Update configv1.0.0

1 files changed, 101 insertions, 194 deletions

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index cbe34ca..653ba6d 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,218 +1,125 @@
-image: alpine:latest
+# When using dind, it's wise to use the overlayfs driver for
+# improved performance.
+variables:
+  DOCKER_DRIVER: overlay2
+  MAJOR: 1
+
+services:
+  - docker:stable-dind
 
 stages:
   - build
-  - test
-  - release
+  # - test
+  - deploy
 
-build:
+.build:
+  image: docker:stable
   stage: build
-  image: docker:stable-git
-  services:
-  - docker:stable-dind
-  variables:
-    DOCKER_DRIVER: overlay2
   script:
-    - setup_docker
-    - build
+    - docker info
+    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
+    - export IMAGE=$CI_REGISTRY_IMAGE:$IMAGE_TAG
+    - docker build -t $IMAGE .
+    # TODO: Remove this, move to QA as this is not really test
+    - docker run $IMAGE test
+    - docker push $IMAGE
+
+build branch:
+  extends: .build
+  variables:
+    IMAGE_TAG: $CI_COMMIT_REF_SLUG
   only:
     - branches
+  except:
+    - master
 
-test:
-  stage: test
-  image: docker:stable
-  services:
-    - docker:stable-dind
-  script:
-    - docker run "$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA" test
+build edge:
+  extends: .build
+  variables:
+    IMAGE_TAG: edge
   only:
-    - branches
+    - master
 
-release-latest-and-next-version:
-  stage: release
-  image: docker:stable
-  services:
-    - docker:stable-dind
+build tag:
+  extends: .build
+  before_script:
+    - export IMAGE_TAG=${CI_COMMIT_TAG/v/}
+  only:
+    - tags
+
+build major:
+  extends: .build
   variables:
-    DOCKER_DRIVER: overlay2
-  script:
-    - setup_docker
-    - echo "Logging to GitLab Container Registry with CI credentials..."
-    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
-    - echo "Pulling Docker image..."
-    - docker pull "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG"
-    - echo "Tagging image"
-    - docker tag "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" "$CI_REGISTRY_IMAGE:latest"
-    - echo "Pushing to GitLab Container Registry..."
-    - docker push "$CI_REGISTRY_IMAGE:latest"
-    - docker tag "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" "$CI_REGISTRY_IMAGE:$(cat VERSION)"
-    - echo "Pushing to GitLab Container Registry..."
-    - docker push "$CI_REGISTRY_IMAGE:$(cat VERSION)"
+    IMAGE_TAG: $MAJOR
   only:
-    - master
+    - tags
+  when: manual
+  allow_failure: false
 
-release-stable:
-  stage: release
+tag latest:
   image: docker:stable
-  services:
-    - docker:stable-dind
-  variables:
-    DOCKER_DRIVER: overlay2
+  stage: deploy
+  before_script:
+    - docker info
+    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
+    - export SOURCE_IMAGE=$CI_REGISTRY_IMAGE:$MAJOR
+    - export TARGET_IMAGE=$CI_REGISTRY_IMAGE:latest
   script:
-    - setup_docker
-    - echo "Logging to GitLab Container Registry with CI credentials..."
-    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
-    - echo "Pulling Docker image..."
-    - docker pull "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG"
-    - echo "Tagging image"
-    - docker tag "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
-    - echo "Pushing to GitLab Container Registry..."
-    - docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
+    - docker pull $SOURCE_IMAGE
+    - docker tag $SOURCE_IMAGE $TARGET_IMAGE
+    - docker push $TARGET_IMAGE
   only:
-    - /^\d+-\d+-stable$/
+    - tags
 
-code_quality:
+.deploy:
   image: docker:stable
-  variables:
-    DOCKER_DRIVER: overlay2
-  allow_failure: true
-  services:
-    - docker:stable-dind
+  stage: deploy
+  before_script:
+    - docker info
+    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
+    - export IMAGE=$CI_REGISTRY_IMAGE:$CI_JOB_NAME
   script:
-    - setup_docker
-    - codeclimate
-  artifacts:
-    paths: [gl-code-quality-report.json]
+    - docker build -t $IMAGE -f $DOCKERFILE .
+    - docker push $IMAGE
+  only:
+    - tags
 
-container_scanning:
-  image: docker:stable
+11-7-stable:
+  extends: .deploy
   variables:
-    DOCKER_DRIVER: overlay2
-  allow_failure: true
-  services:
-    - docker:stable-dind
-  script:
-    - setup_docker
-    - sast_container
-  artifacts:
-    paths: [gl-container-scanning-report.json]
-
-# ---------------------------------------------------------------------------
-
-.auto_devops: &auto_devops |
-  # Auto DevOps variables and functions
-  [[ "$TRACE" ]] && set -x
-  auto_database_url=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${CI_ENVIRONMENT_SLUG}-postgres:5432/${POSTGRES_DB}
-  export DATABASE_URL=${DATABASE_URL-$auto_database_url}
-  export CI_APPLICATION_REPOSITORY=$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG
-  export CI_APPLICATION_TAG=$CI_COMMIT_SHA
-  export CI_CONTAINER_NAME=ci_job_build_${CI_JOB_ID}
-  export TILLER_NAMESPACE=$KUBE_NAMESPACE
-  # Extract "MAJOR.MINOR" from CI_SERVER_VERSION and generate "MAJOR-MINOR-stable" for Security Products
-  export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
-
-  function sast_container() {
-    if [[ -n "$CI_REGISTRY_USER" ]]; then
-      echo "Logging to GitLab Container Registry with CI credentials..."
-      docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
-      echo ""
-    fi
-
-    docker run -d --name db arminc/clair-db:latest
-    docker run -p 6060:6060 --link db:postgres -d --name clair --restart on-failure arminc/clair-local-scan:v2.0.1
-    apk add -U wget ca-certificates
-    docker pull ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG}
-    wget https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64
-    mv clair-scanner_linux_amd64 clair-scanner
-    chmod +x clair-scanner
-    touch clair-whitelist.yml
-    retries=0
-    echo "Waiting for clair daemon to start"
-    while( ! wget -T 10 -q -O /dev/null http://docker:6060/v1/namespaces ) ; do sleep 1 ; echo -n "." ; if [ $retries -eq 10 ] ; then echo " Timeout, aborting." ; exit 1 ; fi ; retries=$(($retries+1)) ; done
-    ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-container-report.json -l clair.log -w clair-whitelist.yml ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG} || true
-  }
-
-  function codeclimate() {
-    docker run --env SOURCE_CODE="$PWD" \
-               --volume "$PWD":/code \
-               --volume /var/run/docker.sock:/var/run/docker.sock \
-               "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
-  }
-
-  function sast() {
-    case "$CI_SERVER_VERSION" in
-      *-ee)
-
-        # Deprecation notice for CONFIDENCE_LEVEL variable
-        if [ -z "$SAST_CONFIDENCE_LEVEL" -a "$CONFIDENCE_LEVEL" ]; then
-          SAST_CONFIDENCE_LEVEL="$CONFIDENCE_LEVEL"
-          echo "WARNING: CONFIDENCE_LEVEL is deprecated and MUST be replaced with SAST_CONFIDENCE_LEVEL"
-        fi
-
-        docker run --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}" \
-                   --volume "$PWD:/code" \
-                   --volume /var/run/docker.sock:/var/run/docker.sock \
-                   "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
-        ;;
-      *)
-        echo "GitLab EE is required"
-        ;;
-    esac
-  }
-
-  function dependency_scanning() {
-    case "$CI_SERVER_VERSION" in
-      *-ee)
-        docker run --env DEP_SCAN_DISABLE_REMOTE_CHECKS="${DEP_SCAN_DISABLE_REMOTE_CHECKS:-false}" \
-                   --volume "$PWD:/code" \
-                   --volume /var/run/docker.sock:/var/run/docker.sock \
-                   "registry.gitlab.com/gitlab-org/security-products/dependency-scanning:$SP_VERSION" /code
-        ;;
-      *)
-        echo "GitLab EE is required"
-        ;;
-    esac
-  }
-
-  function setup_docker() {
-    if ! docker info &>/dev/null; then
-      if [ -z "$DOCKER_HOST" -a "$KUBERNETES_PORT" ]; then
-        export DOCKER_HOST='tcp://localhost:2375'
-      fi
-    fi
-  }
-
-  function build() {
-
-    if [[ -n "$CI_REGISTRY_USER" ]]; then
-      echo "Logging to GitLab Container Registry with CI credentials..."
-      docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
-      echo ""
-    fi
-
-    if [[ -f Dockerfile ]]; then
-      echo "Building Dockerfile-based application..."
-      docker build -t "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" .
-    else
-      echo "Building Heroku-based application using gliderlabs/herokuish docker image..."
-      docker run -i --name="$CI_CONTAINER_NAME" -v "$(pwd):/tmp/app:ro" gliderlabs/herokuish /bin/herokuish buildpack build
-      docker commit "$CI_CONTAINER_NAME" "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG"
-      docker rm "$CI_CONTAINER_NAME" >/dev/null
-      echo ""
-
-      echo "Configuring $CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG docker image..."
-      docker create --expose 5000 --env PORT=5000 --name="$CI_CONTAINER_NAME" "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" /bin/herokuish procfile start web
-      docker commit "$CI_CONTAINER_NAME" "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG"
-      docker rm "$CI_CONTAINER_NAME" >/dev/null
-      echo ""
-    fi
-
-    echo "Pushing to GitLab Container Registry..."
-    docker push "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG"
-    echo ""
-  }
-
-before_script:
-  - *auto_devops
+    DOCKERFILE: Dockerfile.v1
 
+11-6-stable:
+  extends: .deploy
+  variables:
+    DOCKERFILE: Dockerfile.v1
+
+11-5-stable:
+  extends: .deploy
+  variables:
+    DOCKERFILE: Dockerfile.v1
 
+11-4-stable:
+  extends: .deploy
+  variables:
+    DOCKERFILE: Dockerfile.v1
+
+11-3-stable:
+  extends: .deploy
+  variables:
+    DOCKERFILE: Dockerfile.v1
+
+11-2-stable:
+  extends: .deploy
+  variables:
+    DOCKERFILE: Dockerfile.v1
+
+11-1-stable:
+  extends: .deploy
+  variables:
+    DOCKERFILE: Dockerfile.v1
+
+11-0-stable:
+  extends: .deploy
+  variables:
+    DOCKERFILE: Dockerfile.v1