-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.gitlab-ci.yml
112 lines (105 loc) · 3.58 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
include:
- file: /Scan/trivy.yml
project: jitesoft/gitlab-ci-lib
stages:
- download
- build
- containerize
- scan
download:
stage: download
image: registry.gitlab.com/jitesoft/dockerfiles/alpine:latest
script:
- apk add --no-cache grep sed
- HTML=$(wget -qO - https://github.com/ruby/ruby/releases)
- VERSION=$(echo ${HTML} | grep -oP 'v2_6_(\d)' | awk 'NR==1{print $1}')
- NICE_VERSION=$(echo ${VERSION} | sed -r 's/_/./g')
- printf ${NICE_VERSION} > version.txt
- wget https://github.com/ruby/ruby/archive/${VERSION}.tar.gz -O ruby.tar.gz
artifacts:
paths:
- ruby.tar.gz
- version.txt
.build:src:
needs:
- download
stage: build
image: registry.gitlab.com/jitesoft/dockerfiles/alpine:3.11 # For now, 3.11
before_script:
- apk add --no-cache autoconf gcc musl-dev build-base binutils-gold ruby zlib-dev openssl-dev ncurses-dev readline-dev libxml2-dev glib-dev libc-dev libxslt-dev linux-headers dpkg-dev ca-certificates bison gdbm-dev yaml-dev libffi-dev make git ccache g++
- mkdir -p src out/${DOCKER_ARCH}
script:
- mkdir -p /usr/local/etc
- |
echo 'install: --no-document' >> /usr/local/etc/gemrc;
echo 'update: --no-document' >> /usr/local/etc/gemrc;
- export PATH="/usr/lib/ccache/bin:$PATH"
- tar -xzhf ruby.tar.gz -C src/ --strip-components=1
- cd src
# Patch to make the container usable! https://github.com/docker-library/ruby/blob/5c9e21cbf79b7f36d505555c9ecd62cf0f7e07f8/2.6/alpine3.10/Dockerfile#L61
- wget -O 'thread-stack-fix.patch' 'https://bugs.ruby-lang.org/attachments/download/7081/0001-thread_pthread.c-make-get_main_stack-portable-on-lin.patch'
- echo '3ab628a51d92fdf0d2b5835e93564857aea73e0c1de00313864a94a6255cb645 *thread-stack-fix.patch' | sha256sum -c
- patch -p1 -i thread-stack-fix.patch
- rm thread-stack-fix.patch
- ccache -s
- autoconf
- export ac_cv_func_isnan=yes ac_cv_func_isinf=yes
- ./configure --prefix=/usr/local --enable-load-relative --host="${ARCH}-linux-musl" --disable-install-doc --enable-shared
- make
- make install
- ccache -s
- $(cd /usr/local && tar -czf /tmp/ruby.tar.gz *)
- cd ..
- mv version.txt out/version.txt
- mv /tmp/ruby.tar.gz out/${DOCKER_ARCH}/ruby.tar.gz
cache:
paths:
- ccache/
key: ruby.build.ccache-${DOCKER_ARCH}
artifacts:
paths:
- out/
expire_in: 1 hour
build:src:amd64:
extends: .build:src
variables:
DOCKER_ARCH: "amd64"
ARCH: "x86_64"
CCACHE_DIR: "${CI_PROJECT_DIR}/ccache"
tags:
- native-amd64
build:src:arm64:
extends: .build:src
variables:
DOCKER_ARCH: "arm64"
ARCH: "aarch64"
CCACHE_DIR: "${CI_PROJECT_DIR}/ccache"
tags:
- native-aarch64
containerize:
stage: containerize
needs:
- build:src:amd64
- build:src:arm64
image: registry.gitlab.com/jitesoft/dockerfiles/misc:latest
script:
- VERSION=$(cat out/version.txt)
- VERSION_SHORT=$(echo ${VERSION} | cut -d'.' -f1-2)
- VERSION_SHORTER=$(echo ${VERSION} | cut -d'.' -f1)
- TAGS=$(helper "${CI_REGISTRY_IMAGE},ghcr.io/jitesoft/ruby,jitesoft/ruby" "${VERSION},latest,${VERSION_SHORT},${VERSION_SHORTER}")
- docker buildx build --platform linux/arm64,linux/amd64 --progress plain --push ${TAGS} --build-arg VERSION=${VERSION} .
tags:
- buildx
- jitesoft
- protected
artifacts:
paths:
- out/version.txt
expire_in: 1 hour
scan:
extends: .container_scanning
needs:
- containerize
before_script:
- VERSION=$(cat out/version.txt)
- export SCANNING_IMAGE_NAME="${CI_REGISTRY_IMAGE}:${VERSION}"