wunker-bunker/wunker-os
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8f4c152b4080c662fb7242055eafb983042fcdf5
wunker-os/.gitlab-ci.yml
Gerald Pinder 8f4c152b40 Fix cosign command
2023-07-23 15:26:34 -04:00

60 lines
2.0 KiB
YAML
Raw Blame History

stages:
- build
variables:
COSIGN_PASSWORD: ""
default:
image: registry.gitlab.com/wunker-bunker/ci-builder
before_script:
- |
IMAGE_NAME=$(yq '.name' ./$RECIPE)
IMAGE_DESCRIPTION=$(yq '.description' ./$RECIPE)
FEDORA_MAJOR_VERSION=$(yq '.fedora-version' ./$RECIPE)
BASE_IMAGE_URL=$(yq '.base-image' ./$RECIPE)
FULL_IMAGE_NAME=$CI_REGISTRY/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME/$IMAGE_NAME
# Generate a timestamp for creating an image version history
TIMESTAMP="$(date +%Y%m%d)"
COMMIT_TAGS=()
BUILD_TAGS=()
# Have tags for tracking builds during pull request
COMMIT_TAGS+=("mr-${CI_MERGE_REQUEST_IID}-${FEDORA_MAJOR_VERSION}")
COMMIT_TAGS+=("${CI_COMMIT_SHORT_SHA}-${FEDORA_MAJOR_VERSION}")
BUILD_TAGS=("${FEDORA_MAJOR_VERSION}" "${FEDORA_MAJOR_VERSION}-${TIMESTAMP}")
BUILD_TAGS+=("${TIMESTAMP}")
BUILD_TAGS+=("latest")
if [[ $CI_PIPELINE_SOURCE == "merge_request_event" ]]; then
echo "Generated the following commit tags: "
for TAG in "${COMMIT_TAGS[@]}"; do
echo "${TAG}"
done
TAGS=("${COMMIT_TAGS[@]}")
else
TAGS=("${BUILD_TAGS[@]}")
fi
echo "Generated the following build tags: "
for TAG in "${BUILD_TAGS[@]}"; do
echo "${TAG}"
done
echo "TAGS=${TAGS[*]}"
- buildah login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
build:
stage: build
parallel:
matrix:
- RECIPE:
- recipe-desktop.yml
- recipe-framework.yml
script:
- buildah build --build-arg=RECIPE=$RECIPE --build-arg=FEDORA_MAJOR_VERSION=$FEDORA_MAJOR_VERSION --build-arg BASE_IMAGE_URL=$BASE_IMAGE_URL -t $FULL_IMAGE_NAME:${TAGS} .
- |
for TAG in "${TAGS[@]}"; do
buildah tag $FULL_IMAGE_NAME:${TAGS} $FULL_IMAGE_NAME:${TAG}
done
- buildah push --all $FULL_IMAGE_NAME
- DIGEST=($(buildah images --format '{{.Digest}}' $FULL_IMAGE_NAME:$TAGS))
- cosign sign -y --key $SIGNING_SECRET $FULL_IMAGE_NAME@$DIGEST
Reference in New Issue View Git Blame Copy Permalink