Merge branch 'gradle' into 'master'

feat(Gradle): Add Gradle Templates See merge request gilden/ci/gitlab-ci-templates!21
2021-08-17 05:39:00 +00:00 · 2021-08-17 05:39:00 +00:00 · ebec42f7c6
commit ebec42f7c6
parent 2edfcec46e d3dc92659d
9 changed files with 126 additions and 7 deletions
--- a/STD-variablen-Template.gitlab-ci.yml
+++ b/STD-variablen-Template.gitlab-ci.yml
@ -7,14 +7,22 @@ stages:
  - post-process
  - package

+
 cache:
  key: "$CI_JOB_NAME"
  paths:
+    # Cache Maven
    - .m2/repository
-    - $FRONTEND_DIR/
+    # Cache NPM
+    - $FRONTEND_DIR/dist
+    # Cache Gradle
+    - .gradle
+    - build

 variables:
  CI_REGISTRY: gitlab.exxcellent.de:4567
+
+  ##Global Variables we use in our CI scripts when using maven
  MAVEN_IMAGE: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-java-maven-base-image:java11-maven3.8.1_latest
  MAVEN_OPTS: >
    -Dhttps.protocols=TLSv1.2
@ -29,5 +37,11 @@ variables:
    --show-version
    -DinstallAtEnd=true
    -DdeployAtEnd=true
-  SONAR_PROJECT_KEY: de.exxcellent.bwfps.csapp:csapp-middleware
+
+  ##Global Variables we use in our CI scripts when using Gradle
+  GRADLE_OPTS: "-Dorg.gradle.daemon=false"
+  GRADLE_IMAGE: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-java-maven-base-image:java11-maven3.8.1_latest
+  # Currently we use the Maven image and use the Gradle Wrapper. This is slower but saver at the moment
+
+  ##Some npm script use this. Its usefull for Monorepos
  FRONTEND_DIR: $CI_PROJECT_DIR
--- a/container-publish.gitlab-ci.yml
+++ b/container-publish.gitlab-ci.yml
@ -21,6 +21,26 @@
      "-Djib.to.auth.username=$DOCKER_REGISTRY_USER"
      "-Djib.to.auth.password=$DOCKER_REGISTRY_PASSWORD"

+.publish-image-jib-gradle:
+  image: $GRADLE_IMAGE
+  stage: package
+  rules:
+    - if: $CI_COMMIT_TAG
+  variables:
+    DOCKER_REGISTRY: $CI_REGISTRY_IMAGE
+    DOCKER_REGISTRY_USER: $CI_REGISTRY_USER
+    DOCKER_REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD
+  before_script:
+    - export PARSED_VERSION=$(echo $CI_COMMIT_TAG | sed -r 's/\+/_/g') # Replace + sign since this is not valid in a docker tag
+    - export IMAGE_NAME=$CI_REGISTRY_IMAGE:$PARSED_VERSION
+  script:
+    - echo $PARSED_VERSION
+    - gradlew jib
+      "-DskipTests"
+      "-Djib.to.image=$DOCKER_REGISTRY:$PARSED_VERSION"
+      "-Djib.to.auth.username=$DOCKER_REGISTRY_USER"
+      "-Djib.to.auth.password=$DOCKER_REGISTRY_PASSWORD"
+
 .publish-image-kaniko:
  image:
    name: gcr.io/kaniko-project/executor:v1.6.0-debug
--- a/container-scan.gitlab-ci.yml
+++ b/container-scan.gitlab-ci.yml
@ -2,7 +2,7 @@
  image: $MAVEN_IMAGE
  stage: test
  variables:
-    TRIVY_VERSION: 0.18.3
+    TRIVY_VERSION: 0.19.2
    EXITCODE: 1
    TRIVY_EXTRA_ARGS: "--no-progress --auto-refresh --ignore-unfixed"
  before_script:
@ -19,13 +19,36 @@
    reports:
      junit: junit-report.xml

+.scan-container-jib-gradle:
+  image: $GRADLE_IMAGE
+  stage: test
+  variables:
+    TRIVY_VERSION: 0.19.2
+    EXITCODE: 1
+    PROJECT_DIR: $CI_PROJECT_DIR/build
+    TRIVY_EXTRA_ARGS: "--no-progress --auto-refresh --ignore-unfixed"
+  before_script:
+    - export GRADLE_USER_HOME=`pwd`/.gradle
+    - curl -L "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz"  --output trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz
+    - tar zxvf trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz
+  script:
+    - ./gradlew jibBuildTar -DskipTests
+    - ./trivy --cache-dir .trivycache/ $TRIVY_EXTRA_ARGS --exit-code 0 --cache-dir .trivycache/ --severity HIGH,CRITICAL --no-progress --format template --template "@contrib/junit.tpl" -o junit-report.xml --input $PROJECT_DIR/jib-image.tar
+    - ./trivy --cache-dir .trivycache/ $TRIVY_EXTRA_ARGS --exit-code $EXITCODE --cache-dir .trivycache/ --severity HIGH,CRITICAL --no-progress --input $PROJECT_DIR/jib-image.tar
+  cache:
+    paths:
+      - .trivycache/
+  artifacts:
+    reports:
+      junit: junit-report.xml
+
 .scan-container-kaniko:
  stage: test
  image:
    name: gcr.io/kaniko-project/executor:debug
    entrypoint: [ "" ]
  variables:
-    TRIVY_VERSION: 0.18.3
+    TRIVY_VERSION: 0.19.2
    PROJECT_DIR: $CI_PROJECT_DIR
    DOCKERFILE_LOCATION: $CI_PROJECT_DIR/Dockerfile
    CONTEXT_LOCATION: $CI_PROJECT_DIR
--- a/documentation/chapters/generalInformation.adoc
+++ b/documentation/chapters/generalInformation.adoc
@ -6,7 +6,8 @@
 In dieser Repository sind Templates und Pipeline-Templates zu finden.
 Templates sind vorgefertigte Jobs die jeweils einen Use-Case abbilden sollen und direkt importiert werde können.

-Da eine CI jedoch aus Pipelines besteht und Gitlab die Möglichkeit Multiprojekt- und child-Pipelines zu benutzen werden hier auch vorgefertigte bereit gestellt. Diese Pipeline-Templates bilden komplexere Use-Cases ab. 
+Da eine CI jedoch aus Pipelines besteht und Gitlab die Möglichkeit Multiprojekt- und child-Pipelines zu benutzen werden hier auch vorgefertigte bereit gestellt.
+Diese Pipeline-Templates bilden komplexere Use-Cases ab.
 Pipelines sind in dem dafür vorgesehenen Pipeline Ordner zu finden.

 == Wie können Templates benutzt werden
@ -24,7 +25,7 @@ stages:

 include:
  - project: 'gilden/ci/gitlab-ci-templates'
-    ref: 'master'
+    ref: '1.0.0'
    file:
      - 'maven-build-template.gitlab-ci.yml'
      - 'maven-dependencies-template.gitlab-ci.yml'
--- a/documentation/chapters/templates/gradle-build-template.adoc
+++ b/documentation/chapters/templates/gradle-build-template.adoc
@ -0,0 +1,17 @@
+:sourcedir: ../../../
+
+= Gradle-build-template
+
+Diese Template läd die Dependencies herunter und das Projekt.
+Die Ergebnisse werden als Artifact gespeichert.
+
+.Variables
+|===
+|Name |Description | Default Value
+|===
+
+.gradle-build-template
+[source,yaml]
+----
+include::{sourcedir}/gradle-build-template.gitlab-ci.yml[]
+----
--- a/documentation/chapters/templates/gradle-test-template.adoc
+++ b/documentation/chapters/templates/gradle-test-template.adoc
@ -0,0 +1,17 @@
+:sourcedir: ../../../
+
+= Gradle-test-template
+
+Dieses Template startet den Test Task in gradle.
+Die Ergebnisse werden als Artifact gespeichert.
+
+.Variables
+|===
+|Name |Description | Default Value
+|===
+
+.gradle-build-template
+[source,yaml]
+----
+include::{sourcedir}/gradle-test-template.gitlab-ci.yml[]
+----
--- a/documentation/document.adoc
+++ b/documentation/document.adoc
@ -41,7 +41,6 @@ include::chapters/templates/container-scan.adoc[leveloffset=2]
 include::chapters/templates/docker-compose-validate.adoc[leveloffset=2]
 include::chapters/templates/docker-compose-deploy.adoc[leveloffset=2]

-
 == Versionierungs Templates

 Im folgende sind erweiterte Templates zu finden für das https://gitlab.exxcellent.de/gilden/ci/exxcellent-increase-version-tool[Increase-Version-Tool] der CI Gilde.
@ -71,6 +70,14 @@ include::chapters/templates/maven-dependencies-template.adoc[leveloffset=2]
 include::chapters/templates/maven-build-template.adoc[leveloffset=2]
 include::chapters/templates/maven-verify-template.adoc[leveloffset=2]

+== Gradle Templates
+
+Aktuell gehen wir davon das der Gradle Wrapper in dem Projekt vorhanden ist.
+Sollte dieser noch nicht vorhanden sein kann er mit dem Befehl `gradle wrapper` erstellt werden.
+
+include::chapters/templates/gradle-build-template.adoc[leveloffset=2]
+include::chapters/templates/gradle-test-template.adoc[leveloffset=2]
+
 == weitere Gilden-Tools

 include::chapters/templates/tool-sonar7.adoc[leveloffset=2]
--- a/gradle-build-template.gitlab-ci.yml
+++ b/gradle-build-template.gitlab-ci.yml
@ -0,0 +1,10 @@
+.gradle-build:
+  stage: build
+  image: $GRADLE_IMAGE
+  script:
+    - "./gradlew --build-cache clean assemble"
+  artifacts:
+    expire_in: 2 weeks
+    when: on_success
+    paths:
+      - "**/build"
--- a/gradle-test-template.gitlab-ci.yml
+++ b/gradle-test-template.gitlab-ci.yml
@ -0,0 +1,10 @@
+.gradle-test:
+  image: $GRADLE_IMAGE
+  stage: test
+  script:
+    - "./gradlew --build-cache test"
+  artifacts:
+    expire_in: 2 weeks
+    reports:
+      junit:
+        - "**/build/test-results/**/TEST-*.xml"