN_CLI_OPTS package -DskipTests artifacts: expire_in: 2 weeks diff --git a/templates/java/maven/maven-test.gitlab-ci.yml b/templates/java/maven/maven-verify.gitlab-ci.yml similarity index 94% rename from templates/java/maven/maven-test.gitlab-ci.yml rename to templates/java/maven/maven-verify.gitlab-ci.yml index 6ecd5dc..ce8647a 100644 --- a/templates/java/maven/maven-test.gitlab-ci.yml +++ b/templates/java/maven/maven-verify.gitlab-ci.yml @@ -1,4 +1,4 @@ -.maven-test: +.maven-verify: image: $MAVEN_IMAGE stage: verify script: diff --git a/templates/npm/npm-test.gitlab-ci.yml b/templates/npm/npm-verify.gitlab-ci.yml similarity index 95% rename from templates/npm/npm-test.gitlab-ci.yml rename to templates/npm/npm-verify.gitlab-ci.yml index ab0d48f..93a7579 100644 --- a/templates/npm/npm-test.gitlab-ci.yml +++ b/templates/npm/npm-verify.gitlab-ci.yml @@ -1,4 +1,4 @@ -.npm-test: +.npm-verify: image: $NODE_IMAGE stage: verify variables: From ce627914f3f6a7f55f9f960a4762fe2a72461b48 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 13 May 2022 16:58:26 +0200 Subject: [PATCH 042/166] chore(Maven): Add classes to target build forlder --- templates/java/maven/maven-build.gitlab-ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/templates/java/maven/maven-build.gitlab-ci.yml b/templates/java/maven/maven-build.gitlab-ci.yml index 01efa35..d86ab0e 100644 --- a/templates/java/maven/maven-build.gitlab-ci.yml +++ b/templates/java/maven/maven-build.gitlab-ci.yml @@ -15,3 +15,4 @@ when: always paths: - "**/target/*.jar" + - "**/target/classes" From 5006c78def7ec56fa6c0d67ea96f922dc84772d2 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 13 May 2022 16:59:23 +0200 Subject: [PATCH 043/166] chore(Maven): Add classes to target build folder --- templates/common/common-ci-variablen.gitlab-ci.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/templates/common/common-ci-variablen.gitlab-ci.yml b/templates/common/common-ci-variablen.gitlab-ci.yml index ac1bf81..32b2a0a 100644 --- a/templates/common/common-ci-variablen.gitlab-ci.yml +++ b/templates/common/common-ci-variablen.gitlab-ci.yml @@ -17,7 +17,9 @@ cache: - $FRONTEND_DIR/dist # Cache Gradle - .gradle - - build + - '**/build' + - "**/target" + variables: From f7a335eb954fe83080f7dd8fab60e70a5a79491f Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 13 May 2022 17:05:56 +0200 Subject: [PATCH 044/166] chore(Maven): Add classes to target build folder --- pipelines/java-maven.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/java-maven.gitlab-ci.yml b/pipelines/java-maven.gitlab-ci.yml index 7e32e7f..5f681ec 100644 --- a/pipelines/java-maven.gitlab-ci.yml +++ b/pipelines/java-maven.gitlab-ci.yml @@ -20,7 +20,7 @@ Build-Java: artifacts: true Test-Java: - extends: .maven-test + extends: .maven-verify needs: - job: "Build-Java" artifacts: true From 716789dd91ef93ba394f12d16bb71e39f895e76a Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 16 May 2022 12:24:16 +0000 Subject: [PATCH 045/166] feat(Docker-Compose): Update Docker images with docker-compose pull. --- templates/IaC/docker-compose.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index 32ca29a..a1e6712 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -38,7 +38,7 @@ # Tunnel Docker socket from remote Maschine to local Maschine. This should be more stable than the current SSH Implementation of Docker - rm -f /tmp/docker.sock - ssh -M -S docker-ctrl-socket -fnNT -L /tmp/docker.sock:/var/run/docker.sock "$SSH_USER@$SSH_URL" -p $SSH_PORT -o ControlPersist=no - - DOCKER_HOST=unix:///tmp/docker.sock docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans + - DOCKER_HOST=unix:///tmp/docker.sock docker-compose pull && docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans #todo add docker compose renovate updater .docker-compose-validate: From cf3fbaf63cccfbf3aa563347167f34901b76b323 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 16 May 2022 12:54:14 +0000 Subject: [PATCH 046/166] fix(Docker-Compose): devide pull and up into --- templates/IaC/docker-compose.gitlab-ci.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index a1e6712..fd908d8 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -38,7 +38,8 @@ # Tunnel Docker socket from remote Maschine to local Maschine. This should be more stable than the current SSH Implementation of Docker - rm -f /tmp/docker.sock - ssh -M -S docker-ctrl-socket -fnNT -L /tmp/docker.sock:/var/run/docker.sock "$SSH_USER@$SSH_URL" -p $SSH_PORT -o ControlPersist=no - - DOCKER_HOST=unix:///tmp/docker.sock docker-compose pull && docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans + - DOCKER_HOST=unix:///tmp/docker.sock docker-compose pull + - DOCKER_HOST=unix:///tmp/docker.sock docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans #todo add docker compose renovate updater .docker-compose-validate: From 7de4685db8421342beb331d92e5edc44e2738dbc Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 16 May 2022 13:47:58 +0000 Subject: [PATCH 047/166] Update docker-compose.gitlab-ci.yml --- templates/IaC/docker-compose.gitlab-ci.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index fd908d8..59e6b02 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -24,12 +24,12 @@ - chmod 700 ~/.ssh # Add keys to known hosts for Docker Compose - ssh-keyscan $SSH_URL >> ~/.ssh/known_hosts - - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi #Install docker Compose, from release directly - wget https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose - chmod +x /usr/local/bin/docker-compose script: - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi + - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi - DOCKER_HOST=ssh://$SSH_USER@$SSH_URL:$SSH_PORT docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans .broken-ssh-connection-workaround: @@ -38,6 +38,7 @@ # Tunnel Docker socket from remote Maschine to local Maschine. This should be more stable than the current SSH Implementation of Docker - rm -f /tmp/docker.sock - ssh -M -S docker-ctrl-socket -fnNT -L /tmp/docker.sock:/var/run/docker.sock "$SSH_USER@$SSH_URL" -p $SSH_PORT -o ControlPersist=no + - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi - DOCKER_HOST=unix:///tmp/docker.sock docker-compose pull - DOCKER_HOST=unix:///tmp/docker.sock docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans From 49df029b03647109ee348eadb93ef19dfc7baad3 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 16 May 2022 14:03:20 +0000 Subject: [PATCH 048/166] fix(Docker-Compose) Set Socket in export and execute on that --- templates/IaC/docker-compose.gitlab-ci.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index 59e6b02..ac05951 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -28,19 +28,22 @@ - wget https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose - chmod +x /usr/local/bin/docker-compose script: + - export DOCKER_HOST=ssh://$SSH_USER@$SSH_URL:$SSH_PORT - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi - - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi - - DOCKER_HOST=ssh://$SSH_USER@$SSH_URL:$SSH_PORT docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans + - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi + - docker-compose pull + - docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans .broken-ssh-connection-workaround: script: + - export DOCKER_HOST=unix:///tmp/docker.sock - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi # Tunnel Docker socket from remote Maschine to local Maschine. This should be more stable than the current SSH Implementation of Docker - rm -f /tmp/docker.sock - ssh -M -S docker-ctrl-socket -fnNT -L /tmp/docker.sock:/var/run/docker.sock "$SSH_USER@$SSH_URL" -p $SSH_PORT -o ControlPersist=no - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi - - DOCKER_HOST=unix:///tmp/docker.sock docker-compose pull - - DOCKER_HOST=unix:///tmp/docker.sock docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans + - docker-compose pull + - docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans #todo add docker compose renovate updater .docker-compose-validate: From 639006e1c8c9d7c0764ffc7726b84660fb04691b Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 16 May 2022 14:12:46 +0000 Subject: [PATCH 049/166] fix(Docker-compose) Add Extra Args to docker compose --- templates/IaC/docker-compose.gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index ac05951..cb73ec6 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -31,7 +31,7 @@ - export DOCKER_HOST=ssh://$SSH_USER@$SSH_URL:$SSH_PORT - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi - - docker-compose pull + - docker-compose $COMPOSE_EXTRA_ARGS pull - docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans .broken-ssh-connection-workaround: @@ -42,7 +42,7 @@ - rm -f /tmp/docker.sock - ssh -M -S docker-ctrl-socket -fnNT -L /tmp/docker.sock:/var/run/docker.sock "$SSH_USER@$SSH_URL" -p $SSH_PORT -o ControlPersist=no - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi - - docker-compose pull + - docker-compose $COMPOSE_EXTRA_ARGS pull - docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans #todo add docker compose renovate updater From f80add48e894682ecf1f436ffccd560e009669e8 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Wed, 18 May 2022 09:54:00 +0000 Subject: [PATCH 050/166] change key to gradle-verify --- pipelines/java-gradle.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/java-gradle.gitlab-ci.yml b/pipelines/java-gradle.gitlab-ci.yml index dd75ade..37c1568 100644 --- a/pipelines/java-gradle.gitlab-ci.yml +++ b/pipelines/java-gradle.gitlab-ci.yml @@ -8,7 +8,7 @@ Build-Java: extends: .gradle-build Test-Java: - extends: .gradle-test + extends: .gradle-verify needs: - job: "Build-Java" artifacts: true From b97cbc2848e3aefe65b74f5361bbd27da02cde2d Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Wed, 18 May 2022 15:37:02 +0000 Subject: [PATCH 051/166] Update templates/documentations/documentation.gitlab-ci.yml --- templates/documentations/documentation.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/documentations/documentation.gitlab-ci.yml b/templates/documentations/documentation.gitlab-ci.yml index 362bf3d..44884e2 100644 --- a/templates/documentations/documentation.gitlab-ci.yml +++ b/templates/documentations/documentation.gitlab-ci.yml @@ -28,7 +28,7 @@ .documentation-publish: extends: .documentation-tool-common - stage: documentation + stage: post-process variables: OUTPUT_DIR: public script: From b280ef18feb2dff315890d8e1d14eacab5c7a249 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Thu, 19 May 2022 09:22:01 +0200 Subject: [PATCH 052/166] chore(NPM): Cache NPM packages --- templates/common/common-ci-variablen.gitlab-ci.yml | 1 + templates/npm/npm-dependencies.gitlab-ci.yml | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/templates/common/common-ci-variablen.gitlab-ci.yml b/templates/common/common-ci-variablen.gitlab-ci.yml index 32b2a0a..1f4d1b0 100644 --- a/templates/common/common-ci-variablen.gitlab-ci.yml +++ b/templates/common/common-ci-variablen.gitlab-ci.yml @@ -19,6 +19,7 @@ cache: - .gradle - '**/build' - "**/target" + - "**/node_modules" variables: diff --git a/templates/npm/npm-dependencies.gitlab-ci.yml b/templates/npm/npm-dependencies.gitlab-ci.yml index d7f40c5..1dcc4ac 100644 --- a/templates/npm/npm-dependencies.gitlab-ci.yml +++ b/templates/npm/npm-dependencies.gitlab-ci.yml @@ -11,3 +11,7 @@ script: - "cd $FRONTEND_DIR" - npm install + artifacts: + expire_in: 1 days + paths: + - "**/node_modules" \ No newline at end of file From 1ee19fb508097919ddfaf96655fc770edcb67a37 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Thu, 19 May 2022 09:25:54 +0200 Subject: [PATCH 053/166] fix(Documentation-Templates): Switch from documentation to post-process stage. --- .gitlab-ci.yml | 2 +- templates/common/common-ci-variablen.gitlab-ci.yml | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index dfdf203..97d8534 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,6 +1,6 @@ stages: - verify - - documentation + - post-process - release include: diff --git a/templates/common/common-ci-variablen.gitlab-ci.yml b/templates/common/common-ci-variablen.gitlab-ci.yml index 1f4d1b0..a1fb8eb 100644 --- a/templates/common/common-ci-variablen.gitlab-ci.yml +++ b/templates/common/common-ci-variablen.gitlab-ci.yml @@ -2,7 +2,6 @@ stages: - dependencies - build - test - - documentation - post-process - send-mail - release From 352f1bf91064061552ec1e3c01105c4c5b0178aa Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Thu, 19 May 2022 11:21:31 +0200 Subject: [PATCH 054/166] feat(exx-Pipeline): remove needs from licence pipeline --- templates/license/license.gitlab-ci.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index edfa90d..bddd08a 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -7,9 +7,6 @@ script: - "cd $BACKEND_DIR" - licenseBom2Adoc --bom $BACKEND_DIR/$BOM_FILE --adoc $LICENSE_FILE - needs: - - job: "License-Bom" - artifacts: true artifacts: when: always expire_in: 2 weeks From 930166490b5ea94774133035719bc1d1c444f53c Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Thu, 19 May 2022 15:15:49 +0200 Subject: [PATCH 055/166] feat(exx-Pipeline): change license workflow --- .../licence/license-gradle.gitlab-ci.yml | 11 --------- pipelines/licence/license-maven.gitlab-ci.yml | 23 ------------------- .../java/gradle/gradle-license.gitlab-ci.yml | 4 ++-- .../java/maven/maven-license.gitlab-ci.yml | 10 ++++++++ templates/license/license.gitlab-ci.yml | 4 ++-- .../static-analysis/license.gitlab-ci.yml | 11 --------- 6 files changed, 14 insertions(+), 49 deletions(-) delete mode 100644 pipelines/licence/license-gradle.gitlab-ci.yml delete mode 100644 pipelines/licence/license-maven.gitlab-ci.yml create mode 100644 templates/java/maven/maven-license.gitlab-ci.yml delete mode 100644 templates/static-analysis/license.gitlab-ci.yml diff --git a/pipelines/licence/license-gradle.gitlab-ci.yml b/pipelines/licence/license-gradle.gitlab-ci.yml deleted file mode 100644 index 9322596..0000000 --- a/pipelines/licence/license-gradle.gitlab-ci.yml +++ /dev/null @@ -1,11 +0,0 @@ -include: - - '/templates/java/gradle/gradle-license.gitlab-ci.yml' - - '/templates/license/license.gitlab-ci.yml' - -License-Bom: - extends: .gradle-licence - -License-Adoc: - extends: .license-asciidoc - variables: - BOM_FILE: build/reports/bom.json diff --git a/pipelines/licence/license-maven.gitlab-ci.yml b/pipelines/licence/license-maven.gitlab-ci.yml deleted file mode 100644 index 93bd4b3..0000000 --- a/pipelines/licence/license-maven.gitlab-ci.yml +++ /dev/null @@ -1,23 +0,0 @@ -stages: - - bom - - asciidoc - -License-Bom: - image: maven:3-jdk-11 - stage: bom - script: - - mvn cyclonedx:makeBom - artifacts: - when: always - paths: - - target/bom.json - -license-asciidoc: - image: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-license-tools - stage: asciidoc - script: - - licenseBom2Adoc --bom target/bom.json --adoc target/licenses.adoc - artifacts: - when: always - paths: - - target/licenses.adoc diff --git a/templates/java/gradle/gradle-license.gitlab-ci.yml b/templates/java/gradle/gradle-license.gitlab-ci.yml index 3e339a1..c54f7f7 100644 --- a/templates/java/gradle/gradle-license.gitlab-ci.yml +++ b/templates/java/gradle/gradle-license.gitlab-ci.yml @@ -1,6 +1,6 @@ -.gradle-licence: +.gradle-licence-bom: image: $GRADLE_IMAGE - stage: post-process + stage: build script: - "cd $BACKEND_DIR" - "./gradlew --build-cache cyclonedxBom $GRADLE_CLI_OPTS" diff --git a/templates/java/maven/maven-license.gitlab-ci.yml b/templates/java/maven/maven-license.gitlab-ci.yml new file mode 100644 index 0000000..54b2fb4 --- /dev/null +++ b/templates/java/maven/maven-license.gitlab-ci.yml @@ -0,0 +1,10 @@ +.maven-licence-bom: + image: $MAVEN_IMAGE + stage: build + script: + - "cd $BACKEND_DIR" + - mvn cyclonedx:makeBom + artifacts: + when: always + paths: + - "$BACKEND_DIR/target/bom.json" diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index bddd08a..7abe257 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -6,9 +6,9 @@ LICENSE_FILE: licenses.adoc script: - "cd $BACKEND_DIR" - - licenseBom2Adoc --bom $BACKEND_DIR/$BOM_FILE --adoc $LICENSE_FILE + - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_FILE artifacts: when: always expire_in: 2 weeks paths: - - $LICENSE_ADOC_FILE \ No newline at end of file + - $LICENSE_FILE \ No newline at end of file diff --git a/templates/static-analysis/license.gitlab-ci.yml b/templates/static-analysis/license.gitlab-ci.yml deleted file mode 100644 index dc04fd8..0000000 --- a/templates/static-analysis/license.gitlab-ci.yml +++ /dev/null @@ -1,11 +0,0 @@ -.license-license: - stage: verify - rules: - - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH - - if: $CI_COMMIT_REF_NAME =~ "RELEASE" - - if: $CI_COMMIT_REF_NAME == "Templates2.0" - - when: never - needs: [] - trigger: - include: license.gitlab-ci.yml - strategy: depend \ No newline at end of file From 01e0f129b2813a9b47173e3f1fd22b64a2081843 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Thu, 19 May 2022 17:06:42 +0200 Subject: [PATCH 056/166] feat(exx-Pipeline): change typo --- templates/documentations/documentation.gitlab-ci.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/templates/documentations/documentation.gitlab-ci.yml b/templates/documentations/documentation.gitlab-ci.yml index 44884e2..fd6e055 100644 --- a/templates/documentations/documentation.gitlab-ci.yml +++ b/templates/documentations/documentation.gitlab-ci.yml @@ -12,7 +12,7 @@ - generate --type html - generate --type pdf -.documentation-ckeck-confluence-validity: +.documentation-check-confluence-validity: extends: .documentation-tool-common stage: verify needs: [] @@ -29,6 +29,7 @@ .documentation-publish: extends: .documentation-tool-common stage: post-process + needs: [] variables: OUTPUT_DIR: public script: From 9d2e7bc1e96e5db4f6986b4e3beb3083bf8f326e Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Thu, 19 May 2022 17:10:27 +0200 Subject: [PATCH 057/166] feat(exx-Pipeline): check confluence only on MR --- templates/documentations/documentation.gitlab-ci.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/templates/documentations/documentation.gitlab-ci.yml b/templates/documentations/documentation.gitlab-ci.yml index fd6e055..c6f69b3 100644 --- a/templates/documentations/documentation.gitlab-ci.yml +++ b/templates/documentations/documentation.gitlab-ci.yml @@ -22,7 +22,6 @@ paths: [ merge_requests/ ] rules: - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' - - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH script: - check-validity From 7cf5bce9b4610606bee3c9d5f96c5afe3a2e7b02 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Thu, 19 May 2022 17:21:34 +0200 Subject: [PATCH 058/166] feat(exx-Pipeline): change stages --- templates/documentations/documentation.gitlab-ci.yml | 3 +-- templates/license/license.gitlab-ci.yml | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/templates/documentations/documentation.gitlab-ci.yml b/templates/documentations/documentation.gitlab-ci.yml index c6f69b3..49f1749 100644 --- a/templates/documentations/documentation.gitlab-ci.yml +++ b/templates/documentations/documentation.gitlab-ci.yml @@ -27,8 +27,7 @@ .documentation-publish: extends: .documentation-tool-common - stage: post-process - needs: [] + stage: docs variables: OUTPUT_DIR: public script: diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index 7abe257..a663639 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -1,6 +1,6 @@ .license-asciidoc: image: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-license-tools - stage: post-process + stage: license variables: BOM_FILE: bom.json LICENSE_FILE: licenses.adoc From 49085385fbeb1379cf2154f10906324fe0da5f2b Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 24 May 2022 15:19:15 +0200 Subject: [PATCH 059/166] feat(exx-Pipeline): add check license --- templates/license/license.gitlab-ci.yml | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index a663639..e691ea5 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -1,11 +1,26 @@ .license-asciidoc: image: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-license-tools - stage: license + stage: verify variables: BOM_FILE: bom.json LICENSE_FILE: licenses.adoc + VALID_LICENSE_FILE: valid-licenses.txt + INVALID_LICENSE_FILE: invalid-licenses.adoc + NUMBER_OF_INVALID_LICENSES: 0 script: - "cd $BACKEND_DIR" + - > + if [ ! -f "$VALID_LICENSE_FILE" ]; then + checkLicenseBom --bom $BOM_FILE --targetBom $INVALID_LICENSE_FILE --license $VALID_LICENSE_FILE || NUMBER_OF_INVALID_LICENSES=$? + fi + - > + if [ "$NUMBER_OF_INVALID_LICENSES" -gt 0 ]; then + echo "Invalid licenses found. Number of invalid license ${DIFF_LICENSE}" + cat $INVALID_LICENSE_FILE + exit 1 + else + echo "All licenses valid" + fi - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_FILE artifacts: when: always From 5af4616204e769213cd609dae18c7107ca973527 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 23 May 2022 12:02:46 +0200 Subject: [PATCH 060/166] chore(IaC Docker-Compose): Update to new Version --- templates/IaC/docker-compose.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index cb73ec6..e1a355c 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -2,7 +2,7 @@ image: docker:20.10.16-alpine3.15 stage: deploy variables: - DOCKER_COMPOSE_VERSION: v2.5.0 + DOCKER_COMPOSE_VERSION: v2.5.1 SCP_DESTINATION: "" SCP_SOURCE: $CI_PROJECT_DIR COMPOSE_EXTRA_ARGS: "" From 8e52a0ad682a644c32f4b9db2073a3b1e67b8206 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 23 May 2022 13:50:41 +0200 Subject: [PATCH 061/166] chore(IaC Docker-Compose): Add COMPOSE_UP_EXTRA_ARGS --- templates/IaC/docker-compose.gitlab-ci.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index e1a355c..3b134c8 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -6,6 +6,7 @@ SCP_DESTINATION: "" SCP_SOURCE: $CI_PROJECT_DIR COMPOSE_EXTRA_ARGS: "" + COMPOSE_UP_EXTRA_ARGS: "" SSH_URL: "" SSH_USER: "" SSH_PORT: "22" @@ -32,7 +33,7 @@ - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi - docker-compose $COMPOSE_EXTRA_ARGS pull - - docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans + - docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans $COMPOSE_UP_EXTRA_ARGS .broken-ssh-connection-workaround: script: @@ -43,7 +44,7 @@ - ssh -M -S docker-ctrl-socket -fnNT -L /tmp/docker.sock:/var/run/docker.sock "$SSH_USER@$SSH_URL" -p $SSH_PORT -o ControlPersist=no - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi - docker-compose $COMPOSE_EXTRA_ARGS pull - - docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans + - docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans $COMPOSE_UP_EXTRA_ARGS #todo add docker compose renovate updater .docker-compose-validate: From 83d16bd083105fec212d402c902da3f8d116c383 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 23 May 2022 13:52:20 +0200 Subject: [PATCH 062/166] docs(IaC Docker-Compose): Add COMPOSE_UP_EXTRA_ARGS docs --- documentation/chapters/templates/IaC/docker-compose.adoc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/documentation/chapters/templates/IaC/docker-compose.adoc b/documentation/chapters/templates/IaC/docker-compose.adoc index 383a37b..a0c3c1d 100644 --- a/documentation/chapters/templates/IaC/docker-compose.adoc +++ b/documentation/chapters/templates/IaC/docker-compose.adoc @@ -85,6 +85,11 @@ Secrets should not be stored within your repository. Use the CI-CD Variables in | Additional arguments you want to send to Docker Compose. For example multiple `-f compose.file.extra` definitions. | - + +| COMPOSE_UP_EXTRA_ARGS +| Additional arguments you want to send to Docker Compose up. +For example multiple `--no-deps --no-build` definitions. +| - |=== .Docker Templates From 1e384cbc923b40f4a647c296a894e0302a7bd43d Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 24 May 2022 15:35:55 +0200 Subject: [PATCH 063/166] feat(exx-Pipeline): add check license 2 --- templates/license/license.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index e691ea5..3b799aa 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -10,7 +10,7 @@ script: - "cd $BACKEND_DIR" - > - if [ ! -f "$VALID_LICENSE_FILE" ]; then + if [ -f "$VALID_LICENSE_FILE" ]; then checkLicenseBom --bom $BOM_FILE --targetBom $INVALID_LICENSE_FILE --license $VALID_LICENSE_FILE || NUMBER_OF_INVALID_LICENSES=$? fi - > From c8f9e3a7f60b3fbcc84e6c80b037722e55b635bf Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 24 May 2022 15:44:19 +0200 Subject: [PATCH 064/166] docs(exx-Pipeline): try templates 2.0 docs --- .gitlab-ci.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 97d8534..cfa39b4 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -39,11 +39,14 @@ pages: INPUT_FILE: "document.adoc" IMAGES_DIR: images CREATE_SUB_PAGES: "false" - PAGE_PREFIX: "[CI/CD] - " + PAGE_PREFIX: "[CI/CD] - [2.0] - " CONFLUENCE_SPACE: RANDI TEXT_GENERATED_HINT: 'This is a generated page, do not edit! All changes must happen in the Repository .' - FILE_INPUT: "index.html,107524048,CI Templates" + FILE_INPUT: "index.html,107524048,CI Templates 2.0" + rules: + - if: $CI_COMMIT_REF_NAME == 'Templates2.0' + when: always a.major-release: From 3ab7a22fdcf320120aa3e550269dd7006b3421f2 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 24 May 2022 15:48:05 +0200 Subject: [PATCH 065/166] docs(exx-Pipeline): try templates 2.0 docs 2 --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index cfa39b4..5ab744c 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -20,7 +20,7 @@ Test-Java-Backend: strategy: depend check_confluence_validity: - extends: .documentation-ckeck-confluence-validity + extends: .documentation-check-confluence-validity variables: DOCUMENT_ROOT: "documentation" INPUT_FILE: "document.adoc" From 5fc47aea5205cb461c4388e2fa5377b165e60fe9 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 24 May 2022 15:51:11 +0200 Subject: [PATCH 066/166] docs(exx-Pipeline): try templates 2.0 docs 3 --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 5ab744c..5d45c40 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,6 +1,6 @@ stages: - verify - - post-process + - docs - release include: From 389e0f4b9a6cb93c1f063965fde3103a86eefe83 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 24 May 2022 18:01:59 +0200 Subject: [PATCH 067/166] docs(exx-Pipeline): try templates 2.0 docs 4 --- templates/license/license.gitlab-ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index 3b799aa..51a75ac 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -15,8 +15,7 @@ fi - > if [ "$NUMBER_OF_INVALID_LICENSES" -gt 0 ]; then - echo "Invalid licenses found. Number of invalid license ${DIFF_LICENSE}" - cat $INVALID_LICENSE_FILE + echo "Invalid licenses found. Number of invalid license ${$NUMBER_OF_INVALID_LICENSES}". See invalid-licenses file in artifacts. exit 1 else echo "All licenses valid" @@ -26,4 +25,5 @@ when: always expire_in: 2 weeks paths: - - $LICENSE_FILE \ No newline at end of file + - $LICENSE_FILE + - $INVALID_LICENSE_FILE \ No newline at end of file From 9acbb1ba460b55b53d56f0d11904e81d1a24a174 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Wed, 25 May 2022 08:38:53 +0200 Subject: [PATCH 068/166] docs(exx-Pipeline): try templates 2.0 docs 5 --- templates/license/license.gitlab-ci.yml | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index 51a75ac..f641ad3 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -3,27 +3,29 @@ stage: verify variables: BOM_FILE: bom.json - LICENSE_FILE: licenses.adoc - VALID_LICENSE_FILE: valid-licenses.txt - INVALID_LICENSE_FILE: invalid-licenses.adoc - NUMBER_OF_INVALID_LICENSES: 0 + ALLOWED_LICENCES: valid-licenses.txt + LICENSE_ADOC_FILE: licenses.adoc + INVALID_LICENSE_ADOC_FILE: invalid-licenses.adoc script: - "cd $BACKEND_DIR" + - export NUMBER_OF_INVALID_LICENSES=0 + - export INVALID_BOM_FILE=invalid-bom.json - > - if [ -f "$VALID_LICENSE_FILE" ]; then - checkLicenseBom --bom $BOM_FILE --targetBom $INVALID_LICENSE_FILE --license $VALID_LICENSE_FILE || NUMBER_OF_INVALID_LICENSES=$? + if [ -f "$ALLOWED_LICENCES" ]; then + checkLicenseBom --bom $BOM_FILE --targetBom $INVALID_BOM_FILE --license $ALLOWED_LICENCES || NUMBER_OF_INVALID_LICENSES=$? fi - > if [ "$NUMBER_OF_INVALID_LICENSES" -gt 0 ]; then - echo "Invalid licenses found. Number of invalid license ${$NUMBER_OF_INVALID_LICENSES}". See invalid-licenses file in artifacts. + echo "Invalid licenses found. Number of invalid license ${NUMBER_OF_INVALID_LICENSES}". See invalid-licenses file in artifacts. + licenseBom2Adoc --bom $INVALID_BOM_FILE --adoc $INVALID_LICENSE_ADOC_FILE exit 1 else echo "All licenses valid" fi - - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_FILE + - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_ADOC_FILE artifacts: when: always expire_in: 2 weeks paths: - - $LICENSE_FILE - - $INVALID_LICENSE_FILE \ No newline at end of file + - $LICENSE_ADOC_FILE + - $INVALID_LICENSE_ADOC_FILE \ No newline at end of file From 83aada8d2cb74eb92af4861701be3e18fe65baa8 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Wed, 25 May 2022 11:50:26 +0200 Subject: [PATCH 069/166] feat(Sonar 8): Add Sonar 8 Support and Documentation. --- .../{tool-sonar.adoc => sonar-7.adoc} | 5 +-- .../templates/static-analysis/sonar-8.adoc | 25 +++++++++++++ documentation/document.adoc | 2 +- pipelines/java-gradle.gitlab-ci.yml | 9 +++-- pipelines/java-maven.gitlab-ci.yml | 20 ++++++----- ...ar.gitlab-ci.yml => sonar-7.gitlab-ci.yml} | 0 .../static-analysis/sonar-8.gitlab-ci.yml | 35 +++++++++++++++++++ 7 files changed, 82 insertions(+), 14 deletions(-) rename documentation/chapters/templates/static-analysis/{tool-sonar.adoc => sonar-7.adoc} (85%) create mode 100644 documentation/chapters/templates/static-analysis/sonar-8.adoc rename templates/static-analysis/{sonar.gitlab-ci.yml => sonar-7.gitlab-ci.yml} (100%) create mode 100644 templates/static-analysis/sonar-8.gitlab-ci.yml diff --git a/documentation/chapters/templates/static-analysis/tool-sonar.adoc b/documentation/chapters/templates/static-analysis/sonar-7.adoc similarity index 85% rename from documentation/chapters/templates/static-analysis/tool-sonar.adoc rename to documentation/chapters/templates/static-analysis/sonar-7.adoc index 445b9b9..0f1b9df 100644 --- a/documentation/chapters/templates/static-analysis/tool-sonar.adoc +++ b/documentation/chapters/templates/static-analysis/sonar-7.adoc @@ -1,7 +1,8 @@ :sourcedir: ../../../../templates/ -= sonar-template += Sonar 7 The following templates provide integrations for Sonar +More Details can be found here: https://www.exxcellent.de/confluence/x/RIWCC[Confluence: Sonar Plugin Setup]. .Variables |=== @@ -22,5 +23,5 @@ Wenn der Build nicht gebrochen werden soll, kann es weggelassen werden. .sonar-template [source,yaml] ---- -include::{sourcedir}static-analysis/sonar.gitlab-ci.yml[] +include::{sourcedir}static-analysis/sonar-7.gitlab-ci.yml[] ---- diff --git a/documentation/chapters/templates/static-analysis/sonar-8.adoc b/documentation/chapters/templates/static-analysis/sonar-8.adoc new file mode 100644 index 0000000..a7e4a21 --- /dev/null +++ b/documentation/chapters/templates/static-analysis/sonar-8.adoc @@ -0,0 +1,25 @@ +:sourcedir: ../../../../templates/ += Sonar 8 + +The following templates provide integrations for Sonar +More Details can be found here: https://www.exxcellent.de/confluence/x/RIWCC[Confluence: Sonar Plugin Setup]. + +.Variables +|=== +|Name |Description | Default Value +|SONAR_HOST_URL | The Url for the Sonar server | https://sonar.exxcellent.de/sonar8 +|SONAR_TOKEN | The Sonar token to call protected sonar functions | "" +|SONAR_PROJECT_KEY | The Sonar-Projekt-Key of your Project. | "" +|SONAR_PROJECT_NAME | The Sonar-Projekt-Name. | "" (Es wird dann standardmäßig der Maven project.name verwendet) +|SONAR_EXCLUSIONS | Paths that will not be scanned by Sonar | **/target/**,**/src/test/** +|SONAR_QUALITYGATE_WAIT | Defines if the quality-gate should be considered while evaluation. +Has to be `true` if the quality-gate should fail your pipelines. Please consider setting `allow_failure` to `true` if your pipeline shouldn't fail but the quality gate should be still called. | true +|SONAR_QUALITYGATE_TIMEOUT | Define the timeout time when the quality-gate should be timing out. | 10000 + +|=== + +.sonar-template +[source,yaml] +---- +include::{sourcedir}static-analysis/sonar-8.gitlab-ci.yml[] +---- diff --git a/documentation/document.adoc b/documentation/document.adoc index 6d4391a..93af2d9 100644 --- a/documentation/document.adoc +++ b/documentation/document.adoc @@ -104,7 +104,7 @@ include::chapters/templates/java/gradle/gradle-db-diff-template.adoc[leveloffset With the following collection we provide Static code and Artefact analysis tools. include::chapters/templates/static-analysis/repo-cve-scan.adoc[leveloffset=2] -include::chapters/templates/static-analysis/tool-sonar.adoc[leveloffset=2] +include::chapters/templates/static-analysis/sonar-7.adoc[leveloffset=2] == Documentation diff --git a/pipelines/java-gradle.gitlab-ci.yml b/pipelines/java-gradle.gitlab-ci.yml index 37c1568..8c14bfa 100644 --- a/pipelines/java-gradle.gitlab-ci.yml +++ b/pipelines/java-gradle.gitlab-ci.yml @@ -2,7 +2,13 @@ include: - '/templates/java/gradle/gradle-build.gitlab-ci.yml' - '/templates/java/gradle/gradle-verify.gitlab-ci.yml' - '/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml' - - '/templates/static-analysis/sonar.gitlab-ci.yml' + - '/templates/static-analysis/sonar-8.gitlab-ci.yml' + + # todo docs + +# todo Variablen die gesetzt werden müssen +# variables: +# SONAR_PROJECT_KEY: "" Build-Java: extends: .gradle-build @@ -23,5 +29,4 @@ sonar: - job: "Build-Java" artifacts: true variables: - SONAR_PROJECT_KEY: $CI_PROJECT_NAME SONAR_PROJECT_NAME: $CI_PROJECT_NAME diff --git a/pipelines/java-maven.gitlab-ci.yml b/pipelines/java-maven.gitlab-ci.yml index 5f681ec..ca9a325 100644 --- a/pipelines/java-maven.gitlab-ci.yml +++ b/pipelines/java-maven.gitlab-ci.yml @@ -4,9 +4,11 @@ include: - '/templates/java/maven/maven-verify.gitlab-ci.yml' - '/templates/java/maven/maven-database-diff.gitlab-ci.yml' - '/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml' - - '/templates/static-analysis/sonar.gitlab-ci.yml' + - '/templates/static-analysis/sonar-8.gitlab-ci.yml' -# todo doc welche Variablen gesetzt werden müssen.before_script: +# todo docs + +# todo Variablen die gesetzt werden müssen # variables: # SONAR_PROJECT_KEY: "" @@ -25,12 +27,13 @@ Test-Java: - job: "Build-Java" artifacts: true -Database-Diff: - extends: - - .maven-database-diff - needs: - - job: "Build-Java" - artifacts: true +#todo put this into backend template +#Database-Diff: +# extends: +# - .maven-database-diff +# needs: +# - job: "Build-Java" +# artifacts: true Repo-CVE-Scan: allow_failure: true @@ -42,5 +45,4 @@ Sonar: - job: "Build-Java" artifacts: true variables: - SONAR_PROJECT_KEY: $CI_PROJECT_NAME SONAR_PROJECT_NAME: $CI_PROJECT_NAME diff --git a/templates/static-analysis/sonar.gitlab-ci.yml b/templates/static-analysis/sonar-7.gitlab-ci.yml similarity index 100% rename from templates/static-analysis/sonar.gitlab-ci.yml rename to templates/static-analysis/sonar-7.gitlab-ci.yml diff --git a/templates/static-analysis/sonar-8.gitlab-ci.yml b/templates/static-analysis/sonar-8.gitlab-ci.yml new file mode 100644 index 0000000..44e9047 --- /dev/null +++ b/templates/static-analysis/sonar-8.gitlab-ci.yml @@ -0,0 +1,35 @@ +.sonar-template-common: + stage: test + variables: + SONAR_HOST_URL: https://sonar.exxcellent.de/sonar8 + SONAR_PROJECT_KEY: "" + SONAR_PROJECT_NAME: "" + SONAR_EXCLUSIONS: "**/target/**,**/src/test/**" + SONAR_QUALITYGATE_WAIT: "true" + SONAR_QUALITYGATE_TIMEOUT: "10000" + +.sonar-template: + extends: .sonar-template-common + image: $MAVEN_IMAGE + script: + - mvn $MAVEN_CLI_OPTS test sonar:sonar + "-Dsonar.host.url=$SONAR_HOST_URL" + "-Dsonar.login=$SONAR_TOKEN" + "-Dsonar.projectKey=$SONAR_PROJECT_KEY" + "-Dsonar.projectName=$SONAR_PROJECT_NAME" + "-Dsonar.exclusions=$SONAR_EXCLUSIONS" + "-Dsonar.qualitygate.wait=$SONAR_QUALITYGATE_WAIT" + "-Dsonar.qualitygate.timeout=$SONAR_QUALITYGATE_TIMEOUT" + +.sonar-template-gradle: + extends: .sonar-template-common + image: $GRADLE_IMAGE + script: + - ./gradlew $GRADLE_OPTS $GRADLE_CLI_OPTS sonarqube + "-Dsonar.host.url=$SONAR_HOST_URL" + "-Dsonar.login=$SONAR_TOKEN" + "-Dsonar.projectKey=$SONAR_PROJECT_KEY" + "-Dsonar.projectName=$SONAR_PROJECT_NAME" + "-Dsonar.exclusions=$SONAR_EXCLUSIONS" + "-Dsonar.qualitygate.wait=$SONAR_QUALITYGATE_WAIT" + "-Dsonar.qualitygate.timeout=$SONAR_QUALITYGATE_TIMEOUT" From 6f6ac98d6f472c3c1229f4aaf647cbe4f4a88fe9 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Wed, 25 May 2022 11:50:26 +0200 Subject: [PATCH 070/166] chore(Sonar 8): Fix names of sonar template jobs. --- templates/static-analysis/sonar-8.gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/static-analysis/sonar-8.gitlab-ci.yml b/templates/static-analysis/sonar-8.gitlab-ci.yml index 44e9047..37f5210 100644 --- a/templates/static-analysis/sonar-8.gitlab-ci.yml +++ b/templates/static-analysis/sonar-8.gitlab-ci.yml @@ -8,7 +8,7 @@ SONAR_QUALITYGATE_WAIT: "true" SONAR_QUALITYGATE_TIMEOUT: "10000" -.sonar-template: +.sonar-maven: extends: .sonar-template-common image: $MAVEN_IMAGE script: @@ -21,7 +21,7 @@ "-Dsonar.qualitygate.wait=$SONAR_QUALITYGATE_WAIT" "-Dsonar.qualitygate.timeout=$SONAR_QUALITYGATE_TIMEOUT" -.sonar-template-gradle: +.sonar-gradle: extends: .sonar-template-common image: $GRADLE_IMAGE script: From c58d3bed4d91aff110fa11f38feff16d06e00886 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Wed, 25 May 2022 12:44:13 +0200 Subject: [PATCH 071/166] chore(Sonar 8): Fix stage stage of Sonar 8 --- templates/static-analysis/sonar-8.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/static-analysis/sonar-8.gitlab-ci.yml b/templates/static-analysis/sonar-8.gitlab-ci.yml index 37f5210..c163c16 100644 --- a/templates/static-analysis/sonar-8.gitlab-ci.yml +++ b/templates/static-analysis/sonar-8.gitlab-ci.yml @@ -1,5 +1,5 @@ .sonar-template-common: - stage: test + stage: verify variables: SONAR_HOST_URL: https://sonar.exxcellent.de/sonar8 SONAR_PROJECT_KEY: "" From e788ed7ce0e05c29caa2900a4b9a95ec3ed8ccba Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Wed, 25 May 2022 14:49:40 +0200 Subject: [PATCH 072/166] feat(Java-Build): Additional Build Options in Maven and Gradle --- .../templates/java/gradle/gradle-build-template.adoc | 1 + .../templates/java/maven/maven-build-template.adoc | 1 + pipelines/java-maven.gitlab-ci.yml | 8 -------- templates/java/gradle/gradle-build.gitlab-ci.yml | 2 +- templates/java/maven/maven-build.gitlab-ci.yml | 2 +- 5 files changed, 4 insertions(+), 10 deletions(-) diff --git a/documentation/chapters/templates/java/gradle/gradle-build-template.adoc b/documentation/chapters/templates/java/gradle/gradle-build-template.adoc index bb4073f..e5bf00c 100644 --- a/documentation/chapters/templates/java/gradle/gradle-build-template.adoc +++ b/documentation/chapters/templates/java/gradle/gradle-build-template.adoc @@ -10,6 +10,7 @@ The resulting build files will be published as artefacts. |=== |Name |Description | Default Value |GRADLE_CLI_OPTS | Additional Options that will be passed to Gradle | "" +|GRADLE_CLI_BUILD_OPTS | Additional Options that will be passed to Gradle while Building | "" |=== .gradle-build-template diff --git a/documentation/chapters/templates/java/maven/maven-build-template.adoc b/documentation/chapters/templates/java/maven/maven-build-template.adoc index 7e2c299..c23f011 100644 --- a/documentation/chapters/templates/java/maven/maven-build-template.adoc +++ b/documentation/chapters/templates/java/maven/maven-build-template.adoc @@ -7,6 +7,7 @@ These Templates will build a .jar file with Maven and provides it as an Artifact .Variables |=== |Name |Description | Default Value +|MAVEN_CLI_BUILD_OPTS | Additional Options that will be passed to Maven while Building | "" |=== .mvn-build-template diff --git a/pipelines/java-maven.gitlab-ci.yml b/pipelines/java-maven.gitlab-ci.yml index ca9a325..9a7c00e 100644 --- a/pipelines/java-maven.gitlab-ci.yml +++ b/pipelines/java-maven.gitlab-ci.yml @@ -27,14 +27,6 @@ Test-Java: - job: "Build-Java" artifacts: true -#todo put this into backend template -#Database-Diff: -# extends: -# - .maven-database-diff -# needs: -# - job: "Build-Java" -# artifacts: true - Repo-CVE-Scan: allow_failure: true extends: .repo-cve-scan-trivy diff --git a/templates/java/gradle/gradle-build.gitlab-ci.yml b/templates/java/gradle/gradle-build.gitlab-ci.yml index d9fab40..f123165 100644 --- a/templates/java/gradle/gradle-build.gitlab-ci.yml +++ b/templates/java/gradle/gradle-build.gitlab-ci.yml @@ -9,7 +9,7 @@ $(sed -i /^version/s/$GRADLE_VERSION/\'$CI_COMMIT_TAG\'/ $PATH_TO_VERSION_FILE) fi script: - - "./gradlew --build-cache assemble $GRADLE_CLI_OPTS" + - "./gradlew --build-cache assemble $GRADLE_CLI_BUILD_OPTS $GRADLE_CLI_OPTS" artifacts: expire_in: 2 weeks when: on_success diff --git a/templates/java/maven/maven-build.gitlab-ci.yml b/templates/java/maven/maven-build.gitlab-ci.yml index d86ab0e..0ffff2e 100644 --- a/templates/java/maven/maven-build.gitlab-ci.yml +++ b/templates/java/maven/maven-build.gitlab-ci.yml @@ -9,7 +9,7 @@ fi script: - "cd $BACKEND_DIR" - - mvn $MAVEN_CLI_OPTS package -DskipTests + - mvn $MAVEN_CLI_OPTS package $MAVEN_CLI_BUILD_OPTS -DskipTests artifacts: expire_in: 2 weeks when: always From a1810e799ac0710a13a0a268454f607446ca1015 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Wed, 25 May 2022 15:29:32 +0200 Subject: [PATCH 073/166] feat(Maven-Build): Artifact entire target path --- templates/java/maven/maven-build.gitlab-ci.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/templates/java/maven/maven-build.gitlab-ci.yml b/templates/java/maven/maven-build.gitlab-ci.yml index 0ffff2e..09cc16a 100644 --- a/templates/java/maven/maven-build.gitlab-ci.yml +++ b/templates/java/maven/maven-build.gitlab-ci.yml @@ -14,5 +14,4 @@ expire_in: 2 weeks when: always paths: - - "**/target/*.jar" - - "**/target/classes" + - "**/target/" From 34a168940a3db9c6c21f178e612664a59764c22d Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 30 May 2022 09:37:26 +0200 Subject: [PATCH 074/166] docs(Docker Compose): Add missing Compose Version --- templates/IaC/docker-compose.gitlab-ci.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index 3b134c8..f6595c4 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -32,7 +32,7 @@ - export DOCKER_HOST=ssh://$SSH_USER@$SSH_URL:$SSH_PORT - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION" ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi - - docker-compose $COMPOSE_EXTRA_ARGS pull + - docker-compose $COMPOSE_EXTRA_ARGS pull - docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans $COMPOSE_UP_EXTRA_ARGS .broken-ssh-connection-workaround: @@ -43,13 +43,15 @@ - rm -f /tmp/docker.sock - ssh -M -S docker-ctrl-socket -fnNT -L /tmp/docker.sock:/var/run/docker.sock "$SSH_USER@$SSH_URL" -p $SSH_PORT -o ControlPersist=no - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi - - docker-compose $COMPOSE_EXTRA_ARGS pull + - docker-compose $COMPOSE_EXTRA_ARGS pull - docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans $COMPOSE_UP_EXTRA_ARGS #todo add docker compose renovate updater .docker-compose-validate: image: docker:20.10.16-alpine3.15 stage: verify + variables: + DOCKER_COMPOSE_VERSION: v2.5.1 before_script: #Install docker Compose, from release directly - wget https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose From 1900dbe72e0a380f06460a4a1cc2c34b29f04e04 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 31 May 2022 08:48:01 +0200 Subject: [PATCH 075/166] docs(exx-Pipeline): fix typo in variable --- templates/license/license.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index f641ad3..575871b 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -3,7 +3,7 @@ stage: verify variables: BOM_FILE: bom.json - ALLOWED_LICENCES: valid-licenses.txt + ALLOWED_LICENSES: valid-licenses.txt LICENSE_ADOC_FILE: licenses.adoc INVALID_LICENSE_ADOC_FILE: invalid-licenses.adoc script: From 1bdaebdabdcca3f210f1cacf64691fac7772b830 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 31 May 2022 09:54:00 +0200 Subject: [PATCH 076/166] docs(exx-Pipeline): fix typo in variable 2 --- templates/license/license.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index 575871b..6b2cfa7 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -12,7 +12,7 @@ - export INVALID_BOM_FILE=invalid-bom.json - > if [ -f "$ALLOWED_LICENCES" ]; then - checkLicenseBom --bom $BOM_FILE --targetBom $INVALID_BOM_FILE --license $ALLOWED_LICENCES || NUMBER_OF_INVALID_LICENSES=$? + checkLicenseBom --bom $BOM_FILE --targetBom $INVALID_BOM_FILE --license $ALLOWED_LICENSES || NUMBER_OF_INVALID_LICENSES=$? fi - > if [ "$NUMBER_OF_INVALID_LICENSES" -gt 0 ]; then From fb94dab51e2be67ba2d66e29c59590068ea76b35 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 31 May 2022 14:29:51 +0200 Subject: [PATCH 077/166] docs(exx-Pipeline): fix typo in variable 3 --- templates/license/license.gitlab-ci.yml | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index 6b2cfa7..74477bd 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -13,15 +13,16 @@ - > if [ -f "$ALLOWED_LICENCES" ]; then checkLicenseBom --bom $BOM_FILE --targetBom $INVALID_BOM_FILE --license $ALLOWED_LICENSES || NUMBER_OF_INVALID_LICENSES=$? + echo "Number of invalid license ${NUMBER_OF_INVALID_LICENSES}" + checkLicenseBom --bom $BOM_FILE --targetBom $INVALID_BOM_FILE --license $ALLOWED_LICENSES fi - - > - if [ "$NUMBER_OF_INVALID_LICENSES" -gt 0 ]; then - echo "Invalid licenses found. Number of invalid license ${NUMBER_OF_INVALID_LICENSES}". See invalid-licenses file in artifacts. - licenseBom2Adoc --bom $INVALID_BOM_FILE --adoc $INVALID_LICENSE_ADOC_FILE - exit 1 - else - echo "All licenses valid" - fi +# - > +# if [ "$NUMBER_OF_INVALID_LICENSES" -gt 0 ]; then +# licenseBom2Adoc --bom $INVALID_BOM_FILE --adoc $INVALID_LICENSE_ADOC_FILE +# exit 1 +# else +# echo "All licenses valid" +# fi - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_ADOC_FILE artifacts: when: always From 5775848b0f697745c960add04ec8ee8ef8e98e8b Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 31 May 2022 15:20:07 +0200 Subject: [PATCH 078/166] docs(exx-Pipeline): fix typo in variable 4 --- templates/license/license.gitlab-ci.yml | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index 74477bd..1b2f665 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -11,18 +11,17 @@ - export NUMBER_OF_INVALID_LICENSES=0 - export INVALID_BOM_FILE=invalid-bom.json - > - if [ -f "$ALLOWED_LICENCES" ]; then + if [ -f "$ALLOWED_LICENSES" ]; then checkLicenseBom --bom $BOM_FILE --targetBom $INVALID_BOM_FILE --license $ALLOWED_LICENSES || NUMBER_OF_INVALID_LICENSES=$? - echo "Number of invalid license ${NUMBER_OF_INVALID_LICENSES}" - checkLicenseBom --bom $BOM_FILE --targetBom $INVALID_BOM_FILE --license $ALLOWED_LICENSES fi -# - > -# if [ "$NUMBER_OF_INVALID_LICENSES" -gt 0 ]; then -# licenseBom2Adoc --bom $INVALID_BOM_FILE --adoc $INVALID_LICENSE_ADOC_FILE -# exit 1 -# else -# echo "All licenses valid" -# fi + - > + if [ "$NUMBER_OF_INVALID_LICENSES" -gt 0 ]; then + echo "Invalid licenses found. Number of invalid license ${NUMBER_OF_INVALID_LICENSES}". See invalid-licenses file in artifacts. + licenseBom2Adoc --bom $INVALID_BOM_FILE --adoc $INVALID_LICENSE_ADOC_FILE + exit 1 + else + echo "All licenses valid" + fi - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_ADOC_FILE artifacts: when: always From 2c3c83188b9a50901983773d9aa46532a63ebcab Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Wed, 1 Jun 2022 13:47:14 +0200 Subject: [PATCH 079/166] docs(exx-Pipeline): fix typo in variable 5 --- templates/license/license.gitlab-ci.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index 1b2f665..0886840 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -10,6 +10,9 @@ - "cd $BACKEND_DIR" - export NUMBER_OF_INVALID_LICENSES=0 - export INVALID_BOM_FILE=invalid-bom.json + # Convert all licenses to adoc + - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_ADOC_FILE + # Check invalid licenses and convert to adoc - > if [ -f "$ALLOWED_LICENSES" ]; then checkLicenseBom --bom $BOM_FILE --targetBom $INVALID_BOM_FILE --license $ALLOWED_LICENSES || NUMBER_OF_INVALID_LICENSES=$? @@ -22,7 +25,6 @@ else echo "All licenses valid" fi - - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_ADOC_FILE artifacts: when: always expire_in: 2 weeks From cef26e2938604e33fdc1fa3bd502a92928e323df Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 3 Jun 2022 17:26:16 +0200 Subject: [PATCH 080/166] fix(Jib): Built to image.tar --- templates/container/container-build.gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/container/container-build.gitlab-ci.yml b/templates/container/container-build.gitlab-ci.yml index c5c5af0..c90c403 100644 --- a/templates/container/container-build.gitlab-ci.yml +++ b/templates/container/container-build.gitlab-ci.yml @@ -12,7 +12,7 @@ image: $MAVEN_IMAGE script: - "cd $CONTEXT_LOCATION" - - mvn $MAVEN_CLI_OPTS jib:buildTar -DskipTests $EXTRA_ARGS + - mvn $MAVEN_CLI_OPTS jib:buildTar -DskipTests -Djib.outputPaths.tar=image.tar $EXTRA_ARGS .container-build-jib-gradle: extends: .container-build-common @@ -21,7 +21,7 @@ EXTRA_ARGS: $GRADLE_EXTRA_ARGS script: - "cd $CONTEXT_LOCATION" - - ./gradlew $GRADLE_CLI_OPTS jibBuildTar -DskipTests $EXTRA_ARGS + - ./gradlew $GRADLE_CLI_OPTS jibBuildTar -DskipTests -Djib.outputPaths.tar=image.tar $EXTRA_ARGS .container-build-kaniko: extends: .container-build-common From 5786b7b929d4e5b81184a5ad6670a03587fceecf Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 3 Jun 2022 17:57:13 +0200 Subject: [PATCH 081/166] fix(Jib): Built to image.tar --- templates/container/container-build.gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/container/container-build.gitlab-ci.yml b/templates/container/container-build.gitlab-ci.yml index c90c403..d23a323 100644 --- a/templates/container/container-build.gitlab-ci.yml +++ b/templates/container/container-build.gitlab-ci.yml @@ -12,7 +12,7 @@ image: $MAVEN_IMAGE script: - "cd $CONTEXT_LOCATION" - - mvn $MAVEN_CLI_OPTS jib:buildTar -DskipTests -Djib.outputPaths.tar=image.tar $EXTRA_ARGS + - mvn $MAVEN_CLI_OPTS jib:buildTar -DskipTests -Djib.outputPaths.tar=$CI_PROJECT_DIR/image.tar $EXTRA_ARGS .container-build-jib-gradle: extends: .container-build-common @@ -21,7 +21,7 @@ EXTRA_ARGS: $GRADLE_EXTRA_ARGS script: - "cd $CONTEXT_LOCATION" - - ./gradlew $GRADLE_CLI_OPTS jibBuildTar -DskipTests -Djib.outputPaths.tar=image.tar $EXTRA_ARGS + - ./gradlew $GRADLE_CLI_OPTS jibBuildTar -DskipTests -Djib.outputPaths.tar=$CI_PROJECT_DIR/image.tar $EXTRA_ARGS .container-build-kaniko: extends: .container-build-common From 3bc2d6aeb2e257cf15c707dec0f061bdb3988af5 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 7 Jun 2022 17:30:02 +0200 Subject: [PATCH 082/166] docs(exx-Pipeline): fix typo in variable 6 --- templates/static-analysis/sonar-8.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/static-analysis/sonar-8.gitlab-ci.yml b/templates/static-analysis/sonar-8.gitlab-ci.yml index c163c16..4831870 100644 --- a/templates/static-analysis/sonar-8.gitlab-ci.yml +++ b/templates/static-analysis/sonar-8.gitlab-ci.yml @@ -25,7 +25,7 @@ extends: .sonar-template-common image: $GRADLE_IMAGE script: - - ./gradlew $GRADLE_OPTS $GRADLE_CLI_OPTS sonarqube + - ./gradlew $GRADLE_OPTS sonarqube $GRADLE_CLI_OPTS "-Dsonar.host.url=$SONAR_HOST_URL" "-Dsonar.login=$SONAR_TOKEN" "-Dsonar.projectKey=$SONAR_PROJECT_KEY" From 7d3acda868b6e213b60ae478f4ea1d56fe516fe6 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Thu, 9 Jun 2022 01:30:46 +0200 Subject: [PATCH 083/166] docs(exx-Pipeline): fix typo in variable 7 --- templates/license/license.gitlab-ci.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index 0886840..3f6d636 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -6,19 +6,18 @@ ALLOWED_LICENSES: valid-licenses.txt LICENSE_ADOC_FILE: licenses.adoc INVALID_LICENSE_ADOC_FILE: invalid-licenses.adoc + NUMBER_OF_ALLOWED_FAILURES: 0 script: - "cd $BACKEND_DIR" - export NUMBER_OF_INVALID_LICENSES=0 - export INVALID_BOM_FILE=invalid-bom.json - # Convert all licenses to adoc - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_ADOC_FILE - # Check invalid licenses and convert to adoc - > if [ -f "$ALLOWED_LICENSES" ]; then checkLicenseBom --bom $BOM_FILE --targetBom $INVALID_BOM_FILE --license $ALLOWED_LICENSES || NUMBER_OF_INVALID_LICENSES=$? fi - > - if [ "$NUMBER_OF_INVALID_LICENSES" -gt 0 ]; then + if [ "$NUMBER_OF_INVALID_LICENSES" -gt "$NUMBER_OF_ALLOWED_FAILURES" ]; then echo "Invalid licenses found. Number of invalid license ${NUMBER_OF_INVALID_LICENSES}". See invalid-licenses file in artifacts. licenseBom2Adoc --bom $INVALID_BOM_FILE --adoc $INVALID_LICENSE_ADOC_FILE exit 1 From adfbf9e353743f492172d070dcf1f335cca487ef Mon Sep 17 00:00:00 2001 From: Karina Schaeffler Date: Thu, 9 Jun 2022 06:45:33 +0000 Subject: [PATCH 084/166] doc(kaniko): remove unused variable --- .../chapters/templates/container/container-publish.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/documentation/chapters/templates/container/container-publish.adoc b/documentation/chapters/templates/container/container-publish.adoc index 93db1cf..f899f0b 100644 --- a/documentation/chapters/templates/container/container-publish.adoc +++ b/documentation/chapters/templates/container/container-publish.adoc @@ -8,9 +8,9 @@ Needs a build container on the path `image.tar`. Use one of the Container build .Variables |=== |Name |Description | Default Value -| CONTAINER_REGISTRY | Url to the remote Registry | $CI_REGISTRY_IMAGE +| CONTAINER_REGISTRY_IMAGE | The address of the project’s Container Registry. | $CI_REGISTRY_IMAGE | CONTAINER_REGISTRY_USER | the user that should be used | $CI_REGISTRY_USER -| CONTAINER_REGISTRY_PASSWORD | the passwort for the remote registry | $CI_REGISTRY_PASSWORD +| CONTAINER_REGISTRY_PASSWORD | the password for the remote registry | $CI_REGISTRY_PASSWORD | EXTRA_PATH | Extra path that should be between the registry path and the image tag | "" | IMAGE_TAG | the Tag the image should be found on | Depends on the current path. Look at the rules of the Job. |=== From 7bdeb9ba233482fdb5671ae1f84f77a55ee9bd85 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 10 Jun 2022 09:46:47 +0200 Subject: [PATCH 085/166] fix(Container publishing): Revert back to Container Registry not Registry image --- .../chapters/templates/container/container-publish.adoc | 4 ++-- templates/container/container-publish.gitlab-ci.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/documentation/chapters/templates/container/container-publish.adoc b/documentation/chapters/templates/container/container-publish.adoc index f899f0b..60e0202 100644 --- a/documentation/chapters/templates/container/container-publish.adoc +++ b/documentation/chapters/templates/container/container-publish.adoc @@ -8,10 +8,10 @@ Needs a build container on the path `image.tar`. Use one of the Container build .Variables |=== |Name |Description | Default Value -| CONTAINER_REGISTRY_IMAGE | The address of the project’s Container Registry. | $CI_REGISTRY_IMAGE +| CONTAINER_REGISTRY | The address of the project’s Container Registry. | $CI_REGISTRY | CONTAINER_REGISTRY_USER | the user that should be used | $CI_REGISTRY_USER | CONTAINER_REGISTRY_PASSWORD | the password for the remote registry | $CI_REGISTRY_PASSWORD -| EXTRA_PATH | Extra path that should be between the registry path and the image tag | "" +| EXTRA_PATH | Extra path that should be between the registry path and the image tag. Has to start with a "/" | "" | IMAGE_TAG | the Tag the image should be found on | Depends on the current path. Look at the rules of the Job. |=== diff --git a/templates/container/container-publish.gitlab-ci.yml b/templates/container/container-publish.gitlab-ci.yml index 270bca7..c1f3ee0 100644 --- a/templates/container/container-publish.gitlab-ci.yml +++ b/templates/container/container-publish.gitlab-ci.yml @@ -4,7 +4,7 @@ name: quay.io/containers/skopeo:v1.5.2 entrypoint: [ "" ] variables: - CONTAINER_REGISTRY: $CI_REGISTRY_IMAGE + CONTAINER_REGISTRY: $CI_REGISTRY CONTAINER_REGISTRY_USER: $CI_REGISTRY_USER CONTAINER_REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD EXTRA_PATH: "" @@ -23,4 +23,4 @@ - when: never script: - skopeo login --username $CONTAINER_REGISTRY_USER --password $CONTAINER_REGISTRY_PASSWORD $CONTAINER_REGISTRY --tls-verify=false - - skopeo copy "docker-archive:image.tar" "docker://${CONTAINER_REGISTRY}${EXTRA_PATH}:${IMAGE_TAG}" $EXTRA_ARGS --dest-tls-verify=false + - skopeo copy "docker-archive:image.tar" "docker://${CONTAINER_REGISTRY}${EXTRA_PATH}:${IMAGE_TAG}" $EXTRA_ARGS --dest-tls-verify=false \ No newline at end of file From f4207b5c2600cea8cbb3c9e92b98a2c7ab35aaf0 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 13 Jun 2022 15:59:16 +0000 Subject: [PATCH 086/166] fix(Sonar 8): Remove Variables so they are not propigated. --- templates/static-analysis/sonar-8.gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/static-analysis/sonar-8.gitlab-ci.yml b/templates/static-analysis/sonar-8.gitlab-ci.yml index 4831870..335dfac 100644 --- a/templates/static-analysis/sonar-8.gitlab-ci.yml +++ b/templates/static-analysis/sonar-8.gitlab-ci.yml @@ -2,8 +2,8 @@ stage: verify variables: SONAR_HOST_URL: https://sonar.exxcellent.de/sonar8 - SONAR_PROJECT_KEY: "" - SONAR_PROJECT_NAME: "" + #SONAR_PROJECT_KEY: "" + #SONAR_PROJECT_NAME: "" SONAR_EXCLUSIONS: "**/target/**,**/src/test/**" SONAR_QUALITYGATE_WAIT: "true" SONAR_QUALITYGATE_TIMEOUT: "10000" From 5a0bd3d37c9e66cb6812e92acf57187c04504521 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 13 Jun 2022 16:05:52 +0000 Subject: [PATCH 087/166] Update sonar-8.gitlab-ci.yml --- templates/static-analysis/sonar-8.gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/static-analysis/sonar-8.gitlab-ci.yml b/templates/static-analysis/sonar-8.gitlab-ci.yml index 335dfac..4831870 100644 --- a/templates/static-analysis/sonar-8.gitlab-ci.yml +++ b/templates/static-analysis/sonar-8.gitlab-ci.yml @@ -2,8 +2,8 @@ stage: verify variables: SONAR_HOST_URL: https://sonar.exxcellent.de/sonar8 - #SONAR_PROJECT_KEY: "" - #SONAR_PROJECT_NAME: "" + SONAR_PROJECT_KEY: "" + SONAR_PROJECT_NAME: "" SONAR_EXCLUSIONS: "**/target/**,**/src/test/**" SONAR_QUALITYGATE_WAIT: "true" SONAR_QUALITYGATE_TIMEOUT: "10000" From f35ef58a393c7608890f195799d5151109eab159 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 13 Jun 2022 16:18:16 +0000 Subject: [PATCH 088/166] chore(Java Maven Pipelines) Remove sonar since Project Key is not propagating from parrent --- pipelines/java-maven.gitlab-ci.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/pipelines/java-maven.gitlab-ci.yml b/pipelines/java-maven.gitlab-ci.yml index 9a7c00e..07909e5 100644 --- a/pipelines/java-maven.gitlab-ci.yml +++ b/pipelines/java-maven.gitlab-ci.yml @@ -31,10 +31,10 @@ Repo-CVE-Scan: allow_failure: true extends: .repo-cve-scan-trivy -Sonar: - extends: .sonar-maven - needs: - - job: "Build-Java" - artifacts: true - variables: - SONAR_PROJECT_NAME: $CI_PROJECT_NAME +#Sonar: +# extends: .sonar-maven +# needs: +# - job: "Build-Java" +# artifacts: true +# variables: +# SONAR_PROJECT_NAME: $CI_PROJECT_NAME From 67f2d5bfc8dcecbff370526c131f65ae023d735f Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 09:57:00 +0200 Subject: [PATCH 089/166] fix(Container publishing): Update Skopeo image --- templates/container/container-publish.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/container/container-publish.gitlab-ci.yml b/templates/container/container-publish.gitlab-ci.yml index c1f3ee0..66ed0da 100644 --- a/templates/container/container-publish.gitlab-ci.yml +++ b/templates/container/container-publish.gitlab-ci.yml @@ -1,7 +1,7 @@ .container-publish: stage: release image: - name: quay.io/containers/skopeo:v1.5.2 + name: quay.io/containers/skopeo:v1.8.0 entrypoint: [ "" ] variables: CONTAINER_REGISTRY: $CI_REGISTRY From 3208d6c1810d8eb27cfb7bac4296c27b6730b9ca Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 12:20:33 +0200 Subject: [PATCH 090/166] fix(Container publishing): Update Skopeo image --- templates/container/container-publish.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/container/container-publish.gitlab-ci.yml b/templates/container/container-publish.gitlab-ci.yml index 66ed0da..6c11326 100644 --- a/templates/container/container-publish.gitlab-ci.yml +++ b/templates/container/container-publish.gitlab-ci.yml @@ -1,7 +1,7 @@ .container-publish: stage: release image: - name: quay.io/containers/skopeo:v1.8.0 + name: quay.io/containers/skopeo:v1.7.0 entrypoint: [ "" ] variables: CONTAINER_REGISTRY: $CI_REGISTRY From d4b2c3b735ec54dc88405da550be9ec78b1f4a64 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 12:39:09 +0200 Subject: [PATCH 091/166] fix(Container publishing): Update Skopeo image --- templates/container/container-publish.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/container/container-publish.gitlab-ci.yml b/templates/container/container-publish.gitlab-ci.yml index 6c11326..f4a7ed1 100644 --- a/templates/container/container-publish.gitlab-ci.yml +++ b/templates/container/container-publish.gitlab-ci.yml @@ -4,7 +4,7 @@ name: quay.io/containers/skopeo:v1.7.0 entrypoint: [ "" ] variables: - CONTAINER_REGISTRY: $CI_REGISTRY + CONTAINER_REGISTRY: $CI_REGISTRY_IMAGE CONTAINER_REGISTRY_USER: $CI_REGISTRY_USER CONTAINER_REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD EXTRA_PATH: "" From a96c62fb3d36d88c2445a06c021dd8a8e6fc7969 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:09:17 +0200 Subject: [PATCH 092/166] feat(Docker Compose): Test Docker Compose --- .gitlab-ci.yml | 22 ++++++++++++++++++++++ templates/IaC/docker-compose.gitlab-ci.yml | 4 ++-- test/docker-compose.yml | 8 ++++++++ 3 files changed, 32 insertions(+), 2 deletions(-) create mode 100644 test/docker-compose.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 5d45c40..0080611 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -6,6 +6,7 @@ stages: include: - local: 'templates/releasing/release.gitlab-ci.yml' - local: 'templates/releasing/release-gitlab.gitlab-ci.yml' + - local: 'templates/IaC/docker-compose.gitlab-ci.yml' - local: 'templates/documentations/documentation.gitlab-ci.yml' Test-Java-Backend: @@ -19,6 +20,27 @@ Test-Java-Backend: branch: "Templates2.0" strategy: depend +Test-Docker-compose: + stage: verify + rules: + - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH + when: always + - when: manual + extends: .docker-compose-deploy + variables: + SCP_DESTINATION: "/tmp" + SCP_SOURCE: "$CI_PROJECT_DIR/test/docker-compose.yml" + COMPOSE_EXTRA_ARGS: "-f test/docker-compose.yml" + SSH_URL: "ci-cd.dev.exxcellent.de" + SSH_USER: "user" + SSH_PORT: "22" + DOCKER_REGISTRY: "$CI_REGISTRY" + ENV_SETUP_FILE: "setup_env.sh" + SSH_PRIVATE_KEY_DEPLOY: $SSH_PRIVATE_KEY + after_script: + - ssh $SSH_USER@$SSH_URL "if [ -f test.log ]; then exit 1; rm test.log; fi" + - ssh $SSH_USER@$SSH_URL "if [ -f docker-compose.yml ]; then exit 1; rm docker-compose.yml; fi" + check_confluence_validity: extends: .documentation-check-confluence-validity variables: diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index f6595c4..c8b134a 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -2,7 +2,7 @@ image: docker:20.10.16-alpine3.15 stage: deploy variables: - DOCKER_COMPOSE_VERSION: v2.5.1 + DOCKER_COMPOSE_VERSION: v2.6.0 SCP_DESTINATION: "" SCP_SOURCE: $CI_PROJECT_DIR COMPOSE_EXTRA_ARGS: "" @@ -51,7 +51,7 @@ image: docker:20.10.16-alpine3.15 stage: verify variables: - DOCKER_COMPOSE_VERSION: v2.5.1 + DOCKER_COMPOSE_VERSION: v2.6.0 before_script: #Install docker Compose, from release directly - wget https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose diff --git a/test/docker-compose.yml b/test/docker-compose.yml new file mode 100644 index 0000000..78862e3 --- /dev/null +++ b/test/docker-compose.yml @@ -0,0 +1,8 @@ +services: + hello_world: + image: alpine:latest + command: [ touch, "/tmp/test.log" ] + volumes: + - type: bind + source: /tmp + target: /tmp \ No newline at end of file From 6d2aecc06ca190ad02e57d59defb78ea12f774a2 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:16:29 +0200 Subject: [PATCH 093/166] feat(Docker Compose): Test Docker Compose --- .gitlab-ci.yml | 20 +++--------- test/{ => docker-compose}/docker-compose.yml | 0 test/docker-compose/test.gitlab-ci.yml | 32 ++++++++++++++++++++ 3 files changed, 37 insertions(+), 15 deletions(-) rename test/{ => docker-compose}/docker-compose.yml (100%) create mode 100644 test/docker-compose/test.gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0080611..7a16941 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -6,7 +6,6 @@ stages: include: - local: 'templates/releasing/release.gitlab-ci.yml' - local: 'templates/releasing/release-gitlab.gitlab-ci.yml' - - local: 'templates/IaC/docker-compose.gitlab-ci.yml' - local: 'templates/documentations/documentation.gitlab-ci.yml' Test-Java-Backend: @@ -26,20 +25,11 @@ Test-Docker-compose: - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH when: always - when: manual - extends: .docker-compose-deploy - variables: - SCP_DESTINATION: "/tmp" - SCP_SOURCE: "$CI_PROJECT_DIR/test/docker-compose.yml" - COMPOSE_EXTRA_ARGS: "-f test/docker-compose.yml" - SSH_URL: "ci-cd.dev.exxcellent.de" - SSH_USER: "user" - SSH_PORT: "22" - DOCKER_REGISTRY: "$CI_REGISTRY" - ENV_SETUP_FILE: "setup_env.sh" - SSH_PRIVATE_KEY_DEPLOY: $SSH_PRIVATE_KEY - after_script: - - ssh $SSH_USER@$SSH_URL "if [ -f test.log ]; then exit 1; rm test.log; fi" - - ssh $SSH_USER@$SSH_URL "if [ -f docker-compose.yml ]; then exit 1; rm docker-compose.yml; fi" + trigger: + strategy: depend + include: + - local: "test/docker-compose/test.gitlab-ci.yml" + check_confluence_validity: extends: .documentation-check-confluence-validity diff --git a/test/docker-compose.yml b/test/docker-compose/docker-compose.yml similarity index 100% rename from test/docker-compose.yml rename to test/docker-compose/docker-compose.yml diff --git a/test/docker-compose/test.gitlab-ci.yml b/test/docker-compose/test.gitlab-ci.yml new file mode 100644 index 0000000..c988850 --- /dev/null +++ b/test/docker-compose/test.gitlab-ci.yml @@ -0,0 +1,32 @@ +stages: + - compose + - verify + +include: + - local: 'templates/IaC/docker-compose.gitlab-ci.yml' + - local: 'templates/IaC/ssh-transfer-data.gitlab-ci.yml' + +Docker-compose: + stage: compose + rules: + - when: always + extends: .docker-compose-deploy + variables: + SCP_DESTINATION: "/tmp" + SCP_SOURCE: "$CI_PROJECT_DIR/test/docker-compose.yml" + COMPOSE_EXTRA_ARGS: "-f test/docker-compose.yml" + SSH_URL: "ci-cd.dev.exxcellent.de" + SSH_USER: "user" + SSH_PORT: "22" + DOCKER_REGISTRY: "$CI_REGISTRY" + ENV_SETUP_FILE: "setup_env.sh" + SSH_PRIVATE_KEY_DEPLOY: $SSH_PRIVATE_KEY + +Test-Files: + stage: verify + rules: + when: always + extends: .ssh-transfer-data + script: + - ssh $SSH_USER@$SSH_URL "if [ -f test.log ]; then exit 1; rm test.log; fi" + - ssh $SSH_USER@$SSH_URL "if [ -f docker-compose.yml ]; then exit 1; rm docker-compose.yml; fi" From 4f509279ff24d8237b945486da7bdccef669b204 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:17:12 +0200 Subject: [PATCH 094/166] feat(Docker Compose): Test Docker Compose --- test/docker-compose/test.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/docker-compose/test.gitlab-ci.yml b/test/docker-compose/test.gitlab-ci.yml index c988850..b1fe5d9 100644 --- a/test/docker-compose/test.gitlab-ci.yml +++ b/test/docker-compose/test.gitlab-ci.yml @@ -25,7 +25,7 @@ Docker-compose: Test-Files: stage: verify rules: - when: always + - when: always extends: .ssh-transfer-data script: - ssh $SSH_USER@$SSH_URL "if [ -f test.log ]; then exit 1; rm test.log; fi" From 96e080f1a33f4c1e5f98f2a987c72fb11be28ad9 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:19:26 +0200 Subject: [PATCH 095/166] feat(Docker Compose): Test Docker Compose --- test/docker-compose/test.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/docker-compose/test.gitlab-ci.yml b/test/docker-compose/test.gitlab-ci.yml index b1fe5d9..a9a6d13 100644 --- a/test/docker-compose/test.gitlab-ci.yml +++ b/test/docker-compose/test.gitlab-ci.yml @@ -13,7 +13,7 @@ Docker-compose: extends: .docker-compose-deploy variables: SCP_DESTINATION: "/tmp" - SCP_SOURCE: "$CI_PROJECT_DIR/test/docker-compose.yml" + SCP_SOURCE: "$CI_PROJECT_DIR/test/docker-compose/docker-compose.yml" COMPOSE_EXTRA_ARGS: "-f test/docker-compose.yml" SSH_URL: "ci-cd.dev.exxcellent.de" SSH_USER: "user" From 95c1fa46f53d481cbebdce769bad608f59b0be54 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:23:02 +0200 Subject: [PATCH 096/166] feat(Docker Compose): Test Docker Compose --- .gitlab-ci.yml | 2 +- templates/IaC/docker-compose.gitlab-ci.yml | 2 ++ .../{test.gitlab-ci.yml => test-docker-compose.gitlab-ci.yml} | 2 ++ 3 files changed, 5 insertions(+), 1 deletion(-) rename test/docker-compose/{test.gitlab-ci.yml => test-docker-compose.gitlab-ci.yml} (90%) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7a16941..4367db4 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -28,7 +28,7 @@ Test-Docker-compose: trigger: strategy: depend include: - - local: "test/docker-compose/test.gitlab-ci.yml" + - local: "test/docker-compose/test-docker-compose.gitlab-ci.yml" check_confluence_validity: diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index c8b134a..6f2ef31 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -11,6 +11,8 @@ SSH_USER: "" SSH_PORT: "22" DOCKER_REGISTRY: "$CI_REGISTRY" + DOCKER_REGISTRY_PASS: "$CI_REGISTRY_PASSWORD" + DOCKER_REGISTRY_USER: "$CI_REGISTRY_USER" ENV_SETUP_FILE: "setup_env.sh" SSH_PRIVATE_KEY_DEPLOY: $SSH_PRIVATE_KEY rules: diff --git a/test/docker-compose/test.gitlab-ci.yml b/test/docker-compose/test-docker-compose.gitlab-ci.yml similarity index 90% rename from test/docker-compose/test.gitlab-ci.yml rename to test/docker-compose/test-docker-compose.gitlab-ci.yml index a9a6d13..da04674 100644 --- a/test/docker-compose/test.gitlab-ci.yml +++ b/test/docker-compose/test-docker-compose.gitlab-ci.yml @@ -19,6 +19,8 @@ Docker-compose: SSH_USER: "user" SSH_PORT: "22" DOCKER_REGISTRY: "$CI_REGISTRY" + DOCKER_REGISTRY_PASS: "$CI_REGISTRY_PASSWORD" + DOCKER_REGISTRY_USER: "$CI_REGISTRY_USER" ENV_SETUP_FILE: "setup_env.sh" SSH_PRIVATE_KEY_DEPLOY: $SSH_PRIVATE_KEY From e727c9383036475f27513bd3afea963c52a764cc Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:24:43 +0200 Subject: [PATCH 097/166] doc(Docker Compose): Add Registry user and pass --- documentation/chapters/templates/IaC/docker-compose.adoc | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/documentation/chapters/templates/IaC/docker-compose.adoc b/documentation/chapters/templates/IaC/docker-compose.adoc index a0c3c1d..626f73a 100644 --- a/documentation/chapters/templates/IaC/docker-compose.adoc +++ b/documentation/chapters/templates/IaC/docker-compose.adoc @@ -68,6 +68,14 @@ We have a workaround for this, please override your script with the following: | The Container Registry that will be used to pull images. | "$CI_REGISTRY" +| DOCKER_REGISTRY_PASS +| The passwort to the docker registry that should be used. +| "$CI_REGISTRY_PASSWORD" + +| DOCKER_REGISTRY_USER +| The user to the docker registry that should be used. +| "$CI_REGISTRY_USER" + | ENV_SETUP_FILE | If you want to use a .env file, this skript can be used to create one. Secrets should not be stored within your repository. Use the CI-CD Variables in the setting page. From cbb06c8a6d701e7b302f7053b9640dc5db77401f Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:26:05 +0200 Subject: [PATCH 098/166] fix(Docker Compose): Test docker compose --- test/docker-compose/test-docker-compose.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/docker-compose/test-docker-compose.gitlab-ci.yml b/test/docker-compose/test-docker-compose.gitlab-ci.yml index da04674..c56be63 100644 --- a/test/docker-compose/test-docker-compose.gitlab-ci.yml +++ b/test/docker-compose/test-docker-compose.gitlab-ci.yml @@ -14,7 +14,7 @@ Docker-compose: variables: SCP_DESTINATION: "/tmp" SCP_SOURCE: "$CI_PROJECT_DIR/test/docker-compose/docker-compose.yml" - COMPOSE_EXTRA_ARGS: "-f test/docker-compose.yml" + COMPOSE_EXTRA_ARGS: "-f /test/docker-compose/docker-compose.yml" SSH_URL: "ci-cd.dev.exxcellent.de" SSH_USER: "user" SSH_PORT: "22" From df5b7ed3b5a92c76838d393c088544625f5f804a Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:28:54 +0200 Subject: [PATCH 099/166] fix(Docker Compose): Test docker compose --- test/docker-compose/test-docker-compose.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/docker-compose/test-docker-compose.gitlab-ci.yml b/test/docker-compose/test-docker-compose.gitlab-ci.yml index c56be63..f794045 100644 --- a/test/docker-compose/test-docker-compose.gitlab-ci.yml +++ b/test/docker-compose/test-docker-compose.gitlab-ci.yml @@ -14,7 +14,7 @@ Docker-compose: variables: SCP_DESTINATION: "/tmp" SCP_SOURCE: "$CI_PROJECT_DIR/test/docker-compose/docker-compose.yml" - COMPOSE_EXTRA_ARGS: "-f /test/docker-compose/docker-compose.yml" + COMPOSE_EXTRA_ARGS: "-f test/docker-compose/docker-compose.yml" SSH_URL: "ci-cd.dev.exxcellent.de" SSH_USER: "user" SSH_PORT: "22" From 97e7af2bbb6f980c968183e82f83c155d6f8d673 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:32:37 +0200 Subject: [PATCH 100/166] fix(Docker Compose): Test docker compose --- test/docker-compose/test-docker-compose.gitlab-ci.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/test/docker-compose/test-docker-compose.gitlab-ci.yml b/test/docker-compose/test-docker-compose.gitlab-ci.yml index f794045..b5e7e46 100644 --- a/test/docker-compose/test-docker-compose.gitlab-ci.yml +++ b/test/docker-compose/test-docker-compose.gitlab-ci.yml @@ -26,6 +26,9 @@ Docker-compose: Test-Files: stage: verify + variables: + SSH_URL: "ci-cd.dev.exxcellent.de" + SSH_USER: "user" rules: - when: always extends: .ssh-transfer-data From af44c6ad61e8ca8280c81ebb2b2ea58486094faa Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:32:57 +0200 Subject: [PATCH 101/166] fix(Docker Compose): Test docker compose --- test/docker-compose/test-docker-compose.gitlab-ci.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/test/docker-compose/test-docker-compose.gitlab-ci.yml b/test/docker-compose/test-docker-compose.gitlab-ci.yml index b5e7e46..714d5cb 100644 --- a/test/docker-compose/test-docker-compose.gitlab-ci.yml +++ b/test/docker-compose/test-docker-compose.gitlab-ci.yml @@ -6,6 +6,10 @@ include: - local: 'templates/IaC/docker-compose.gitlab-ci.yml' - local: 'templates/IaC/ssh-transfer-data.gitlab-ci.yml' + variables: + SSH_URL: "ci-cd.dev.exxcellent.de" + SSH_USER: "user" + Docker-compose: stage: compose rules: @@ -15,8 +19,6 @@ Docker-compose: SCP_DESTINATION: "/tmp" SCP_SOURCE: "$CI_PROJECT_DIR/test/docker-compose/docker-compose.yml" COMPOSE_EXTRA_ARGS: "-f test/docker-compose/docker-compose.yml" - SSH_URL: "ci-cd.dev.exxcellent.de" - SSH_USER: "user" SSH_PORT: "22" DOCKER_REGISTRY: "$CI_REGISTRY" DOCKER_REGISTRY_PASS: "$CI_REGISTRY_PASSWORD" @@ -26,9 +28,7 @@ Docker-compose: Test-Files: stage: verify - variables: - SSH_URL: "ci-cd.dev.exxcellent.de" - SSH_USER: "user" + rules: - when: always extends: .ssh-transfer-data From 51f9db91b38f103a523f8b04da0b7d4ebfe32d98 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:34:23 +0200 Subject: [PATCH 102/166] fix(Docker Compose): Test docker compose --- test/docker-compose/test-docker-compose.gitlab-ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/test/docker-compose/test-docker-compose.gitlab-ci.yml b/test/docker-compose/test-docker-compose.gitlab-ci.yml index 714d5cb..dc9446e 100644 --- a/test/docker-compose/test-docker-compose.gitlab-ci.yml +++ b/test/docker-compose/test-docker-compose.gitlab-ci.yml @@ -33,5 +33,6 @@ Test-Files: - when: always extends: .ssh-transfer-data script: + - ssh-keyscan $SSH_URL >> ~/.ssh/known_hosts - ssh $SSH_USER@$SSH_URL "if [ -f test.log ]; then exit 1; rm test.log; fi" - ssh $SSH_USER@$SSH_URL "if [ -f docker-compose.yml ]; then exit 1; rm docker-compose.yml; fi" From 4defe60d496d1d5366b75f576c1d34ed66fee70d Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:35:04 +0200 Subject: [PATCH 103/166] fix(Docker Compose): Test docker compose --- test/docker-compose/test-docker-compose.gitlab-ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/docker-compose/test-docker-compose.gitlab-ci.yml b/test/docker-compose/test-docker-compose.gitlab-ci.yml index dc9446e..194eb22 100644 --- a/test/docker-compose/test-docker-compose.gitlab-ci.yml +++ b/test/docker-compose/test-docker-compose.gitlab-ci.yml @@ -6,9 +6,9 @@ include: - local: 'templates/IaC/docker-compose.gitlab-ci.yml' - local: 'templates/IaC/ssh-transfer-data.gitlab-ci.yml' - variables: - SSH_URL: "ci-cd.dev.exxcellent.de" - SSH_USER: "user" +variables: + SSH_URL: "ci-cd.dev.exxcellent.de" + SSH_USER: "user" Docker-compose: stage: compose From 141f0734f52a9abf172e9930b4845ab845741bc7 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:37:54 +0200 Subject: [PATCH 104/166] fix(Docker Compose): Test docker compose --- test/docker-compose/test-docker-compose.gitlab-ci.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/test/docker-compose/test-docker-compose.gitlab-ci.yml b/test/docker-compose/test-docker-compose.gitlab-ci.yml index 194eb22..8791b75 100644 --- a/test/docker-compose/test-docker-compose.gitlab-ci.yml +++ b/test/docker-compose/test-docker-compose.gitlab-ci.yml @@ -6,9 +6,6 @@ include: - local: 'templates/IaC/docker-compose.gitlab-ci.yml' - local: 'templates/IaC/ssh-transfer-data.gitlab-ci.yml' -variables: - SSH_URL: "ci-cd.dev.exxcellent.de" - SSH_USER: "user" Docker-compose: stage: compose @@ -20,6 +17,8 @@ Docker-compose: SCP_SOURCE: "$CI_PROJECT_DIR/test/docker-compose/docker-compose.yml" COMPOSE_EXTRA_ARGS: "-f test/docker-compose/docker-compose.yml" SSH_PORT: "22" + SSH_URL: "ci-cd.dev.exxcellent.de" + SSH_USER: "user" DOCKER_REGISTRY: "$CI_REGISTRY" DOCKER_REGISTRY_PASS: "$CI_REGISTRY_PASSWORD" DOCKER_REGISTRY_USER: "$CI_REGISTRY_USER" @@ -28,7 +27,9 @@ Docker-compose: Test-Files: stage: verify - + variables: + SSH_URL: "ci-cd.dev.exxcellent.de" + SSH_USER: "user" rules: - when: always extends: .ssh-transfer-data From 6ea5768f14ae7391dea31b737e99ff27ecbb06cb Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:42:42 +0200 Subject: [PATCH 105/166] fix(Docker Compose): Test docker compose --- test/docker-compose/test-docker-compose.gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/docker-compose/test-docker-compose.gitlab-ci.yml b/test/docker-compose/test-docker-compose.gitlab-ci.yml index 8791b75..e36cf8f 100644 --- a/test/docker-compose/test-docker-compose.gitlab-ci.yml +++ b/test/docker-compose/test-docker-compose.gitlab-ci.yml @@ -35,5 +35,5 @@ Test-Files: extends: .ssh-transfer-data script: - ssh-keyscan $SSH_URL >> ~/.ssh/known_hosts - - ssh $SSH_USER@$SSH_URL "if [ -f test.log ]; then exit 1; rm test.log; fi" - - ssh $SSH_USER@$SSH_URL "if [ -f docker-compose.yml ]; then exit 1; rm docker-compose.yml; fi" + - ssh $SSH_USER@$SSH_URL "if [ -f test.log ]; then rm test.log; exit 1; fi" + - ssh $SSH_USER@$SSH_URL "if [ -f docker-compose.yml ]; then rm docker-compose.yml; exit 1; fi" From 7203d2cee8cd2aee8e4ccfbafdaa0cf20ef2e96c Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:49:00 +0200 Subject: [PATCH 106/166] fix(Docker Compose): Test docker compose --- test/docker-compose/test-docker-compose.gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/docker-compose/test-docker-compose.gitlab-ci.yml b/test/docker-compose/test-docker-compose.gitlab-ci.yml index e36cf8f..e34c890 100644 --- a/test/docker-compose/test-docker-compose.gitlab-ci.yml +++ b/test/docker-compose/test-docker-compose.gitlab-ci.yml @@ -35,5 +35,5 @@ Test-Files: extends: .ssh-transfer-data script: - ssh-keyscan $SSH_URL >> ~/.ssh/known_hosts - - ssh $SSH_USER@$SSH_URL "if [ -f test.log ]; then rm test.log; exit 1; fi" - - ssh $SSH_USER@$SSH_URL "if [ -f docker-compose.yml ]; then rm docker-compose.yml; exit 1; fi" + - ssh $SSH_USER@$SSH_URL "if [ -f test.log ]; then rm test.log; else exit 255; fi" + - ssh $SSH_USER@$SSH_URL "if [ -f docker-compose.yml ]; then rm docker-compose.yml; else exit 255; fi" From e4112ba7c84292467828ba86c0821ae7149e7b9a Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 16:59:21 +0200 Subject: [PATCH 107/166] fix(Docker Compose): Test docker compose --- test/docker-compose/docker-compose.yml | 6 +++--- test/docker-compose/test-docker-compose.gitlab-ci.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/test/docker-compose/docker-compose.yml b/test/docker-compose/docker-compose.yml index 78862e3..5d35880 100644 --- a/test/docker-compose/docker-compose.yml +++ b/test/docker-compose/docker-compose.yml @@ -1,8 +1,8 @@ services: hello_world: image: alpine:latest - command: [ touch, "/tmp/test.log" ] + command: [ touch, "/home/user/test.log" ] volumes: - type: bind - source: /tmp - target: /tmp \ No newline at end of file + source: /home/user + target: /home/user \ No newline at end of file diff --git a/test/docker-compose/test-docker-compose.gitlab-ci.yml b/test/docker-compose/test-docker-compose.gitlab-ci.yml index e34c890..1ac66e6 100644 --- a/test/docker-compose/test-docker-compose.gitlab-ci.yml +++ b/test/docker-compose/test-docker-compose.gitlab-ci.yml @@ -13,7 +13,7 @@ Docker-compose: - when: always extends: .docker-compose-deploy variables: - SCP_DESTINATION: "/tmp" + SCP_DESTINATION: "/home/user" SCP_SOURCE: "$CI_PROJECT_DIR/test/docker-compose/docker-compose.yml" COMPOSE_EXTRA_ARGS: "-f test/docker-compose/docker-compose.yml" SSH_PORT: "22" From 19b91bb215c1d98a363726771d60c90dd1dff93f Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 17:02:01 +0200 Subject: [PATCH 108/166] fix(Docker Compose): Test docker compose --- .../test-docker-compose.gitlab-ci.yml | 24 ++++++++++--------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/test/docker-compose/test-docker-compose.gitlab-ci.yml b/test/docker-compose/test-docker-compose.gitlab-ci.yml index 1ac66e6..00aebf8 100644 --- a/test/docker-compose/test-docker-compose.gitlab-ci.yml +++ b/test/docker-compose/test-docker-compose.gitlab-ci.yml @@ -24,16 +24,18 @@ Docker-compose: DOCKER_REGISTRY_USER: "$CI_REGISTRY_USER" ENV_SETUP_FILE: "setup_env.sh" SSH_PRIVATE_KEY_DEPLOY: $SSH_PRIVATE_KEY - -Test-Files: - stage: verify - variables: - SSH_URL: "ci-cd.dev.exxcellent.de" - SSH_USER: "user" - rules: - - when: always - extends: .ssh-transfer-data - script: - - ssh-keyscan $SSH_URL >> ~/.ssh/known_hosts + after_script: - ssh $SSH_USER@$SSH_URL "if [ -f test.log ]; then rm test.log; else exit 255; fi" - ssh $SSH_USER@$SSH_URL "if [ -f docker-compose.yml ]; then rm docker-compose.yml; else exit 255; fi" + +#Test-Files: +# stage: verify +# variables: +# SSH_URL: "ci-cd.dev.exxcellent.de" +# SSH_USER: "user" +# rules: +# - when: always +# extends: .ssh-transfer-data +# script: +# - ssh-keyscan $SSH_URL >> ~/.ssh/known_hosts + From c74bb7022cc3fdb4b00718ecd6587a60b62022d1 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 17:03:31 +0200 Subject: [PATCH 109/166] fix(Docker Compose): Test docker compose --- .../test-docker-compose.gitlab-ci.yml | 24 +++++++++---------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/test/docker-compose/test-docker-compose.gitlab-ci.yml b/test/docker-compose/test-docker-compose.gitlab-ci.yml index 00aebf8..1ac66e6 100644 --- a/test/docker-compose/test-docker-compose.gitlab-ci.yml +++ b/test/docker-compose/test-docker-compose.gitlab-ci.yml @@ -24,18 +24,16 @@ Docker-compose: DOCKER_REGISTRY_USER: "$CI_REGISTRY_USER" ENV_SETUP_FILE: "setup_env.sh" SSH_PRIVATE_KEY_DEPLOY: $SSH_PRIVATE_KEY - after_script: + +Test-Files: + stage: verify + variables: + SSH_URL: "ci-cd.dev.exxcellent.de" + SSH_USER: "user" + rules: + - when: always + extends: .ssh-transfer-data + script: + - ssh-keyscan $SSH_URL >> ~/.ssh/known_hosts - ssh $SSH_USER@$SSH_URL "if [ -f test.log ]; then rm test.log; else exit 255; fi" - ssh $SSH_USER@$SSH_URL "if [ -f docker-compose.yml ]; then rm docker-compose.yml; else exit 255; fi" - -#Test-Files: -# stage: verify -# variables: -# SSH_URL: "ci-cd.dev.exxcellent.de" -# SSH_USER: "user" -# rules: -# - when: always -# extends: .ssh-transfer-data -# script: -# - ssh-keyscan $SSH_URL >> ~/.ssh/known_hosts - From 46e9843a3a3b59d7ccb42c573e71f63f5b53bae3 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 17:11:05 +0200 Subject: [PATCH 110/166] doc(Docker Compose): small test description of docker compose --- test/docker-compose/test-docker-compose.gitlab-ci.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/test/docker-compose/test-docker-compose.gitlab-ci.yml b/test/docker-compose/test-docker-compose.gitlab-ci.yml index 1ac66e6..0af3577 100644 --- a/test/docker-compose/test-docker-compose.gitlab-ci.yml +++ b/test/docker-compose/test-docker-compose.gitlab-ci.yml @@ -6,7 +6,10 @@ include: - local: 'templates/IaC/docker-compose.gitlab-ci.yml' - local: 'templates/IaC/ssh-transfer-data.gitlab-ci.yml' - +#This files tests if Docker Compose template is working correctly. +#to test scp It pushes the docker compose file with to the remove maschine. +#to test docker-compose up over ssh it startes a simple docker compose file on the remote maschine. +#to verify the functionality an ssh connection tests if the files exist on the server. Docker-compose: stage: compose rules: From 011b57a762386953fba94e55d5384afd0e44abce Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 18:01:00 +0200 Subject: [PATCH 111/166] feat(Dind): Test dind containers --- .gitlab-ci.yml | 12 ++++++++++- .../docker-compose.yml | 0 test/docker/test-dind.gitlab-ci.yml | 21 +++++++++++++++++++ .../test-docker-compose.gitlab-ci.yml | 4 ++-- 4 files changed, 34 insertions(+), 3 deletions(-) rename test/{docker-compose => docker}/docker-compose.yml (100%) create mode 100644 test/docker/test-dind.gitlab-ci.yml rename test/{docker-compose => docker}/test-docker-compose.gitlab-ci.yml (90%) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 4367db4..f4dbcfa 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -28,8 +28,18 @@ Test-Docker-compose: trigger: strategy: depend include: - - local: "test/docker-compose/test-docker-compose.gitlab-ci.yml" + - local: "test/docker/test-docker-compose.gitlab-ci.yml" +Test-Dind: + stage: verify + rules: + - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH + when: always + - when: manual + trigger: + strategy: depend + include: + - local: "test/docker/test-dind.gitlab-ci.yml" check_confluence_validity: extends: .documentation-check-confluence-validity diff --git a/test/docker-compose/docker-compose.yml b/test/docker/docker-compose.yml similarity index 100% rename from test/docker-compose/docker-compose.yml rename to test/docker/docker-compose.yml diff --git a/test/docker/test-dind.gitlab-ci.yml b/test/docker/test-dind.gitlab-ci.yml new file mode 100644 index 0000000..4dde479 --- /dev/null +++ b/test/docker/test-dind.gitlab-ci.yml @@ -0,0 +1,21 @@ +stages: + - verify + +services: + - name: docker:dind + # explicitly disable tls to avoid docker startup interruption + command: [ "--tls=false" ] + +variables: + # Instruct Testcontainers to use the daemon of DinD. + DOCKER_HOST: "tcp://docker:2375" + # Instruct Docker not to start over TLS. + DOCKER_TLS_CERTDIR: "" + # Improve performance with overlayfs. + DOCKER_DRIVER: overlay2 + +test: + image: docker + stage: verify + script: + - docker run -it alpine echo test \ No newline at end of file diff --git a/test/docker-compose/test-docker-compose.gitlab-ci.yml b/test/docker/test-docker-compose.gitlab-ci.yml similarity index 90% rename from test/docker-compose/test-docker-compose.gitlab-ci.yml rename to test/docker/test-docker-compose.gitlab-ci.yml index 0af3577..64b1933 100644 --- a/test/docker-compose/test-docker-compose.gitlab-ci.yml +++ b/test/docker/test-docker-compose.gitlab-ci.yml @@ -17,8 +17,8 @@ Docker-compose: extends: .docker-compose-deploy variables: SCP_DESTINATION: "/home/user" - SCP_SOURCE: "$CI_PROJECT_DIR/test/docker-compose/docker-compose.yml" - COMPOSE_EXTRA_ARGS: "-f test/docker-compose/docker-compose.yml" + SCP_SOURCE: "$CI_PROJECT_DIR/test/docker/docker-compose.yml" + COMPOSE_EXTRA_ARGS: "-f test/docker/docker-compose.yml" SSH_PORT: "22" SSH_URL: "ci-cd.dev.exxcellent.de" SSH_USER: "user" From f46de584c72962e2972ef1074b0b05ddf788aacf Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 18:03:35 +0200 Subject: [PATCH 112/166] feat(Dind): Test dind containers --- test/docker/test-dind.gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/docker/test-dind.gitlab-ci.yml b/test/docker/test-dind.gitlab-ci.yml index 4dde479..d8c9ecf 100644 --- a/test/docker/test-dind.gitlab-ci.yml +++ b/test/docker/test-dind.gitlab-ci.yml @@ -14,8 +14,8 @@ variables: # Improve performance with overlayfs. DOCKER_DRIVER: overlay2 -test: +Test-Simple-Dind: image: docker stage: verify script: - - docker run -it alpine echo test \ No newline at end of file + - docker run -t alpine echo test \ No newline at end of file From 5acce39a093a6574795685456a331ae0d677d3db Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 18:10:32 +0200 Subject: [PATCH 113/166] feat(Dind): Test dind containers --- test/docker/test-dind.gitlab-ci.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/docker/test-dind.gitlab-ci.yml b/test/docker/test-dind.gitlab-ci.yml index d8c9ecf..0c9a5e7 100644 --- a/test/docker/test-dind.gitlab-ci.yml +++ b/test/docker/test-dind.gitlab-ci.yml @@ -5,6 +5,7 @@ services: - name: docker:dind # explicitly disable tls to avoid docker startup interruption command: [ "--tls=false" ] + alias: docker variables: # Instruct Testcontainers to use the daemon of DinD. @@ -15,7 +16,7 @@ variables: DOCKER_DRIVER: overlay2 Test-Simple-Dind: - image: docker + image: docker:stable stage: verify script: - docker run -t alpine echo test \ No newline at end of file From a34f3ba24dfdebce0a3b13242f5e259ebe9c6ce0 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 18:35:09 +0200 Subject: [PATCH 114/166] feat(Dind): Test dind containers --- .../templates/container/docker-in-docker.adoc | 12 ++++++++++ .../container/docker-in-docker.gitlab-ci.yml | 22 +++++++++++++++++++ test/docker/test-dind.gitlab-ci.yml | 18 ++++----------- 3 files changed, 38 insertions(+), 14 deletions(-) create mode 100644 documentation/chapters/templates/container/docker-in-docker.adoc create mode 100644 templates/container/docker-in-docker.gitlab-ci.yml diff --git a/documentation/chapters/templates/container/docker-in-docker.adoc b/documentation/chapters/templates/container/docker-in-docker.adoc new file mode 100644 index 0000000..def22cd --- /dev/null +++ b/documentation/chapters/templates/container/docker-in-docker.adoc @@ -0,0 +1,12 @@ +:sourcedir: ../../../../templates/ + += Docker in Docker + +This template helps to start jobs, that need a docker environment to run. +Simply expand from this Template. + +.container scan template +[source,yaml] +---- +include::{sourcedir}container/docker-in-docker.gitlab-ci.yml[] +---- \ No newline at end of file diff --git a/templates/container/docker-in-docker.gitlab-ci.yml b/templates/container/docker-in-docker.gitlab-ci.yml new file mode 100644 index 0000000..f5b7c64 --- /dev/null +++ b/templates/container/docker-in-docker.gitlab-ci.yml @@ -0,0 +1,22 @@ +.docker-in-docker: + services: + - name: docker:20.10.17-dind + command: + - "--registry-mirror" + - "https://nexus.corp.exxcellent.de:18000" + - "--insecure-registry" + - "nexus.corp.exxcellent.de:18000" + - "--insecure-registry" + - "gitlab.exxcellent.de:4567" + # explicitly disable tls to avoid docker startup interruption + - "--tls=false" + alias: docker + variables: + # Instruct Testcontainers to use the daemon of DinD. + DOCKER_HOST: "tcp://docker:2375" + # Instruct Docker not to start over TLS. + DOCKER_TLS_CERTDIR: "" + # Improve performance with overlayfs. + DOCKER_DRIVER: overlay2 + # Needed by testcontainers https://www.testcontainers.org/supported_docker_environment/continuous_integration/gitlab_ci/ + TESTCONTAINERS_HOST_OVERRIDE: "host.docker.internal" \ No newline at end of file diff --git a/test/docker/test-dind.gitlab-ci.yml b/test/docker/test-dind.gitlab-ci.yml index 0c9a5e7..ceb6c7a 100644 --- a/test/docker/test-dind.gitlab-ci.yml +++ b/test/docker/test-dind.gitlab-ci.yml @@ -1,22 +1,12 @@ +include: + local: "templates/container/docker-in-docker.gitlab-ci.yml" + stages: - verify -services: - - name: docker:dind - # explicitly disable tls to avoid docker startup interruption - command: [ "--tls=false" ] - alias: docker - -variables: - # Instruct Testcontainers to use the daemon of DinD. - DOCKER_HOST: "tcp://docker:2375" - # Instruct Docker not to start over TLS. - DOCKER_TLS_CERTDIR: "" - # Improve performance with overlayfs. - DOCKER_DRIVER: overlay2 - Test-Simple-Dind: image: docker:stable + extends: .docker-in-docker stage: verify script: - docker run -t alpine echo test \ No newline at end of file From d0c6f86e33f6ab70042fd91080a4187067a60179 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 14 Jun 2022 19:08:01 +0200 Subject: [PATCH 115/166] docs(Dind): Add template-printer for simpler printing of the templates and include --- .../chapters/templates/IaC/ansible.adoc | 9 ++------- .../chapters/templates/IaC/docker-compose.adoc | 9 ++------- .../templates/IaC/ssh-transfer-data.adoc | 9 ++------- .../templates/common/common-ci-variablen.adoc | 7 ++----- .../templates/container/container-build.adoc | 9 ++------- .../templates/container/container-publish.adoc | 8 ++------ .../templates/container/container-scan.adoc | 9 ++------- .../templates/container/docker-in-docker.adoc | 9 ++------- .../documentation/tool-documentation-tool.adoc | 9 ++------- .../java/gradle/gradle-build-template.adoc | 9 ++------- .../java/gradle/gradle-db-diff-template.adoc | 9 ++------- .../java/gradle/gradle-test-template.adoc | 9 ++------- .../java/maven/maven-build-template.adoc | 9 ++------- .../java/maven/maven-db-diff-template.adoc | 9 ++------- .../java/maven/maven-dependencies-template.adoc | 9 ++------- .../java/maven/maven-verify-template.adoc | 9 ++------- .../templates/npm/npm-build-template.adoc | 9 ++------- .../npm/npm-dependencies-template.adoc | 9 ++------- .../templates/npm/npm-lint-template.adoc | 9 ++------- .../templates/npm/npm-test-template.adoc | 9 ++------- .../templates/releasing/mail-template.adoc | 9 ++------- .../push-tag-and-version-template.adoc | 9 ++------- .../releasing/release-gitlab-template.adoc | 9 ++------- .../templates/releasing/release-template.adoc | 9 ++------- .../releasing/set-version-template.adoc | 10 ++-------- .../static-analysis/repo-cve-scan.adoc | 9 ++------- .../templates/static-analysis/sonar-7.adoc | 8 ++------ .../templates/static-analysis/sonar-8.adoc | 8 ++------ documentation/template-printer.adoc | 17 +++++++++++++++++ 29 files changed, 73 insertions(+), 192 deletions(-) create mode 100644 documentation/template-printer.adoc diff --git a/documentation/chapters/templates/IaC/ansible.adoc b/documentation/chapters/templates/IaC/ansible.adoc index e7ddd3d..30eb900 100644 --- a/documentation/chapters/templates/IaC/ansible.adoc +++ b/documentation/chapters/templates/IaC/ansible.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates - = Ansible Template A Template Collection to simplify the deployment automation with Ansible. @@ -29,8 +27,5 @@ Use the Gitlab CI variables so not everyone has access to this Secret. Only Main |EXTRA_ARGS | Additional Arguments that will be used from Ansible | "" |=== -.Ansible Collection -[source,yaml] ----- -include::{sourcedir}/IaC/ansible.gitlab-ci.yml[] ----- \ No newline at end of file +:template: IaC/ansible.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/IaC/docker-compose.adoc b/documentation/chapters/templates/IaC/docker-compose.adoc index 626f73a..3b041e4 100644 --- a/documentation/chapters/templates/IaC/docker-compose.adoc +++ b/documentation/chapters/templates/IaC/docker-compose.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates - = Docker-Compose Template .Provided Templates: @@ -100,8 +98,5 @@ For example multiple `--no-deps --no-build` definitions. | - |=== -.Docker Templates -[source,yaml] ----- -include::{sourcedir}/IaC/docker-compose.gitlab-ci.yml[] ----- +:template: IaC/docker-compose.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/IaC/ssh-transfer-data.adoc b/documentation/chapters/templates/IaC/ssh-transfer-data.adoc index edb5ba3..5cc0385 100644 --- a/documentation/chapters/templates/IaC/ssh-transfer-data.adoc +++ b/documentation/chapters/templates/IaC/ssh-transfer-data.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates/ - = ssh-transfer-data-template This template provides a service to transfer data from a pipeline to a remote server. @@ -13,8 +11,5 @@ For more details: https://gitlab.exxcellent.de/gilden/ci/exxcellent-ssh-tool#use |SSH_HOST | the name of the remote host |- |=== -.ssh-transfer-data-template -[source, yaml] ----- -include::{sourcedir}IaC/ssh-transfer-data.gitlab-ci.yml[] ----- \ No newline at end of file +:template: IaC/ssh-transfer-data.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/common/common-ci-variablen.adoc b/documentation/chapters/templates/common/common-ci-variablen.adoc index 4ffeb92..4b0fb5c 100644 --- a/documentation/chapters/templates/common/common-ci-variablen.adoc +++ b/documentation/chapters/templates/common/common-ci-variablen.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates - :gitlab-ci-file: /common/common-ci-variablen.gitlab-ci.yml [[Generel-Variablen]] @@ -22,6 +20,5 @@ Some of our Templates and Pipelines rely on the following variables. |BACKEND_DIR| Directory where the backend code can be found. This is useful when the repository contains frontend and backend Code. |=== ----- -include::{sourcedir}{gitlab-ci-file}[] ----- +:template: {gitlab-ci-file} +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/container/container-build.adoc b/documentation/chapters/templates/container/container-build.adoc index d279c69..8483d6a 100644 --- a/documentation/chapters/templates/container/container-build.adoc +++ b/documentation/chapters/templates/container/container-build.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates - = Build .Provided Templates: @@ -40,8 +38,5 @@ The template <<_container_publish>> allows you to publish the build image to a r | exxcellent Nexus |=== -.Container Build Templates -[source,yaml] ----- -include::{sourcedir}/container/container-build.gitlab-ci.yml[] ----- \ No newline at end of file +:template: container/container-build.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/container/container-publish.adoc b/documentation/chapters/templates/container/container-publish.adoc index 60e0202..0cf47b1 100644 --- a/documentation/chapters/templates/container/container-publish.adoc +++ b/documentation/chapters/templates/container/container-publish.adoc @@ -1,4 +1,3 @@ -:sourcedir: ../../../../templates [#_container_publish] = Container Publish @@ -15,8 +14,5 @@ Needs a build container on the path `image.tar`. Use one of the Container build | IMAGE_TAG | the Tag the image should be found on | Depends on the current path. Look at the rules of the Job. |=== -.container-publish -[source,yaml] ----- -include::{sourcedir}/container/container-publish.gitlab-ci.yml[] ----- +:template: container/container-publish.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/container/container-scan.adoc b/documentation/chapters/templates/container/container-scan.adoc index 761f19f..ed5e53d 100644 --- a/documentation/chapters/templates/container/container-scan.adoc +++ b/documentation/chapters/templates/container/container-scan.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates/ - = Container CVE Scanner Uses Trivy to scan for CVE Problems within your Image. @@ -28,8 +26,5 @@ Please consider using `allow_failure: true` instead of 0. The CI will show you a |=== -.container scan template -[source,yaml] ----- -include::{sourcedir}container/container-scan.gitlab-ci.yml[] ----- \ No newline at end of file +:template: container/container-scan.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/container/docker-in-docker.adoc b/documentation/chapters/templates/container/docker-in-docker.adoc index def22cd..90ba4db 100644 --- a/documentation/chapters/templates/container/docker-in-docker.adoc +++ b/documentation/chapters/templates/container/docker-in-docker.adoc @@ -1,12 +1,7 @@ -:sourcedir: ../../../../templates/ - = Docker in Docker This template helps to start jobs, that need a docker environment to run. Simply expand from this Template. -.container scan template -[source,yaml] ----- -include::{sourcedir}container/docker-in-docker.gitlab-ci.yml[] ----- \ No newline at end of file +:template: container/docker-in-docker.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/documentation/tool-documentation-tool.adoc b/documentation/chapters/templates/documentation/tool-documentation-tool.adoc index f18abd2..0192e25 100644 --- a/documentation/chapters/templates/documentation/tool-documentation-tool.adoc +++ b/documentation/chapters/templates/documentation/tool-documentation-tool.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates/ - = Dokumentation-Tool-template The Dokumentation tool template. @@ -33,8 +31,5 @@ The following variables have to be set and are not optional. | - |=== -.dokumentation-tool -[source,yaml] ----- -include::{sourcedir}documentations/documentation.gitlab-ci.yml[] ----- \ No newline at end of file +:template: documentations/documentation.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/java/gradle/gradle-build-template.adoc b/documentation/chapters/templates/java/gradle/gradle-build-template.adoc index e5bf00c..7ea347c 100644 --- a/documentation/chapters/templates/java/gradle/gradle-build-template.adoc +++ b/documentation/chapters/templates/java/gradle/gradle-build-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../../templates/ - = Gradle-build-template This template resolves the gradle dependencies of your project and builds the project. @@ -13,8 +11,5 @@ The resulting build files will be published as artefacts. |GRADLE_CLI_BUILD_OPTS | Additional Options that will be passed to Gradle while Building | "" |=== -.gradle-build-template -[source,yaml] ----- -include::{sourcedir}java/gradle/gradle-build.gitlab-ci.yml[] ----- \ No newline at end of file +:template: java/gradle/gradle-build.gitlab-ci.yml +include::../../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/java/gradle/gradle-db-diff-template.adoc b/documentation/chapters/templates/java/gradle/gradle-db-diff-template.adoc index 6a01af9..849b409 100644 --- a/documentation/chapters/templates/java/gradle/gradle-db-diff-template.adoc +++ b/documentation/chapters/templates/java/gradle/gradle-db-diff-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../../templates/ - = Gradle Database Diff This template generates a diff between the Liquibase schema and the Hibernate model of a database. @@ -19,8 +17,5 @@ Please look at the resulting changelog since it can have errors. | PATH_TO_DIFF | Path to the resulting diff is defined in gradle config, this will also be exposed as the artefact of the Job. | "build/db-diff.xml" |=== -.Gradle Liquibase Diff -[source,yaml] ----- -include::{sourcedir}java/gradle/gradle-database-diff.gitlab-ci.yml[] ----- \ No newline at end of file +:template: java/gradle/gradle-database-diff.gitlab-ci.yml +include::../../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/java/gradle/gradle-test-template.adoc b/documentation/chapters/templates/java/gradle/gradle-test-template.adoc index 3572476..61aa35c 100644 --- a/documentation/chapters/templates/java/gradle/gradle-test-template.adoc +++ b/documentation/chapters/templates/java/gradle/gradle-test-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../../templates/ - ifndef::imagesdir[] :imagesdir: ../../../../images/ endif::[] @@ -20,8 +18,5 @@ image::GitlabCiTest.png[] |GRADLE_CLI_OPTS | Zusätzliche CLI Opts für Gradle | "" |=== -.gradle-test-template -[source,yaml] ----- -include::{sourcedir}java/gradle/gradle-verify.gitlab-ci.yml[] ----- \ No newline at end of file +:template: java/gradle/gradle-verify.gitlab-ci.yml +include::../../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/java/maven/maven-build-template.adoc b/documentation/chapters/templates/java/maven/maven-build-template.adoc index c23f011..156e024 100644 --- a/documentation/chapters/templates/java/maven/maven-build-template.adoc +++ b/documentation/chapters/templates/java/maven/maven-build-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../../templates/ - = maven-build-template These Templates will build a .jar file with Maven and provides it as an Artifact @@ -10,8 +8,5 @@ These Templates will build a .jar file with Maven and provides it as an Artifact |MAVEN_CLI_BUILD_OPTS | Additional Options that will be passed to Maven while Building | "" |=== -.mvn-build-template -[source, yaml] ----- -include::{sourcedir}java/maven/maven-build.gitlab-ci.yml[] ----- \ No newline at end of file +:template: java/maven/maven-build.gitlab-ci.yml +include::../../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/java/maven/maven-db-diff-template.adoc b/documentation/chapters/templates/java/maven/maven-db-diff-template.adoc index 3fe7db7..26d97be 100644 --- a/documentation/chapters/templates/java/maven/maven-db-diff-template.adoc +++ b/documentation/chapters/templates/java/maven/maven-db-diff-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../../templates/ - = Maven Database Diff This template generates a diff between the Liquibase schema and the Hibernate model of a database. @@ -13,8 +11,5 @@ Please look at the resulting changelog since it can have errors. | PATH_TO_DIFF | Path to the resulting diff is defined in gradle config, this will also be exposed as the artefact of the Job. | "target/db-diff.xml" |=== -.gradle-build-template -[source,yaml] ----- -include::{sourcedir}java/maven/maven-database-diff.gitlab-ci.yml[] ----- \ No newline at end of file +:template: java/maven/maven-database-diff.gitlab-ci.yml +include::../../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/java/maven/maven-dependencies-template.adoc b/documentation/chapters/templates/java/maven/maven-dependencies-template.adoc index a01389a..0801e11 100644 --- a/documentation/chapters/templates/java/maven/maven-dependencies-template.adoc +++ b/documentation/chapters/templates/java/maven/maven-dependencies-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../../templates/ - = Gradle Dependencies Template This Template resolves the Maven Dependencies of your Projekt. @@ -10,8 +8,5 @@ The result will be cached when you include the common CI variables. |Name |Description | Default Value |=== -.mvn-dependencies-template -[source, yaml] ----- -include::{sourcedir}java/maven/maven-dependencies.gitlab-ci.yml[] ----- \ No newline at end of file +:template: java/maven/maven-dependencies.gitlab-ci.yml +include::../../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/java/maven/maven-verify-template.adoc b/documentation/chapters/templates/java/maven/maven-verify-template.adoc index 75796bf..fcafeb8 100644 --- a/documentation/chapters/templates/java/maven/maven-verify-template.adoc +++ b/documentation/chapters/templates/java/maven/maven-verify-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../../templates/ - ifndef::imagesdir[] :imagesdir: ../../../../images/ endif::[] @@ -20,8 +18,5 @@ image::GitlabCiTest.png[] |Name |Description | Default Value |=== -.mvn-verify-template -[source, yaml] ----- -include::{sourcedir}/java/maven/maven-verify.gitlab-ci.yml[] ----- \ No newline at end of file +:template: /java/maven/maven-verify.gitlab-ci.yml +include::../../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/npm/npm-build-template.adoc b/documentation/chapters/templates/npm/npm-build-template.adoc index 4790f55..bc542da 100644 --- a/documentation/chapters/templates/npm/npm-build-template.adoc +++ b/documentation/chapters/templates/npm/npm-build-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates/ - = NPM Build Template This template will build a NPM project and saved the artifacts for the next build step. @@ -12,8 +10,5 @@ This template will build a NPM project and saved the artifacts for the next buil | "" |=== -.npm-build-template -[source, yaml] ----- -include::{sourcedir}npm/npm-build.gitlab-ci.yml[] ----- \ No newline at end of file +:template: npm/npm-build.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/npm/npm-dependencies-template.adoc b/documentation/chapters/templates/npm/npm-dependencies-template.adoc index 6218f10..2a551cc 100644 --- a/documentation/chapters/templates/npm/npm-dependencies-template.adoc +++ b/documentation/chapters/templates/npm/npm-dependencies-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates/ - = NPM Dependencies template This template loads the NPM dependencies of the project. @@ -13,8 +11,5 @@ Please add the NPM cache. Look xref:Generel-Variablen[generell Variables] | "" |=== -.npm-dependencies-template -[source, yaml] ----- -include::{sourcedir}npm/npm-dependencies.gitlab-ci.yml[] ----- \ No newline at end of file +:template: npm/npm-dependencies.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/npm/npm-lint-template.adoc b/documentation/chapters/templates/npm/npm-lint-template.adoc index 1ea7ebd..eb45523 100644 --- a/documentation/chapters/templates/npm/npm-lint-template.adoc +++ b/documentation/chapters/templates/npm/npm-lint-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates/ - = NPM Lint template This template starts the linter of your NPM project. @@ -12,8 +10,5 @@ This template starts the linter of your NPM project. | "" |=== -.npm-lint-template -[source, yaml] ----- -include::{sourcedir}npm/npm-lint.gitlab-ci.yml[] ----- \ No newline at end of file +:template: npm/npm-lint.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/npm/npm-test-template.adoc b/documentation/chapters/templates/npm/npm-test-template.adoc index 764b755..cc29a7a 100644 --- a/documentation/chapters/templates/npm/npm-test-template.adoc +++ b/documentation/chapters/templates/npm/npm-test-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates/ - = NPM Test Template This template will run your NPM unit tests @@ -12,8 +10,5 @@ This template will run your NPM unit tests | "" |=== -.npm-test-template -[source, yaml] ----- -include::{sourcedir}npm/npm-verify.gitlab-ci.yml[] ----- \ No newline at end of file +:template: npm/npm-verify.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/releasing/mail-template.adoc b/documentation/chapters/templates/releasing/mail-template.adoc index ff095d4..ff07265 100644 --- a/documentation/chapters/templates/releasing/mail-template.adoc +++ b/documentation/chapters/templates/releasing/mail-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates/ - = mail-template This template provides a service to send mails from a pipeline with the help of a smtp server. @@ -15,8 +13,5 @@ For more details: https://gitlab.exxcellent.de/gilden/ci/exxcellent-mail-tool[Gi NOTE: The template uses the port 25 config as a default which doesn't need a smtp auth and a smtp user with the restriction that it only works from within the exxcellent gitlab-ci runners. For other configs visit the https://gitlab.exxcellent.de/gilden/ci/exxcellent-mail-tool[mail-tool docs] -.mail-template -[source, yaml] ----- -include::{sourcedir}releasing/mail.gitlab-ci.yml[] ----- \ No newline at end of file +:template: releasing/mail.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/releasing/push-tag-and-version-template.adoc b/documentation/chapters/templates/releasing/push-tag-and-version-template.adoc index b9676c1..8ecfe0b 100644 --- a/documentation/chapters/templates/releasing/push-tag-and-version-template.adoc +++ b/documentation/chapters/templates/releasing/push-tag-and-version-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates/ - = Push Tag and Version Template This template creates a new tag und updates the version of your project in the repository. Additionally, the template builds a new artifact with the `mvn package` command after setting the version which then can be exported with the gitlab-ci _artifacts_ keyword and used in subsequent stages. @@ -13,8 +11,5 @@ For more details: https://gitlab.exxcellent.de/gilden/ci/exxcellent-ssh-tool[Gil |MVN_EXTRA_ARGS | sets extra args which will be added behind the `mvn` command | "" |=== -.push-tag-and-version-template -[source, yaml] ----- -include::{sourcedir}releasing/push-tag-and-version.gitlab-ci.yml[] ----- \ No newline at end of file +:template: releasing/push-tag-and-version.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/releasing/release-gitlab-template.adoc b/documentation/chapters/templates/releasing/release-gitlab-template.adoc index 0cceb41..b3ddc5a 100644 --- a/documentation/chapters/templates/releasing/release-gitlab-template.adoc +++ b/documentation/chapters/templates/releasing/release-gitlab-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates/ - [#_release_gitlab_template] = Gitlab Release Template @@ -11,8 +9,5 @@ This Template makes it easier to create Gitlab Release from the CI |DESCRIPTION | The Content that has changed in the last release. Can be changed manual afterwards | "" |=== -.Template -[source, yaml] ----- -include::{sourcedir}releasing/release-gitlab.gitlab-ci.yml[] ----- \ No newline at end of file +:template: releasing/release-gitlab.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/releasing/release-template.adoc b/documentation/chapters/templates/releasing/release-template.adoc index 7d9df96..239914c 100644 --- a/documentation/chapters/templates/releasing/release-template.adoc +++ b/documentation/chapters/templates/releasing/release-template.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates/ - [#_release_template] = Release Template @@ -24,8 +22,5 @@ For more information see the <<_pipeline_release>> documentation. |PARENT_PIPELINE_ID | The if of the parent pipeline. Needed to be able to use artifacts in the child pipeline | $CI_PIPELINE_ID |=== -.release-template -[source, yaml] ----- -include::{sourcedir}releasing/release.gitlab-ci.yml[] ----- \ No newline at end of file +:template: releasing/release.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/releasing/set-version-template.adoc b/documentation/chapters/templates/releasing/set-version-template.adoc index 68f6b4b..79ee801 100644 --- a/documentation/chapters/templates/releasing/set-version-template.adoc +++ b/documentation/chapters/templates/releasing/set-version-template.adoc @@ -1,6 +1,3 @@ -:sourcedir: ../../../../templates/ - - = Set Version This template provides the job for increasing the tag version. @@ -22,8 +19,5 @@ a| ** use more traditional version number. e.g: 1.2.3.6 | "false" |=== -.set-version-template -[source, yaml] ----- -include::{sourcedir}/releasing/set-version.gitlab-ci.yml[] ----- \ No newline at end of file +:template: /releasing/set-version.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/static-analysis/repo-cve-scan.adoc b/documentation/chapters/templates/static-analysis/repo-cve-scan.adoc index 211ec3a..e47679e 100644 --- a/documentation/chapters/templates/static-analysis/repo-cve-scan.adoc +++ b/documentation/chapters/templates/static-analysis/repo-cve-scan.adoc @@ -1,5 +1,3 @@ -:sourcedir: ../../../../templates/ - = Repo CVE Scan This template uses Trivy to scan for CVEs, Configuration Problems and Secrets within your Repository. @@ -27,8 +25,5 @@ Please consider using `allow_failure: true` instead of 0. The CI will show you a |=== -.Repo CVE scan template -[source,yaml] ----- -include::{sourcedir}static-analysis/repo-cve-scan-trivy.gitlab-ci.yml[] ----- \ No newline at end of file +:template: static-analysis/repo-cve-scan-trivy.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/static-analysis/sonar-7.adoc b/documentation/chapters/templates/static-analysis/sonar-7.adoc index 0f1b9df..8b59aa4 100644 --- a/documentation/chapters/templates/static-analysis/sonar-7.adoc +++ b/documentation/chapters/templates/static-analysis/sonar-7.adoc @@ -1,4 +1,3 @@ -:sourcedir: ../../../../templates/ = Sonar 7 The following templates provide integrations for Sonar @@ -20,8 +19,5 @@ Ein technischer User ist aktuell nicht möglich. Das Token wird ausschließlich dafür benötigt, wenn der Sonar Buildbreaker über die Pipeline aktiviert wird (_sonar.buildbreaker.skip=true_). Wenn der Build nicht gebrochen werden soll, kann es weggelassen werden. -.sonar-template -[source,yaml] ----- -include::{sourcedir}static-analysis/sonar-7.gitlab-ci.yml[] ----- +:template: static-analysis/sonar-7.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/static-analysis/sonar-8.adoc b/documentation/chapters/templates/static-analysis/sonar-8.adoc index a7e4a21..b7865a9 100644 --- a/documentation/chapters/templates/static-analysis/sonar-8.adoc +++ b/documentation/chapters/templates/static-analysis/sonar-8.adoc @@ -1,4 +1,3 @@ -:sourcedir: ../../../../templates/ = Sonar 8 The following templates provide integrations for Sonar @@ -18,8 +17,5 @@ Has to be `true` if the quality-gate should fail your pipelines. Please consider |=== -.sonar-template -[source,yaml] ----- -include::{sourcedir}static-analysis/sonar-8.gitlab-ci.yml[] ----- +:template: static-analysis/sonar-8.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/template-printer.adoc b/documentation/template-printer.adoc new file mode 100644 index 0000000..4f6d44b --- /dev/null +++ b/documentation/template-printer.adoc @@ -0,0 +1,17 @@ +.Include +[source,yaml,subs=attributes] +---- +include: + - project: 'gilden/ci/gitlab-ci-templates' + ref: 'master' + file: + - '/templates/{template}' +---- + +.Original Template +[source,yaml] +---- +include::../templates/{template}[] +---- + + From 419f6a4f7b0f00596fdd51896c3da2bedc90d33c Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 17 Jun 2022 09:08:33 +0200 Subject: [PATCH 116/166] chore(Trivy): Update to 0.29.0 --- templates/container/container-scan.gitlab-ci.yml | 2 +- templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/container/container-scan.gitlab-ci.yml b/templates/container/container-scan.gitlab-ci.yml index 74e1ac1..347357d 100644 --- a/templates/container/container-scan.gitlab-ci.yml +++ b/templates/container/container-scan.gitlab-ci.yml @@ -1,6 +1,6 @@ .container-scan-trivy: image: - name: docker.io/aquasec/trivy:0.27.1 + name: docker.io/aquasec/trivy:0.29.0 entrypoint: [ "" ] stage: verify variables: diff --git a/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml b/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml index e3e6ad6..f73173d 100644 --- a/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml +++ b/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml @@ -1,6 +1,6 @@ .repo-cve-scan-trivy: image: - name: docker.io/aquasec/trivy:0.27.1 + name: docker.io/aquasec/trivy:0.29.0 entrypoint: [ "" ] stage: verify needs: [] From 1625898efcf409ec279aaa67afa19d4f96498499 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 17 Jun 2022 09:10:09 +0200 Subject: [PATCH 117/166] chore(Release): Update exxcellent-increase-version-tool to 3.2.0 --- templates/releasing/set-version.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/releasing/set-version.gitlab-ci.yml b/templates/releasing/set-version.gitlab-ci.yml index 8d88049..99bc9c3 100644 --- a/templates/releasing/set-version.gitlab-ci.yml +++ b/templates/releasing/set-version.gitlab-ci.yml @@ -1,6 +1,6 @@ .set-version: stage: set-version - image: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-increase-version-tool:3.1.1 + image: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-increase-version-tool:3.2.0 variables: BUMP_VERSION: "major" PREFIX: "" From b7be408834a586c4b624dd851252148b80c55319 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Mon, 20 Jun 2022 08:04:11 +0000 Subject: [PATCH 118/166] chore(Sonar): Disable Sonar8 for Gradle Pipeline --- pipelines/java-gradle.gitlab-ci.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/pipelines/java-gradle.gitlab-ci.yml b/pipelines/java-gradle.gitlab-ci.yml index 8c14bfa..57e4cf3 100644 --- a/pipelines/java-gradle.gitlab-ci.yml +++ b/pipelines/java-gradle.gitlab-ci.yml @@ -23,10 +23,10 @@ Repo-CVE-Scan: allow_failure: true extends: .repo-cve-scan-trivy -sonar: - extends: .sonar-gradle - needs: - - job: "Build-Java" - artifacts: true - variables: - SONAR_PROJECT_NAME: $CI_PROJECT_NAME +#sonar: +# extends: .sonar-gradle +# needs: +# - job: "Build-Java" +# artifacts: true +# variables: +# SONAR_PROJECT_NAME: $CI_PROJECT_NAME From 11a6ff978901ac651668272af06eeb4830748efa Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Mon, 20 Jun 2022 09:17:19 +0000 Subject: [PATCH 119/166] chore(Release): set allow_failure to true --- templates/releasing/release.gitlab-ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/templates/releasing/release.gitlab-ci.yml b/templates/releasing/release.gitlab-ci.yml index 28be70d..9b88685 100644 --- a/templates/releasing/release.gitlab-ci.yml +++ b/templates/releasing/release.gitlab-ci.yml @@ -2,6 +2,7 @@ stage: release variables: PARENT_PIPELINE_ID: $CI_PIPELINE_ID + allow_failure: true trigger: include: release.gitlab-ci.yml strategy: depend From b5121b966bacb1d9bbd9f5c6c32a3762a1e90d70 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Mon, 20 Jun 2022 19:33:06 +0200 Subject: [PATCH 120/166] docs(Stage): Add generell information about the stages of our architecture and the architecture of Docker Containers. --- .../templates/container/container-build.adoc | 3 +- .../container/container-publish.adoc | 2 +- .../templates/container/docker-in-docker.adoc | 3 +- documentation/document.adoc | 30 +++++++++++++-- documentation/generalInformation.adoc | 37 ++++++++++++++++++- 5 files changed, 67 insertions(+), 8 deletions(-) diff --git a/documentation/chapters/templates/container/container-build.adoc b/documentation/chapters/templates/container/container-build.adoc index 8483d6a..0cb8804 100644 --- a/documentation/chapters/templates/container/container-build.adoc +++ b/documentation/chapters/templates/container/container-build.adoc @@ -1,3 +1,4 @@ +[[_container_build]] = Build .Provided Templates: @@ -13,7 +14,7 @@ We use Kaniko because it is faster than Docker builds and has less security prob The generated image will be passed as a Tar-Artefact between stages. This allows us to make forder manipulations and scan jobs on one container Image. -The template <<_container_publish>> allows you to publish the build image to a registry +The template <<_container_publish>> allows you to publish the build image to a registry. .Variables |=== diff --git a/documentation/chapters/templates/container/container-publish.adoc b/documentation/chapters/templates/container/container-publish.adoc index 0cf47b1..892cb74 100644 --- a/documentation/chapters/templates/container/container-publish.adoc +++ b/documentation/chapters/templates/container/container-publish.adoc @@ -1,5 +1,5 @@ [#_container_publish] -= Container Publish += Publish Moves a container from the filesystem to a remote repository. Needs a build container on the path `image.tar`. Use one of the Container build templates for this. diff --git a/documentation/chapters/templates/container/docker-in-docker.adoc b/documentation/chapters/templates/container/docker-in-docker.adoc index 90ba4db..43db717 100644 --- a/documentation/chapters/templates/container/docker-in-docker.adoc +++ b/documentation/chapters/templates/container/docker-in-docker.adoc @@ -1,7 +1,8 @@ -= Docker in Docker += Docker in Docker Helper This template helps to start jobs, that need a docker environment to run. Simply expand from this Template. +You than have access to a Docker over the address behind `$DOCKER_HOST` :template: container/docker-in-docker.gitlab-ci.yml include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/document.adoc b/documentation/document.adoc index 93af2d9..c391517 100644 --- a/documentation/document.adoc +++ b/documentation/document.adoc @@ -49,20 +49,42 @@ include::chapters/templates/IaC/ansible.adoc[leveloffset=2] include::chapters/templates/IaC/docker-compose.adoc[leveloffset=2] include::chapters/templates/IaC/ssh-transfer-data.adoc[leveloffset=2] - == Container Templates -Our collection of Container Templates. +We have optimised building container within our templates a lot. +We found divide building and releasing containers into different jobs to be the fastest way to build container artefacts. +Because you can build your container while executing other verify stages. +Publishing containers is a very cheap operation. + +The following graph charts shows thru which stages containers will go and which artefakts will be passed between stages. +[mermaid] +.... +flowchart LR + + subgraph Build Stage + build_src(Source Code Build) -- Needs Source artefacts --> build_c + build_c(Container-Build) + end + + subgraph Verify Stage + build_c -- image.tar --> cve(Scan CVEs) + end + + subgraph Release Stage + cve -- image.tar / Scanned --> Publish + end + Publish -- image --> Registry +.... include::chapters/templates/container/container-build.adoc[leveloffset=2] include::chapters/templates/container/container-publish.adoc[leveloffset=2] include::chapters/templates/container/container-scan.adoc[leveloffset=2] - == Releasing Templates The following Templates provide an simpler integration into the https://gitlab.exxcellent.de/gilden/ci/exxcellent-increase-version-tool[Increase-Version-Tool] of the CI-Gilde. -We also provide finished Pipelines in our <<_pipelines>> section. We highly recommend using those Pipelines since this is our reference Implementation. +We also provide finished Pipelines in our <<_pipelines>> section. +We highly recommend using those Pipelines since this is our reference Implementation. include::chapters/templates/releasing/push-tag-and-version-template.adoc[leveloffset=3] include::chapters/templates/releasing/set-version-template.adoc[leveloffset=3] diff --git a/documentation/generalInformation.adoc b/documentation/generalInformation.adoc index b8a5223..876e8cb 100644 --- a/documentation/generalInformation.adoc +++ b/documentation/generalInformation.adoc @@ -1,6 +1,41 @@ :sourcedir: ../../../../templates -== Templates and Pipelines +== High Level Architektur. + +The entire architektur of the templates build on the following five stages. +they are assumed to be in the following order but don't have to be. + +[mermaid] +.... +flowchart LR + Start --> dep(Dependencies) + dep --> build(Build) + build --> verify(Verfiy) + verify --> docs(Documentation) + docs --> Release +.... + +=== Dependencies - dependencies +Jobs within this stage are loading all needed Dependencies. This is done for better cache management of Dependencies. + +=== Build - build +Jobs within this stage, build all needed artefacts that you need in later stages and for releasing. +In case you need to build multiple artefacts execute following jobs as soon as needed artefacts are build. +Look into Gitlabs https://docs.gitlab.com/ee/ci/yaml/#needs[Needs Documentation]. + +=== Verify - verify +Jobs within this stage verify your repository functionality. +This is the biggest stage, within most continues integrations. +Verify and Test as much as you can in these Jobs. + +=== Documentation - docs +Jobs within this stage build and publish your documentation. + +=== Release - release +Jobs within this stage publish your artefacts or automate creating Tags. +For more information look into <<_pipeline_release>> + +== About Templates and Pipelines Within this Repository all CI Templates and CI Pipeline-Templates of the CI-Gilde can be found. Templates are predefined Jobs. From ddd2112bad3366537e6e7f0abdd6d03dcc6f1124 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 24 Jun 2022 11:46:31 +0200 Subject: [PATCH 121/166] chore(Trivy): update trivy to version 0.29.2 --- templates/container/container-scan.gitlab-ci.yml | 2 +- templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/container/container-scan.gitlab-ci.yml b/templates/container/container-scan.gitlab-ci.yml index 347357d..0725b83 100644 --- a/templates/container/container-scan.gitlab-ci.yml +++ b/templates/container/container-scan.gitlab-ci.yml @@ -1,6 +1,6 @@ .container-scan-trivy: image: - name: docker.io/aquasec/trivy:0.29.0 + name: docker.io/aquasec/trivy:0.29.2 entrypoint: [ "" ] stage: verify variables: diff --git a/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml b/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml index f73173d..dc2d803 100644 --- a/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml +++ b/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml @@ -1,6 +1,6 @@ .repo-cve-scan-trivy: image: - name: docker.io/aquasec/trivy:0.29.0 + name: docker.io/aquasec/trivy:0.29.2 entrypoint: [ "" ] stage: verify needs: [] From 6a4f3f5efb97d750f75b0046c55032d57838e331 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 24 Jun 2022 12:48:14 +0200 Subject: [PATCH 122/166] docs(todos): Removed not needed todos added small documentation that where missing --- ...-documentation-tool.adoc => documentation.adoc} | 1 - .../java/gradle/gradle-db-diff-template.adoc | 11 ++++++----- documentation/document.adoc | 5 +---- pipelines/java-gradle.gitlab-ci.yml | 14 -------------- pipelines/java-maven.gitlab-ci.yml | 14 -------------- .../java/gradle/gradle-database-diff.gitlab-ci.yml | 2 +- templates/npm/npm-lint.gitlab-ci.yml | 2 +- 7 files changed, 9 insertions(+), 40 deletions(-) rename documentation/chapters/templates/documentation/{tool-documentation-tool.adoc => documentation.adoc} (96%) diff --git a/documentation/chapters/templates/documentation/tool-documentation-tool.adoc b/documentation/chapters/templates/documentation/documentation.adoc similarity index 96% rename from documentation/chapters/templates/documentation/tool-documentation-tool.adoc rename to documentation/chapters/templates/documentation/documentation.adoc index 0192e25..3470b4e 100644 --- a/documentation/chapters/templates/documentation/tool-documentation-tool.adoc +++ b/documentation/chapters/templates/documentation/documentation.adoc @@ -5,7 +5,6 @@ More details and Variables can be found here: https://gitlab.exxcellent.de/gilde The following variables have to be set and are not optional. -//todo these Variables hav to describet. .Variables |=== |Name |Description | Default Value diff --git a/documentation/chapters/templates/java/gradle/gradle-db-diff-template.adoc b/documentation/chapters/templates/java/gradle/gradle-db-diff-template.adoc index 849b409..e0a0859 100644 --- a/documentation/chapters/templates/java/gradle/gradle-db-diff-template.adoc +++ b/documentation/chapters/templates/java/gradle/gradle-db-diff-template.adoc @@ -4,11 +4,12 @@ This template generates a diff between the Liquibase schema and the Hibernate mo The resulting xml can be used as a base for schema changes. Please look at the resulting changelog since it can have errors. -//#todo add documentation how to run agains real server oder service -//#If you wand to run against a real server. -//#overrite -Dvariable.liquibase.database.url= in the script section -//#add a service with your desired Database container. -//#use the alias in the service to define the alias for the database url +== Run against real Server + +If you wand to run the integration against a real server. +Override `GRADLE_CLI_OPTS` with `-Dvariable.liquibase.database.url=`. +It is also possible to add a service container with your desired Database. +Use the alias field in the service definition to define the address for the for `database_url` .Variables |=== diff --git a/documentation/document.adoc b/documentation/document.adoc index c391517..1c02560 100644 --- a/documentation/document.adoc +++ b/documentation/document.adoc @@ -132,14 +132,11 @@ include::chapters/templates/static-analysis/sonar-7.adoc[leveloffset=2] This collection provides templates to simplify your dokumentation prozess. -include::chapters/templates/documentation/tool-documentation-tool.adoc[leveloffset=2] +include::chapters/templates/documentation/documentation.adoc[leveloffset=2] [#_pipelines] === Pipelines include::chapters/pipelines/eXXcellent-release.adoc[leveloffset=3] -//todo docs for new pipelines -//In particular docs for the keyword needs hinzufügen. needs container build step. artefacts true - //todo licensing documentieren \ No newline at end of file diff --git a/pipelines/java-gradle.gitlab-ci.yml b/pipelines/java-gradle.gitlab-ci.yml index 57e4cf3..def92c4 100644 --- a/pipelines/java-gradle.gitlab-ci.yml +++ b/pipelines/java-gradle.gitlab-ci.yml @@ -4,12 +4,6 @@ include: - '/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml' - '/templates/static-analysis/sonar-8.gitlab-ci.yml' - # todo docs - -# todo Variablen die gesetzt werden müssen -# variables: -# SONAR_PROJECT_KEY: "" - Build-Java: extends: .gradle-build @@ -22,11 +16,3 @@ Test-Java: Repo-CVE-Scan: allow_failure: true extends: .repo-cve-scan-trivy - -#sonar: -# extends: .sonar-gradle -# needs: -# - job: "Build-Java" -# artifacts: true -# variables: -# SONAR_PROJECT_NAME: $CI_PROJECT_NAME diff --git a/pipelines/java-maven.gitlab-ci.yml b/pipelines/java-maven.gitlab-ci.yml index 07909e5..280652a 100644 --- a/pipelines/java-maven.gitlab-ci.yml +++ b/pipelines/java-maven.gitlab-ci.yml @@ -6,12 +6,6 @@ include: - '/templates/static-analysis/repo-cve-scan-trivy.gitlab-ci.yml' - '/templates/static-analysis/sonar-8.gitlab-ci.yml' -# todo docs - -# todo Variablen die gesetzt werden müssen -# variables: -# SONAR_PROJECT_KEY: "" - Dependencies-Java: extends: .maven-dependencies @@ -30,11 +24,3 @@ Test-Java: Repo-CVE-Scan: allow_failure: true extends: .repo-cve-scan-trivy - -#Sonar: -# extends: .sonar-maven -# needs: -# - job: "Build-Java" -# artifacts: true -# variables: -# SONAR_PROJECT_NAME: $CI_PROJECT_NAME diff --git a/templates/java/gradle/gradle-database-diff.gitlab-ci.yml b/templates/java/gradle/gradle-database-diff.gitlab-ci.yml index 194230c..8c9e068 100644 --- a/templates/java/gradle/gradle-database-diff.gitlab-ci.yml +++ b/templates/java/gradle/gradle-database-diff.gitlab-ci.yml @@ -9,5 +9,5 @@ include: GRADLE_EXTRA_OPTS: "" PATH_TO_DIFF: "build/db-diff.xml" script: - - ./gradlew liquibase:update liquibase:diff $GRADLE_EXTRA_OPTS + - ./gradlew liquibase:update liquibase:diff $GRADLE_CLI_OPTS diff --git a/templates/npm/npm-lint.gitlab-ci.yml b/templates/npm/npm-lint.gitlab-ci.yml index 18ad525..f5964e1 100644 --- a/templates/npm/npm-lint.gitlab-ci.yml +++ b/templates/npm/npm-lint.gitlab-ci.yml @@ -11,7 +11,7 @@ script: - "cd $FRONTEND_DIR" - npm run lint -# artifacts: todo add lint results in artifact if posible +# artifacts: todo add lint results in artifact if possible # expire_in: 2 weeks # when: always # paths: From cd43f9c160b63c46e2e228ea4500aaf20843e231 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 1 Jul 2022 09:48:03 +0200 Subject: [PATCH 123/166] chore(Docker-compose): update --- templates/IaC/docker-compose.gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index 6f2ef31..ae510c1 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -2,7 +2,7 @@ image: docker:20.10.16-alpine3.15 stage: deploy variables: - DOCKER_COMPOSE_VERSION: v2.6.0 + DOCKER_COMPOSE_VERSION: v2.6.1 SCP_DESTINATION: "" SCP_SOURCE: $CI_PROJECT_DIR COMPOSE_EXTRA_ARGS: "" @@ -53,7 +53,7 @@ image: docker:20.10.16-alpine3.15 stage: verify variables: - DOCKER_COMPOSE_VERSION: v2.6.0 + DOCKER_COMPOSE_VERSION: v2.6.1 before_script: #Install docker Compose, from release directly - wget https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose From aad5b97f5088894466db50da7b519d724b59abbf Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 1 Jul 2022 09:54:51 +0200 Subject: [PATCH 124/166] chore(MonoRepo): Switch to correct cd definition of Backend or Context dir. --- templates/IaC/docker-compose.gitlab-ci.yml | 1 - templates/container/container-build.gitlab-ci.yml | 10 ++++++++-- templates/java/gradle/gradle-build.gitlab-ci.yml | 4 ++++ .../java/gradle/gradle-database-diff.gitlab-ci.yml | 5 +++++ templates/java/gradle/gradle-license.gitlab-ci.yml | 5 +++++ templates/java/gradle/gradle-verify.gitlab-ci.yml | 5 +++++ templates/java/maven/maven-build.gitlab-ci.yml | 5 ++++- templates/java/maven/maven-database-diff.gitlab-ci.yml | 6 +++++- templates/java/maven/maven-dependencies.gitlab-ci.yml | 6 +++++- templates/java/maven/maven-license.gitlab-ci.yml | 6 +++++- templates/java/maven/maven-verify.gitlab-ci.yml | 6 +++++- templates/static-analysis/sonar-7.gitlab-ci.yml | 10 ++++++++++ templates/static-analysis/sonar-8.gitlab-ci.yml | 10 ++++++++++ 13 files changed, 71 insertions(+), 8 deletions(-) diff --git a/templates/IaC/docker-compose.gitlab-ci.yml b/templates/IaC/docker-compose.gitlab-ci.yml index ae510c1..a49cb79 100644 --- a/templates/IaC/docker-compose.gitlab-ci.yml +++ b/templates/IaC/docker-compose.gitlab-ci.yml @@ -48,7 +48,6 @@ - docker-compose $COMPOSE_EXTRA_ARGS pull - docker-compose $COMPOSE_EXTRA_ARGS up -d --remove-orphans $COMPOSE_UP_EXTRA_ARGS -#todo add docker compose renovate updater .docker-compose-validate: image: docker:20.10.16-alpine3.15 stage: verify diff --git a/templates/container/container-build.gitlab-ci.yml b/templates/container/container-build.gitlab-ci.yml index d23a323..446257d 100644 --- a/templates/container/container-build.gitlab-ci.yml +++ b/templates/container/container-build.gitlab-ci.yml @@ -11,7 +11,10 @@ extends: .container-build-common image: $MAVEN_IMAGE script: - - "cd $CONTEXT_LOCATION" + - > + if [ "$CONTEXT_LOCATION" != "" ]; then + cd $CONTEXT_LOCATION + fi - mvn $MAVEN_CLI_OPTS jib:buildTar -DskipTests -Djib.outputPaths.tar=$CI_PROJECT_DIR/image.tar $EXTRA_ARGS .container-build-jib-gradle: @@ -20,7 +23,10 @@ variables: EXTRA_ARGS: $GRADLE_EXTRA_ARGS script: - - "cd $CONTEXT_LOCATION" + - > + if [ "$CONTEXT_LOCATION" != "" ]; then + cd $CONTEXT_LOCATION + fi - ./gradlew $GRADLE_CLI_OPTS jibBuildTar -DskipTests -Djib.outputPaths.tar=$CI_PROJECT_DIR/image.tar $EXTRA_ARGS .container-build-kaniko: diff --git a/templates/java/gradle/gradle-build.gitlab-ci.yml b/templates/java/gradle/gradle-build.gitlab-ci.yml index f123165..453bde6 100644 --- a/templates/java/gradle/gradle-build.gitlab-ci.yml +++ b/templates/java/gradle/gradle-build.gitlab-ci.yml @@ -2,6 +2,10 @@ stage: build image: $GRADLE_IMAGE before_script: + - > + if [ "$BACKEND_DIR" != "" ]; then + cd $BACKEND_DIR + fi # Replace version in Gradle file with $CI_COMMIT_TAG - > if [ ! -z "$CI_COMMIT_TAG" ] && [ ! -z "$PATH_TO_VERSION_FILE" ]; then diff --git a/templates/java/gradle/gradle-database-diff.gitlab-ci.yml b/templates/java/gradle/gradle-database-diff.gitlab-ci.yml index 8c9e068..df489a7 100644 --- a/templates/java/gradle/gradle-database-diff.gitlab-ci.yml +++ b/templates/java/gradle/gradle-database-diff.gitlab-ci.yml @@ -8,6 +8,11 @@ include: variables: GRADLE_EXTRA_OPTS: "" PATH_TO_DIFF: "build/db-diff.xml" + before_script: + - > + if [ "$BACKEND_DIR" != "" ]; then + cd $BACKEND_DIR + fi script: - ./gradlew liquibase:update liquibase:diff $GRADLE_CLI_OPTS diff --git a/templates/java/gradle/gradle-license.gitlab-ci.yml b/templates/java/gradle/gradle-license.gitlab-ci.yml index c54f7f7..1f3a3b0 100644 --- a/templates/java/gradle/gradle-license.gitlab-ci.yml +++ b/templates/java/gradle/gradle-license.gitlab-ci.yml @@ -1,6 +1,11 @@ .gradle-licence-bom: image: $GRADLE_IMAGE stage: build + before_script: + - > + if [ "$BACKEND_DIR" != "" ]; then + cd $BACKEND_DIR + fi script: - "cd $BACKEND_DIR" - "./gradlew --build-cache cyclonedxBom $GRADLE_CLI_OPTS" diff --git a/templates/java/gradle/gradle-verify.gitlab-ci.yml b/templates/java/gradle/gradle-verify.gitlab-ci.yml index d8fd92d..0d56fb3 100644 --- a/templates/java/gradle/gradle-verify.gitlab-ci.yml +++ b/templates/java/gradle/gradle-verify.gitlab-ci.yml @@ -1,6 +1,11 @@ .gradle-verify: image: $GRADLE_IMAGE stage: verify + before_script: + - > + if [ "$BACKEND_DIR" != "" ]; then + cd $BACKEND_DIR + fi script: - "./gradlew --build-cache test $GRADLE_CLI_OPTS" artifacts: diff --git a/templates/java/maven/maven-build.gitlab-ci.yml b/templates/java/maven/maven-build.gitlab-ci.yml index 09cc16a..e719459 100644 --- a/templates/java/maven/maven-build.gitlab-ci.yml +++ b/templates/java/maven/maven-build.gitlab-ci.yml @@ -2,7 +2,10 @@ stage: build image: $MAVEN_IMAGE before_script: - - "cd $BACKEND_DIR" + - > + if [ "$BACKEND_DIR" != "" ]; then + cd $BACKEND_DIR + fi - > if [ ! -z "$CI_COMMIT_TAG" ]; then mvn $MVN_EXTRA_ARGS $MAVEN_CLI_OPTS versions:set -DnewVersion=$CI_COMMIT_TAG -DgenerateBackupPoms=false diff --git a/templates/java/maven/maven-database-diff.gitlab-ci.yml b/templates/java/maven/maven-database-diff.gitlab-ci.yml index 58eccd8..974cf31 100644 --- a/templates/java/maven/maven-database-diff.gitlab-ci.yml +++ b/templates/java/maven/maven-database-diff.gitlab-ci.yml @@ -8,8 +8,12 @@ include: variables: MAVEN_EXTRA_OPTS: "" PATH_TO_DIFF: "target/db-diff.xml" + before_script: + - > + if [ "$BACKEND_DIR" != "" ]; then + cd $BACKEND_DIR + fi script: - - "cd $BACKEND_DIR" - mvn compile liquibase:update liquibase:diff $MAVEN_EXTRA_OPTS artifacts: when: on_failure diff --git a/templates/java/maven/maven-dependencies.gitlab-ci.yml b/templates/java/maven/maven-dependencies.gitlab-ci.yml index 5296dea..1cf5920 100644 --- a/templates/java/maven/maven-dependencies.gitlab-ci.yml +++ b/templates/java/maven/maven-dependencies.gitlab-ci.yml @@ -1,6 +1,10 @@ .maven-dependencies: stage: dependencies image: $MAVEN_IMAGE + before_script: + - > + if [ "$BACKEND_DIR" != "" ]; then + cd $BACKEND_DIR + fi script: - - "cd $BACKEND_DIR" - "mvn $MAVEN_CLI_OPTS dependency:resolve" \ No newline at end of file diff --git a/templates/java/maven/maven-license.gitlab-ci.yml b/templates/java/maven/maven-license.gitlab-ci.yml index 54b2fb4..a7fff6e 100644 --- a/templates/java/maven/maven-license.gitlab-ci.yml +++ b/templates/java/maven/maven-license.gitlab-ci.yml @@ -1,8 +1,12 @@ .maven-licence-bom: image: $MAVEN_IMAGE stage: build + before_script: + - > + if [ "$BACKEND_DIR" != "" ]; then + cd $BACKEND_DIR + fi script: - - "cd $BACKEND_DIR" - mvn cyclonedx:makeBom artifacts: when: always diff --git a/templates/java/maven/maven-verify.gitlab-ci.yml b/templates/java/maven/maven-verify.gitlab-ci.yml index ce8647a..3ddf4ca 100644 --- a/templates/java/maven/maven-verify.gitlab-ci.yml +++ b/templates/java/maven/maven-verify.gitlab-ci.yml @@ -1,8 +1,12 @@ .maven-verify: image: $MAVEN_IMAGE stage: verify + before_script: + - > + if [ "$BACKEND_DIR" != "" ]; then + cd $BACKEND_DIR + fi script: - - "cd $BACKEND_DIR" - mvn $MAVEN_CLI_OPTS verify artifacts: expire_in: 2 weeks diff --git a/templates/static-analysis/sonar-7.gitlab-ci.yml b/templates/static-analysis/sonar-7.gitlab-ci.yml index b9f7f0e..7288223 100644 --- a/templates/static-analysis/sonar-7.gitlab-ci.yml +++ b/templates/static-analysis/sonar-7.gitlab-ci.yml @@ -12,6 +12,11 @@ .sonar-maven: extends: .sonar-template-common image: $MAVEN_IMAGE + before_script: + - > + if [ "$BACKEND_DIR" != "" ]; then + cd $BACKEND_DIR + fi script: - mvn $MAVEN_CLI_OPTS test sonar:sonar "-Dsonar.host.url=$SONAR_HOST_URL" @@ -26,6 +31,11 @@ .sonar-gradle: extends: .sonar-template-common image: $GRADLE_IMAGE + before_script: + - > + if [ "$BACKEND_DIR" != "" ]; then + cd $BACKEND_DIR + fi script: - ./gradlew $GRADLE_OPTS $GRADLE_CLI_OPTS sonarqube "-Dsonar.host.url=$SONAR_HOST_URL" diff --git a/templates/static-analysis/sonar-8.gitlab-ci.yml b/templates/static-analysis/sonar-8.gitlab-ci.yml index 4831870..befef7a 100644 --- a/templates/static-analysis/sonar-8.gitlab-ci.yml +++ b/templates/static-analysis/sonar-8.gitlab-ci.yml @@ -11,6 +11,11 @@ .sonar-maven: extends: .sonar-template-common image: $MAVEN_IMAGE + before_script: + - > + if [ "$BACKEND_DIR" != "" ]; then + cd $BACKEND_DIR + fi script: - mvn $MAVEN_CLI_OPTS test sonar:sonar "-Dsonar.host.url=$SONAR_HOST_URL" @@ -24,6 +29,11 @@ .sonar-gradle: extends: .sonar-template-common image: $GRADLE_IMAGE + before_script: + - > + if [ "$BACKEND_DIR" != "" ]; then + cd $BACKEND_DIR + fi script: - ./gradlew $GRADLE_OPTS sonarqube $GRADLE_CLI_OPTS "-Dsonar.host.url=$SONAR_HOST_URL" From 691cd0b5f0a922fa477e0028ba462b371bc06c59 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 1 Jul 2022 10:11:57 +0200 Subject: [PATCH 125/166] chore(Docker): Fix Dind test not running correctly in merge Pipelines --- test/docker/test-dind.gitlab-ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/docker/test-dind.gitlab-ci.yml b/test/docker/test-dind.gitlab-ci.yml index ceb6c7a..ef2ee89 100644 --- a/test/docker/test-dind.gitlab-ci.yml +++ b/test/docker/test-dind.gitlab-ci.yml @@ -8,5 +8,7 @@ Test-Simple-Dind: image: docker:stable extends: .docker-in-docker stage: verify + rules: + - when: always script: - docker run -t alpine echo test \ No newline at end of file From 97ff8551cbdd49819177605db004840a9f5e08aa Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 1 Jul 2022 10:15:17 +0200 Subject: [PATCH 126/166] chore(CI):Execute docker Tests within Merge Request pipelines --- .gitlab-ci.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f4dbcfa..c7c9b40 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -24,6 +24,8 @@ Test-Docker-compose: rules: - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH when: always + - if: $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH + when: always - when: manual trigger: strategy: depend @@ -35,6 +37,8 @@ Test-Dind: rules: - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH when: always + - if: $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH + when: always - when: manual trigger: strategy: depend From 357641729ac18864d85d7e5703f590b9c4945f02 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 1 Jul 2022 16:50:02 +0200 Subject: [PATCH 127/166] chore(Java): Reorder and add CLI arguments/options in Maven and Gradle --- templates/java/gradle/gradle-build.gitlab-ci.yml | 2 +- templates/java/gradle/gradle-database-diff.gitlab-ci.yml | 2 +- templates/java/gradle/gradle-license.gitlab-ci.yml | 2 +- templates/java/gradle/gradle-verify.gitlab-ci.yml | 2 +- templates/java/maven/maven-build.gitlab-ci.yml | 2 +- templates/java/maven/maven-database-diff.gitlab-ci.yml | 2 +- templates/java/maven/maven-dependencies.gitlab-ci.yml | 2 +- templates/java/maven/maven-license.gitlab-ci.yml | 2 +- templates/java/maven/maven-verify.gitlab-ci.yml | 2 +- templates/static-analysis/sonar-7.gitlab-ci.yml | 2 +- templates/static-analysis/sonar-8.gitlab-ci.yml | 2 +- 11 files changed, 11 insertions(+), 11 deletions(-) diff --git a/templates/java/gradle/gradle-build.gitlab-ci.yml b/templates/java/gradle/gradle-build.gitlab-ci.yml index 453bde6..f44eaca 100644 --- a/templates/java/gradle/gradle-build.gitlab-ci.yml +++ b/templates/java/gradle/gradle-build.gitlab-ci.yml @@ -13,7 +13,7 @@ $(sed -i /^version/s/$GRADLE_VERSION/\'$CI_COMMIT_TAG\'/ $PATH_TO_VERSION_FILE) fi script: - - "./gradlew --build-cache assemble $GRADLE_CLI_BUILD_OPTS $GRADLE_CLI_OPTS" + - "./gradlew --build-cache assemble $GRADLE_CLI_BUILD_OPTS $GRADLE_CLI_OPTS $GRADLE_EXTRA_OPTS" artifacts: expire_in: 2 weeks when: on_success diff --git a/templates/java/gradle/gradle-database-diff.gitlab-ci.yml b/templates/java/gradle/gradle-database-diff.gitlab-ci.yml index df489a7..cf26db7 100644 --- a/templates/java/gradle/gradle-database-diff.gitlab-ci.yml +++ b/templates/java/gradle/gradle-database-diff.gitlab-ci.yml @@ -14,5 +14,5 @@ include: cd $BACKEND_DIR fi script: - - ./gradlew liquibase:update liquibase:diff $GRADLE_CLI_OPTS + - ./gradlew liquibase:update liquibase:diff $GRADLE_CLI_OPTS $GRADLE_EXTRA_OPTS diff --git a/templates/java/gradle/gradle-license.gitlab-ci.yml b/templates/java/gradle/gradle-license.gitlab-ci.yml index 1f3a3b0..b298922 100644 --- a/templates/java/gradle/gradle-license.gitlab-ci.yml +++ b/templates/java/gradle/gradle-license.gitlab-ci.yml @@ -8,7 +8,7 @@ fi script: - "cd $BACKEND_DIR" - - "./gradlew --build-cache cyclonedxBom $GRADLE_CLI_OPTS" + - "./gradlew --build-cache cyclonedxBom $GRADLE_CLI_OPTS $GRADLE_EXTRA_OPTS" needs: [] artifacts: expire_in: 2 weeks diff --git a/templates/java/gradle/gradle-verify.gitlab-ci.yml b/templates/java/gradle/gradle-verify.gitlab-ci.yml index 0d56fb3..93efc59 100644 --- a/templates/java/gradle/gradle-verify.gitlab-ci.yml +++ b/templates/java/gradle/gradle-verify.gitlab-ci.yml @@ -7,7 +7,7 @@ cd $BACKEND_DIR fi script: - - "./gradlew --build-cache test $GRADLE_CLI_OPTS" + - "./gradlew --build-cache test $GRADLE_CLI_OPTS $GRADLE_EXTRA_OPTS" artifacts: expire_in: 2 weeks reports: diff --git a/templates/java/maven/maven-build.gitlab-ci.yml b/templates/java/maven/maven-build.gitlab-ci.yml index e719459..96be9dc 100644 --- a/templates/java/maven/maven-build.gitlab-ci.yml +++ b/templates/java/maven/maven-build.gitlab-ci.yml @@ -8,7 +8,7 @@ fi - > if [ ! -z "$CI_COMMIT_TAG" ]; then - mvn $MVN_EXTRA_ARGS $MAVEN_CLI_OPTS versions:set -DnewVersion=$CI_COMMIT_TAG -DgenerateBackupPoms=false + mvn $MAVEN_CLI_OPTS $MAVEN_EXTRA_OPTS versions:set -DnewVersion=$CI_COMMIT_TAG -DgenerateBackupPoms=false $MVN_EXTRA_ARGS fi script: - "cd $BACKEND_DIR" diff --git a/templates/java/maven/maven-database-diff.gitlab-ci.yml b/templates/java/maven/maven-database-diff.gitlab-ci.yml index 974cf31..4644a24 100644 --- a/templates/java/maven/maven-database-diff.gitlab-ci.yml +++ b/templates/java/maven/maven-database-diff.gitlab-ci.yml @@ -14,7 +14,7 @@ include: cd $BACKEND_DIR fi script: - - mvn compile liquibase:update liquibase:diff $MAVEN_EXTRA_OPTS + - mvn $MAVEN_CLI_OPTS $MAVEN_EXTRA_OPTS compile liquibase:update liquibase:diff $MVN_EXTRA_ARGS artifacts: when: on_failure expire_in: 2 weeks diff --git a/templates/java/maven/maven-dependencies.gitlab-ci.yml b/templates/java/maven/maven-dependencies.gitlab-ci.yml index 1cf5920..414da79 100644 --- a/templates/java/maven/maven-dependencies.gitlab-ci.yml +++ b/templates/java/maven/maven-dependencies.gitlab-ci.yml @@ -7,4 +7,4 @@ cd $BACKEND_DIR fi script: - - "mvn $MAVEN_CLI_OPTS dependency:resolve" \ No newline at end of file + - mvn $MAVEN_CLI_OPTS $MAVEN_EXTRA_OPTS dependency:resolve $MVN_EXTRA_ARGS \ No newline at end of file diff --git a/templates/java/maven/maven-license.gitlab-ci.yml b/templates/java/maven/maven-license.gitlab-ci.yml index a7fff6e..f8c1b64 100644 --- a/templates/java/maven/maven-license.gitlab-ci.yml +++ b/templates/java/maven/maven-license.gitlab-ci.yml @@ -7,7 +7,7 @@ cd $BACKEND_DIR fi script: - - mvn cyclonedx:makeBom + - mvn $MAVEN_CLI_OPTS $MAVEN_EXTRA_OPTS cyclonedx:makeBom $MVN_EXTRA_ARGS artifacts: when: always paths: diff --git a/templates/java/maven/maven-verify.gitlab-ci.yml b/templates/java/maven/maven-verify.gitlab-ci.yml index 3ddf4ca..029102c 100644 --- a/templates/java/maven/maven-verify.gitlab-ci.yml +++ b/templates/java/maven/maven-verify.gitlab-ci.yml @@ -7,7 +7,7 @@ cd $BACKEND_DIR fi script: - - mvn $MAVEN_CLI_OPTS verify + - mvn $MAVEN_CLI_OPTS $MAVEN_EXTRA_OPTS verify $MVN_EXTRA_ARGS artifacts: expire_in: 2 weeks reports: diff --git a/templates/static-analysis/sonar-7.gitlab-ci.yml b/templates/static-analysis/sonar-7.gitlab-ci.yml index 7288223..1564dd0 100644 --- a/templates/static-analysis/sonar-7.gitlab-ci.yml +++ b/templates/static-analysis/sonar-7.gitlab-ci.yml @@ -18,7 +18,7 @@ cd $BACKEND_DIR fi script: - - mvn $MAVEN_CLI_OPTS test sonar:sonar + - mvn $MAVEN_CLI_OPTS test sonar:sonar $MVN_EXTRA_ARGS "-Dsonar.host.url=$SONAR_HOST_URL" "-Dsonar.login=$SONAR_TOKEN" "-Dsonar.projectKey=$SONAR_PROJECT_KEY" diff --git a/templates/static-analysis/sonar-8.gitlab-ci.yml b/templates/static-analysis/sonar-8.gitlab-ci.yml index befef7a..f007bea 100644 --- a/templates/static-analysis/sonar-8.gitlab-ci.yml +++ b/templates/static-analysis/sonar-8.gitlab-ci.yml @@ -17,7 +17,7 @@ cd $BACKEND_DIR fi script: - - mvn $MAVEN_CLI_OPTS test sonar:sonar + - mvn $MAVEN_CLI_OPTS test sonar:sonar $MVN_EXTRA_ARGS "-Dsonar.host.url=$SONAR_HOST_URL" "-Dsonar.login=$SONAR_TOKEN" "-Dsonar.projectKey=$SONAR_PROJECT_KEY" From c96998380c0a42d73dba827a79d4c318591f7afc Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 5 Jul 2022 09:20:09 +0200 Subject: [PATCH 128/166] docs(exx-Pipeline): add licensing tool docs --- .../templates/license/license.gitlab-ci.adoc | 35 +++++++++++++++++++ documentation/document.adoc | 8 +++-- 2 files changed, 41 insertions(+), 2 deletions(-) create mode 100644 documentation/chapters/templates/license/license.gitlab-ci.adoc diff --git a/documentation/chapters/templates/license/license.gitlab-ci.adoc b/documentation/chapters/templates/license/license.gitlab-ci.adoc new file mode 100644 index 0000000..6a55de4 --- /dev/null +++ b/documentation/chapters/templates/license/license.gitlab-ci.adoc @@ -0,0 +1,35 @@ += license-template + +This template provides a service to collect, validate and publish generated license information for a project. For more details: https://gitlab.exxcellent.de/gilden/ci/exxcellent-license-tools[Gilde CI/CD: exxcellent-license-tool]. + +TIP: The license tool needs a _bom.json_ file which is generated in a previous stage. This is generally done as a part of the build stage (p.ex. by adding cyclonedxBom to the gradle build) and then providing the generated bom.json with artifacts. Again, see https://gitlab.exxcellent.de/gilden/ci/exxcellent-license-tools[Gilde CI/CD: exxcellent-license-tool] for more infos + +The following use cases are possible: + +__Generate Asciidoc for all licenses:__ + +- Set BOM_FILE (source) +- Set LICENSE_ADOC_FILE (target) + +__Validate licenses and generate Asciidoc file:__ + +- Set BOM_FILE (source) +- Set LICENSE_ADOC_FILE (target) +- Set INVALID_LICENSE_ADOC_FILE (target) +- Set ALLOWED_LICENSES + + + + +.Variables +|=== +|Name |Description | Default Value +|BOM_FILE | the path to the bom file (provided in artifacts from previous stage)|bom.json +|ALLOWED_LICENSES | path to the text file with line separated list of allowed licenses |valid-licenses.txt +|LICENSE_ADOC_FILE | path to the generated adoc file with all licenses |licenses.adoc +|INVALID_LICENSE_ADOC_FILE | path to the generated adoc file with invalid licenses |invalid-licenses.adoc +|NUMBER_OF_ALLOWED_FAILURES | number of allowed invalid licenses |0 +|=== + +:template: license/license.gitlab-ci.yml +include::../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/document.adoc b/documentation/document.adoc index 1c02560..f609f15 100644 --- a/documentation/document.adoc +++ b/documentation/document.adoc @@ -134,9 +134,13 @@ This collection provides templates to simplify your dokumentation prozess. include::chapters/templates/documentation/documentation.adoc[leveloffset=2] +== Licensing + +This collection provides templates to simplify your licencing prozess. + +include::chapters/templates/license/license.gitlab-ci.adoc[leveloffset=2] + [#_pipelines] === Pipelines include::chapters/pipelines/eXXcellent-release.adoc[leveloffset=3] - -//todo licensing documentieren \ No newline at end of file From 36efdb707bf9b49b085391fda95175ffb7b288ea Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Tue, 24 May 2022 14:14:37 +0200 Subject: [PATCH 129/166] refactor(npm): update npm templates --- templates/npm/npm-build.gitlab-ci.yml | 14 ++------------ templates/npm/npm-dependencies.gitlab-ci.yml | 11 ++++------- templates/npm/npm-e2e.gitlab-ci.yml | 10 ++++++++++ templates/npm/npm-lint.gitlab-ci.yml | 14 +++----------- templates/npm/npm-test.gitlab-ci.yml | 10 ++++++++++ templates/npm/npm-verify.gitlab-ci.yml | 13 ------------- 6 files changed, 29 insertions(+), 43 deletions(-) create mode 100644 templates/npm/npm-e2e.gitlab-ci.yml create mode 100644 templates/npm/npm-test.gitlab-ci.yml delete mode 100644 templates/npm/npm-verify.gitlab-ci.yml diff --git a/templates/npm/npm-build.gitlab-ci.yml b/templates/npm/npm-build.gitlab-ci.yml index 0b9405a..e52adde 100644 --- a/templates/npm/npm-build.gitlab-ci.yml +++ b/templates/npm/npm-build.gitlab-ci.yml @@ -1,22 +1,12 @@ .npm-build: image: $NODE_IMAGE stage: build - variables: - ADDITIONAL_GLOBAL_PACKAGES: "" before_script: - > - if [ "$ADDITIONAL_GLOBAL_PACKAGES" != "" ]; then - npm install -g $ADDITIONAL_GLOBAL_PACKAGES + if [ "$FRONTEND_DIR" != "" ]; then + cd $FRONTEND_DIR fi - #Todo this needs Testing!! - - > - if [ "$CI_COMMIT_TAG" != "" ]; then - npm --no-git-tag-version version from-git - fi - #Testing END script: - - "cd $FRONTEND_DIR" - - npm install - npm run build artifacts: expire_in: 2 weeks diff --git a/templates/npm/npm-dependencies.gitlab-ci.yml b/templates/npm/npm-dependencies.gitlab-ci.yml index 1dcc4ac..7177855 100644 --- a/templates/npm/npm-dependencies.gitlab-ci.yml +++ b/templates/npm/npm-dependencies.gitlab-ci.yml @@ -1,17 +1,14 @@ .npm-dependencies: image: $NODE_IMAGE stage: dependencies - variables: - ADDITIONAL_GLOBAL_PACKAGES: "" before_script: - > - if [ "$ADDITIONAL_GLOBAL_PACKAGES" != "" ]; then - npm install -g $ADDITIONAL_GLOBAL_PACKAGES + if [ "$FRONTEND_DIR" != "" ]; then + cd $FRONTEND_DIR fi script: - - "cd $FRONTEND_DIR" - - npm install + - npm ci artifacts: expire_in: 1 days paths: - - "**/node_modules" \ No newline at end of file + - "**/node_modules" diff --git a/templates/npm/npm-e2e.gitlab-ci.yml b/templates/npm/npm-e2e.gitlab-ci.yml new file mode 100644 index 0000000..b6d32f1 --- /dev/null +++ b/templates/npm/npm-e2e.gitlab-ci.yml @@ -0,0 +1,10 @@ +.npm-e2e: + image: $NODE_IMAGE + stage: verify + before_script: + - > + if [ "$FRONTEND_DIR" != "" ]; then + cd $FRONTEND_DIR + fi + script: + - npm run e2e diff --git a/templates/npm/npm-lint.gitlab-ci.yml b/templates/npm/npm-lint.gitlab-ci.yml index f5964e1..0cf26ca 100644 --- a/templates/npm/npm-lint.gitlab-ci.yml +++ b/templates/npm/npm-lint.gitlab-ci.yml @@ -1,18 +1,10 @@ .npm-lint: image: $NODE_IMAGE stage: verify - variables: - ADDITIONAL_GLOBAL_PACKAGES: "eslint" before_script: - > - if [ "$ADDITIONAL_GLOBAL_PACKAGES" != "" ]; then - npm install -g $ADDITIONAL_GLOBAL_PACKAGES + if [ "$FRONTEND_DIR" != "" ]; then + cd $FRONTEND_DIR fi script: - - "cd $FRONTEND_DIR" - - npm run lint -# artifacts: todo add lint results in artifact if possible -# expire_in: 2 weeks -# when: always -# paths: -# - dist/* \ No newline at end of file + - npm run lint \ No newline at end of file diff --git a/templates/npm/npm-test.gitlab-ci.yml b/templates/npm/npm-test.gitlab-ci.yml new file mode 100644 index 0000000..4c24045 --- /dev/null +++ b/templates/npm/npm-test.gitlab-ci.yml @@ -0,0 +1,10 @@ +.npm-test: + image: $NODE_IMAGE + stage: test + before_script: + - > + if [ "$FRONTEND_DIR" != "" ]; then + cd $FRONTEND_DIR + fi + script: + - npm run test diff --git a/templates/npm/npm-verify.gitlab-ci.yml b/templates/npm/npm-verify.gitlab-ci.yml deleted file mode 100644 index 93a7579..0000000 --- a/templates/npm/npm-verify.gitlab-ci.yml +++ /dev/null @@ -1,13 +0,0 @@ -.npm-verify: - image: $NODE_IMAGE - stage: verify - variables: - ADDITIONAL_GLOBAL_PACKAGES: "karma" - before_script: - - > - if [ "$ADDITIONAL_GLOBAL_PACKAGES" != "" ]; then - npm install -g $ADDITIONAL_GLOBAL_PACKAGES - fi - script: - - "cd $FRONTEND_DIR" - - npm run test-ci \ No newline at end of file From 60ecb92bd94191ee4f81f3d79d3733b47d87b2f2 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Tue, 24 May 2022 14:38:25 +0200 Subject: [PATCH 130/166] feat(pipelines): initial npm/js pipeline --- pipelines/npm.gitlab-ci.yml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 pipelines/npm.gitlab-ci.yml diff --git a/pipelines/npm.gitlab-ci.yml b/pipelines/npm.gitlab-ci.yml new file mode 100644 index 0000000..ff2b79c --- /dev/null +++ b/pipelines/npm.gitlab-ci.yml @@ -0,0 +1,21 @@ +include: + - "/templates/npm/npm-dependencies.gitlab-ci.yml" + - "/templates/npm/npm-build.gitlab-ci.yml" + - "/templates/npm/npm-verify.gitlab-ci.yml" + - "/templates/npm/npm-lint.gitlab-ci.yml" + - "/templates/npm/npm-e2e.gitlab-ci.yml" + +Dependencies-npm: + extends: .npm-dependencies + +Build-npm: + extends: .npm-build + +Test-npm: + extends: .npm-verify + +Lint-npm: + extends: .npm-lint + +E2E-npm: + extends: .npm-e2e From e27ac3504febbec3b6b851033d0975b59731de56 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Tue, 24 May 2022 14:46:53 +0200 Subject: [PATCH 131/166] fix: fix typo --- pipelines/npm.gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pipelines/npm.gitlab-ci.yml b/pipelines/npm.gitlab-ci.yml index ff2b79c..5410ddd 100644 --- a/pipelines/npm.gitlab-ci.yml +++ b/pipelines/npm.gitlab-ci.yml @@ -1,7 +1,7 @@ include: - "/templates/npm/npm-dependencies.gitlab-ci.yml" - "/templates/npm/npm-build.gitlab-ci.yml" - - "/templates/npm/npm-verify.gitlab-ci.yml" + - "/templates/npm/npm-test.gitlab-ci.yml" - "/templates/npm/npm-lint.gitlab-ci.yml" - "/templates/npm/npm-e2e.gitlab-ci.yml" @@ -12,7 +12,7 @@ Build-npm: extends: .npm-build Test-npm: - extends: .npm-verify + extends: .npm-test Lint-npm: extends: .npm-lint From bb70476d87f159be3272fe95688d18c810e51f91 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Tue, 24 May 2022 14:49:59 +0200 Subject: [PATCH 132/166] fix(npm-test): update stage --- templates/npm/npm-test.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/npm/npm-test.gitlab-ci.yml b/templates/npm/npm-test.gitlab-ci.yml index 4c24045..525c5ff 100644 --- a/templates/npm/npm-test.gitlab-ci.yml +++ b/templates/npm/npm-test.gitlab-ci.yml @@ -1,6 +1,6 @@ .npm-test: image: $NODE_IMAGE - stage: test + stage: verify before_script: - > if [ "$FRONTEND_DIR" != "" ]; then From 50187e521854eea29199e38a4c222f38b61bc7b5 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Tue, 24 May 2022 15:00:50 +0200 Subject: [PATCH 133/166] refactor(npm): single quotes --- pipelines/npm.gitlab-ci.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pipelines/npm.gitlab-ci.yml b/pipelines/npm.gitlab-ci.yml index 5410ddd..ee0d5d6 100644 --- a/pipelines/npm.gitlab-ci.yml +++ b/pipelines/npm.gitlab-ci.yml @@ -1,9 +1,9 @@ include: - - "/templates/npm/npm-dependencies.gitlab-ci.yml" - - "/templates/npm/npm-build.gitlab-ci.yml" - - "/templates/npm/npm-test.gitlab-ci.yml" - - "/templates/npm/npm-lint.gitlab-ci.yml" - - "/templates/npm/npm-e2e.gitlab-ci.yml" + - '/templates/npm/npm-dependencies.gitlab-ci.yml' + - '/templates/npm/npm-build.gitlab-ci.yml' + - '/templates/npm/npm-test.gitlab-ci.yml' + - '/templates/npm/npm-lint.gitlab-ci.yml' + - '/templates/npm/npm-e2e.gitlab-ci.yml' Dependencies-npm: extends: .npm-dependencies From ee0b232911f1b9fa51734f8ca512ab9d82614b05 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Fri, 27 May 2022 09:44:14 +0200 Subject: [PATCH 134/166] feat(npm-pipeline): add variable NODE_IMAGE --- pipelines/npm.gitlab-ci.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pipelines/npm.gitlab-ci.yml b/pipelines/npm.gitlab-ci.yml index ee0d5d6..bdacc52 100644 --- a/pipelines/npm.gitlab-ci.yml +++ b/pipelines/npm.gitlab-ci.yml @@ -5,6 +5,9 @@ include: - '/templates/npm/npm-lint.gitlab-ci.yml' - '/templates/npm/npm-e2e.gitlab-ci.yml' +variables: + NODE_IMAGE: node:16.15-alpine + Dependencies-npm: extends: .npm-dependencies From 1b171ed4bbb8c23bbb09d015aa813cac0aeec327 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Fri, 27 May 2022 10:02:49 +0200 Subject: [PATCH 135/166] refactor: minor changes --- pipelines/npm.gitlab-ci.yml | 5 +++++ templates/npm/npm-build.gitlab-ci.yml | 2 +- templates/npm/npm-dependencies.gitlab-ci.yml | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/pipelines/npm.gitlab-ci.yml b/pipelines/npm.gitlab-ci.yml index bdacc52..f467cf9 100644 --- a/pipelines/npm.gitlab-ci.yml +++ b/pipelines/npm.gitlab-ci.yml @@ -1,3 +1,8 @@ +stages: + - dependencies + - build + - verify + include: - '/templates/npm/npm-dependencies.gitlab-ci.yml' - '/templates/npm/npm-build.gitlab-ci.yml' diff --git a/templates/npm/npm-build.gitlab-ci.yml b/templates/npm/npm-build.gitlab-ci.yml index e52adde..4105652 100644 --- a/templates/npm/npm-build.gitlab-ci.yml +++ b/templates/npm/npm-build.gitlab-ci.yml @@ -12,4 +12,4 @@ expire_in: 2 weeks when: always paths: - - "**/dist/" + - '**/dist/' diff --git a/templates/npm/npm-dependencies.gitlab-ci.yml b/templates/npm/npm-dependencies.gitlab-ci.yml index 7177855..4fd3c3b 100644 --- a/templates/npm/npm-dependencies.gitlab-ci.yml +++ b/templates/npm/npm-dependencies.gitlab-ci.yml @@ -11,4 +11,4 @@ artifacts: expire_in: 1 days paths: - - "**/node_modules" + - '**/node_modules' From eed52309c5070140e9a3cb47c532909fbca8e464 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Fri, 27 May 2022 11:27:03 +0200 Subject: [PATCH 136/166] refactor: add ci prefix --- templates/npm/npm-build.gitlab-ci.yml | 2 +- templates/npm/npm-e2e.gitlab-ci.yml | 2 +- templates/npm/npm-lint.gitlab-ci.yml | 2 +- templates/npm/npm-test.gitlab-ci.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/templates/npm/npm-build.gitlab-ci.yml b/templates/npm/npm-build.gitlab-ci.yml index 4105652..8da8e12 100644 --- a/templates/npm/npm-build.gitlab-ci.yml +++ b/templates/npm/npm-build.gitlab-ci.yml @@ -7,7 +7,7 @@ cd $FRONTEND_DIR fi script: - - npm run build + - npm run ci:build artifacts: expire_in: 2 weeks when: always diff --git a/templates/npm/npm-e2e.gitlab-ci.yml b/templates/npm/npm-e2e.gitlab-ci.yml index b6d32f1..23836c8 100644 --- a/templates/npm/npm-e2e.gitlab-ci.yml +++ b/templates/npm/npm-e2e.gitlab-ci.yml @@ -7,4 +7,4 @@ cd $FRONTEND_DIR fi script: - - npm run e2e + - npm run ci:e2e diff --git a/templates/npm/npm-lint.gitlab-ci.yml b/templates/npm/npm-lint.gitlab-ci.yml index 0cf26ca..779444f 100644 --- a/templates/npm/npm-lint.gitlab-ci.yml +++ b/templates/npm/npm-lint.gitlab-ci.yml @@ -7,4 +7,4 @@ cd $FRONTEND_DIR fi script: - - npm run lint \ No newline at end of file + - npm run ci:lint \ No newline at end of file diff --git a/templates/npm/npm-test.gitlab-ci.yml b/templates/npm/npm-test.gitlab-ci.yml index 525c5ff..ce4f206 100644 --- a/templates/npm/npm-test.gitlab-ci.yml +++ b/templates/npm/npm-test.gitlab-ci.yml @@ -7,4 +7,4 @@ cd $FRONTEND_DIR fi script: - - npm run test + - npm run ci:test From dd6eccbc959f80e6850cf9d14a66677ca3bab2e4 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Fri, 27 May 2022 11:47:41 +0200 Subject: [PATCH 137/166] feat: add env build_dir --- templates/npm/npm-build.gitlab-ci.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/templates/npm/npm-build.gitlab-ci.yml b/templates/npm/npm-build.gitlab-ci.yml index 8da8e12..e35a576 100644 --- a/templates/npm/npm-build.gitlab-ci.yml +++ b/templates/npm/npm-build.gitlab-ci.yml @@ -1,3 +1,6 @@ +variables: + FRONTEND_BUILD_DIR: 'dist/' + .npm-build: image: $NODE_IMAGE stage: build @@ -12,4 +15,4 @@ expire_in: 2 weeks when: always paths: - - '**/dist/' + - '$FRONTEND_BUID_DIR' From a6ae039cd5e1b0b79262bf8f7ba4126337024e02 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Fri, 27 May 2022 15:35:32 +0200 Subject: [PATCH 138/166] refactor: update npm-build --- templates/npm/npm-build.gitlab-ci.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/templates/npm/npm-build.gitlab-ci.yml b/templates/npm/npm-build.gitlab-ci.yml index e35a576..7558564 100644 --- a/templates/npm/npm-build.gitlab-ci.yml +++ b/templates/npm/npm-build.gitlab-ci.yml @@ -1,6 +1,3 @@ -variables: - FRONTEND_BUILD_DIR: 'dist/' - .npm-build: image: $NODE_IMAGE stage: build From c89d4f44d8926ce034f785d7eb7603ed7cc5d957 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Fri, 27 May 2022 16:02:29 +0200 Subject: [PATCH 139/166] refactor(npm-build): fix typo --- templates/npm/npm-build.gitlab-ci.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/templates/npm/npm-build.gitlab-ci.yml b/templates/npm/npm-build.gitlab-ci.yml index 7558564..6444e5c 100644 --- a/templates/npm/npm-build.gitlab-ci.yml +++ b/templates/npm/npm-build.gitlab-ci.yml @@ -1,3 +1,6 @@ +variables: + FRONTEND_BUILD_DIR: 'dir/' + .npm-build: image: $NODE_IMAGE stage: build @@ -12,4 +15,4 @@ expire_in: 2 weeks when: always paths: - - '$FRONTEND_BUID_DIR' + - '$FRONTEND_BUILD_DIR' From cb3d8140ab3cbfef33bc84a8edc8cf24247ad13a Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Fri, 27 May 2022 16:26:55 +0200 Subject: [PATCH 140/166] refactor: fix typo --- templates/npm/npm-build.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/npm/npm-build.gitlab-ci.yml b/templates/npm/npm-build.gitlab-ci.yml index 6444e5c..cc4c794 100644 --- a/templates/npm/npm-build.gitlab-ci.yml +++ b/templates/npm/npm-build.gitlab-ci.yml @@ -1,5 +1,5 @@ variables: - FRONTEND_BUILD_DIR: 'dir/' + FRONTEND_BUILD_DIR: 'dist/' .npm-build: image: $NODE_IMAGE From 14e74bb841a944a76e800716ae8555cbd7ea7fd2 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Tue, 31 May 2022 13:58:27 +0200 Subject: [PATCH 141/166] refactor(gitlab): add flag --- templates/npm/npm-dependencies.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/npm/npm-dependencies.gitlab-ci.yml b/templates/npm/npm-dependencies.gitlab-ci.yml index 4fd3c3b..ea0960a 100644 --- a/templates/npm/npm-dependencies.gitlab-ci.yml +++ b/templates/npm/npm-dependencies.gitlab-ci.yml @@ -7,7 +7,7 @@ cd $FRONTEND_DIR fi script: - - npm ci + - npm ci --no-audit artifacts: expire_in: 1 days paths: From a3ac878abbf4aebcf0c84764f8c528087644a56a Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Fri, 3 Jun 2022 16:43:36 +0200 Subject: [PATCH 142/166] feat: e2e image variable --- templates/npm/npm-e2e.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/npm/npm-e2e.gitlab-ci.yml b/templates/npm/npm-e2e.gitlab-ci.yml index 23836c8..04b7b53 100644 --- a/templates/npm/npm-e2e.gitlab-ci.yml +++ b/templates/npm/npm-e2e.gitlab-ci.yml @@ -1,5 +1,5 @@ .npm-e2e: - image: $NODE_IMAGE + image: $E2E_IMAGE stage: verify before_script: - > From 3e50e404ed88da91bde1e466256019f6726b5f5f Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Fri, 10 Jun 2022 17:38:10 +0200 Subject: [PATCH 143/166] refactor: update templates --- templates/npm/npm-e2e.gitlab-ci.yml | 5 +++++ templates/npm/npm-test.gitlab-ci.yml | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/templates/npm/npm-e2e.gitlab-ci.yml b/templates/npm/npm-e2e.gitlab-ci.yml index 04b7b53..960226e 100644 --- a/templates/npm/npm-e2e.gitlab-ci.yml +++ b/templates/npm/npm-e2e.gitlab-ci.yml @@ -8,3 +8,8 @@ fi script: - npm run ci:e2e + artifacts: + expire_in: '7d' + reports: + junit: + - 'e2e-reports/**/**.xml' diff --git a/templates/npm/npm-test.gitlab-ci.yml b/templates/npm/npm-test.gitlab-ci.yml index ce4f206..cec278e 100644 --- a/templates/npm/npm-test.gitlab-ci.yml +++ b/templates/npm/npm-test.gitlab-ci.yml @@ -8,3 +8,8 @@ fi script: - npm run ci:test + artifacts: + expire_in: '7d' + reports: + junit: + - 'test-reports/**/**.xml' From 399019f0ca90e2bc6643075595f31f2450eae3a5 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Sat, 11 Jun 2022 21:51:43 +0200 Subject: [PATCH 144/166] refactor: update templates --- pipelines/npm.gitlab-ci.yml | 1 + templates/npm/npm-build.gitlab-ci.yml | 5 ++--- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pipelines/npm.gitlab-ci.yml b/pipelines/npm.gitlab-ci.yml index f467cf9..65237fd 100644 --- a/pipelines/npm.gitlab-ci.yml +++ b/pipelines/npm.gitlab-ci.yml @@ -12,6 +12,7 @@ include: variables: NODE_IMAGE: node:16.15-alpine + FRONTEND_BUILD_DIR: 'dist/' Dependencies-npm: extends: .npm-dependencies diff --git a/templates/npm/npm-build.gitlab-ci.yml b/templates/npm/npm-build.gitlab-ci.yml index cc4c794..c960517 100644 --- a/templates/npm/npm-build.gitlab-ci.yml +++ b/templates/npm/npm-build.gitlab-ci.yml @@ -1,9 +1,8 @@ -variables: - FRONTEND_BUILD_DIR: 'dist/' - .npm-build: image: $NODE_IMAGE stage: build + variables: + FRONTEND_BUILD_DIR: 'dist/' before_script: - > if [ "$FRONTEND_DIR" != "" ]; then From 49c744686dce1cd7c4531b87df14df5210b5413b Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Mon, 13 Jun 2022 15:10:43 +0200 Subject: [PATCH 145/166] refactor: update variables --- pipelines/npm.gitlab-ci.yml | 2 +- templates/npm/npm-build.gitlab-ci.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pipelines/npm.gitlab-ci.yml b/pipelines/npm.gitlab-ci.yml index 65237fd..591604a 100644 --- a/pipelines/npm.gitlab-ci.yml +++ b/pipelines/npm.gitlab-ci.yml @@ -12,7 +12,7 @@ include: variables: NODE_IMAGE: node:16.15-alpine - FRONTEND_BUILD_DIR: 'dist/' + FRONTEND_BUILD_DIR: 'dist' Dependencies-npm: extends: .npm-dependencies diff --git a/templates/npm/npm-build.gitlab-ci.yml b/templates/npm/npm-build.gitlab-ci.yml index c960517..10202f9 100644 --- a/templates/npm/npm-build.gitlab-ci.yml +++ b/templates/npm/npm-build.gitlab-ci.yml @@ -2,7 +2,7 @@ image: $NODE_IMAGE stage: build variables: - FRONTEND_BUILD_DIR: 'dist/' + FRONTEND_BUILD_DIR: 'dist' before_script: - > if [ "$FRONTEND_DIR" != "" ]; then From 5d42b394b6807c81377f1c68505dcfe3ba146f71 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Tue, 14 Jun 2022 08:45:29 +0200 Subject: [PATCH 146/166] refactor: minor change --- pipelines/npm.gitlab-ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/pipelines/npm.gitlab-ci.yml b/pipelines/npm.gitlab-ci.yml index 591604a..fa68412 100644 --- a/pipelines/npm.gitlab-ci.yml +++ b/pipelines/npm.gitlab-ci.yml @@ -12,6 +12,7 @@ include: variables: NODE_IMAGE: node:16.15-alpine + FRONTEND_DIR: '' FRONTEND_BUILD_DIR: 'dist' Dependencies-npm: From f769e332ce12e836ef328d7559f9f6d302ff8349 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Sun, 3 Jul 2022 22:06:22 +0200 Subject: [PATCH 147/166] chore: minor changes --- templates/npm/npm-e2e.gitlab-ci.yml | 2 +- .../npm/{npm-test.gitlab-ci.yml => npm-verify.gitlab-ci.yml} | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) rename templates/npm/{npm-test.gitlab-ci.yml => npm-verify.gitlab-ci.yml} (86%) diff --git a/templates/npm/npm-e2e.gitlab-ci.yml b/templates/npm/npm-e2e.gitlab-ci.yml index 960226e..d136610 100644 --- a/templates/npm/npm-e2e.gitlab-ci.yml +++ b/templates/npm/npm-e2e.gitlab-ci.yml @@ -12,4 +12,4 @@ expire_in: '7d' reports: junit: - - 'e2e-reports/**/**.xml' + - '**/e2e-reports/**/**.xml' diff --git a/templates/npm/npm-test.gitlab-ci.yml b/templates/npm/npm-verify.gitlab-ci.yml similarity index 86% rename from templates/npm/npm-test.gitlab-ci.yml rename to templates/npm/npm-verify.gitlab-ci.yml index cec278e..b91dc46 100644 --- a/templates/npm/npm-test.gitlab-ci.yml +++ b/templates/npm/npm-verify.gitlab-ci.yml @@ -12,4 +12,4 @@ expire_in: '7d' reports: junit: - - 'test-reports/**/**.xml' + - '**/test-reports/**/**.xml' From 9f2c9eb85e8cf6631701d56a7627b425db82d768 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Sun, 3 Jul 2022 22:20:40 +0200 Subject: [PATCH 148/166] chore(npm-build): update template --- templates/npm/npm-build.gitlab-ci.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/templates/npm/npm-build.gitlab-ci.yml b/templates/npm/npm-build.gitlab-ci.yml index 10202f9..5b77240 100644 --- a/templates/npm/npm-build.gitlab-ci.yml +++ b/templates/npm/npm-build.gitlab-ci.yml @@ -8,6 +8,11 @@ if [ "$FRONTEND_DIR" != "" ]; then cd $FRONTEND_DIR fi + # Requires npm > 8.X + - > + if [ "$CI_COMMIT_TAG" != "" ]; then + npm --no-git-tag-version version from-git + fi script: - npm run ci:build artifacts: From 984a84ffe87eaed5b76f74a3659626c62539d377 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Sun, 3 Jul 2022 22:21:56 +0200 Subject: [PATCH 149/166] chore: update: --- templates/npm/npm-verify.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/npm/npm-verify.gitlab-ci.yml b/templates/npm/npm-verify.gitlab-ci.yml index b91dc46..b85a433 100644 --- a/templates/npm/npm-verify.gitlab-ci.yml +++ b/templates/npm/npm-verify.gitlab-ci.yml @@ -1,4 +1,4 @@ -.npm-test: +.npm-verify: image: $NODE_IMAGE stage: verify before_script: From 3b6e1f65bda9ee18f62eef25a632703be325ebc3 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Mon, 4 Jul 2022 21:50:59 +0200 Subject: [PATCH 150/166] refactor(*): update templates --- pipelines/npm.gitlab-ci.yml | 2 +- templates/common/common-ci-variablen.gitlab-ci.yml | 9 +++++++-- templates/npm/npm-e2e.gitlab-ci.yml | 2 +- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/pipelines/npm.gitlab-ci.yml b/pipelines/npm.gitlab-ci.yml index fa68412..7864683 100644 --- a/pipelines/npm.gitlab-ci.yml +++ b/pipelines/npm.gitlab-ci.yml @@ -4,6 +4,7 @@ stages: - verify include: + - '/templates/common/common-ci-variablen.gitlab-ci.yml' - '/templates/npm/npm-dependencies.gitlab-ci.yml' - '/templates/npm/npm-build.gitlab-ci.yml' - '/templates/npm/npm-test.gitlab-ci.yml' @@ -11,7 +12,6 @@ include: - '/templates/npm/npm-e2e.gitlab-ci.yml' variables: - NODE_IMAGE: node:16.15-alpine FRONTEND_DIR: '' FRONTEND_BUILD_DIR: 'dist' diff --git a/templates/common/common-ci-variablen.gitlab-ci.yml b/templates/common/common-ci-variablen.gitlab-ci.yml index a1fb8eb..845b254 100644 --- a/templates/common/common-ci-variablen.gitlab-ci.yml +++ b/templates/common/common-ci-variablen.gitlab-ci.yml @@ -13,12 +13,12 @@ cache: # Cache Maven - .m2/repository # Cache NPM - - $FRONTEND_DIR/dist + #- $FRONTEND_DIR/dist # Cache Gradle - .gradle - '**/build' - "**/target" - - "**/node_modules" + #- "**/node_modules" variables: @@ -28,6 +28,11 @@ variables: value: node:16-alpine3.15 description: The node image that will be used from the CI. + ## Playwright Image + NODE_E2E_IMAGE: + value: mcr.microsoft.com/playwright:v1.23.1-focal + description: The image that will be used for E2E jobs. + ##Global Variables we use in our CI scripts when using maven MAVEN_IMAGE: value: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-java-maven-base-image:java11-maven3.8.3_latest diff --git a/templates/npm/npm-e2e.gitlab-ci.yml b/templates/npm/npm-e2e.gitlab-ci.yml index d136610..28b3637 100644 --- a/templates/npm/npm-e2e.gitlab-ci.yml +++ b/templates/npm/npm-e2e.gitlab-ci.yml @@ -1,5 +1,5 @@ .npm-e2e: - image: $E2E_IMAGE + image: $NODE_E2E_IMAGE stage: verify before_script: - > From e6e1de2f6f458404b2f2eff47f76a09c866e8450 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Mon, 4 Jul 2022 21:59:05 +0200 Subject: [PATCH 151/166] refactor(npm): update npm pipeline --- pipelines/npm.gitlab-ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pipelines/npm.gitlab-ci.yml b/pipelines/npm.gitlab-ci.yml index 7864683..8e48d09 100644 --- a/pipelines/npm.gitlab-ci.yml +++ b/pipelines/npm.gitlab-ci.yml @@ -7,7 +7,7 @@ include: - '/templates/common/common-ci-variablen.gitlab-ci.yml' - '/templates/npm/npm-dependencies.gitlab-ci.yml' - '/templates/npm/npm-build.gitlab-ci.yml' - - '/templates/npm/npm-test.gitlab-ci.yml' + - '/templates/npm/npm-verify.gitlab-ci.yml' - '/templates/npm/npm-lint.gitlab-ci.yml' - '/templates/npm/npm-e2e.gitlab-ci.yml' @@ -21,8 +21,8 @@ Dependencies-npm: Build-npm: extends: .npm-build -Test-npm: - extends: .npm-test +Verify-npm: + extends: .npm-verify Lint-npm: extends: .npm-lint From e461d2e57f807e912840e9377ffd7fbb41711878 Mon Sep 17 00:00:00 2001 From: Alex Munoz Date: Mon, 4 Jul 2022 22:00:26 +0200 Subject: [PATCH 152/166] refactor(common-ci): remove stages --- templates/common/common-ci-variablen.gitlab-ci.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/templates/common/common-ci-variablen.gitlab-ci.yml b/templates/common/common-ci-variablen.gitlab-ci.yml index 845b254..a6a999a 100644 --- a/templates/common/common-ci-variablen.gitlab-ci.yml +++ b/templates/common/common-ci-variablen.gitlab-ci.yml @@ -1,12 +1,3 @@ -stages: - - dependencies - - build - - test - - post-process - - send-mail - - release - - cache: key: "$CI_JOB_NAME" paths: From aa4498beb9feb8bbfe0b4c982849e050096732cd Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 5 Jul 2022 14:05:39 +0200 Subject: [PATCH 153/166] docs(Docs): Add missing docs --- documentation/document.adoc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/documentation/document.adoc b/documentation/document.adoc index f609f15..e6e8a17 100644 --- a/documentation/document.adoc +++ b/documentation/document.adoc @@ -79,6 +79,7 @@ flowchart LR include::chapters/templates/container/container-build.adoc[leveloffset=2] include::chapters/templates/container/container-publish.adoc[leveloffset=2] include::chapters/templates/container/container-scan.adoc[leveloffset=2] +include::chapters/templates/container/docker-in-docker.adoc[leveloffset=2] == Releasing Templates @@ -127,6 +128,7 @@ With the following collection we provide Static code and Artefact analysis tools include::chapters/templates/static-analysis/repo-cve-scan.adoc[leveloffset=2] include::chapters/templates/static-analysis/sonar-7.adoc[leveloffset=2] +include::chapters/templates/static-analysis/sonar-8.adoc[leveloffset=2] == Documentation From bf453a60d8b838350e985e81488c33d55107e794 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 5 Jul 2022 14:28:28 +0200 Subject: [PATCH 154/166] docs(Docs): Correct indentation for Pipelines. --- documentation/document.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/documentation/document.adoc b/documentation/document.adoc index e6e8a17..b840667 100644 --- a/documentation/document.adoc +++ b/documentation/document.adoc @@ -143,6 +143,6 @@ This collection provides templates to simplify your licencing prozess. include::chapters/templates/license/license.gitlab-ci.adoc[leveloffset=2] [#_pipelines] -=== Pipelines +== Pipelines include::chapters/pipelines/eXXcellent-release.adoc[leveloffset=3] From 18b5e85a15cbf89d2b308ee7a361d9652174ba44 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 5 Jul 2022 14:30:12 +0200 Subject: [PATCH 155/166] chore(Maven): removed not needed cd to backend --- templates/java/maven/maven-build.gitlab-ci.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/templates/java/maven/maven-build.gitlab-ci.yml b/templates/java/maven/maven-build.gitlab-ci.yml index 96be9dc..4a62bfd 100644 --- a/templates/java/maven/maven-build.gitlab-ci.yml +++ b/templates/java/maven/maven-build.gitlab-ci.yml @@ -11,7 +11,6 @@ mvn $MAVEN_CLI_OPTS $MAVEN_EXTRA_OPTS versions:set -DnewVersion=$CI_COMMIT_TAG -DgenerateBackupPoms=false $MVN_EXTRA_ARGS fi script: - - "cd $BACKEND_DIR" - mvn $MAVEN_CLI_OPTS package $MAVEN_CLI_BUILD_OPTS -DskipTests artifacts: expire_in: 2 weeks From 71cb005978b1a7c4c4f4423367e304cc748ea5ab Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 5 Jul 2022 14:36:50 +0200 Subject: [PATCH 156/166] docs(Maven): Add maven db diff docs --- .../chapters/templates/license/license.gitlab-ci.adoc | 3 --- documentation/document.adoc | 1 + 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/documentation/chapters/templates/license/license.gitlab-ci.adoc b/documentation/chapters/templates/license/license.gitlab-ci.adoc index 6a55de4..4614ebf 100644 --- a/documentation/chapters/templates/license/license.gitlab-ci.adoc +++ b/documentation/chapters/templates/license/license.gitlab-ci.adoc @@ -18,9 +18,6 @@ __Validate licenses and generate Asciidoc file:__ - Set INVALID_LICENSE_ADOC_FILE (target) - Set ALLOWED_LICENSES - - - .Variables |=== |Name |Description | Default Value diff --git a/documentation/document.adoc b/documentation/document.adoc index b840667..7c2c8d4 100644 --- a/documentation/document.adoc +++ b/documentation/document.adoc @@ -109,6 +109,7 @@ Our collection of Maven Templates. include::chapters/templates/java/maven/maven-dependencies-template.adoc[leveloffset=2] include::chapters/templates/java/maven/maven-build-template.adoc[leveloffset=2] include::chapters/templates/java/maven/maven-verify-template.adoc[leveloffset=2] +include::chapters/templates/java/maven/maven-db-diff-template.adoc[leveloffset=2] == Gradle Templates From c874700d02c5fb810f3799fd487f2ae46300f6b6 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 5 Jul 2022 15:22:07 +0200 Subject: [PATCH 157/166] chore(Maven): Fix CD into backend --- templates/java/gradle/gradle-license.gitlab-ci.yml | 1 - templates/license/license.gitlab-ci.yml | 5 ++++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/templates/java/gradle/gradle-license.gitlab-ci.yml b/templates/java/gradle/gradle-license.gitlab-ci.yml index b298922..497134f 100644 --- a/templates/java/gradle/gradle-license.gitlab-ci.yml +++ b/templates/java/gradle/gradle-license.gitlab-ci.yml @@ -7,7 +7,6 @@ cd $BACKEND_DIR fi script: - - "cd $BACKEND_DIR" - "./gradlew --build-cache cyclonedxBom $GRADLE_CLI_OPTS $GRADLE_EXTRA_OPTS" needs: [] artifacts: diff --git a/templates/license/license.gitlab-ci.yml b/templates/license/license.gitlab-ci.yml index 3f6d636..7ce5190 100644 --- a/templates/license/license.gitlab-ci.yml +++ b/templates/license/license.gitlab-ci.yml @@ -8,7 +8,10 @@ INVALID_LICENSE_ADOC_FILE: invalid-licenses.adoc NUMBER_OF_ALLOWED_FAILURES: 0 script: - - "cd $BACKEND_DIR" + - > + if [ "$BACKEND_DIR" != "" ]; then + cd $BACKEND_DIR + fi - export NUMBER_OF_INVALID_LICENSES=0 - export INVALID_BOM_FILE=invalid-bom.json - licenseBom2Adoc --bom $BOM_FILE --adoc $LICENSE_ADOC_FILE From 42589e0871f2e1757d007b1b50baf5c95efa2650 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 5 Jul 2022 15:42:08 +0200 Subject: [PATCH 158/166] chore(NPM): correct frontend build dir to get all dist folders --- templates/npm/npm-build.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/npm/npm-build.gitlab-ci.yml b/templates/npm/npm-build.gitlab-ci.yml index 5b77240..7fe3d4e 100644 --- a/templates/npm/npm-build.gitlab-ci.yml +++ b/templates/npm/npm-build.gitlab-ci.yml @@ -2,7 +2,7 @@ image: $NODE_IMAGE stage: build variables: - FRONTEND_BUILD_DIR: 'dist' + FRONTEND_BUILD_DIR: '**/dist' before_script: - > if [ "$FRONTEND_DIR" != "" ]; then From eb648f69c28055dca4ae119a49ab928174804b85 Mon Sep 17 00:00:00 2001 From: Wolfram Gulde Date: Tue, 5 Jul 2022 15:59:22 +0200 Subject: [PATCH 159/166] docs(exx-Pipeline): add licensing tool docs for maven and gradle --- .../java/gradle/gradle-build-template.adoc | 1 + .../java/gradle/gradle-license.gitlab-ci.adoc | 15 +++++++++++++++ .../java/maven/maven-build-template.adoc | 1 + .../java/maven/maven-license.gitlab-ci.adoc | 16 ++++++++++++++++ 4 files changed, 33 insertions(+) create mode 100644 documentation/chapters/templates/java/gradle/gradle-license.gitlab-ci.adoc create mode 100644 documentation/chapters/templates/java/maven/maven-license.gitlab-ci.adoc diff --git a/documentation/chapters/templates/java/gradle/gradle-build-template.adoc b/documentation/chapters/templates/java/gradle/gradle-build-template.adoc index 7ea347c..39f4e78 100644 --- a/documentation/chapters/templates/java/gradle/gradle-build-template.adoc +++ b/documentation/chapters/templates/java/gradle/gradle-build-template.adoc @@ -1,3 +1,4 @@ +[#_Gradle-build-template] = Gradle-build-template This template resolves the gradle dependencies of your project and builds the project. diff --git a/documentation/chapters/templates/java/gradle/gradle-license.gitlab-ci.adoc b/documentation/chapters/templates/java/gradle/gradle-license.gitlab-ci.adoc new file mode 100644 index 0000000..6ffc1b4 --- /dev/null +++ b/documentation/chapters/templates/java/gradle/gradle-license.gitlab-ci.adoc @@ -0,0 +1,15 @@ += Gradle license template + +This template executes the cycloneBom gradle task which generates license information from gradle.xml files and stores them in a _bom.xml_ file. For more details: https://gitlab.exxcellent.de/gilden/ci/exxcellent-license-tools[Gilde CI/CD: exxcellent-license-tool]. + +TIP: Instead of using this template to generate the bom file you can simply include the _cyclonedxBom_ task in your regular gradle build <<_Gradle-build-template>> by adding it to the _GRADLE_CLI_OPTS_. + +.Variables +|=== +|Name |Description | Default Value +|GRADLE_CLI_OPTS | Additional Options that will be passed to Gradle | "" +|GRADLE_EXTRA_OPTS | Additional Extra Options that will be passed to Gradle | "" +|=== + +:template: java/gradle/gradle-license.gitlab-ci.yml +include::../../../../template-printer.adoc[] \ No newline at end of file diff --git a/documentation/chapters/templates/java/maven/maven-build-template.adoc b/documentation/chapters/templates/java/maven/maven-build-template.adoc index 156e024..94365fd 100644 --- a/documentation/chapters/templates/java/maven/maven-build-template.adoc +++ b/documentation/chapters/templates/java/maven/maven-build-template.adoc @@ -1,3 +1,4 @@ +[#_Maven-build-template] = maven-build-template These Templates will build a .jar file with Maven and provides it as an Artifact diff --git a/documentation/chapters/templates/java/maven/maven-license.gitlab-ci.adoc b/documentation/chapters/templates/java/maven/maven-license.gitlab-ci.adoc new file mode 100644 index 0000000..23f4528 --- /dev/null +++ b/documentation/chapters/templates/java/maven/maven-license.gitlab-ci.adoc @@ -0,0 +1,16 @@ += Maven license template + +This template executes the cycloneBom maven task which generates license information from pom.xml files and stores them in a _bom.xml_ file. For more details: https://gitlab.exxcellent.de/gilden/ci/exxcellent-license-tools[Gilde CI/CD: exxcellent-license-tool]. + +TIP: Instead of using this template to generate the bom file you can simply include the _cyclonedxBom_ task in your regular maven build <<_Maven-build-template>> by adding it to the _MAVEN_EXTRA_OPTS_. + +.Variables +|=== +|Name |Description | Default Value +|MAVEN_CLI_OPTS | Additional Options that will be passed to Maven | "" +|MAVEN_EXTRA_OPTS | Additional extra options that will be passed to Maven | "" +|MAVEN_EXTRA_ARGS | Additional extra args that will be passed to Maven | "" +|=== + +:template: java/maven/maven-license.gitlab-ci.yml +include::../../../../template-printer.adoc[] \ No newline at end of file From ffab9bc5eed913b63e7a70a1d3c180c228da922f Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Tue, 5 Jul 2022 16:44:28 +0200 Subject: [PATCH 160/166] Docs(license): Add Documentation of MAven und Gradle to base --- documentation/document.adoc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/documentation/document.adoc b/documentation/document.adoc index 7c2c8d4..660157e 100644 --- a/documentation/document.adoc +++ b/documentation/document.adoc @@ -58,6 +58,7 @@ Publishing containers is a very cheap operation. The following graph charts shows thru which stages containers will go and which artefakts will be passed between stages. [mermaid] + .... flowchart LR @@ -142,6 +143,8 @@ include::chapters/templates/documentation/documentation.adoc[leveloffset=2] This collection provides templates to simplify your licencing prozess. include::chapters/templates/license/license.gitlab-ci.adoc[leveloffset=2] +include::chapters/templates/java/gradle/gradle-license.gitlab-ci.adoc[leveloffset=2] +include::chapters/templates/java/maven/maven-license.gitlab-ci.adoc[leveloffset=2] [#_pipelines] == Pipelines From ba75e97d0656e80912a2d99bea36cd89d3de2c4c Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Wed, 6 Jul 2022 09:07:00 +0200 Subject: [PATCH 161/166] chore(*): Move cd $Backend into script to free up before_script for user --- templates/java/gradle/gradle-database-diff.gitlab-ci.yml | 3 +-- templates/java/gradle/gradle-license.gitlab-ci.yml | 3 +-- templates/java/gradle/gradle-verify.gitlab-ci.yml | 3 +-- templates/java/maven/maven-database-diff.gitlab-ci.yml | 3 +-- templates/java/maven/maven-dependencies.gitlab-ci.yml | 3 +-- templates/java/maven/maven-license.gitlab-ci.yml | 3 +-- templates/java/maven/maven-verify.gitlab-ci.yml | 3 +-- templates/static-analysis/sonar-7.gitlab-ci.yml | 8 +++----- templates/static-analysis/sonar-8.gitlab-ci.yml | 6 ++---- 9 files changed, 12 insertions(+), 23 deletions(-) diff --git a/templates/java/gradle/gradle-database-diff.gitlab-ci.yml b/templates/java/gradle/gradle-database-diff.gitlab-ci.yml index cf26db7..ba578f9 100644 --- a/templates/java/gradle/gradle-database-diff.gitlab-ci.yml +++ b/templates/java/gradle/gradle-database-diff.gitlab-ci.yml @@ -8,11 +8,10 @@ include: variables: GRADLE_EXTRA_OPTS: "" PATH_TO_DIFF: "build/db-diff.xml" - before_script: + script: - > if [ "$BACKEND_DIR" != "" ]; then cd $BACKEND_DIR fi - script: - ./gradlew liquibase:update liquibase:diff $GRADLE_CLI_OPTS $GRADLE_EXTRA_OPTS diff --git a/templates/java/gradle/gradle-license.gitlab-ci.yml b/templates/java/gradle/gradle-license.gitlab-ci.yml index 497134f..2f324e9 100644 --- a/templates/java/gradle/gradle-license.gitlab-ci.yml +++ b/templates/java/gradle/gradle-license.gitlab-ci.yml @@ -1,12 +1,11 @@ .gradle-licence-bom: image: $GRADLE_IMAGE stage: build - before_script: + script: - > if [ "$BACKEND_DIR" != "" ]; then cd $BACKEND_DIR fi - script: - "./gradlew --build-cache cyclonedxBom $GRADLE_CLI_OPTS $GRADLE_EXTRA_OPTS" needs: [] artifacts: diff --git a/templates/java/gradle/gradle-verify.gitlab-ci.yml b/templates/java/gradle/gradle-verify.gitlab-ci.yml index 93efc59..29abf58 100644 --- a/templates/java/gradle/gradle-verify.gitlab-ci.yml +++ b/templates/java/gradle/gradle-verify.gitlab-ci.yml @@ -1,12 +1,11 @@ .gradle-verify: image: $GRADLE_IMAGE stage: verify - before_script: + script: - > if [ "$BACKEND_DIR" != "" ]; then cd $BACKEND_DIR fi - script: - "./gradlew --build-cache test $GRADLE_CLI_OPTS $GRADLE_EXTRA_OPTS" artifacts: expire_in: 2 weeks diff --git a/templates/java/maven/maven-database-diff.gitlab-ci.yml b/templates/java/maven/maven-database-diff.gitlab-ci.yml index 4644a24..683e3d5 100644 --- a/templates/java/maven/maven-database-diff.gitlab-ci.yml +++ b/templates/java/maven/maven-database-diff.gitlab-ci.yml @@ -8,12 +8,11 @@ include: variables: MAVEN_EXTRA_OPTS: "" PATH_TO_DIFF: "target/db-diff.xml" - before_script: + script: - > if [ "$BACKEND_DIR" != "" ]; then cd $BACKEND_DIR fi - script: - mvn $MAVEN_CLI_OPTS $MAVEN_EXTRA_OPTS compile liquibase:update liquibase:diff $MVN_EXTRA_ARGS artifacts: when: on_failure diff --git a/templates/java/maven/maven-dependencies.gitlab-ci.yml b/templates/java/maven/maven-dependencies.gitlab-ci.yml index 414da79..43068ce 100644 --- a/templates/java/maven/maven-dependencies.gitlab-ci.yml +++ b/templates/java/maven/maven-dependencies.gitlab-ci.yml @@ -1,10 +1,9 @@ .maven-dependencies: stage: dependencies image: $MAVEN_IMAGE - before_script: + script: - > if [ "$BACKEND_DIR" != "" ]; then cd $BACKEND_DIR fi - script: - mvn $MAVEN_CLI_OPTS $MAVEN_EXTRA_OPTS dependency:resolve $MVN_EXTRA_ARGS \ No newline at end of file diff --git a/templates/java/maven/maven-license.gitlab-ci.yml b/templates/java/maven/maven-license.gitlab-ci.yml index f8c1b64..c0019ad 100644 --- a/templates/java/maven/maven-license.gitlab-ci.yml +++ b/templates/java/maven/maven-license.gitlab-ci.yml @@ -1,12 +1,11 @@ .maven-licence-bom: image: $MAVEN_IMAGE stage: build - before_script: + script: - > if [ "$BACKEND_DIR" != "" ]; then cd $BACKEND_DIR fi - script: - mvn $MAVEN_CLI_OPTS $MAVEN_EXTRA_OPTS cyclonedx:makeBom $MVN_EXTRA_ARGS artifacts: when: always diff --git a/templates/java/maven/maven-verify.gitlab-ci.yml b/templates/java/maven/maven-verify.gitlab-ci.yml index 029102c..d6178f5 100644 --- a/templates/java/maven/maven-verify.gitlab-ci.yml +++ b/templates/java/maven/maven-verify.gitlab-ci.yml @@ -1,12 +1,11 @@ .maven-verify: image: $MAVEN_IMAGE stage: verify - before_script: + script: - > if [ "$BACKEND_DIR" != "" ]; then cd $BACKEND_DIR fi - script: - mvn $MAVEN_CLI_OPTS $MAVEN_EXTRA_OPTS verify $MVN_EXTRA_ARGS artifacts: expire_in: 2 weeks diff --git a/templates/static-analysis/sonar-7.gitlab-ci.yml b/templates/static-analysis/sonar-7.gitlab-ci.yml index 1564dd0..a6e87da 100644 --- a/templates/static-analysis/sonar-7.gitlab-ci.yml +++ b/templates/static-analysis/sonar-7.gitlab-ci.yml @@ -12,12 +12,11 @@ .sonar-maven: extends: .sonar-template-common image: $MAVEN_IMAGE - before_script: + script: - > if [ "$BACKEND_DIR" != "" ]; then cd $BACKEND_DIR fi - script: - mvn $MAVEN_CLI_OPTS test sonar:sonar $MVN_EXTRA_ARGS "-Dsonar.host.url=$SONAR_HOST_URL" "-Dsonar.login=$SONAR_TOKEN" @@ -31,13 +30,12 @@ .sonar-gradle: extends: .sonar-template-common image: $GRADLE_IMAGE - before_script: + script: - > if [ "$BACKEND_DIR" != "" ]; then cd $BACKEND_DIR fi - script: - - ./gradlew $GRADLE_OPTS $GRADLE_CLI_OPTS sonarqube + - ./gradlew $GRADLE_OPTS sonarqube $GRADLE_CLI_OPTS "-Dsonar.host.url=$SONAR_HOST_URL" "-Dsonar.login=$SONAR_TOKEN" "-Dsonar.projectKey=$SONAR_PROJECT_KEY" diff --git a/templates/static-analysis/sonar-8.gitlab-ci.yml b/templates/static-analysis/sonar-8.gitlab-ci.yml index f007bea..6758942 100644 --- a/templates/static-analysis/sonar-8.gitlab-ci.yml +++ b/templates/static-analysis/sonar-8.gitlab-ci.yml @@ -11,12 +11,11 @@ .sonar-maven: extends: .sonar-template-common image: $MAVEN_IMAGE - before_script: + script: - > if [ "$BACKEND_DIR" != "" ]; then cd $BACKEND_DIR fi - script: - mvn $MAVEN_CLI_OPTS test sonar:sonar $MVN_EXTRA_ARGS "-Dsonar.host.url=$SONAR_HOST_URL" "-Dsonar.login=$SONAR_TOKEN" @@ -29,12 +28,11 @@ .sonar-gradle: extends: .sonar-template-common image: $GRADLE_IMAGE - before_script: + script: - > if [ "$BACKEND_DIR" != "" ]; then cd $BACKEND_DIR fi - script: - ./gradlew $GRADLE_OPTS sonarqube $GRADLE_CLI_OPTS "-Dsonar.host.url=$SONAR_HOST_URL" "-Dsonar.login=$SONAR_TOKEN" From 6c099f77f877fb091ae6ad75b1b9697e6c892cec Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Wed, 6 Jul 2022 09:08:15 +0200 Subject: [PATCH 162/166] Docs(Variables): Remove not needed Variables --- .../templates/java/maven/maven-db-diff-template.adoc | 11 +++++++++-- .../chapters/templates/npm/npm-build-template.adoc | 3 --- .../templates/npm/npm-dependencies-template.adoc | 3 --- .../chapters/templates/npm/npm-lint-template.adoc | 3 --- .../chapters/templates/npm/npm-test-template.adoc | 3 --- 5 files changed, 9 insertions(+), 14 deletions(-) diff --git a/documentation/chapters/templates/java/maven/maven-db-diff-template.adoc b/documentation/chapters/templates/java/maven/maven-db-diff-template.adoc index 26d97be..5337cda 100644 --- a/documentation/chapters/templates/java/maven/maven-db-diff-template.adoc +++ b/documentation/chapters/templates/java/maven/maven-db-diff-template.adoc @@ -7,8 +7,15 @@ Please look at the resulting changelog since it can have errors. .Variables |=== |Name |Description | Default Value -|GRADLE_CLI_OPTS | Additional options send to gradle | "" -| PATH_TO_DIFF | Path to the resulting diff is defined in gradle config, this will also be exposed as the artefact of the Job. | "target/db-diff.xml" + +| PATH_TO_DIFF +| Path to the resulting diff is defined in gradle config, this will also be exposed as the artefact of the Job. +| "target/db-diff.xml" + +|MAVEN_CLI_OPTS | Additional Options that will be passed to Maven | "" +|MAVEN_EXTRA_OPTS | Additional extra options that will be passed to Maven | "" +|MAVEN_EXTRA_ARGS | Additional extra args that will be passed to Maven | "" + |=== :template: java/maven/maven-database-diff.gitlab-ci.yml diff --git a/documentation/chapters/templates/npm/npm-build-template.adoc b/documentation/chapters/templates/npm/npm-build-template.adoc index bc542da..ba529f0 100644 --- a/documentation/chapters/templates/npm/npm-build-template.adoc +++ b/documentation/chapters/templates/npm/npm-build-template.adoc @@ -5,9 +5,6 @@ This template will build a NPM project and saved the artifacts for the next buil .Variables |=== |Name |Description | Default Value -|ADDITIONAL_GLOBAL_PACKAGES -| Additional packages that should be installed in the before script -| "" |=== :template: npm/npm-build.gitlab-ci.yml diff --git a/documentation/chapters/templates/npm/npm-dependencies-template.adoc b/documentation/chapters/templates/npm/npm-dependencies-template.adoc index 2a551cc..37509e0 100644 --- a/documentation/chapters/templates/npm/npm-dependencies-template.adoc +++ b/documentation/chapters/templates/npm/npm-dependencies-template.adoc @@ -6,9 +6,6 @@ Please add the NPM cache. Look xref:Generel-Variablen[generell Variables] .Variables |=== |Name |Description | Default Value -|ADDITIONAL_GLOBAL_PACKAGES -| Additional packages that should be installed in the before script -| "" |=== :template: npm/npm-dependencies.gitlab-ci.yml diff --git a/documentation/chapters/templates/npm/npm-lint-template.adoc b/documentation/chapters/templates/npm/npm-lint-template.adoc index eb45523..e1b40b6 100644 --- a/documentation/chapters/templates/npm/npm-lint-template.adoc +++ b/documentation/chapters/templates/npm/npm-lint-template.adoc @@ -5,9 +5,6 @@ This template starts the linter of your NPM project. .Variables |=== |Name |Description | Default Value -|ADDITIONAL_GLOBAL_PACKAGES -| Additional packages that should be installed in the before script -| "" |=== :template: npm/npm-lint.gitlab-ci.yml diff --git a/documentation/chapters/templates/npm/npm-test-template.adoc b/documentation/chapters/templates/npm/npm-test-template.adoc index cc29a7a..ad3d5a0 100644 --- a/documentation/chapters/templates/npm/npm-test-template.adoc +++ b/documentation/chapters/templates/npm/npm-test-template.adoc @@ -5,9 +5,6 @@ This template will run your NPM unit tests .Variables |=== |Name |Description | Default Value -|ADDITIONAL_GLOBAL_PACKAGES -| Additional packages that should be installed in the before script -| "" |=== :template: npm/npm-verify.gitlab-ci.yml From 75cdd0673980cd547863996a855d02aadc13d530 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Wed, 6 Jul 2022 13:00:12 +0000 Subject: [PATCH 163/166] chore(Maven) Update to new Maven Base image --- templates/common/common-ci-variablen.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/common/common-ci-variablen.gitlab-ci.yml b/templates/common/common-ci-variablen.gitlab-ci.yml index a6a999a..7e7abb2 100644 --- a/templates/common/common-ci-variablen.gitlab-ci.yml +++ b/templates/common/common-ci-variablen.gitlab-ci.yml @@ -26,7 +26,7 @@ variables: ##Global Variables we use in our CI scripts when using maven MAVEN_IMAGE: - value: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-java-maven-base-image:java11-maven3.8.3_latest + value: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-java-maven-base-image:java11-maven3.8.5_latest description: The Maven image that will be used from the CI. MAVEN_OPTS: From ffc5d68c7811e77ecaafceaf768f2f41914d5dcf Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Thu, 7 Jul 2022 15:52:45 +0200 Subject: [PATCH 164/166] Docs(Dind): Add test code as example to dind docs --- .../chapters/templates/container/docker-in-docker.adoc | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/documentation/chapters/templates/container/docker-in-docker.adoc b/documentation/chapters/templates/container/docker-in-docker.adoc index 43db717..839bf20 100644 --- a/documentation/chapters/templates/container/docker-in-docker.adoc +++ b/documentation/chapters/templates/container/docker-in-docker.adoc @@ -5,4 +5,10 @@ Simply expand from this Template. You than have access to a Docker over the address behind `$DOCKER_HOST` :template: container/docker-in-docker.gitlab-ci.yml -include::../../../template-printer.adoc[] \ No newline at end of file +include::../../../template-printer.adoc[] + +.Simple example +[source,yaml] +---- +include::../../../../test/docker/test-dind.gitlab-ci.yml[] +---- \ No newline at end of file From fbc2443873e9d3d88c258a73f55fe08e3014fbc4 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Thu, 7 Jul 2022 16:03:43 +0200 Subject: [PATCH 165/166] fix(Maven): Fix default maven Container --- templates/common/common-ci-variablen.gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/common/common-ci-variablen.gitlab-ci.yml b/templates/common/common-ci-variablen.gitlab-ci.yml index 7e7abb2..aa5eb0c 100644 --- a/templates/common/common-ci-variablen.gitlab-ci.yml +++ b/templates/common/common-ci-variablen.gitlab-ci.yml @@ -26,7 +26,7 @@ variables: ##Global Variables we use in our CI scripts when using maven MAVEN_IMAGE: - value: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-java-maven-base-image:java11-maven3.8.5_latest + value: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-java-maven-base-image:java11-maven3.8.5 description: The Maven image that will be used from the CI. MAVEN_OPTS: From 5feb9dffb0d2dccb4d2a6987da756909cd6c0cf5 Mon Sep 17 00:00:00 2001 From: Marcel Feix Date: Fri, 8 Jul 2022 10:19:41 +0200 Subject: [PATCH 166/166] chore(*): Rebase on Master --- .../chapters/templates/tool-sonar8.adoc | 28 --------------- .../container/container-build.gitlab-ci.yml | 12 +++++-- tool-sonar8.gitlab-ci.yml | 35 ------------------- 3 files changed, 10 insertions(+), 65 deletions(-) delete mode 100644 documentation/chapters/templates/tool-sonar8.adoc delete mode 100644 tool-sonar8.gitlab-ci.yml diff --git a/documentation/chapters/templates/tool-sonar8.adoc b/documentation/chapters/templates/tool-sonar8.adoc deleted file mode 100644 index 1e32ca6..0000000 --- a/documentation/chapters/templates/tool-sonar8.adoc +++ /dev/null @@ -1,28 +0,0 @@ -:sourcedir: ../../../ - -= Sonar 8 template - -Ruft den Sonar Job für das Projekt auf. -Mehr Details zu finden hier: https://gitlab.exxcellent.de/gilden/ci/exxcellent-sonar-tool[Gilde CI/CD: exxcellent-sonar-tool]. - -.Variables -|=== -|Name |Description | Default Value -|SONAR_HOST_URL | Die URL des eXXcellent sonar servers | https://sonar.exxcellent.de/sonar8 -|SONAR_PROJECT_KEY | Der Sonar-Projekt-Key. | "" -|SONAR_PROJECT_NAME | Der Sonar-Projekt-Name. | "" (Es wird dann standardmäßig der Maven project.name verwendet) -|SONAR_EXCLUSIONS | Von Sonar auszuschließende Bereiche | **/target/**,**/src/test/** -|GRADLE_CLI_OPTS | Zusätzliche CLI Opts für Gradle | "" -|SONAR_QUALITYGATE_WAIT | Definiert, ob auf das Quality-Gate gewartet werden soll. Muss auf True gesetzt werden damit das Quality gate beachtet wird. Wenn das Quality-Gate beachtet werden aber die Pipeline nicht Fehlschlagen soll empfehlen das Flag `allow_failure` auf `true` zu setzen. | true -|SONAR_QUALITYGATE_TIMEOUT | Zeit bis zum Timeout der Quality gate abfrage | 10000 - -|=== - -TIP: Der SONAR_TOKEN String kann über den persönlichen User Bereich in Sonar unter dem Tab _Security_ erzeugt werden. -Ein technischer User ist aktuell nicht möglich. - -.sonar-template -[source,yaml] ----- -include::{sourcedir}/tool-sonar8.gitlab-ci.yml[] ----- diff --git a/templates/container/container-build.gitlab-ci.yml b/templates/container/container-build.gitlab-ci.yml index 446257d..faa3c10 100644 --- a/templates/container/container-build.gitlab-ci.yml +++ b/templates/container/container-build.gitlab-ci.yml @@ -36,8 +36,16 @@ entrypoint: [ "" ] variables: DOCKERFILE_LOCATION: $CI_PROJECT_DIR/Dockerfile - REGISTRY_MIRROR: --registry-mirror nexus.corp.exxcellent.de:18000 --skip-tls-verify-registry nexus.corp.exxcellent.de:18000 --skip-tls-verify + REGISTRY_MIRROR: --registry-mirror nexus.corp.exxcellent.de:18000 --skip-tls-verify-registry nexus.corp.exxcellent.de:18000 script: - mkdir -p /kaniko/.docker - echo "{\"auths\":{\"$DOCKER_REGISTRY\":{\"username\":\"$DOCKER_REGISTRY_USER\",\"password\":\"$DOCKER_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json - - /kaniko/executor --context $CONTEXT_LOCATION --dockerfile $DOCKERFILE_LOCATION --no-push --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA $EXTRA_ARGS $REGISTRY_MIRROR --tarPath image.tar + - >- + /kaniko/executor + --context $CONTEXT_LOCATION + --dockerfile $DOCKERFILE_LOCATION + --no-push + --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA + $EXTRA_ARGS + $REGISTRY_MIRROR + --tarPath image.tar diff --git a/tool-sonar8.gitlab-ci.yml b/tool-sonar8.gitlab-ci.yml deleted file mode 100644 index 2b0210d..0000000 --- a/tool-sonar8.gitlab-ci.yml +++ /dev/null @@ -1,35 +0,0 @@ -.sonar-template-common: - stage: test - variables: - SONAR_HOST_URL: https://sonar.exxcellent.de/sonar8 - SONAR_PROJECT_KEY: "" - SONAR_PROJECT_NAME: "" - SONAR_EXCLUSIONS: "**/target/**,**/src/test/**" - SONAR_QUALITYGATE_WAIT: "true" - SONAR_QUALITYGATE_TIMEOUT: "10000" - -.sonar-template: - extends: .sonar-template-common - image: $MAVEN_IMAGE - script: - - mvn $MAVEN_CLI_OPTS test sonar:sonar - "-Dsonar.host.url=$SONAR_HOST_URL" - "-Dsonar.login=$SONAR_TOKEN" - "-Dsonar.projectKey=$SONAR_PROJECT_KEY" - "-Dsonar.projectName=$SONAR_PROJECT_NAME" - "-Dsonar.exclusions=$SONAR_EXCLUSIONS" - "-Dsonar.qualitygate.wait=$SONAR_QUALITYGATE_WAIT" - "-Dsonar.qualitygate.timeout=$SONAR_QUALITYGATE_TIMEOUT" - -.sonar-template-gradle: - extends: .sonar-template-common - image: $GRADLE_IMAGE - script: - - ./gradlew $GRADLE_OPTS $GRADLE_CLI_OPTS sonarqube - "-Dsonar.host.url=$SONAR_HOST_URL" - "-Dsonar.login=$SONAR_TOKEN" - "-Dsonar.projectKey=$SONAR_PROJECT_KEY" - "-Dsonar.projectName=$SONAR_PROJECT_NAME" - "-Dsonar.exclusions=$SONAR_EXCLUSIONS" - "-Dsonar.qualitygate.wait=$SONAR_QUALITYGATE_WAIT" - "-Dsonar.qualitygate.timeout=$SONAR_QUALITYGATE_TIMEOUT"