mirror of
https://gitlab.sectorq.eu/jaydee/portainer.git
synced 2026-03-14 23:00:01 +01:00
117 lines
4.8 KiB
YAML
117 lines
4.8 KiB
YAML
|
|
stages: # List of stages for jobs, and their order of execution
|
|
- notify1
|
|
- lint
|
|
- test
|
|
- security
|
|
- dast
|
|
- build
|
|
- clean
|
|
- notify
|
|
variables:
|
|
GIT_SSH_COMMAND: "ssh -i /home/gitlab-runner/.ssh/id_rsa -o IdentitiesOnly=yes"
|
|
CS_IMAGE: r.sectorq.eu/jaydee/builder:amd64
|
|
|
|
notify1:
|
|
stage: notify1 # Should be in a later stage than the job that might fail
|
|
when: on_success # <-- This is the key keyword
|
|
script:
|
|
- column=':'
|
|
- echo "${flow_id}"
|
|
- curl -XPOST http://192.168.77.101:8123/api/webhook/voice-notifications-tC_8YKxMJIAaQRV5riKuC7Zl --data-raw 'message=portainer build job started'
|
|
- rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
|
|
rules:
|
|
- if: '$CI_COMMIT_MESSAGE =~ /build/'
|
|
lint:
|
|
stage: lint
|
|
image: r.sectorq.eu/jaydee/builder:latest
|
|
before_script:
|
|
- python3 -m pip install --break-system-packages flake8 black pylint tabulate prompt_toolkit hvac
|
|
- export PATH="$PATH:/home/gitlab-runner/.local/bin"
|
|
# - echo "PATH is now: $PATH"
|
|
script:
|
|
- flake8 .
|
|
- black --check .
|
|
- pylint portainer.py
|
|
- rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
|
|
rules:
|
|
- if: '$CI_COMMIT_MESSAGE =~ /lint/'
|
|
|
|
|
|
include:
|
|
- template: Security/SAST.gitlab-ci.yml
|
|
- template: Security/Dependency-Scanning.gitlab-ci.yml
|
|
- template: Security/Secret-Detection.gitlab-ci.yml
|
|
- template: Security/DAST.gitlab-ci.yml
|
|
- template: Security/Container-Scanning.gitlab-ci.yml
|
|
|
|
build-job: # This job runs in the build stage, which runs first.
|
|
stage: build
|
|
image: r.sectorq.eu/jaydee/builder:amd64
|
|
script:
|
|
- pyinstaller --onefile --clean -n portainer main.py
|
|
#- scp -o ConnectTimeout=5 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null dist/portainer jd@192.168.80.222:/myapps/bin/ || true
|
|
- scp -o ConnectTimeout=5 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null dist/portainer jd@192.168.77.12:/myapps/bin/ || true
|
|
- curl -F "file=@dist/portainer" https://myapps.sectorq.eu/
|
|
- rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
|
|
artifacts:
|
|
paths:
|
|
- dist/
|
|
expire_in: 1 week
|
|
# - column=":"
|
|
# - echo "${flow_id}"
|
|
# - curl -X POST https://kestra.sectorq.eu/api/v1/executions/webhook/jaydee/ansible-all/${flow_id} -d '{"tag":["proxmox"],"target":["servers"]}' -H "Content-Type${column} application/json"
|
|
rules:
|
|
- if: '$CI_COMMIT_MESSAGE =~ /build/'
|
|
build-job-arm: # This job runs in the build stage, which runs first.
|
|
stage: build
|
|
image: r.sectorq.eu/jaydee/builder:arm64
|
|
script:
|
|
- pyinstaller --onefile --clean -n portainer_arm main.py
|
|
#- scp -o ConnectTimeout=5 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null dist/portainer jd@192.168.80.222:/myapps/bin/ || true
|
|
- scp -o ConnectTimeout=5 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null dist/portainer_arm jd@192.168.77.12:/myapps/bin/ || true
|
|
- curl -F "file=@dist/portainer_arm" https://myapps.sectorq.eu/
|
|
- rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
|
|
artifacts:
|
|
paths:
|
|
- dist/
|
|
expire_in: 1 week
|
|
# - column=":"
|
|
# - echo "${flow_id}"
|
|
# - curl -X POST https://kestra.sectorq.eu/api/v1/executions/webhook/jaydee/ansible-all/${flow_id} -d '{"tag":["proxmox"],"target":["servers"]}' -H "Content-Type${column} application/json"
|
|
rules:
|
|
- if: '$CI_COMMIT_MESSAGE =~ /build-all/'
|
|
|
|
|
|
clean-job: # This job runs in the build stage, which runs first.
|
|
stage: clean
|
|
script:
|
|
- rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
|
|
rules:
|
|
- if: '$CI_COMMIT_MESSAGE =~ /build/'
|
|
cleanup_on_failure_job:
|
|
stage: clean # Should be in a later stage than the job that might fail
|
|
when: on_failure # <-- This is the key keyword
|
|
script:
|
|
- rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
|
|
notify:
|
|
stage: notify # Should be in a later stage than the job that might fail
|
|
when: on_success # <-- This is the key keyword
|
|
script:
|
|
- column=':'
|
|
- echo "${flow_id}"
|
|
- curl -XPOST http://192.168.77.101:8123/api/webhook/voice-notifications-tC_8YKxMJIAaQRV5riKuC7Zl --data-raw 'message=portainer build job completed'
|
|
- rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
|
|
rules:
|
|
- if: '$CI_COMMIT_MESSAGE =~ /build/'
|
|
notify2:
|
|
stage: notify # Should be in a later stage than the job that might fail
|
|
when: on_failure # <-- This is the key keyword
|
|
script:
|
|
- column=':'
|
|
- echo "${flow_id}"
|
|
- curl -XPOST http://192.168.77.101:8123/api/webhook/voice-notifications-tC_8YKxMJIAaQRV5riKuC7Zl --data-raw 'message=portainer build job failed'
|
|
- rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
|
|
rules:
|
|
- if: '$CI_COMMIT_MESSAGE =~ /build/'
|