pipedawg 0.1.1 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9167728fbd620f0098099ff53a90fb1d85336a8a771b24cc3059b8dc03144285
-  data.tar.gz: 6f1d59f9fb1ca2de1a49d04520f6a9cd7f171f569c72a372899f9f28749ead34
+  metadata.gz: 114b51a7224d92e384383b3485e96547a250ae90cc64a89250d7a45ff3ae35c0
+  data.tar.gz: 98eac24c50bdeb4282077b32e45afc87f9e8f3db01f47c5b837d36a9a3866ca0
 SHA512:
-  metadata.gz: f53e89a60305aaa04c14443c404e3bcfa0fa24274503751c927ff6ace5f9cabbeb87f3bc2e87ca81d04a9c14aa280ca2942b381eeecbbae23db4bfd4c4c2165e
-  data.tar.gz: a3f7acd6b467e21fee88fa2e2b22ef55e60030311355fb3074ae0f4eac0a52674c0027c0b4ebb0b21dfb1317ee5d1e3a753ece8f96c098183699c53d04a703ae
+  metadata.gz: 1504e970a5b8b629f5b95a92a8fd9edc4685d3d98adbf3f94631a0c0d4b12beaadb83a30b5337ba9ad03310956ce1c9e7924f6c04f968bca8287e0c45a69eb5e
+  data.tar.gz: 80e24f54810711abc38902ab44aae67499372f9d73c265aedc82d6d6bc2c3dd7d26f230195a435580674502bb40563e67810be18ebbb51bd2e35c4b735888fb0

data/README.md

@@ -42,25 +42,13 @@ gem_job = Pipedawg::Job.new(
   script: ['bundle install', 'gem build *.gemspec']
 )
 
-docker_job = Pipedawg::Job.new(
-  'build:docker',
-  image: 'docker',
-  needs: ['build:gem'],
-  retry: 2,
-  script: [
-    'docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $CI_REGISTRY',
-    'docker pull $CI_REGISTRY_IMAGE || true',
-    'docker build --pull --cache-from $CI_REGISTRY_IMAGE -t $CI_REGISTRY_IMAGE .',
-    'docker push $CI_REGISTRY_IMAGE'
-  ],
-  services: ['docker:dind']
+kaniko_job = Pipedawg::KanikoJob.new(
+  'build:kaniko',
+  {needs: ['build:gem'], retry: 2},
+  {context:'${CI_PROJECT_DIR}/docker',external_files: {'*.gem':'gems'}}
 )
 
-pipeline = Pipedawg::Pipeline.new 'build:image', jobs: [gem_job, docker_job]
-
-# Automatically calculates stages of jobs based on 'needs'
-pipeline.update_stages
-
+pipeline = Pipedawg::Pipeline.new 'build:image', jobs: [gem_job, kaniko_job]
 puts pipeline.to_yaml
 ```
 
@@ -84,23 +72,21 @@ build:gem:
   - gem build *.gemspec
   stage: '1'
   tags: []
-build:docker:
+build:kaniko:
   artifacts: {}
   cache: {}
-  image: docker
   needs:
   - build:gem
   retry: 2
   rules: []
   script:
-  - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $CI_REGISTRY
-  - docker pull $CI_REGISTRY_IMAGE || true
-  - docker build --pull --cache-from $CI_REGISTRY_IMAGE -t $CI_REGISTRY_IMAGE .
-  - docker push $CI_REGISTRY_IMAGE
+  - echo "{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}"
+    > "/kaniko/.docker/config.json"
+  - cp "*.gem" "${CI_PROJECT_DIR}/docker/gems"
+  - '"/kaniko/executor" --context "${CI_PROJECT_DIR}/docker" --dockerfile "Dockerfile"
+    --no-push'
   stage: '2'
   tags: []
-  services:
-  - docker:dind
 ```
 
 ## Development

data/lib/pipedawg/helm_copy_job.rb

@@ -0,0 +1,107 @@
+# frozen_string_literal: true
+
+module Pipedawg
+  # helm_copy_job class
+  class HelmCopyJob < Job
+    attr_accessor :helm_opts
+
+    def initialize(name = 'build', opts = {}, helm_opts = {})
+      @helm_opts = {
+        chart: name,
+        destinations: [{ user: nil, password: nil, url: nil }],
+        helm: 'helm',
+        image: { entrypoint: [''], name: 'alpine/helm' },
+        password: nil, url: nil, user: nil, version: nil
+      }.merge(helm_opts)
+      super name, opts
+      update
+    end
+
+    def update
+      opts[:image] = helm_opts[:image] if helm_opts[:image]
+      opts[:script] = [] + pull + (helm_opts[:destinations].map { |d| push(d) }).flatten(1)
+    end
+
+    private
+
+    def pull
+      case helm_opts[:url]
+      when nil
+        []
+      when %r{^oci://}
+        pull_oci
+      else
+        pull_classic
+      end
+    end
+
+    def push(destination)
+      case destination[:url]
+      when nil
+        []
+      when %r{^oci://}
+        push_oci(destination)
+      else
+        push_classic(destination)
+      end
+    end
+
+    def pull_oci # rubocop:disable Metrics/AbcSize
+      script = []
+      if helm_opts[:url] && helm_opts[:chart] && helm_opts[:version]
+        script = ['export HELM_EXPERIMENTAL_OCI=1']
+        script << login_oci(helm_opts) if helm_opts[:user] && helm_opts[:password]
+        script << "\"#{helm_opts[:helm]}\" pull \"#{helm_opts[:url]}/#{helm_opts[:chart]}\" --version \"#{helm_opts[:version]}\"" # rubocop:disable Layout/LineLength
+      end
+      script
+    end
+
+    def push_oci(destination) # rubocop:disable Metrics/AbcSize
+      script = []
+      if destination[:url] && helm_opts[:chart] && helm_opts[:version]
+        script = ['export HELM_EXPERIMENTAL_OCI=1']
+        script << login_oci(destination) if destination[:user] && destination[:password]
+        script << "\"#{helm_opts[:helm]}\" push \"#{helm_opts[:chart]}-#{helm_opts[:version]}.tgz\" \"#{destination[:url]}\"" # rubocop:disable Layout/LineLength
+      end
+      script
+    end
+
+    def login_oci(login_opts)
+      require 'uri'
+      "echo \"#{login_opts[:password]}\" | \"#{helm_opts[:helm]}\" registry login --username \"#{login_opts[:user]}\" --password-stdin \"#{URI(login_opts[:url]).host}\"" # rubocop:disable Layout/LineLength
+    end
+
+    def pull_classic # rubocop:disable Metrics/AbcSize
+      script = []
+      if helm_opts[:url] && helm_opts[:chart] && helm_opts[:version]
+        suffix = login_classic(helm_opts)
+        script << "\"#{helm_opts[:helm]}\" repo add source \"#{helm_opts[:url]}\"#{suffix}"
+        script << "\"#{helm_opts[:helm]}\" repo update"
+        script << "\"#{helm_opts[:helm]}\" pull \"source/#{helm_opts[:chart]}\" --version \"#{helm_opts[:version]}\""
+      end
+      script
+    end
+
+    def push_classic(destination)
+      script = []
+      if destination[:url] && helm_opts[:chart] && helm_opts[:version]
+        script << plugin_classic
+        suffix = login_classic(destination)
+        script << "\"#{helm_opts[:helm]}\" cm-push \"#{helm_opts[:chart]}-#{helm_opts[:version]}.tgz\" \"#{destination[:url]}\"#{suffix}" # rubocop:disable Layout/LineLength
+      end
+      script
+    end
+
+    def login_classic(login_opts)
+      if login_opts[:user] && login_opts[:password]
+        " --username \"#{login_opts[:user]}\" --password \"#{login_opts[:password]}\""
+      else
+        ''
+      end
+    end
+
+    def plugin_classic
+      "\"#{helm_opts[:helm]}\" plugin list | grep -q cm-push || \"#{helm_opts[:helm]}\" plugin install https://github.com/chartmuseum/helm-push"
+    end
+  end
+end

data/lib/pipedawg/job.rb

@@ -13,7 +13,7 @@ module Pipedawg
         image: { name: 'ruby:2.5' },
         needs: [],
         retry: nil,
-        rules: [],
+        rules: nil,
         script: [],
         stage: 'build',
         tags: []

data/lib/pipedawg/kaniko_job.rb

@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+
+module Pipedawg
+  # kaniko_job class
+  class KanikoJob < Job
+    attr_accessor :kaniko_opts
+
+    def initialize(name = 'build', opts = {}, kaniko_opts = {}) # rubocop:disable Metrics/MethodLength
+      @kaniko_opts = {
+        build_args: {},
+        config: {
+          '$CI_REGISTRY': {
+            username: '$CI_REGISTRY_USER',
+            password: '$CI_REGISTRY_PASSWORD'
+          }
+        },
+        config_file: '/kaniko/.docker/config.json',
+        context: '${CI_PROJECT_DIR}',
+        destinations: [],
+        dockerfile: 'Dockerfile',
+        executor: '/kaniko/executor',
+        external_files: {},
+        flags: [],
+        ignore_paths: [],
+        insecure_registries: [],
+        image: {
+          entrypoint: [''],
+          name: 'gcr.io/kaniko-project/executor:debug'
+        },
+        options: {},
+        registry_certificates: {},
+        registry_mirrors: [],
+        skip_tls_verify_registry: [],
+        trusted_ca_cert_source_files: [],
+        trusted_ca_cert_target_file: '/kaniko/ssl/certs/ca-certificates.crt'
+      }.merge(kaniko_opts)
+      super name, opts
+      update
+    end
+
+    def update # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/MethodLength, Metrics/PerceivedComplexity
+      require 'json'
+      opts[:image] = kaniko_opts[:image] if kaniko_opts[:image]
+      script = ["echo #{kaniko_opts[:config].to_json.inspect} > \"#{kaniko_opts[:config_file]}\""]
+      cert_copies = Array(kaniko_opts[:trusted_ca_cert_source_files]).map do |cert|
+        "cat \"#{cert}\" >> \"#{kaniko_opts[:trusted_ca_cert_target_file]}\""
+      end
+      script.concat cert_copies
+      file_copies = kaniko_opts[:external_files].map do |source, dest|
+        "cp \"#{source}\" \"#{kaniko_opts[:context]}/#{dest}\""
+      end
+      script.concat file_copies
+      flags = kaniko_opts[:flags].clone
+      flags << 'no-push' if kaniko_opts[:destinations].empty?
+      flags_cli = flags.uniq.map { |f| "--#{f}" }.join(' ')
+      options_cli =  kaniko_opts[:options].map { |k, v| "--#{k}=\"#{v}\"" }.join(' ')
+      build_args_cli = kaniko_opts[:build_args].map { |k, v| "--build-arg #{k}=\"#{v}\"" }.join(' ')
+      ignore_paths_cli = Array(kaniko_opts[:ignore_paths]).map { |p| "--ignore-path #{p}" }.join(' ')
+      insecure_registries_cli = Array(kaniko_opts[:insecure_registries]).map do |r|
+        "--insecure-registry #{r}"
+      end.join(' ')
+      registry_certificates_cli = kaniko_opts[:registry_certificates].map do |k, v|
+        "--registry-certificate #{k}=\"#{v}\""
+      end.join(' ')
+      registry_mirrors_cli = Array(kaniko_opts[:registry_mirrors]).map { |r| "--registry-mirror #{r}" }.join(' ')
+      skip_tls_verify_registrys_cli = Array(kaniko_opts[:skip_tls_verify_registry]).map do |r|
+        "--skip-tls-verify-registry #{r}"
+      end.join(' ')
+      destinations_cli = kaniko_opts[:destinations].map { |d| "--destination #{d}" }.join(' ')
+      kaniko_cmds = [
+        "\"#{kaniko_opts[:executor]}\"",
+        '--context',
+        "\"#{kaniko_opts[:context]}\"",
+        '--dockerfile',
+        "\"#{kaniko_opts[:dockerfile]}\"",
+        flags_cli,
+        options_cli,
+        build_args_cli,
+        ignore_paths_cli,
+        insecure_registries_cli,
+        registry_certificates_cli,
+        registry_mirrors_cli,
+        destinations_cli,
+        skip_tls_verify_registrys_cli
+      ].reject(&:empty?)
+      script << kaniko_cmds.join(' ')
+      opts[:script] = script
+    end
+  end
+end

data/lib/pipedawg/pipeline.rb

@@ -10,8 +10,9 @@ module Pipedawg
       @opts = {
         jobs: [Pipedawg::Job.new],
         stages: ['build'],
-        workflow: {}
+        workflow: nil
       }.merge(opts)
+      update
     end
 
     def to_yaml
@@ -28,7 +29,7 @@ module Pipedawg
       File.write(file, to_yaml)
     end
 
-    def update_stages
+    def update
       stages = []
       opts[:jobs].each do |job|
         stage = stage_from_needs(opts[:jobs], job.name)

data/lib/pipedawg/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Pipedawg
-  VERSION = '0.1.1'
+  VERSION = '0.3.0'
 end

data/lib/pipedawg.rb

@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 require 'pipedawg/job'
+require 'pipedawg/helm_copy_job'
+require 'pipedawg/kaniko_job'
 require 'pipedawg/pipeline'
 require 'pipedawg/version'
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pipedawg
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.3.0
 platform: ruby
 authors:
 - harbottle
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-01-28 00:00:00.000000000 Z
+date: 2022-02-04 00:00:00.000000000 Z
 dependencies: []
 description: Generate GitLab CI pipelines.
 email:
@@ -20,7 +20,9 @@ files:
 - LICENSE.txt
 - README.md
 - lib/pipedawg.rb
+- lib/pipedawg/helm_copy_job.rb
 - lib/pipedawg/job.rb
+- lib/pipedawg/kaniko_job.rb
 - lib/pipedawg/pipeline.rb
 - lib/pipedawg/version.rb
 homepage: https://github.com/liger1978/pipedawg
@@ -45,7 +47,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Generate GitLab CI pipelines.