-
Notifications
You must be signed in to change notification settings - Fork 28
/
Copy path.gitlab-ci.yml
67 lines (61 loc) · 1.83 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
include:
- project: 'ci-tools/container-image-ci-templates'
file: 'docker-image.gitlab-ci.yml'
ref: master
- project: 'ci-tools/container-image-ci-templates'
file: 'helm.gitlab-ci.yml'
ref: master
stages:
- build-bin
- build-image
- build-chart
build-bin:
stage: build-bin
rules:
- if: $CI_COMMIT_BRANCH || $CI_COMMIT_TAG
image: registry.cern.ch/docker.io/library/golang:1.22
artifacts:
expire_in: '10 min'
paths:
- bin/
script:
- make build-cross
build-image:
rules:
- if: $CI_COMMIT_TAG
variables:
PUSH_IMAGE: "true"
IMAGE_TAG: $CI_COMMIT_TAG
- if: $CI_COMMIT_BRANCH
variables:
IMAGE_TAG: $CI_COMMIT_BRANCH
stage: build-image
extends: .build_docker
variables:
REGISTRY_IMAGE_PATH: "registry.cern.ch/kubernetes/cvmfs-csi:$IMAGE_TAG"
COSIGN_PRIVATE_KEY: "$HARBOR_SIGNKEY"
CONTEXT_DIR: "."
DOCKER_FILE_NAME: "deployments/docker/Dockerfile"
PLATFORMS: "linux/amd64,linux/arm64"
BUILD_ARGS: "RELEASE=$IMAGE_TAG GITREF=$CI_COMMIT_SHA CREATED=$CI_PIPELINE_CREATED_AT"
build-chart:
rules:
- if: $CI_COMMIT_TAG
variables:
PUSH_CHART: "true"
- if: $CI_COMMIT_BRANCH
image: registry.cern.ch/kubernetes/ops:0.4.0
stage: build-chart
script: |
CHART_NAME=cvmfs-csi
helm package "deployments/helm/${CHART_NAME}"
if $PUSH_CHART; then
helm registry login registry.cern.ch -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD
helm push ${CHART_NAME}-${CI_COMMIT_TAG}.tgz "oci://${REGISTRY_CHART_PATH}"
echo -n "${HARBOR_SIGNKEY}" | base64 -d > .sign.key
cosign login registry.cern.ch -u ${HARBOR_USER} -p ${HARBOR_TOKEN}
cosign sign --key .sign.key -y "${REGISTRY_CHART_PATH}/${CHART_NAME}:${CI_COMMIT_TAG}"
fi
variables:
REGISTRY_CHART_PATH: registry.cern.ch/kubernetes/charts
COSIGN_PRIVATE_KEY: "$HARBOR_SIGNKEY"