Commit ca3941bd authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

ci: support custom TBC group as an alternative CI/CD configuration 

This change restores the working build for basic forking workflow on gitlab.com.
parent e523619d

.gitlab-ci-namespaced.yml

0 → 100644
+103 −0
Original line number Diff line number Diff line 
# Alternative CI/CD configuration file when using TBC in a self-managed GitLab with a custom TBC root group (different from the default "to-be-continuous")

# ℹ️ The CI/CD configuration file can be selected in your project: Settings > CI/CD > General Pipelines > CI/CD Configuration File.

# ⚠️ Requires that the TBC_NAMESPACE variable be set as a server instance variable (recommended), group variable, or project variable.

include:

  # $TBC_NAMESPACE is a group variable; can be globally overridden

  # Docker template

  - component: "$CI_SERVER_FQDN/$TBC_NAMESPACE/docker/gitlab-ci-docker@8"

    inputs:

      healthcheck-disabled: true

      build-args: "--cache-ttl=6h"

      prod-publish-strategy: "auto"

      release-extra-tags: "latest \\g<major>.\\g<minor>\\g<build> \\g<major>\\g<build>"

      trivy-image: docker.io/aquasec/trivy@sha256:bcc376de8d77cfe086a917230e818dc9f8528e3c852f7b1aff648949b6258d1c

  # Python template

  - component: "$CI_SERVER_FQDN/$TBC_NAMESPACE/python/gitlab-ci-python@9"

    inputs:

      image: "docker.io/library/python:3.14-slim"

      ruff-enabled: true

      publish-enabled: true

      semgrep-disabled: true

  # semantic-release template

  - component: $CI_SERVER_FQDN/$TBC_NAMESPACE/semantic-release/gitlab-ci-semrel@4

    inputs:

      # disable semrel for all synch'd repositories

      release-disabled: true

      auto-release-enabled: true



.test-scripts: &test-scripts |

  # BEGSCRIPT

  set -e



  function log_info() {

      echo -e "[\\e[1;94mINFO\\e[0m] $*"

  }



  function log_warn() {

      echo -e "[\\e[1;93mWARN\\e[0m] $*"

  }



  function log_error() {

      echo -e "[\\e[1;91mERROR\\e[0m] $*"

  }



  function fail() {

    log_error "$*"

    exit 1

  }



  function assert_eq() {

    local expected="$1"

    local actual="$2"

    local error_msg="$3"



    if [ "$expected" == "$actual" ]; then

      log_info "$expected == $actual"

      return 0

    else

      if [ -z "$error_msg" ]; then

        fail "$expected == $actual"

      else

        fail "$expected == $actual  msg: $error_msg"

      fi

      return 1

    fi

  }



  # ENDSCRIPT



.test-base:

  image: "docker.io/badouralix/curl-jq"

  stage: package-test

  variables:

    # TODO

  id_tokens:

    CI_JOB_JWT_V2:

      aud: "$CI_SERVER_URL"

  services:

    - name: "$DOCKER_SNAPSHOT_IMAGE"

      alias: "azure-auth-provider"

  before_script:

    - !reference [.test-scripts]



test-ping:

  extends: .test-base

  script:

    # test: ping responds pong

    - |

      response_status=`curl -s -o "resp.txt" -w "%{http_code}" http://azure-auth-provider/health`

      assert_eq "200" $response_status

      assert_eq "ok" $(cat resp.txt)





# test: get token with implicit TBC env detection fails if no TBC variables are set (error 400)

test-token-no-tbc-vars-fails:

  extends: .test-base

  variables:

    # TODO : set var

  script:

    - |

      response_status=$(curl -s -o "resp.txt" -w "%{http_code}" "http://azure-auth-provider/acr/auth/password")

      assert_eq "400" $response_status



# TODO : testing

.gitlab-ci.yml

+5 −8
Original line number Diff line number Diff line 
# Default CI/CD configuration file

# ℹ️ If you're using TBC in a self-managed GitLab with a custom TBC root group, use .gitlab-ci-namespaced.yml instead

include:

  # $TBC_NAMESPACE is a group variable; can be globally overridden

  # Docker template

  - component: "$CI_SERVER_FQDN/$TBC_NAMESPACE/docker/gitlab-ci-docker@8"

  - component: "$CI_SERVER_FQDN/to-be-continuous/docker/gitlab-ci-docker@8"

    inputs:

      healthcheck-disabled: true

      build-args: "--cache-ttl=6h"
@@ -9,23 +10,19 @@ include: 
      release-extra-tags: "latest \\g<major>.\\g<minor>\\g<build> \\g<major>\\g<build>"

      trivy-image: docker.io/aquasec/trivy@sha256:bcc376de8d77cfe086a917230e818dc9f8528e3c852f7b1aff648949b6258d1c

  # Python template

  - component: "$CI_SERVER_FQDN/$TBC_NAMESPACE/python/gitlab-ci-python@9"

  - component: "$CI_SERVER_FQDN/to-be-continuous/python/gitlab-ci-python@9"

    inputs:

      image: "docker.io/library/python:3.14-slim"

      ruff-enabled: true

      publish-enabled: true

      semgrep-disabled: true

  # semantic-release template

  - component: $CI_SERVER_FQDN/$TBC_NAMESPACE/semantic-release/gitlab-ci-semrel@4

  - component: $CI_SERVER_FQDN/to-be-continuous/semantic-release/gitlab-ci-semrel@4

    inputs:

      # disable semrel for all synch'd repositories

      release-disabled: true

      auto-release-enabled: true



variables:

  # Default value; can be globally overridden

  TBC_NAMESPACE: "to-be-continuous"



.test-scripts: &test-scripts |

  # BEGSCRIPT

  set -e