paul/gilde-ci-cd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat(Gradle): Add Gradle Templates

Browse Source
This commit is contained in:
mfeix 2021-08-12 09:50:55 +02:00
parent e73ddc5f8a
commit ecdbe05409
No known key found for this signature in database
GPG Key ID: 04D016E104A25F03
8 changed files with 118 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
STD-variablen-Template.gitlab-ci.yml
View File

@ -7,14 +7,22 @@ stages:
- post-process - post-process
- package - package
cache: cache:
key: "$CI_JOB_NAME" key: "$CI_JOB_NAME"
paths: paths:
# Cache Maven
- .m2/repository - .m2/repository
- $FRONTEND_DIR/ # Cache NPM
- $FRONTEND_DIR/dist
# Cache Gradle
- .gradle
- build
variables: variables:
CI_REGISTRY: gitlab.exxcellent.de:4567 CI_REGISTRY: gitlab.exxcellent.de:4567
##Global Variables we use in our CI scripts when using maven
MAVEN_IMAGE: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-java-maven-base-image:java11-maven3.8.1_latest MAVEN_IMAGE: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-java-maven-base-image:java11-maven3.8.1_latest
MAVEN_OPTS: > MAVEN_OPTS: >
-Dhttps.protocols=TLSv1.2 -Dhttps.protocols=TLSv1.2
@ -29,5 +37,11 @@ variables:
--show-version --show-version
-DinstallAtEnd=true -DinstallAtEnd=true
-DdeployAtEnd=true -DdeployAtEnd=true
SONAR_PROJECT_KEY: de.exxcellent.bwfps.csapp:csapp-middleware
##Global Variables we use in our CI scripts when using Gradle
GRADLE_OPTS: "-Dorg.gradle.daemon=false"
GRADLE_IMAGE: gitlab.exxcellent.de:4567/gilden/ci/exxcellent-java-maven-base-image:java11-maven3.8.1_latest
# Currently we use the Maven image and use the Gradle Wrapper. This is slower but saver at the moment
##Some npm script use this. Its usefull for Monorepos
FRONTEND_DIR: $CI_PROJECT_DIR FRONTEND_DIR: $CI_PROJECT_DIR

20
container-publish.gitlab-ci.yml
View File

@ -21,6 +21,26 @@
"-Djib.to.auth.username=$DOCKER_REGISTRY_USER" "-Djib.to.auth.username=$DOCKER_REGISTRY_USER"
"-Djib.to.auth.password=$DOCKER_REGISTRY_PASSWORD" "-Djib.to.auth.password=$DOCKER_REGISTRY_PASSWORD"
.publish-image-jib-gradle:
image: $MAVEN_IMAGE
stage: package
rules:
- if: $CI_COMMIT_TAG
variables:
DOCKER_REGISTRY: $CI_REGISTRY_IMAGE
DOCKER_REGISTRY_USER: $CI_REGISTRY_USER
DOCKER_REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD
before_script:
- export PARSED_VERSION=$(echo $CI_COMMIT_TAG | sed -r 's/\+/_/g') # Replace + sign since this is not valid in a docker tag
- export IMAGE_NAME=$CI_REGISTRY_IMAGE:$PARSED_VERSION
script:
- echo $PARSED_VERSION
- gradlew jib
"-DskipTests"
"-Djib.to.image=$DOCKER_REGISTRY:$PARSED_VERSION"
"-Djib.to.auth.username=$DOCKER_REGISTRY_USER"
"-Djib.to.auth.password=$DOCKER_REGISTRY_PASSWORD"
.publish-image-kaniko: .publish-image-kaniko:
image: image:
name: gcr.io/kaniko-project/executor:v1.6.0-debug name: gcr.io/kaniko-project/executor:v1.6.0-debug

27
container-scan.gitlab-ci.yml
View File

@ -2,7 +2,7 @@
image: $MAVEN_IMAGE image: $MAVEN_IMAGE
stage: test stage: test
variables: variables:
TRIVY_VERSION: 0.18.3 TRIVY_VERSION: 0.19.2
EXITCODE: 1 EXITCODE: 1
TRIVY_EXTRA_ARGS: "--no-progress --auto-refresh --ignore-unfixed" TRIVY_EXTRA_ARGS: "--no-progress --auto-refresh --ignore-unfixed"
before_script: before_script:
@ -19,13 +19,36 @@
reports: reports:
junit: junit-report.xml junit: junit-report.xml
.scan-container-jib-gradle:
image: $GRADLE_IMAGE
stage: test
variables:
TRIVY_VERSION: 0.19.2
EXITCODE: 1
PROJECT_DIR: $CI_PROJECT_DIR/build
TRIVY_EXTRA_ARGS: "--no-progress --auto-refresh --ignore-unfixed"
before_script:
- export GRADLE_USER_HOME=`pwd`/.gradle
- curl -L "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" --output trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz
- tar zxvf trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz
script:
- ./gradlew jibBuildTar -DskipTests
- ./trivy --cache-dir .trivycache/ $TRIVY_EXTRA_ARGS --exit-code 0 --cache-dir .trivycache/ --severity HIGH,CRITICAL --no-progress --format template --template "@contrib/junit.tpl" -o junit-report.xml --input $PROJECT_DIR/jib-image.tar
- ./trivy --cache-dir .trivycache/ $TRIVY_EXTRA_ARGS --exit-code $EXITCODE --cache-dir .trivycache/ --severity HIGH,CRITICAL --no-progress --input $PROJECT_DIR/jib-image.tar
cache:
paths:
- .trivycache/
artifacts:
reports:
junit: junit-report.xml
.scan-container-kaniko: .scan-container-kaniko:
stage: test stage: test
image: image:
name: gcr.io/kaniko-project/executor:debug name: gcr.io/kaniko-project/executor:debug
entrypoint: [ "" ] entrypoint: [ "" ]
variables: variables:
TRIVY_VERSION: 0.18.3 TRIVY_VERSION: 0.19.2
PROJECT_DIR: $CI_PROJECT_DIR PROJECT_DIR: $CI_PROJECT_DIR
DOCKERFILE_LOCATION: $CI_PROJECT_DIR/Dockerfile DOCKERFILE_LOCATION: $CI_PROJECT_DIR/Dockerfile
CONTEXT_LOCATION: $CI_PROJECT_DIR CONTEXT_LOCATION: $CI_PROJECT_DIR

5
documentation/chapters/generalInformation.adoc
View File

@ -6,7 +6,8 @@
In dieser Repository sind Templates und Pipeline-Templates zu finden. In dieser Repository sind Templates und Pipeline-Templates zu finden.
Templates sind vorgefertigte Jobs die jeweils einen Use-Case abbilden sollen und direkt importiert werde können. Templates sind vorgefertigte Jobs die jeweils einen Use-Case abbilden sollen und direkt importiert werde können.
Da eine CI jedoch aus Pipelines besteht und Gitlab die Möglichkeit Multiprojekt- und child-Pipelines zu benutzen werden hier auch vorgefertigte bereit gestellt. Diese Pipeline-Templates bilden komplexere Use-Cases ab. Da eine CI jedoch aus Pipelines besteht und Gitlab die Möglichkeit Multiprojekt- und child-Pipelines zu benutzen werden hier auch vorgefertigte bereit gestellt.
Diese Pipeline-Templates bilden komplexere Use-Cases ab.
Pipelines sind in dem dafür vorgesehenen Pipeline Ordner zu finden. Pipelines sind in dem dafür vorgesehenen Pipeline Ordner zu finden.
== Wie können Templates benutzt werden == Wie können Templates benutzt werden
@ -24,7 +25,7 @@ stages:
include: include:
- project: 'gilden/ci/gitlab-ci-templates' - project: 'gilden/ci/gitlab-ci-templates'
ref: 'master' ref: '1.0.0'
file: file:
- 'maven-build-template.gitlab-ci.yml' - 'maven-build-template.gitlab-ci.yml'
- 'maven-dependencies-template.gitlab-ci.yml' - 'maven-dependencies-template.gitlab-ci.yml'

17
documentation/chapters/templates/gradle-build-template.adoc Normal file
View File

@ -0,0 +1,17 @@
:sourcedir: ../../../
= Gradle-build-template
Diese Template läd die Dependencies herunter und das Projekt.
Die Ergebnisse werden als Artifact gespeichert.
.Variables
|===
|Name |Description | Default Value
|===
.gradle-build-template
[source,yaml]
----
include::{sourcedir}/gradle-build-template.gitlab-ci.yml[]
----

17
documentation/chapters/templates/gradle-test-template.adoc Normal file
View File

@ -0,0 +1,17 @@
:sourcedir: ../../../
= Gradle-test-template
Dieses Template startet den Test Task in gradle.
Die Ergebnisse werden als Artifact gespeichert.
.Variables
|===
|Name |Description | Default Value
|===
.gradle-build-template
[source,yaml]
----
include::{sourcedir}/gradle-test-template.gitlab-ci.yml[]
----

10
gradle-build-template.gitlab-ci.yml Normal file
View File

@ -0,0 +1,10 @@
.gradle-build:
stage: build
image: $GRADLE_IMAGE
script:
- "./gradlew --build-cache clean assemble"
artifacts:
expire_in: 2 weeks
when: on_success
paths:
- "**/build"

10
gradle-test-template.gitlab-ci.yml Normal file
View File

@ -0,0 +1,10 @@
.gradle-test:
image: $GRADLE_IMAGE
stage: test
script:
- "./gradlew --build-cache test"
artifacts:
expire_in: 2 weeks
reports:
junit:
- "**/build/test-results/**/TEST-*.xml"