Commit f35c91ff authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

ci: support custom TBC group as an alternative CI/CD configuration 

This change restores the working build for basic forking workflow on gitlab.com.
parent 9655b879

.gitlab-ci-namespaced.yml

0 → 100644
+115 −0
Original line number Diff line number Diff line 
# Alternative CI/CD configuration file when using TBC in a self-managed GitLab with a custom TBC root group (different from the default "to-be-continuous")

# ℹ️ The CI/CD configuration file can be selected in your project: Settings > CI/CD > General Pipelines > CI/CD Configuration File.

# ⚠️ Requires that the TBC_NAMESPACE variable be set as a server instance variable (recommended), group variable, or project variable.

include:

  # $TBC_NAMESPACE is a group variable; can be globally overridden

  # MkDocs template

  - project: '$TBC_NAMESPACE/mkdocs'

    ref: '2'

    file: '/templates/gitlab-ci-mkdocs.yml'



variables:

  MKD_SITE_DIR: "public"

  MKD_LYCHEE_ENABLED: "true"

  MKD_LYCHEE_ARGS: "README.md docs/ static/ --root-dir static"



  PAGES_PREFIX: "" # No prefix for main or master

  EXPIRE_IN: "never" # No expiration for main or master

  ENVIRONMENT_NAME: "production"



  CURL_JQ_IMAGE: "docker.io/badouralix/curl-jq:latest"

  DOCKER_TRIVY_IMAGE: "docker.io/aquasec/trivy:latest"



stages:

  - codegen

  - build

  - test

  - deploy

  - production



process-templates:

  image:

    name: $CURL_JQ_IMAGE

    entrypoint: [""]

  stage: .pre

  script:

    - ./process-templates.sh --token ${GITLAB_TOKEN:-$CI_JOB_TOKEN} --api ${GITLAB_API_V4_URL:-$CI_API_V4_URL} --json-out kicker-aggregated.json --doc-out ./docs

  artifacts:

    name: "aggregated kicker json from $CI_COMMIT_REF_SLUG"

    paths:

      - kicker-aggregated.json

      - tbc-default-images.out

      - mkdocs.yml

      - docs/ref/

      - docs/secu/



scan-images:

  image:

    name: $DOCKER_TRIVY_IMAGE

    entrypoint: [""]

  cache:

    key: "$CI_COMMIT_REF_SLUG-trivy"

    paths:

      - .cache

  stage: codegen

  before_script:

    # jq is required (to extract info from scan results and generate Triby badge)

    - apk add --no-cache jq

  script:

    - ./scan-images.sh

  artifacts:

    when: always

    paths:

      # - "reports/trivy-*"

      - docs/secu/

    # reports:

    #   container_scanning: "reports/trivy-*.gitlab.json"

  rules:

    # on prod branch: auto & allow failure

    - if: '$CI_COMMIT_REF_NAME =~ $PROD_REF'

      allow_failure: true

    # on non-prod branch: manual

    - if: '$CI_COMMIT_REF_NAME'

      when: manual

      allow_failure: true



# override lychee to run on build stage and to be non-failing

mkdocs-lychee:

  stage: build

  rules:

    - allow_failure: true



# publish on GitLab pages: only on master

pages:

  stage: deploy

  script:

    # copy landing page resources

    - cp -rf static/* public

    # copy tracking JavaScript

    - echo "$TRACKING_JS" > public/js/tracking.js

    # copy aggregated kicker descriptor

    - cp -rf kicker-aggregated.json public

    # generate build.info

    - echo -e "Build date= $(date)\nGit Commit Ref= $CI_COMMIT_REF_NAME\nGit Commit SHA= $CI_COMMIT_SHA\n" > public/build.info

    # compress static text resources

    - find public -type f -regex '.*\.\(htm\|html\|txt\|text\|js\|css\|json\)$' -exec gzip -f -k {} \;

    # not available in image

    # - find public -type f -regex '.*\.\(htm\|html\|txt\|text\|js\|css\|json\)$' -exec brotli -f -k {} \;

  pages:

    path_prefix: '$PAGES_PREFIX'

    expire_in: $EXPIRE_IN

  artifacts:

    name: "complete site from $CI_COMMIT_REF_SLUG"

    paths:

      - public

    expire_in: 1 day

  environment:

    name: '$ENVIRONMENT_NAME'

    url: $CI_PAGES_URL

  rules:

    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH # Run on main or master with default PAGES_PREFIX (empty)

    - if: $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH # Run on other branches with prefix CI_COMMIT_REF_SLUG

      variables:

        PAGES_PREFIX: '$CI_COMMIT_REF_SLUG' # Prefix with CI_COMMIT_REF_SLUG for other branches

        EXPIRE_IN: 4 hrs # Pages expire in 4 hours for other branches

        ENVIRONMENT_NAME: 'review/$CI_COMMIT_REF_SLUG'

.gitlab-ci.yml

+4 −6
Original line number Diff line number Diff line 
# Default CI/CD configuration file

# ℹ️ If you're using TBC in a self-managed GitLab with a custom TBC root group, use .gitlab-ci-namespaced.yml instead

include:

  # $TBC_NAMESPACE is a group variable; can be globally overridden

  # MkDocs template

  - project: '$TBC_NAMESPACE/mkdocs'

  - project: 'to-be-continuous/mkdocs'

    ref: '2'

    file: '/templates/gitlab-ci-mkdocs.yml'



variables:

  # Default value; can be globally overridden

  TBC_NAMESPACE: "to-be-continuous"



  MKD_SITE_DIR: "public"

  MKD_LYCHEE_ENABLED: "true"

  MKD_LYCHEE_ARGS: "README.md docs/ static/ --root-dir static"