hassio-addons/addon-base
1
0
Fork 0
mirror of https://github.com/hassio-addons/addon-base.git synced 2025-05-07 04:11:24 +00:00
Code Issues Projects Releases Packages Wiki Activity

Adds Gitlab CI (#20)

Browse source 
*  Adds Gitlab CI

* 🔥 Removes CodeClimate

* 🔥 Removes CircleCI

* 🚑 Allow shellcheck to check external sources

* 👕 Fixes Markdownlint error in LICENSE.md

* 🚑 Enables Docker experimental features to allow image squashing..

* 🚑 Adds the qemu user static binaries to GitLab CI

* 🚑 Adds the curl to the GitLab CI env
This commit is contained in:
Franck Nijhof 2018-05-06 15:59:38 +02:00 committed by GitHub
parent e4dd61bad8
commit 8b41a65309
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 302 additions and 107 deletions
Download patch file Download diff file Expand all files Collapse all files

93
.circleci/config.yml
View file

@ -1,93 +0,0 @@
version: 2
defaults: &defaults
machine:
image: circleci/classic:edge
steps:
- run:
name: Restart Docker with experimental features enabled
command: |
sudo sh -c 'echo '\''DOCKER_OPTS="--experimental=true"'\'' >> /etc/default/docker'
sudo service docker restart
- run:
name: Check docker is running
command: docker info
- run:
name: Pull Community Hass.io Add-ons build environment
command: docker pull hassioaddons/build-env:latest
- run:
name: Log in to Docker Hub
command: |
if [[ "${CIRCLE_BRANCH}" = "master" || ! -z "${CIRCLE_TAG:-}" ]];
then
docker login -u "${DOCKER_LOGIN}" -p "${DOCKER_PASSWORD}"
fi
- checkout
- run:
name: Get QEMU user mode processor emulation binaries
command: |
curl -L -s "https://github.com/hassio-addons/qemu-user-static/releases/download/v2.11.0/qemu-aarch64-static.tar.gz" | tar zxvf - -C ./base/rootfs/usr/bin/
curl -L -s "https://github.com/hassio-addons/qemu-user-static/releases/download/v2.11.0/qemu-arm-static.tar.gz" | tar zxvf - -C ./base/rootfs/usr/bin/
- deploy:
name: Build and (maybe) deploy
command: |
if [[ "${CIRCLE_BRANCH}" = "master" || ! -z "${CIRCLE_TAG:-}" ]];
then
docker run \
--privileged \
-v /var/run/docker.sock:/var/run/docker.sock \
-v ~/.docker:/root/.docker \
-v "$PWD":/docker \
hassioaddons/build-env:latest \
--target base \
--${ARCH} \
--git \
--push
else
docker run \
--privileged \
-v /var/run/docker.sock:/var/run/docker.sock \
-v "$PWD":/docker \
hassioaddons/build-env:latest \
--target base \
--git \
--${ARCH}
fi
jobs:
aarch64:
<<: *defaults
environment:
ARCH: aarch64
amd64:
<<: *defaults
environment:
ARCH: amd64
armhf:
<<: *defaults
environment:
ARCH: armhf
i386:
<<: *defaults
environment:
ARCH: i386
workflows:
version: 2
build_and_maybe_deploy:
jobs:
- aarch64:
filters:
tags:
only: /.*/
- amd64:
filters:
tags:
only: /.*/
- armhf:
filters:
tags:
only: /.*/
- i386:
filters:
tags:
only: /.*/

13
.codeclimate.yml
View file

@ -1,13 +0,0 @@
---
engines:
fixme:
enabled: true
shellcheck:
enabled: true
markdownlint:
enabled: true
ratings:
paths:
- "**.sh"
- "**.md"
exclude_paths: []

301
.gitlab-ci.yml Normal file
View file

@ -0,0 +1,301 @@
---
image: docker:stable
variables:
ADDON_GITHUB_REPO: hassio-addons/addon-base
ADDON_SLUG: base
ADDON_TARGET: base
DOCKER_DRIVER: overlay2
DOCKER_HUB_ORG: hassioaddons
stages:
- preflight
- build
- scan
- deploy
# Generic DIND template
.dind: &dind
before_script:
- docker info
- docker login -u gitlab-ci-token -p "${CI_JOB_TOKEN}" registry.gitlab.com
services:
- name: docker:dind
command: ["--experimental"]
# Generic preflight template
.preflight: &preflight
stage: preflight
tags:
- preflight
# Generic build template
.build: &build
<<: *dind
stage: build
script:
- apk --no-cache add curl
- |
curl -L -s \
"https://github.com/hassio-addons/qemu-user-static/releases/download/v2.11.0/qemu-aarch64-static.tar.gz" | \
tar zxvf - -C ./base/rootfs/usr/bin/
- |
curl -L -s \
"https://github.com/hassio-addons/qemu-user-static/releases/download/v2.11.0/qemu-arm-static.tar.gz" | \
tar zxvf - -C ./base/rootfs/usr/bin/
- |
docker run \
--privileged \
--volume /var/run/docker.sock:/var/run/docker.sock \
--volume "$PWD":/docker \
hassioaddons/build-env:latest \
--image "addon" \
--cache-from "${DOCKER_HUB_ORG}/${ADDON_SLUG}-${ADDON_ARCH}" \
--cache-tag "test" \
--git-url "https://github.com/${ADDON_GITHUB_REPO}" \
--target "${ADDON_TARGET}" \
--tag-latest \
--git \
--${ADDON_ARCH}
- |
docker tag \
"addon:latest" \
"registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}"
- |
docker push \
"registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}"
tags:
- build
# Generic scan template
.scan: &scan
<<: *dind
stage: scan
allow_failure: true
before_script:
- docker info
- docker run -d --name db arminc/clair-db:latest
- docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1
- apk add -U curl ca-certificates
- |
curl \
--silent \
--show-error \
--location \
--fail \
--retry 3 \
--output /usr/bin/clair-scanner \
https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64
- chmod +x /usr/bin/clair-scanner
- touch clair-whitelist.yml
- echo "Waiting for Clair to start"
- |
while ! nc -z docker 6060; do
sleep 1
WAIT=$((${WAIT} + 1))
if [ "${WAIT}" -gt 30 ]; then
echo "Error > Timeout waiting for Clair to start"
exit 1
fi
done
- docker pull "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}"
script:
- |
clair-scanner \
-c http://docker:6060 \
--ip $(hostname -i) \
-w clair-whitelist.yml \
"registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}"
tags:
- scan
# Generic deploy template
.deploy: &deploy
<<: *dind
stage: deploy
before_script:
- apk --no-cache add curl
- docker info
- docker login -u gitlab-ci-token -p "${CI_JOB_TOKEN}" registry.gitlab.com
- docker pull "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}"
- docker pull hassioaddons/build-env:latest
- |
curl -L -s \
"https://github.com/hassio-addons/qemu-user-static/releases/download/v2.11.0/qemu-aarch64-static.tar.gz" | \
tar zxvf - -C ./base/rootfs/usr/bin/
- |
curl -L -s \
"https://github.com/hassio-addons/qemu-user-static/releases/download/v2.11.0/qemu-arm-static.tar.gz" | \
tar zxvf - -C ./base/rootfs/usr/bin/
script:
- |
docker run \
--privileged \
--volume /var/run/docker.sock:/var/run/docker.sock \
--volume "$PWD":/docker \
hassioaddons/build-env:latest \
--image "${DOCKER_HUB_ORG}/${ADDON_SLUG}-${ADDON_ARCH}" \
--cache-from "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}" \
--cache-tag "${CI_COMMIT_SHA}" \
--git-url "https://github.com/${ADDON_GITHUB_REPO}" \
--target "${ADDON_TARGET}" \
--login "${DOCKER_LOGIN}" \
--password "${DOCKER_PASSWORD}" \
--git \
--push \
--${ADDON_ARCH}
tags:
- deploy
# Preflight jobs
hadolint:
<<: *preflight
image: hadolint/hadolint:latest
before_script:
- hadolint --version
script:
- hadolint "${ADDON_TARGET}/Dockerfile"
shellcheck:
<<: *preflight
image:
name: koalaman/shellcheck-alpine:stable
entrypoint: [""]
before_script:
- shellcheck --version
- apk --no-cache add grep
- |
find . -type f -print0 | \
xargs -0 sed -i 's:#!/usr/bin/with-contenv bash:#!/bin/bash:g'
script:
- |
for file in $(grep -IRl "#\!\(/usr/bin/env \|/bin/\)" --exclude-dir ".git" "${ADDON_TARGET}"); do
if ! shellcheck --external-sources $file; then
export FAILED=1
else
echo "$file OK"
fi
done
if [ "${FAILED}" = "1" ]; then
exit 1
fi
yamllint:
<<: *preflight
image: sdesbure/yamllint
before_script:
- yamllint --version
script:
- yamllint .
jsonlint:
<<: *preflight
image: sahsu/docker-jsonlint
before_script:
- jsonlint --version || true
script:
- |
for file in $(find . -type f -name "*.json"); do
if ! jsonlint -q $file; then
export FAILED=1
else
echo "$file OK"
fi
done
if [ "${FAILED}" = "1" ]; then
exit 1
fi
markdownlint:
<<: *preflight
image:
name: ruby:alpine
entrypoint: [""]
before_script:
- gem install mdl
- mdl --version
script:
- mdl --style all --warnings .
# Build Jobs
build:armhf:
<<: *build
variables:
ADDON_ARCH: armhf
build:aarch64:
<<: *build
variables:
ADDON_ARCH: aarch64
build:i386:
<<: *build
variables:
ADDON_ARCH: i386
build:amd64:
<<: *build
variables:
ADDON_ARCH: amd64
# Scan jobs
clair:armhf:
<<: *scan
variables:
ADDON_ARCH: armhf
clair:aarch64:
<<: *scan
variables:
ADDON_ARCH: aarch64
clair:i386:
<<: *scan
variables:
ADDON_ARCH: i386
clair:amd64:
<<: *scan
variables:
ADDON_ARCH: amd64
# Deploy jobs
deploy:armhf:
<<: *deploy
variables:
ADDON_ARCH: armhf
only:
- master
- /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/
except:
- /^(?!master).+@/
deploy:aarch64:
<<: *deploy
variables:
ADDON_ARCH: armhf
only:
- master
- /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/
except:
- /^(?!master).+@/
deploy:i386:
<<: *deploy
variables:
ADDON_ARCH: armhf
only:
- master
- /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/
except:
- /^(?!master).+@/
deploy:amd64:
<<: *deploy
variables:
ADDON_ARCH: armhf
only:
- master
- /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/
except:
- /^(?!master).+@/

2
LICENSE.md
View file

@ -1,4 +1,4 @@
MIT License
# MIT License
Copyright (c) 2017 Franck Nijhof