diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7078fbf13c06415fcb91610e8cdb2ba57c775758..64d2ce6535d79d748cb9129d6cf50da36aff71a2 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -4,9 +4,9 @@ variables: TRIVY_CACHE_DIR: ".trivycache/" DOCKER_HOST: "unix:///var/run/dind/docker.sock" TESTCONTAINERS_RYUK_DISABLED: "false" - DOC_VERSIONS: "latest,1.4.2,1.4.1,1.4.0,1.3.0" - APP_VERSION: "1.4.3-rc.0" - CHART_VERSION: "1.4.3-rc.0" + DOC_VERSIONS: "latest,1.4.3,1.4.2,1.4.1,1.4.0" + APP_VERSION: "1.4.3" + CHART_VERSION: "1.4.3" image: debian:12-slim @@ -545,8 +545,9 @@ docs-registry: only: refs: - /^release-.*/ + before_script: + - "apt-get update && apt-get install -y sed" script: - - apt-get update && apt-get install -y sed - pip install -r ./requirements.txt - find .docs -type f -exec sed -i -e "s/__APP_VERSION__/${APP_VERSION}/g" {} \; - python3 .docs/docker/release.py @@ -564,9 +565,9 @@ release-images: before_script: - "echo ${CI_REGISTRY_PASSWORD} | docker login --username ${CI_REGISTRY_USER} --password-stdin $CI_REGISTRY_URL" - "echo ${CI_REGISTRY2_PASSWORD} | docker login --username ${CI_REGISTRY2_USER} --password-stdin $CI_REGISTRY2_URL" - script: - "ifconfig eth0 mtu 1450 up" - "apk add make bash" + script: - "make release" release-images-unstable: @@ -581,11 +582,11 @@ release-images-unstable: - master - dev before_script: - - echo "$CI_REGISTRY_PASSWORD" | docker login --username "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY_URL - - echo "$CI_REGISTRY2_PASSWORD" | docker login --username "$CI_REGISTRY2_USER" --password-stdin $CI_REGISTRY2_URL - script: + - "echo ${CI_REGISTRY_PASSWORD} | docker login --username ${CI_REGISTRY_USER} --password-stdin $CI_REGISTRY_URL" + - "echo ${CI_REGISTRY2_PASSWORD} | docker login --username ${CI_REGISTRY2_USER} --password-stdin $CI_REGISTRY2_URL" - "ifconfig eth0 mtu 1450 up" - "apk add make bash" + script: - "CI_COMMIT_BRANCH=release-unstable make release-images" release-chart: @@ -595,11 +596,14 @@ release-chart: refs: - /^release-.*/ before_script: - - echo "$CI_REGISTRY2_PASSWORD" | docker login --username "$CI_REGISTRY2_USER" --password-stdin $CI_REGISTRY2_URL + - "echo ${CI_REGISTRY2_PASSWORD} | docker login --username ${CI_REGISTRY2_USER} --password-stdin $CI_REGISTRY2_URL" + - "echo ${CI_GPG_KEYRING} | base64 -d > ~/keyring.gpg" + - "apk add sed helm curl" + - "helm plugin install https://github.com/sigstore/helm-sigstore" script: - - apk add sed helm curl - - helm package ./helm/dbrepo --destination ./build - - helm push "./build/dbrepo-${CHART_VERSION}.tgz" "oci://${CI_REGISTRY2_URL}/helm" + - "helm package --sign --key 'Martin Weise' ./helm/dbrepo --keyring ~/keyring.gpg --destination ./build" + - "helm push ./build/dbrepo-${CHART_VERSION}.tgz oci://${CI_REGISTRY2_URL}/helm" + - "helm sigstore upload ./build/dbrepo-${CHART_VERSION}.tgz" release-docs: stage: release @@ -607,8 +611,9 @@ release-docs: only: refs: - /^release-.*/ + before_script: + - "apt-get update && apt-get install -y git make sed wget ssh" script: - - apt-get update && apt-get install -y git make sed wget ssh - make docs - eval $(ssh-agent -s) - echo "$CI_KEY_PRIVATE" > /root/.ssh/id_rsa && chmod 0600 /root/.ssh/id_rsa @@ -626,9 +631,10 @@ release-libs: - /^release-.*/ variables: PIPENV_PIPFILE: "./dbrepo-analyse-service/Pipfile" + before_script: + - "apk add sed bash" + - "pip install pipenv twine build" + - "pipenv install gunicorn && pipenv install --dev --system --deploy" script: - - apk add sed bash - - pip install pipenv twine build - - pipenv install gunicorn && pipenv install --dev --system --deploy - bash ./lib/python/package.sh - bash ./lib/python/release.sh \ No newline at end of file diff --git a/helm/dbrepo/.gitignore b/helm/dbrepo/.gitignore index e7b18ebe6d6b5e6ea7cba8a40b9ee60db844f169..613d851d27fbfa390c201b7ed8591da3e04bec35 100644 --- a/helm/dbrepo/.gitignore +++ b/helm/dbrepo/.gitignore @@ -2,4 +2,5 @@ *.crt *.key *.srl -*.csr \ No newline at end of file +*.csr +build/* \ No newline at end of file diff --git a/helm/dbrepo/.helmignore b/helm/dbrepo/.helmignore index a831b5462153e1330fb4b7c210892f85304a1779..62d87df84fcf8a1c6cdd3918d35280bfbd07f336 100644 --- a/helm/dbrepo/.helmignore +++ b/helm/dbrepo/.helmignore @@ -12,6 +12,8 @@ hack/ .hg/ .hgignore .svn/ +# Generated +build/ # Common backup files *.swp *.bak diff --git a/helm/dbrepo/Chart.yaml b/helm/dbrepo/Chart.yaml index 587a7b3b09c2a5421fd961fad34ff59cb185be82..d61aa8701a34e5a6f890bf101f1b9775e63bcb03 100644 --- a/helm/dbrepo/Chart.yaml +++ b/helm/dbrepo/Chart.yaml @@ -12,7 +12,7 @@ maintainers: - name: Martin Weise email: martin.weise@tuwien.ac.at home: https://www.ifs.tuwien.ac.at/infrastructures/dbrepo/ -icon: https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/raw/master/.docs/images/signet_white.png +icon: https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/raw/master/dbrepo-ui/public/favicon.png dependencies: - name: opensearch alias: searchdb diff --git a/helm/dbrepo/Makefile b/helm/dbrepo/Makefile index 07c03a280630491a4ddf6369341b0bee73c78f08..c1e8e02d8f00a08ec29330ed2afd04ff7aff17b1 100644 --- a/helm/dbrepo/Makefile +++ b/helm/dbrepo/Makefile @@ -3,5 +3,6 @@ all: .PHONY: build build: ## Generate Helm values schema JSON + helm package --sign --key 'Martin Weise' . --keyring ~/.gnupg/mweise.gpg --destination ./build helm schema -input ./values.yaml - readme-generator-for-helm --readme README.md --values values.yaml \ No newline at end of file + readme-generator-for-helm --readme README.md --values values.yaml