From 8f7ca3116c18a05cce2afa66a3c6ca0b5563b548 Mon Sep 17 00:00:00 2001 From: Ryan Faircloth <35384120+rfaircloth-splunk@users.noreply.github.com> Date: Tue, 8 Oct 2019 15:01:50 -0400 Subject: [PATCH] Feature/don't upload p rs to releases (#128) Restructure CI --- .circleci/config.yml | 584 ++++++++++++++++++------------------------ docker-compose-ci.yml | 2 +- 2 files changed, 251 insertions(+), 335 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 65ac936..fda0601 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -7,117 +7,102 @@ #You should have received a copy of the CC0 legalcode along with this #work. If not, see . version: 2.1 - orbs: + docker: circleci/docker@0.5.13 + go: circleci/go@0.2.0 snyk: snyk/snyk@0.0.8 - clair-scanner: ovotech/clair-scanner@1.5.0 - + versioning: kollex/versioning@1.0.0 jobs: build: - machine: - image: ubuntu-1604:201903-01 - docker_layer_caching: true # default - false + docker: + - image: circleci/buildpack-deps:18.04 environment: - IMAGE_NAME: docker.pkg.github.com/splunk/splunk-connect-for-syslog/ci -# docker: -# - image: circleci/buildpack-deps:stretch + REGISTRY: docker.pkg.github.com + CI_IMAGE: splunk/splunk-connect-for-syslog/ci steps: -# - setup_remote_docker: -# docker_layer_caching: true + - setup_remote_docker: + docker_layer_caching: true - checkout - - run: git submodule sync - run: git submodule update --init --recursive - - run: mkdir /tmp/artifacts - - run: docker pull gittools/gitversion:latest-linux-netcoreapp2.1 - - run: - name: Docker Login - command: docker login docker.pkg.github.com --username $GITHUB_USER --password $GITHUB_TOKEN - - run: - name: Build Docker image - command: docker build -f package/Dockerfile --build-arg RH_ORG=$RH_ORG --build-arg RH_ACTIVATION=$RH_ACTIVATION -t $IMAGE_NAME:$CIRCLE_SHA1 package - - run: - name: Push Docker image by hash - command: docker push $IMAGE_NAME:$CIRCLE_SHA1 + - run: mkdir /tmp/workspace + + - versioning/define_version + - versioning/create_version_file: + version_file_path: /tmp/workspace/VERSION + + - docker/install-docker + - docker/check: + registry: $REGISTRY + docker-username: GITHUB_USER + docker-password: GITHUB_TOKEN + - docker/build: + image: $CI_IMAGE + registry: $REGISTRY + path: package + extra_build_args: --build-arg RH_ORG=$RH_ORG --build-arg RH_ACTIVATION=$RH_ACTIVATION + + - docker/install-goss - run: - name: Docker tag and push with version label + name: Test Docker command: | - SEMVER=$(docker run --rm -v "$(pwd):/repo" gittools/gitversion:latest-linux-netcoreapp2.1 /repo /showvariable SemVer /nofetch) - echo image $IMAGE_NAME:$SEMVER - docker tag $IMAGE_NAME:$CIRCLE_SHA1 $IMAGE_NAME:$SEMVER - docker push $IMAGE_NAME:$SEMVER + mkdir -p /tmp/test-results + # Don't forget path! + export PATH=$PATH:~/bin + pushd package + GOSS_FMT_OPTIONS="perfdata verbose" GOSS_FILES_STRATEGY=cp GOSS_OPTS="--max-concurrent=1 --format junit" dgoss run -t $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 3>&1 1>&2 2>&3 > /tmp/goss.tmp || true ; cat /tmp/goss.tmp | grep -v "<" + popd + cat /tmp/goss.tmp | grep "[<\>]" > /tmp/test-results/goss.xml + + - docker/push: + registry: $REGISTRY + image: $CI_IMAGE + - run: | + CIRCLE_BRANCH_CLEAN=$(echo ${CIRCLE_BRANCH} | sed 's/[^a-zA-Z0-9\._-]//g') + if [ -n "${CIRCLE_TAG}" ]; then DOCKER_TAG=${CIRCLE_TAG}; else DOCKER_TAG="${CIRCLE_BRANCH_CLEAN}"; fi + if [ -n "${CIRCLE_TAG}" ]; then VERSION=${CIRCLE_TAG}; else VERSION="${CIRCLE_BRANCH_CLEAN}@${CIRCLE_SHA1:0:6}"; fi + docker tag $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 $REGISTRY/$CI_IMAGE:$DOCKER_TAG + docker push $REGISTRY/$CI_IMAGE:$DOCKER_TAG - run: name: Docker Save command: | - SEMVER=$(docker run --rm -v "$(pwd):/repo" gittools/gitversion:latest-linux-netcoreapp2.1 /repo /showvariable SemVer /nofetch) - docker save $IMAGE_NAME:$SEMVER | gzip -c > /tmp/artifacts/oci_container.tar.gz + docker save $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 | gzip -c > /tmp/workspace/oci_container.tar.gz - run: name: BYOE Config command: | - tar rvf /tmp/artifacts/baremetal.tar -C package etc - tar rvf /tmp/artifacts/baremetal.tar -C package/sbin entrypoint.sh + tar rvf /tmp/workspace/baremetal.tar -C package etc + tar rvf /tmp/workspace/baremetal.tar -C package/sbin entrypoint.sh - - store_artifacts: - path: /tmp/artifacts + - store_test_results: + path: /tmp/test-results/goss.xml - dgoss: - environment: - IMAGE_NAME: docker.pkg.github.com/splunk/splunk-connect-for-syslog/ci - GOSS_VER: v0.3.7 - GOSS_OPTS: "--max-concurrent=1 --format junit" - GOSS_FILES_STRATEGY: cp + - persist_to_workspace: + root: /tmp + paths: + - workspace - docker: - - image: circleci/buildpack-deps:stretch - steps: - - checkout - - setup_remote_docker: - docker_layer_caching: true - - run: - name: Docker Login - command: docker login docker.pkg.github.com --username $GITHUB_USER --password $GITHUB_TOKEN - - run: - name: Docker pull - command: docker pull $IMAGE_NAME:$CIRCLE_SHA1 - - run: - name: Install goss - command: | - # rather than give internet scripts SU rights, we install to local user bin and add to path - curl -fsSL https://goss.rocks/install | GOSS_VER=v0.3.7 sudo sh - goss -version - - run: - name: Test Docker - command: | - mkdir -p ~/project/test-results - # Don't forget path! - export PATH=$PATH:~/bin - pushd package - GOSS_FMT_OPTIONS="perfdata verbose" GOSS_FILES_STRATEGY=cp GOSS_OPTS="--max-concurrent=1 --format junit" dgoss run -t $IMAGE_NAME:$CIRCLE_SHA1 3>&1 1>&2 2>&3 > /tmp/goss.tmp || true ; cat /tmp/goss.tmp | grep -v "<" - popd - cat /tmp/goss.tmp | grep "[<\>]" > ~/project/test-results/goss.xml - - store_test_results: - path: test-results test-unit: - environment: - IMAGE_NAME: docker.pkg.github.com/splunk/splunk-connect-for-syslog/ci docker: - - image: circleci/buildpack-deps:stretch + - image: circleci/buildpack-deps:18.04 + environment: + REGISTRY: docker.pkg.github.com + CI_IMAGE: splunk/splunk-connect-for-syslog/ci steps: - setup_remote_docker: docker_layer_caching: true - checkout - run: git submodule sync - run: git submodule update --init --recursive - - run: - name: Docker Login - command: docker login docker.pkg.github.com --username $GITHUB_USER --password $GITHUB_TOKEN - - run: - name: Docker pull - command: docker-compose pull + + - docker/install-docker-tools + - docker/check: + registry: $REGISTRY + docker-username: GITHUB_USER + docker-password: GITHUB_TOKEN - run: name: Setup test volume command: | - mkdir test-results + mkdir /tmp/test-results docker volume create sc4s-tests docker volume create sc4s-results @@ -136,6 +121,7 @@ jobs: - run: name: Docker Compose up command: | + export IMAGE_NAME=$CIRCLE_PROJECT_REPONAME docker-compose -f ./docker-compose-ci.yml up -d splunk sleep 70 docker-compose -f ./docker-compose-ci.yml up --abort-on-container-exit @@ -147,307 +133,253 @@ jobs: -v sc4s-results:/work/test-results \ registry.access.redhat.com/ubi7/ubi - docker cp dummy:/work/test-results/functional test-results + docker cp dummy:/work/test-results/functional /tmp/test-results docker rm dummy when: always - store_test_results: - path: test-results + path: /tmp/test-results + test-scan-synk: docker: - - image: 'circleci/buildpack-deps:stable' + - image: circleci/buildpack-deps:18.04 environment: - IMAGE_NAME: docker.pkg.github.com/splunk/splunk-connect-for-syslog/ci + REGISTRY: docker.pkg.github.com + CI_IMAGE: splunk/splunk-connect-for-syslog/ci steps: - - checkout - - setup_remote_docker: - docker_layer_caching: true - - run: - name: Docker Login - command: docker login docker.pkg.github.com --username $GITHUB_USER --password $GITHUB_TOKEN - - run: docker pull $IMAGE_NAME:$CIRCLE_SHA1 - - snyk/scan: - docker-image-name: $IMAGE_NAME:$CIRCLE_SHA1 - test-scan-clair: + - setup_remote_docker: + docker_layer_caching: true + - checkout + - run: git submodule sync + - run: git submodule update --init --recursive + - docker/check: + registry: $REGISTRY + docker-username: GITHUB_USER + docker-password: GITHUB_TOKEN + - run: docker pull $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 + - snyk/scan: + docker-image-name: $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 + target-file: package/Dockerfile + project: '${CIRCLE_PROJECT_REPONAME}/${CIRCLE_BRANCH}-container' + + test-scan-synk-nomonitor: docker: - - image: 'docker:stable' + - image: circleci/buildpack-deps:18.04 environment: - IMAGE_NAME: docker.pkg.github.com/splunk/splunk-connect-for-syslog/ci + REGISTRY: docker.pkg.github.com + CI_IMAGE: splunk/splunk-connect-for-syslog/ci steps: - - checkout - setup_remote_docker: docker_layer_caching: true - - run: - name: "Vulnerability scan" - command: | - - - store_artifacts: - path: clair-reports - + - checkout + - docker/check: + registry: $REGISTRY + docker-username: GITHUB_USER + docker-password: GITHUB_TOKEN + - run: docker pull $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 + - run: git submodule sync + - run: git submodule update --init --recursive + - snyk/scan: + docker-image-name: $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 + target-file: package/Dockerfile + project: '${CIRCLE_PROJECT_REPONAME}/${CIRCLE_BRANCH}-container' + monitor-on-build: false - publish-edge: - environment: - IMAGE_NAME: docker.pkg.github.com/splunk/splunk-connect-for-syslog/ci - PUBLIC_IMAGE_NAME: docker.pkg.github.com/splunk/splunk-connect-for-syslog/releases + publish-branch: docker: - #- image: circleci/buildpack-deps:stretch - - image: circleci/golang:latest + - image: circleci/buildpack-deps:18.04 + environment: + REGISTRY: docker.pkg.github.com + CI_IMAGE: splunk/splunk-connect-for-syslog/ci + REGISTRY_PUBLIC: docker.pkg.github.com + PUBLIC_IMAGE: splunk/splunk-connect-for-syslog/releases steps: - setup_remote_docker: docker_layer_caching: true - checkout - - run: - name: Create Directory - command: mkdir /tmp/artifacts - - run: - name: Docker Login - command: docker login docker.pkg.github.com --username $GITHUB_USER --password $GITHUB_TOKEN - - run: - name: Docker pull - command: docker pull $IMAGE_NAME:$CIRCLE_SHA1 - - run: - name: Docker tag image - command: docker tag $IMAGE_NAME:$CIRCLE_SHA1 $PUBLIC_IMAGE_NAME:edge - - run: - name: Docker push tag - command: docker push $PUBLIC_IMAGE_NAME:edge + - docker/check: + registry: $REGISTRY + docker-username: GITHUB_USER + docker-password: GITHUB_TOKEN + - run: docker pull $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 + - run: | + CIRCLE_BRANCH_CLEAN=$(echo ${CIRCLE_BRANCH} | sed 's/[^a-zA-Z0-9\._-]//g') + if [ -n "${CIRCLE_TAG}" ]; then DOCKER_TAG=${CIRCLE_TAG}; else DOCKER_TAG="${CIRCLE_BRANCH_CLEAN}"; fi + if [ -n "${CIRCLE_TAG}" ]; then VERSION=${CIRCLE_TAG}; else VERSION="${CIRCLE_BRANCH_CLEAN}@${CIRCLE_SHA1:0:6}"; fi + echo docker tag $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 -t $REGISTRY_PUBLIC/$PUBLIC_IMAGE:$DOCKER_TAG + docker tag $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 $REGISTRY_PUBLIC/$PUBLIC_IMAGE:$DOCKER_TAG + docker push $REGISTRY_PUBLIC/$PUBLIC_IMAGE:$DOCKER_TAG - - run: - name: Docker Save - command: | - docker save $IMAGE_NAME:$CIRCLE_SHA1 | gzip -c > /tmp/artifacts/oci_container.tar.gz - - run: - name: BYOE Config - command: | - tar rvf /tmp/artifacts/baremetal.tar -C package etc - tar rvf /tmp/artifacts/baremetal.tar -C package/sbin entrypoint.sh - - - run: - name: "Publish Release on GitHub" - command: | - go get -u github.com/tcnksm/ghr - SEMVER=$(docker run --rm -v "$(pwd):/repo" gittools/gitversion:latest-linux-netcoreapp2.1 /repo /showvariable SemVer /nofetch) - ghr -t ${GITHUB_TOKEN} -u ${CIRCLE_PROJECT_USERNAME} -r ${CIRCLE_PROJECT_REPONAME} -c ${CIRCLE_SHA1} -delete edge /tmp/artifacts/ - - publish-version: - machine: - image: ubuntu-1604:201903-01 - docker_layer_caching: true # default - false + publish-edge: + docker: + - image: circleci/buildpack-deps:18.04 environment: - IMAGE_NAME: docker.pkg.github.com/splunk/splunk-connect-for-syslog/ci - PUBLIC_IMAGE_NAME: docker.pkg.github.com/splunk/splunk-connect-for-syslog/releases + REGISTRY: docker.pkg.github.com + CI_IMAGE: splunk/splunk-connect-for-syslog/ci + REGISTRY_PUBLIC: docker.pkg.github.com + PUBLIC_IMAGE: splunk/splunk-connect-for-syslog/releases steps: - + - setup_remote_docker: + docker_layer_caching: true - checkout - - - run: - name: Create Directory - command: mkdir /tmp/artifacts - - run: - name: Docker Login - command: | - docker login docker.pkg.github.com --username $GITHUB_USER --password $GITHUB_TOKEN - docker pull $IMAGE_NAME:$CIRCLE_SHA1 - - - run: - name: Docker tag image - command: | - SEMVER=$(docker run --rm -v "$(pwd):/repo" gittools/gitversion:latest-linux-netcoreapp2.1 /repo /showvariable SemVer /nofetch) - docker tag $IMAGE_NAME:$CIRCLE_SHA1 $PUBLIC_IMAGE_NAME:$SEMVER - docker push $PUBLIC_IMAGE_NAME:$SEMVER - - - run: - name: Docker Save - command: | - SEMVER=$(docker run --rm -v "$(pwd):/repo" gittools/gitversion:latest-linux-netcoreapp2.1 /repo /showvariable SemVer /nofetch) - docker save $PUBLIC_IMAGE_NAME:$SEMVER | gzip -c > /tmp/artifacts/oci_container.tar.gz - - run: - name: BYOE Config - command: | - tar rvf /tmp/artifacts/baremetal.tar -C package etc - tar rvf /tmp/artifacts/baremetal.tar -C package/sbin entrypoint.sh - - run: - name: "Publish Release on GitHub" + - docker/check: + registry: $REGISTRY + docker-username: GITHUB_USER + docker-password: GITHUB_TOKEN + - run: docker pull $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 + - run: docker tag $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 $REGISTRY/$PUBLIC_IMAGE:edge + - docker/push: + registry: $REGISTRY + image: $PUBLIC_IMAGE + tag: edge + - docker/check: + docker-username: DOCKER_USER + docker-password: DOCKER_PASS + - run: docker tag $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 splunk/scs:edge + - docker/push: + image: splunk/scs + tag: edge + - go/install + - attach_workspace: + at: /tmp + - run: + name: "Publish edge on GitHub" command: | - go get -u github.com/tcnksm/ghr - SEMVER=$(docker run --rm -v "$(pwd):/repo" gittools/gitversion:latest-linux-netcoreapp2.1 /repo /showvariable SemVer /nofetch) - ghr -t ${GITHUB_TOKEN} -u ${CIRCLE_PROJECT_USERNAME} -r ${CIRCLE_PROJECT_REPONAME} -c ${CIRCLE_SHA1} -delete ${SEMVER} /tmp/artifacts/ - + PATH=$PATH:/usr/local/go/bin + go get -v -u github.com/tcnksm/ghr + $HOME/go/bin/ghr -t ${GITHUB_TOKEN} -u ${CIRCLE_PROJECT_USERNAME} -r ${CIRCLE_PROJECT_REPONAME} -c ${CIRCLE_SHA1} -prerelease -delete edge /tmp/workspace/ + - store_artifacts: + path: /tmp/workspace/ publish-latest: - environment: - IMAGE_NAME: docker.pkg.github.com/splunk/splunk-connect-for-syslog/ci - PUBLIC_IMAGE_NAME: docker.pkg.github.com/splunk/splunk-connect-for-syslog/releases docker: - #- image: circleci/buildpack-deps:stretch - - image: circleci/golang:latest + - image: circleci/buildpack-deps:18.04 + environment: + REGISTRY: docker.pkg.github.com + CI_IMAGE: splunk/splunk-connect-for-syslog/ci + REGISTRY_PUBLIC: docker.pkg.github.com + PUBLIC_IMAGE: splunk/splunk-connect-for-syslog/releases + steps: - setup_remote_docker: docker_layer_caching: true - checkout - - run: - name: Create Directory - command: mkdir /tmp/artifacts - - run: - name: Docker Login - command: docker login docker.pkg.github.com --username $GITHUB_USER --password $GITHUB_TOKEN - - run: - name: Docker pull - command: docker pull $IMAGE_NAME:$CIRCLE_SHA1 - - run: - name: Docker tag image - command: docker tag $IMAGE_NAME:$CIRCLE_SHA1 $PUBLIC_IMAGE_NAME:latest - - run: - name: Docker push tag - command: docker push $PUBLIC_IMAGE_NAME:latest + - docker/check: + registry: $REGISTRY + docker-username: GITHUB_USER + docker-password: GITHUB_TOKEN + - run: docker pull $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 + - run: docker tag $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 $REGISTRY/$PUBLIC_IMAGE:latest + - docker/push: + registry: $REGISTRY + image: $PUBLIC_IMAGE + tag: latest + - docker/check: + docker-username: DOCKER_USER + docker-password: DOCKER_PASS + - run: docker tag $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 splunk/scs:latest + - docker/push: + image: splunk/scs + tag: latest + - go/install + - attach_workspace: + at: /tmp - run: - name: Docker Save + name: "Publish edge on GitHub" command: | - docker save $IMAGE_NAME:$CIRCLE_SHA1 | gzip -c > /tmp/artifacts/oci_container.tar.gz - - run: - name: BYOE Config - command: | - tar rvf /tmp/artifacts/baremetal.tar -C package etc - tar rvf /tmp/artifacts/baremetal.tar -C package/sbin entrypoint.sh - - - run: - name: "Publish Release on GitHub" - command: | - go get -u github.com/tcnksm/ghr - SEMVER=$(docker run --rm -v "$(pwd):/repo" gittools/gitversion:latest-linux-netcoreapp2.1 /repo /showvariable SemVer /nofetch) - ghr -t ${GITHUB_TOKEN} -u ${CIRCLE_PROJECT_USERNAME} -r ${CIRCLE_PROJECT_REPONAME} -c ${CIRCLE_SHA1} -delete latest /tmp/artifacts/ - - - dockerhub-version: - machine: - image: ubuntu-1604:201903-01 - docker_layer_caching: true # default - false - environment: - IMAGE_NAME: docker.pkg.github.com/splunk/splunk-connect-for-syslog/ci - PUBLIC_IMAGE_NAME: splunk/scs - steps: - - - checkout - - - run: - name: Create Directory - command: mkdir artifacts - - run: - name: Docker Login - command: | - docker login docker.pkg.github.com --username $GITHUB_USER --password $GITHUB_TOKEN - docker pull $IMAGE_NAME:$CIRCLE_SHA1 - - run: - name: Docker tag image - command: | - SEMVER=$(docker run --rm -v "$(pwd):/repo" gittools/gitversion:latest-linux-netcoreapp2.1 /repo /showvariable SemVer /nofetch) - docker login -u $DOCKER_USER -p $DOCKER_PASS - docker tag $IMAGE_NAME:$CIRCLE_SHA1 $PUBLIC_IMAGE_NAME:$SEMVER - docker push $PUBLIC_IMAGE_NAME:$SEMVER + PATH=$PATH:/usr/local/go/bin + go get -v -u github.com/tcnksm/ghr + $HOME/go/bin/ghr -t ${GITHUB_TOKEN} -u ${CIRCLE_PROJECT_USERNAME} -r ${CIRCLE_PROJECT_REPONAME} -c ${CIRCLE_SHA1} -delete latest /tmp/workspace/ + - store_artifacts: + path: /tmp/workspace/ - dockerhub-edge: - environment: - IMAGE_NAME: docker.pkg.github.com/splunk/splunk-connect-for-syslog/ci - PUBLIC_IMAGE_NAME: splunk/scs + publish-tag: docker: - - image: circleci/buildpack-deps:stretch - steps: - - setup_remote_docker: - docker_layer_caching: true - - run: - name: Create Directory - command: mkdir /tmp/artifacts - - run: - name: Docker Login - command: docker login docker.pkg.github.com --username $GITHUB_USER --password $GITHUB_TOKEN - - run: - name: Docker pull - command: docker pull $IMAGE_NAME:$CIRCLE_SHA1 - - run: - name: Docker Login - command: docker login -u $DOCKER_USER -p $DOCKER_PASS - - run: - name: Docker tag image - command: docker tag $IMAGE_NAME:$CIRCLE_SHA1 $PUBLIC_IMAGE_NAME:edge - - run: - name: Docker push tag - command: docker push $PUBLIC_IMAGE_NAME:edge - - dockerhub-latest: + - image: circleci/buildpack-deps:18.04 environment: - IMAGE_NAME: docker.pkg.github.com/splunk/splunk-connect-for-syslog/ci - PUBLIC_IMAGE_NAME: splunk/scs - docker: - - image: circleci/buildpack-deps:stretch + REGISTRY: docker.pkg.github.com + CI_IMAGE: splunk/splunk-connect-for-syslog/ci + REGISTRY_PUBLIC: docker.pkg.github.com + PUBLIC_IMAGE: splunk/splunk-connect-for-syslog/releases + steps: - setup_remote_docker: docker_layer_caching: true - - run: - name: Create Directory - command: mkdir /tmp/artifacts - - run: - name: Docker Login - command: docker login docker.pkg.github.com --username $GITHUB_USER --password $GITHUB_TOKEN - - run: - name: Docker pull - command: docker pull $IMAGE_NAME:$CIRCLE_SHA1 - - run: - name: Docker Login - command: docker login -u $DOCKER_USER -p $DOCKER_PASS - - run: - name: Docker tag image - command: docker tag $IMAGE_NAME:$CIRCLE_SHA1 $PUBLIC_IMAGE_NAME:latest - - run: - name: Docker push tag - command: docker push $PUBLIC_IMAGE_NAME:latest + - checkout + - docker/check: + registry: $REGISTRY + docker-username: GITHUB_USER + docker-password: GITHUB_TOKEN + - run: docker pull $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 + - run: | + CIRCLE_BRANCH_CLEAN=$(echo ${CIRCLE_BRANCH} | sed 's/[^a-zA-Z0-9\._-]//g') + if [ -n "${CIRCLE_TAG}" ]; then DOCKER_TAG=${CIRCLE_TAG}; else DOCKER_TAG="${CIRCLE_BRANCH_CLEAN}"; fi + if [ -n "${CIRCLE_TAG}" ]; then VERSION=${CIRCLE_TAG}; else VERSION="${CIRCLE_BRANCH_CLEAN}@${CIRCLE_SHA1:0:6}"; fi + docker tag $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 $REGISTRY/$PUBLIC_IMAGE:$DOCKER_TAG + docker push $REGISTRY/$PUBLIC_IMAGE:$DOCKER_TAG + - docker/check: + docker-username: DOCKER_USER + docker-password: DOCKER_PASS + - run: | + CIRCLE_BRANCH_CLEAN=$(echo ${CIRCLE_BRANCH} | sed 's/[^a-zA-Z0-9\._-]//g') + if [ -n "${CIRCLE_TAG}" ]; then DOCKER_TAG=${CIRCLE_TAG}; else DOCKER_TAG="${CIRCLE_BRANCH_CLEAN}"; fi + if [ -n "${CIRCLE_TAG}" ]; then VERSION=${CIRCLE_TAG}; else VERSION="${CIRCLE_BRANCH_CLEAN}@${CIRCLE_SHA1:0:6}"; fi + docker tag $REGISTRY/$CI_IMAGE:$CIRCLE_SHA1 splunk/scs:$DOCKER_TAG + docker push splunk/scs:$DOCKER_TAG + + - go/install + - attach_workspace: + at: /tmp + - run: + name: "Publish edge on GitHub" + command: | + PATH=$PATH:/usr/local/go/bin + go get -v -u github.com/tcnksm/ghr + CIRCLE_BRANCH_CLEAN=$(echo ${CIRCLE_BRANCH} | sed 's/[^a-zA-Z0-9\._-]//g') + if [ -n "${CIRCLE_TAG}" ]; then DOCKER_TAG=${CIRCLE_TAG}; else DOCKER_TAG="${CIRCLE_BRANCH_CLEAN}"; fi + if [ -n "${CIRCLE_TAG}" ]; then VERSION=${CIRCLE_TAG}; else VERSION="${CIRCLE_BRANCH_CLEAN}@${CIRCLE_SHA1:0:6}"; fi + $HOME/go/bin/ghr -t ${GITHUB_TOKEN} -u ${CIRCLE_PROJECT_USERNAME} -r ${CIRCLE_PROJECT_REPONAME} -c ${CIRCLE_SHA1} -delete $VERSION /tmp/workspace/ + - store_artifacts: + path: /tmp/workspace/ workflows: version: 2 build-branches: jobs: - build - - dgoss: - requires: - - build - test-unit: requires: - build - test-scan-synk: requires: - build -#Clair scanner image is broken using synk for now -# - test-scan-clair: -# requires: -# - build - - publish-edge: - requires: - - dgoss - - test-unit filters: branches: only: - - develop - - publish-latest: + - master + - test-scan-synk-nomonitor: requires: - - dgoss - - test-unit + - build filters: branches: - only: + ignore: - master - - dockerhub-edge: + - publish-branch: + requires: + - build + - publish-edge: requires: - - dgoss + - build - test-unit filters: branches: only: - develop - - dockerhub-latest: + - publish-latest: requires: - - dgoss + - build - test-unit filters: branches: @@ -461,14 +393,6 @@ workflows: only: /^\d*\.\d*\.\d*.*$/ branches: ignore: /.*/ - - dgoss: - filters: - tags: - only: /^\d*\.\d*\.\d*.*$/ - branches: - ignore: /.*/ - requires: - - build - test-unit: filters: tags: @@ -485,21 +409,13 @@ workflows: ignore: /.*/ requires: - build - - publish-version: - filters: - tags: - only: /^\d*\.\d*\.\d*.*$/ - branches: - ignore: /.*/ + - publish-tag: requires: - - dgoss + - build - test-unit - - dockerhub-version: + - test-scan-synk filters: tags: only: /^\d*\.\d*\.\d*.*$/ branches: - ignore: /.*/ - requires: - - dgoss - - test-unit \ No newline at end of file + ignore: /.*/ \ No newline at end of file diff --git a/docker-compose-ci.yml b/docker-compose-ci.yml index b4bb66d..6028e6e 100644 --- a/docker-compose-ci.yml +++ b/docker-compose-ci.yml @@ -19,7 +19,7 @@ services: - SPLUNK_PASSWORD=${SPLUNK_PASSWORD} sc4s: - image: ${IMAGE_NAME}:${CIRCLE_SHA1} + image: ${REGISTRY}/${CI_IMAGE}:${CIRCLE_SHA1} hostname: sc4s ports: - "514"