Merge branch 'fvd/kaniko' into 'main'

Fvd/kaniko

See merge request ci/templates!3

.gitlab-ci.yml

@@ -0,0 +1,26 @@
+
+build-latest:
+  stage: build
+  image:
+      name: gcr.io/kaniko-project/executor:debug
+      entrypoint: [""]
+  script:
+    - mkdir -p /kaniko/.docker
+    - echo "{\"auths\":{\"${CI_REGISTRY}\":{\"auth\":\"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
+    - >-
+       for img in $(ls -1 images/*/Dockerfile | sed 's|^images/\(.*\)/Dockerfile|\1|g');do
+         /kaniko/executor \
+         --force \
+         --cache=true \
+         --context "${CI_PROJECT_DIR}/images/$img" \
+         --dockerfile "${CI_PROJECT_DIR}/images/$img/Dockerfile" \
+         --destination "${CI_REGISTRY_IMAGE}/$img:${CI_COMMIT_TAG}"
+       done
+# except:
+#   - tags
+  only:
+    changes:
+      - "images/*"
+      - "images/**/*"
+      - "images/**"
+

README.md

@@ -1 +1,3 @@
 # templates
+
+Some CI templates

images/flake8/Dockerfile

@@ -0,0 +1,3 @@
+FROM python:3-alpine
+
+RUN pip install flake8==3.8.3

tpl/docker-build.yml

@@ -0,0 +1,50 @@
+variables:
+  DOCKERFILE_LOCATION: '.'
+  DOCKERFILE_NAME: 'Dockerfile'
+
+
+dockerfile_lint:
+  stage: .pre
+  tags:
+    - docker-runner
+  image: hadolint/hadolint:latest-debian
+
+  allow_failure: true
+  before_script:
+    - 'cd $DOCKERFILE_LOCATION'
+  script:
+    - hadolint --ignore DL3008 --ignore DL3059 $DOCKERFILE_NAME
+
+
+.docker_build:
+  stage: build
+  tags:
+    - docker-build
+  variables:
+    GIT_SUBMODULE_STRATEGY: recursive
+  before_script:
+    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
+
+docker-build-tags:
+  extends: .docker_build
+  script:
+    - docker build --pull --build-arg CACHEBUST=$(date +%s) --build-arg CI_COMMIT_SHORT_SHA=$CI_COMMIT_SHORT_SHA -t "$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG" -f $DOCKERFILE_LOCATION/$DOCKERFILE_NAME $DOCKERFILE_LOCATION
+    - docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG"
+# Below is a nasty hack to also publish registry/xxxx/master:TAG
+# because else it's a shit show do deal with it on helm releases
+    - docker tag "$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG" "$CI_REGISTRY_IMAGE/master:$CI_COMMIT_TAG"
+    - docker push "$CI_REGISTRY_IMAGE/master:$CI_COMMIT_TAG"
+    - docker tag "$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG" "$CI_REGISTRY_IMAGE/main:$CI_COMMIT_TAG"
+    - docker push "$CI_REGISTRY_IMAGE/main:$CI_COMMIT_TAG"
+  only:
+    - tags
+
+docker-build:
+  extends: .docker_build
+  script:
+    - docker build --pull --build-arg CACHEBUST=$(date +%s) --build-arg CI_COMMIT_SHORT_SHA=$CI_COMMIT_SHORT_SHA -t "$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME:$CI_COMMIT_SHORT_SHA" -f $DOCKERFILE_LOCATION/$DOCKERFILE_NAME $DOCKERFILE_LOCATION
+    - docker push "$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME:$CI_COMMIT_SHORT_SHA"
+    - docker tag $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME:$CI_COMMIT_SHORT_SHA $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME:latest
+    - docker push "$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME:latest"
+  except:
+    - tags

tpl/python-check.yml

@@ -0,0 +1,9 @@
+python-check:
+  stage: test
+  image: registry.k3s.fr:443/ci/templates/flake8/master:latest
+  script:
+    - 'flake8 --ignore=E266,E303,E501,W391,E722,W503,F403,F405 --max-line-length=110 --show-source --statistics --exclude=versions,.git ./'
+  tags:
+    - docker-runner
+
+