From df45f220efa048e82a705747cdd0bfe9ecb607fc Mon Sep 17 00:00:00 2001
From: Franck Nijhof <frenck@addons.community>
Date: Wed, 9 Jan 2019 20:34:26 +0100
Subject: [PATCH] :tractor: :rocket: Refactor of GitLab CI

---
 .gitlab-ci.yml | 432 ++-----------------------------------------------
 1 file changed, 9 insertions(+), 423 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index bc16211..1ef7927 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,428 +1,14 @@
 ---
-image: docker:latest
+include: https://raw.githubusercontent.com/hassio-addons/organization/master/gitlabci/addon.yml
 
 variables:
-  ADDON_GITHUB_REPO: hassio-addons/addon-phlex
-  ADDON_SLUG: phlex
-  ADDON_TARGET: phlex
-  DOCKER_DRIVER: overlay2
-  DOCKER_HUB_ORG: hassioaddons
+  ADDON_GITHUB_REPO: "hassio-addons/addon-phlex"
+  ADDON_SLUG: "phlex"
+  ADDON_TARGET: "phlex"
 
-stages:
-  - preflight
-  - build
-  - scan
-  - deploy
-  - manifest
-  - publish
+  ADDON_ARMV7: "false"
 
-# Generic DIND template
-.dind: &dind
-  before_script:
-    - docker info
-  services:
-    - name: docker:dind
-      command: ["--experimental"]
-
-# Generic preflight template
-.preflight: &preflight
-  stage: preflight
-  tags:
-    - preflight
-
-# Generic build template
-.build: &build
-  <<: *dind
-  stage: build
-  before_script:
-    - docker info
-    - |
-      if [ "$(apk --print-arch)" = "amd64" ]; then
-        docker run --rm --privileged hassioaddons/qemu-user-static:latest
-      fi
-    - |
-      echo "${CI_JOB_TOKEN}" | docker login \
-        --username gitlab-ci-token \
-        --password-stdin \
-        registry.gitlab.com
-    - docker pull "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:cache" || true
-  script:
-    - |
-      docker build \
-        --build-arg "BUILD_FROM=${FROM}" \
-        --build-arg "BUILD_DATE=$(date +"%Y-%m-%dT%H:%M:%SZ")" \
-        --build-arg "BUILD_ARCH=${ADDON_ARCH}" \
-        --build-arg "BUILD_REF=${CI_COMMIT_SHA}" \
-        --build-arg "BUILD_VERSION=${CI_COMMIT_TAG:-${CI_COMMIT_SHA:0:7}}" \
-        --cache-from "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:cache" \
-        --tag \
-          "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}" \
-        "${ADDON_TARGET}"
-    - |
-      docker push \
-        "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}"
-# Generic scan template
-.scan: &scan
-  <<: *dind
-  stage: scan
-  allow_failure: true
-  before_script:
-    - docker info
-    - docker run -d --name db arminc/clair-db:latest
-    - docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1
-    - apk add -U curl ca-certificates
-    - |
-      curl \
-        --silent \
-        --show-error \
-        --location \
-        --fail \
-        --retry 3 \
-        --output /usr/bin/clair-scanner \
-        https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64
-    - chmod +x /usr/bin/clair-scanner
-    - touch clair-whitelist.yml
-    - echo "Waiting for Clair to start"
-    - |
-      while ! nc -z docker 6060; do
-        sleep 1
-        WAIT=$((${WAIT} + 1))
-        if [ "${WAIT}" -gt 30 ]; then
-          echo "Error > Timeout waiting for Clair to start"
-          exit 1
-        fi
-      done
-    - docker pull "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}"
-  script:
-    - |
-      clair-scanner \
-        -c http://docker:6060 \
-        --ip $(hostname -i) \
-        -w clair-whitelist.yml \
-        "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}"
-  tags:
-    - scan
-
-# Generic deploy template
-.deploy: &deploy
-  <<: *dind
-  stage: deploy
-  before_script:
-    - docker info
-    - docker pull "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}"
-    - |
-      echo "${CI_JOB_TOKEN}" | docker login \
-        --username gitlab-ci-token \
-        --password-stdin \
-        registry.gitlab.com
-    - |
-      echo "${DOCKER_PASSWORD}" | docker login \
-        --username "${DOCKER_LOGIN}" \
-        --password-stdin
-  script:
-    - |
-      docker tag \
-        "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}" \
-        "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:cache"
-    - docker push "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:cache"
-    - TAG="${CI_COMMIT_TAG#v}"
-    - TAG="${TAG:-${CI_COMMIT_SHA:0:7}}"
-    - |
-      docker tag \
-        "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}" \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:${ADDON_ARCH}-${TAG}"
-    - |
-      docker push \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:${ADDON_ARCH}-${TAG}"
-  tags:
-    - deploy
-  only:
-    - master
-    - /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/
-  except:
-    - /^(?!master).+@/
-
-# Generic manifest template
-.manifest: &manifest
-  <<: *dind
-  stage: manifest
-  before_script:
-    - mkdir -p ~/.docker
-    - echo '{"experimental":"enabled"}' > ~/.docker/config.json
-    - docker info
-    - |
-      echo "${DOCKER_PASSWORD}" | docker login \
-        --username "${DOCKER_LOGIN}" \
-        --password-stdin
-  script:
-    - TAG="${TAG#v}"
-    - TAG="${TAG:-${CI_COMMIT_SHA:0:7}}"
-    - REF="${CI_COMMIT_TAG#v}"
-    - REF="${REF:-${CI_COMMIT_SHA:0:7}}"
-    - |
-      docker manifest create \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:${TAG}" \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:aarch64-${REF}" \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:amd64-${REF}" \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:armhf-${REF}" \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:i386-${REF}"
-    - |
-      docker manifest annotate \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:${TAG}" \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:aarch64-${REF}" \
-        --os=linux \
-        --arch=arm64 \
-        --variant=v8
-    - |
-      docker manifest annotate \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:${TAG}" \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:amd64-${REF}" \
-        --os=linux \
-        --arch=amd64
-    - |
-      docker manifest annotate \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:${TAG}" \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:armhf-${REF}" \
-        --os=linux \
-        --arch=arm \
-        --variant=v6
-    - |
-      docker manifest annotate \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:${TAG}" \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:i386-${REF}" \
-        --os=linux \
-        --arch=386
-    - |
-      docker manifest push \
-        "${DOCKER_HUB_ORG}/${ADDON_SLUG}:${TAG}"
-  tags:
-    - manifest
-  except:
-    - /^(?!master).+@/
-
-# Generic publish template
-.publish: &publish
-  stage: publish
-  image:
-    name: hassioaddons/repository-updater:latest
-    entrypoint: [""]
-  script:
-    - |
-      repository-updater \
-        --token "${GITHUB_TOKEN}" \
-        --repository "${REPOSITORY}" \
-        --addon "${ADDON_GITHUB_REPO}"
-  tags:
-    - publish
-  except:
-    - /^(?!master).+@/
-
-# Preflight jobs
-hadolint:
-  <<: *preflight
-  image: hadolint/hadolint:latest-debian
-  before_script:
-    - hadolint --version
-  script:
-    - hadolint "${ADDON_TARGET}/Dockerfile"
-
-shellcheck:
-  <<: *preflight
-  image:
-    name: koalaman/shellcheck-alpine:stable
-    entrypoint: [""]
-  before_script:
-    - shellcheck --version
-    - apk --no-cache add grep
-    - |
-      find . -type f -print0 | \
-        xargs -0 sed -i 's:#!/usr/bin/with-contenv bash:#!/bin/bash:g'
-  script:
-    - |
-      for file in $(grep -IRl "#\!\(/usr/bin/env \|/bin/\)" --exclude-dir ".git" "${ADDON_TARGET}"); do
-        if ! shellcheck $file; then
-          export FAILED=1
-        else
-          echo "$file OK"
-        fi
-      done
-      if [ "${FAILED}" = "1" ]; then
-        exit 1
-      fi
-
-yamllint:
-  <<: *preflight
-  image: sdesbure/yamllint
-  before_script:
-    - yamllint --version
-  script:
-    - yamllint .
-
-jsonlint:
-  <<: *preflight
-  image: sahsu/docker-jsonlint
-  before_script:
-    - jsonlint --version || true
-  script:
-    - |
-      for file in $(find . -type f -name "*.json"); do
-        if ! jsonlint -q $file; then
-          export FAILED=1
-        else
-          echo "$file OK"
-        fi
-      done
-      if [ "${FAILED}" = "1" ]; then
-        exit 1
-      fi
-markdownlint:
-  <<: *preflight
-  image:
-    name: ruby:alpine
-    entrypoint: [""]
-  before_script:
-    - gem install mdl
-    - mdl --version
-  script:
-    - mdl --style all --warnings .
-
-# Build Jobs
-build:armhf:
-  <<: *build
-  variables:
-    ADDON_ARCH: armhf
-    FROM: hassioaddons/base-armhf:2.3.0
-  tags:
-    - build
-    - armhf
-
-build:aarch64:
-  <<: *build
-  variables:
-    ADDON_ARCH: aarch64
-    FROM: hassioaddons/base-aarch64:2.3.0
-  tags:
-    - build
-    - aarch64
-
-build:i386:
-  <<: *build
-  variables:
-    ADDON_ARCH: i386
-    FROM: hassioaddons/base-i386:2.3.0
-  tags:
-    - build
-    - i386
-
-build:amd64:
-  <<: *build
-  variables:
-    ADDON_ARCH: amd64
-    FROM: hassioaddons/base-amd64:2.3.0
-  tags:
-    - build
-    - amd64
-
-# Scan jobs
-clair:armhf:
-  <<: *scan
-  variables:
-    ADDON_ARCH: armhf
-
-clair:aarch64:
-  <<: *scan
-  variables:
-    ADDON_ARCH: aarch64
-
-clair:i386:
-  <<: *scan
-  variables:
-    ADDON_ARCH: i386
-
-clair:amd64:
-  <<: *scan
-  variables:
-    ADDON_ARCH: amd64
-
-# Deploy jobs
-deploy:armhf:
-  <<: *deploy
-  variables:
-    ADDON_ARCH: armhf
-
-deploy:aarch64:
-  <<: *deploy
-  variables:
-    ADDON_ARCH: aarch64
-
-deploy:i386:
-  <<: *deploy
-  variables:
-    ADDON_ARCH: i386
-
-deploy:amd64:
-  <<: *deploy
-  variables:
-    ADDON_ARCH: amd64
-
-# Manifest jobs
-manifest:sha:
-  <<: *manifest
-  only:
-    - master
-
-manifest:version:
-  <<: *manifest
-  variables:
-    TAG: "${CI_COMMIT_TAG}"
-  only:
-    - /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/
-
-manifest:stable:
-  <<: *manifest
-  variables:
-    TAG: latest
-  only:
-    - /^v\d+\.\d+\.\d+(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?$/
-
-manifest:beta:
-  <<: *manifest
-  variables:
-    TAG: beta
-  only:
-    - /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/
-
-manifest:edge:
-  <<: *manifest
-  variables:
-    TAG: edge
-  only:
-    - master
-
-# Publish jobs
-publish:stable:
-  <<: *publish
-  variables:
-    REPOSITORY: hassio-addons/repository
-  only:
-    - /^v\d+\.\d+\.\d+(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?$/
-  environment:
-    name: stable
-
-publish:beta:
-  <<: *publish
-  variables:
-    REPOSITORY: hassio-addons/repository-beta
-  only:
-    - /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/
-  environment:
-    name: beta
-
-publish:edge:
-  <<: *publish
-  variables:
-    REPOSITORY: hassio-addons/repository-edge
-  only:
-    - master
-  environment:
-    name: edge
+  ADDON_AARCH64_BASE: "hassioaddons/base-aarch64:2.3.1"
+  ADDON_AMD64_BASE: "hassioaddons/base-amd64:2.3.1"
+  ADDON_ARMHF_BASE: "hassioaddons/base-armhf:2.3.1"
+  ADDON_I386_BASE: "hassioaddons/base-i386:2.3.1"