updates, fixes and refactors

  - publish

variables:

  GITLAB_CI_FILES: "templates/gitlab-ci-packages.yml"

  GITLAB_CI_FILES: "templates/gitlab-ci-gitlab-package.yml"

  BASH_SHELLCHECK_FILES: "*.sh"

semantic-release:

# GitLab CI template for Gitlab Packages

# GitLab CI template for GitLab Package

This project implements a generic GitLab CI template for [Gitlab Package Registry](https://docs.gitlab.com/ee/user/packages/package_registry/index.html).

It provides several features, usable in different modes (by configuration).

This project implements a GitLab CI/CD template to publish artifacts to GitLab's [Generic Package Registry](https://docs.gitlab.com/ee/user/packages/generic_packages/).

## Usage

```yaml

include:

  - project: 'to-be-continuous/glpck'

  - project: 'to-be-continuous/gitlab-package'

    ref: '1.0.0'

    file: '/templates/gitlab-ci-packages.yml'

    file: '/templates/gitlab-ci-gitlab-package.yml'

```

## Global configuration

The Gitlab Packages template uses some global configuration used throughout all jobs.

The GitLab Package template uses some global configuration used throughout all jobs.

| Name                  | description                            | default value     |

| --------------------- | -------------------------------------- | ----------------- |

| `PACKAGES_IMAGE`      | The Docker image used to access Gitlab packages  | `curl:latest` |

| `GLPKG_IMAGE`         | The Docker image used to publish GitLab packages  | `registry.hub.docker.com/curlimages/curl:latest` |

## Jobs

### `packages-publish` job

This job **publish** files to [Gitlab Generic Packages](https://docs.gitlab.com/ee/user/packages/generic_packages/).

This job **publishes** files to [GitLab Generic Package](https://docs.gitlab.com/ee/user/packages/generic_packages/).

This job is bound to the `publish` stage and is executed on a Git tag with a semantic version pattern (`v?[0-9]+\.[0-9]+\.[0-9]+`, _configurable_).

It uses the following variable:

It uses the following variables:

| Name                  | description                              | default value     |

| --------------------- | ---------------------------------------- | ----------------- |

| `PACKAGES_FILES_PATTERN` | Shell pattern to identify files to publish  | _none_ (mandatory) |

| `GLPKG_FILES`         | Glob patterns matching files to include in the GitLab package (:warning: does not support double star). | _none_ (mandatory) |

| `GLPKG_PACKAGE`       | Name of the package to publish           | `$CI_PROJECT_NAME` |

files:

    template: ./templates/gitlab-ci-gitlab-package.yml

    documentation: ./README.md

    changelog: ./CHANGELOG.md

data:

    description: "Publish artifacts to GitLab's Generic Package Registry"

    public: true

    labels:

    - to be continuous

    - GitLab Package Registry

    - Build

    license: LGPL v3

    deprecated: false

 No newline at end of file

{

  "name": "Gitlab Packages",

  "description": "GitLab CI template for Gitlab Packages",

  "template_path": "templates/gitlab-ci-packages.yml",

  "name": "GitLab Package",

  "description": "Publish artifacts to GitLab's [Generic Package Registry](https://docs.gitlab.com/ee/user/packages/generic_packages/)",

  "template_path": "templates/gitlab-ci-gitlab-package.yml",

  "kind": "build",

  "variables": [

    {

      "name": "PACKAGES_IMAGE",

      "name": "GLPKG_IMAGE",

      "description": "The Docker image used to publish packages",

      "default": "curl:latest"

      "default": "registry.hub.docker.com/curlimages/curl:latest",

      "advanced": true

    },

    {

      "name": "PACKAGES_FILES_PATTERN",

      "description": "Pattern to identify files to publish",

      "default": "bin/*/*/*"

      "name": "GLPKG_FILES",

      "description": "Glob patterns matching files to include in the GitLab package (:warning: does not support double star)",

      "mandatory": true

    },

    {

      "name": "GLPKG_PACKAGE",

      "description": "Name of the package to publish",

      "default": "$CI_PROJECT_NAME"

    }

  ]

}

    # prevent branch pipeline when an MR is open (prefer MR pipeline)

    - if: '$CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS'

      when: never

    - if: '$CI_COMMIT_MESSAGE =~ "/\[(ci skip|skip ci) on ([^],]*,)*tag(,[^],]*)*\]/" && $CI_COMMIT_TAG'

      when: never

    - if: '$CI_COMMIT_MESSAGE =~ "/\[(ci skip|skip ci) on ([^],]*,)*branch(,[^],]*)*\]/" && $CI_COMMIT_BRANCH'

      when: never

    - if: '$CI_COMMIT_MESSAGE =~ "/\[(ci skip|skip ci) on ([^],]*,)*mr(,[^],]*)*\]/" && $CI_MERGE_REQUEST_ID'

      when: never

    - if: '$CI_COMMIT_MESSAGE =~ "/\[(ci skip|skip ci) on ([^],]*,)*default(,[^],]*)*\]/" && $CI_COMMIT_REF_NAME =~ $CI_DEFAULT_BRANCH'

      when: never

    - if: '$CI_COMMIT_MESSAGE =~ "/\[(ci skip|skip ci) on ([^],]*,)*prod(,[^],]*)*\]/" && $CI_COMMIT_REF_NAME =~ $PROD_REF'

      when: never

    - if: '$CI_COMMIT_MESSAGE =~ "/\[(ci skip|skip ci) on ([^],]*,)*integ(,[^],]*)*\]/" && $CI_COMMIT_REF_NAME =~ $INTEG_REF'

      when: never

    - if: '$CI_COMMIT_MESSAGE =~ "/\[(ci skip|skip ci) on ([^],]*,)*dev(,[^],]*)*\]/" && $CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'

      when: never

    - when: always

# test job prototype: implement adaptive pipeline rules

  TBC_TRACKING_IMAGE: "$CI_REGISTRY/to-be-continuous/tools/tracking:master"

  # Default Docker image (use a public image - can be overridden)

  PACKAGES_IMAGE: "registry.hub.docker.com/curlimages/curl:latest"

  # Pattern of files to publish

  # PACKAGES_FILES_PATTERN: bin/*/*/*

  GLPKG_IMAGE: "registry.hub.docker.com/curlimages/curl:latest"

  # default production ref name (pattern)

  PROD_REF: '/^(master|main)$/'

  # default release tag name (pattern)

  RELEASE_REF: '/^v?[0-9]+\.[0-9]+\.[0-9]+$/'

# allowed stages depend on your template type (see: orange-opensource.gitlab.io/tbc/doc/dev-guidelines/#stages)

stages:

  - build

  - test

  - package-build

  - package-test

  - infra

  - deploy

  - acceptance

  - publish

  - infra-prod

  - production

.packages-scripts: &packages-scripts |

  # BEGSCRIPT

  function eval_secret() {

    name=$1

    value=$(eval echo "\$${name}")

    # create the /tmp directory (it is required by the mktemp command)

    mkdir -p /tmp

    case "$value" in

    @b64@*)

      decoded=$(mktemp)

          export ${name}="$(cat ${decoded})"

          log_info "Successfully curl'd secret \\e[33;1m${name}\\e[0m"

        else

          fail "Failed getting secret \\e[33;1m${name}\\e[0m:\\n$(sed 's/^/... /g' "${errors}")"

          log_warn "Failed getting secret \\e[33;1m${name}\\e[0m:\\n$(sed 's/^/... /g' "${errors}")"

        fi

      elif command -v wget > /dev/null

      then

          export ${name}="$(cat ${decoded})"

          log_info "Successfully wget'd secret \\e[33;1m${name}\\e[0m"

        else

          fail "Failed getting secret \\e[33;1m${name}\\e[0m:\\n$(sed 's/^/... /g' "${errors}")"

          log_warn "Failed getting secret \\e[33;1m${name}\\e[0m:\\n$(sed 's/^/... /g' "${errors}")"

        fi

      else

        fail "Couldn't get secret \\e[33;1m${name}\\e[0m: no http client found"

        log_warn "Couldn't get secret \\e[33;1m${name}\\e[0m: no http client found"

      fi

      ;;

    esac

    done

  }

  function exec_hook() {

    if [[ ! -x "$1" ]] && ! chmod +x "$1"

    then

      log_warn "... could not make \\e[33;1m${1}\\e[0m executable: please do it (chmod +x)"

      # fallback technique

      sh "$1"

    else

      "$1"

    fi

  }

  function publish() {

    if [ -z "$PACKAGES_FILES_PATTERN" ]

    then

      fail "The variable \\e[33;1mPACKAGES_FILES_PATTERN\\e[0m is mandatory"

    fi

    for file in $PACKAGES_FILES_PATTERN

    pkg_name=${GLPKG_PACKAGE:-$CI_PROJECT_NAME}

    log_info "Publish package \\e[33;1m${pkg_name}\\e[0m with version \\e[33;1m${CI_COMMIT_TAG}\\e[0m"...

    for file in $GLPKG_FILES

    do

      log_info "Publishing \\e[33;1m${file}\\e[0m"

      curl -sSf --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file "$file" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/${CI_PROJECT_NAME}/${CI_COMMIT_TAG}/$(basename "$file")"

      log_info "... add file \\e[33;1m${file}\\e[0m"

      file_basename=$(basename "$file")

      curl -sSf --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file "$file" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/${pkg_name}/${CI_COMMIT_TAG}/${file_basename}"

    done

  }

  # ENDSCRIPT

# job prototype

# defines default Docker image, tracking probe, cache policy and tags

.packages-base:

  image: $PACKAGES_IMAGE

glpkg-publish:

  image: $GLPKG_IMAGE

  stage: publish

  services:

    - name: "$TBC_TRACKING_IMAGE"

      command: ["--service", "packages", "1.0.0"]

      command: ["--service", "gitlab-package", "1.0.0"]

  before_script:

    - *packages-scripts

    - install_ca_certs "${CUSTOM_CA_CERTS:-$DEFAULT_CA_CERTS}"

  # No need for cache, only artifacts

  cache:

packages-publish:

  extends: .packages-base

  stage: publish

  before_script:

    - *packages-scripts

    - assert_defined "$GLPKG_FILES" 'The variable $GLPKG_FILES is mandatory'

  script:

    - publish

  rules: