pipedawg 0.2.1 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/pipedawg/helm_copy_job.rb +115 -0
- data/lib/pipedawg/kaniko_job.rb +76 -58
- data/lib/pipedawg/util.rb +43 -0
- data/lib/pipedawg/version.rb +1 -1
- data/lib/pipedawg.rb +2 -0
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 064c29963799087a56d2cde36f785bc9762cd50870dc9eeede4f9efbfc577f0f
|
4
|
+
data.tar.gz: fd51dfa82c3d16c215f284dfd7c84c5600906738fef8d6f6b0d69b22e967af33
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c7241f30f45d72d1d43e03ef7b007c24756b1a16c483f605c179a02eb02c89b900926fd20c93502fbc94585cc9f1fa94ba41fefa27cabf497568b05ff252a75e
|
7
|
+
data.tar.gz: 7c72d19557c1f449dd56315465d1f22d66277005dfb39c59a67d83ef5389800511fcbbfc7fae3409f235d66834256d5f9566d63d8610f37b1a718c0d4f99285a
|
@@ -0,0 +1,115 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Pipedawg
|
4
|
+
# helm_copy_job class
|
5
|
+
class HelmCopyJob < Job
|
6
|
+
attr_accessor :helm_opts
|
7
|
+
|
8
|
+
def initialize(name = 'build', opts = {}, helm_opts = {})
|
9
|
+
@helm_opts = {
|
10
|
+
chart: name, debug: true,
|
11
|
+
destinations: [{ user: nil, password: nil, url: nil }],
|
12
|
+
helm: 'helm',
|
13
|
+
image: { entrypoint: [''], name: 'alpine/helm' },
|
14
|
+
password: nil, url: nil, user: nil, version: nil
|
15
|
+
}.merge(helm_opts)
|
16
|
+
super name, opts
|
17
|
+
update
|
18
|
+
end
|
19
|
+
|
20
|
+
def update # rubocop:disable Metrics/AbcSize
|
21
|
+
opts[:image] = helm_opts[:image] if helm_opts[:image]
|
22
|
+
opts[:script] = debug + pull + (helm_opts[:destinations].map { |d| push(d) }).flatten(1)
|
23
|
+
end
|
24
|
+
|
25
|
+
private
|
26
|
+
|
27
|
+
def debug
|
28
|
+
if helm_opts[:debug]
|
29
|
+
Pipedawg::Util.echo_proxy_vars
|
30
|
+
else
|
31
|
+
[]
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
def pull
|
36
|
+
case helm_opts[:url]
|
37
|
+
when nil
|
38
|
+
[]
|
39
|
+
when %r{^oci://}
|
40
|
+
pull_oci
|
41
|
+
else
|
42
|
+
pull_classic
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
def push(destination)
|
47
|
+
case destination[:url]
|
48
|
+
when nil
|
49
|
+
[]
|
50
|
+
when %r{^oci://}
|
51
|
+
push_oci(destination)
|
52
|
+
else
|
53
|
+
push_classic(destination)
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
def pull_oci # rubocop:disable Metrics/AbcSize
|
58
|
+
script = []
|
59
|
+
if helm_opts[:url] && helm_opts[:chart] && helm_opts[:version]
|
60
|
+
script = ['export HELM_EXPERIMENTAL_OCI=1']
|
61
|
+
script << login_oci(helm_opts) if helm_opts[:user] && helm_opts[:password]
|
62
|
+
script << "\"#{helm_opts[:helm]}\" pull \"#{helm_opts[:url]}/#{helm_opts[:chart]}\" --version \"#{helm_opts[:version]}\"" # rubocop:disable Layout/LineLength
|
63
|
+
end
|
64
|
+
script
|
65
|
+
end
|
66
|
+
|
67
|
+
def push_oci(destination) # rubocop:disable Metrics/AbcSize
|
68
|
+
script = []
|
69
|
+
if destination[:url] && helm_opts[:chart] && helm_opts[:version]
|
70
|
+
script = ['export HELM_EXPERIMENTAL_OCI=1']
|
71
|
+
script << login_oci(destination) if destination[:user] && destination[:password]
|
72
|
+
script << "\"#{helm_opts[:helm]}\" push \"#{helm_opts[:chart]}-#{helm_opts[:version]}.tgz\" \"#{destination[:url]}\"" # rubocop:disable Layout/LineLength
|
73
|
+
end
|
74
|
+
script
|
75
|
+
end
|
76
|
+
|
77
|
+
def login_oci(login_opts)
|
78
|
+
require 'uri'
|
79
|
+
"echo \"#{login_opts[:password]}\" | \"#{helm_opts[:helm]}\" registry login --username \"#{login_opts[:user]}\" --password-stdin \"#{URI(login_opts[:url]).host}\"" # rubocop:disable Layout/LineLength
|
80
|
+
end
|
81
|
+
|
82
|
+
def pull_classic # rubocop:disable Metrics/AbcSize
|
83
|
+
script = []
|
84
|
+
if helm_opts[:url] && helm_opts[:chart] && helm_opts[:version]
|
85
|
+
suffix = login_classic(helm_opts)
|
86
|
+
script << "\"#{helm_opts[:helm]}\" repo add source \"#{helm_opts[:url]}\"#{suffix}"
|
87
|
+
script << "\"#{helm_opts[:helm]}\" repo update"
|
88
|
+
script << "\"#{helm_opts[:helm]}\" pull \"source/#{helm_opts[:chart]}\" --version \"#{helm_opts[:version]}\""
|
89
|
+
end
|
90
|
+
script
|
91
|
+
end
|
92
|
+
|
93
|
+
def push_classic(destination)
|
94
|
+
script = []
|
95
|
+
if destination[:url] && helm_opts[:chart] && helm_opts[:version]
|
96
|
+
script << plugin_classic
|
97
|
+
suffix = login_classic(destination)
|
98
|
+
script << "\"#{helm_opts[:helm]}\" cm-push \"#{helm_opts[:chart]}-#{helm_opts[:version]}.tgz\" \"#{destination[:url]}\"#{suffix}" # rubocop:disable Layout/LineLength
|
99
|
+
end
|
100
|
+
script
|
101
|
+
end
|
102
|
+
|
103
|
+
def login_classic(login_opts)
|
104
|
+
if login_opts[:user] && login_opts[:password]
|
105
|
+
" --username \"#{login_opts[:user]}\" --password \"#{login_opts[:password]}\""
|
106
|
+
else
|
107
|
+
''
|
108
|
+
end
|
109
|
+
end
|
110
|
+
|
111
|
+
def plugin_classic
|
112
|
+
"\"#{helm_opts[:helm]}\" plugin list | grep -q cm-push || \"#{helm_opts[:helm]}\" plugin install https://github.com/chartmuseum/helm-push"
|
113
|
+
end
|
114
|
+
end
|
115
|
+
end
|
data/lib/pipedawg/kaniko_job.rb
CHANGED
@@ -9,82 +9,100 @@ module Pipedawg
|
|
9
9
|
@kaniko_opts = {
|
10
10
|
build_args: {},
|
11
11
|
config: {
|
12
|
-
'$CI_REGISTRY': {
|
13
|
-
username: '$CI_REGISTRY_USER',
|
14
|
-
password: '$CI_REGISTRY_PASSWORD'
|
15
|
-
}
|
12
|
+
'$CI_REGISTRY': { username: '$CI_REGISTRY_USER', password: '$CI_REGISTRY_PASSWORD' }
|
16
13
|
},
|
17
|
-
config_file: '/kaniko/.docker/config.json',
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
flags: [],
|
24
|
-
ignore_paths: [],
|
25
|
-
insecure_registries: [],
|
26
|
-
kaniko_image: {
|
27
|
-
entrypoint: [''],
|
28
|
-
name: 'gcr.io/kaniko-project/executor:debug'
|
29
|
-
},
|
30
|
-
options: {},
|
31
|
-
registry_certificates: {},
|
32
|
-
registry_mirrors: [],
|
33
|
-
skip_tls_verify_registry: [],
|
34
|
-
trusted_ca_cert_source_files: [],
|
35
|
-
trusted_ca_cert_target_file: '/kaniko/ssl/certs/ca-certificates.crt'
|
14
|
+
config_file: '/kaniko/.docker/config.json', context: '${CI_PROJECT_DIR}', debug: true,
|
15
|
+
destinations: [], dockerfile: 'Dockerfile', executor: '/kaniko/executor', external_files: {},
|
16
|
+
flags: [], ignore_paths: [], insecure_registries: [],
|
17
|
+
image: { entrypoint: [''], name: 'gcr.io/kaniko-project/executor:debug' }, options: {},
|
18
|
+
registry_certificates: {}, registry_mirrors: [], skip_tls_verify_registry: [],
|
19
|
+
trusted_ca_cert_source_files: [], trusted_ca_cert_target_file: '/kaniko/ssl/certs/ca-certificates.crt'
|
36
20
|
}.merge(kaniko_opts)
|
37
21
|
super name, opts
|
38
22
|
update
|
39
23
|
end
|
40
24
|
|
41
|
-
def update # rubocop:disable Metrics/AbcSize
|
25
|
+
def update # rubocop:disable Metrics/AbcSize
|
42
26
|
require 'json'
|
43
|
-
opts[:image] = kaniko_opts[:image]
|
44
|
-
script =
|
45
|
-
|
27
|
+
opts[:image] = kaniko_opts[:image] if kaniko_opts[:image]
|
28
|
+
opts[:script] = debug + config + cert_copies + file_copies + Array(kaniko_cmd)
|
29
|
+
end
|
30
|
+
|
31
|
+
private
|
32
|
+
|
33
|
+
def debug
|
34
|
+
if kaniko_opts[:debug]
|
35
|
+
Pipedawg::Util.echo_proxy_vars
|
36
|
+
else
|
37
|
+
[]
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def config
|
42
|
+
["echo #{kaniko_opts[:config].to_json.inspect} > \"#{kaniko_opts[:config_file]}\""]
|
43
|
+
end
|
44
|
+
|
45
|
+
def cert_copies
|
46
|
+
Array(kaniko_opts[:trusted_ca_cert_source_files]).map do |cert|
|
46
47
|
"cat \"#{cert}\" >> \"#{kaniko_opts[:trusted_ca_cert_target_file]}\""
|
47
48
|
end
|
48
|
-
|
49
|
-
|
49
|
+
end
|
50
|
+
|
51
|
+
def file_copies
|
52
|
+
kaniko_opts[:external_files].map do |source, dest|
|
50
53
|
"cp \"#{source}\" \"#{kaniko_opts[:context]}/#{dest}\""
|
51
54
|
end
|
52
|
-
|
55
|
+
end
|
56
|
+
|
57
|
+
def kaniko_cmd # rubocop:disable Metrics/AbcSize
|
58
|
+
["\"#{kaniko_opts[:executor]}\" --context \"#{kaniko_opts[:context]}\"",
|
59
|
+
"--dockerfile \"#{kaniko_opts[:dockerfile]}\"", flags, options, build_args,
|
60
|
+
ignore_paths, insecure_registries, registry_certificates, registry_mirrors,
|
61
|
+
destinations, skip_tls_verify_registries].reject(&:empty?).join(' ')
|
62
|
+
end
|
63
|
+
|
64
|
+
def flags
|
53
65
|
flags = kaniko_opts[:flags].clone
|
54
66
|
flags << 'no-push' if kaniko_opts[:destinations].empty?
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
67
|
+
flags.uniq.map { |f| "--#{f}" }.join(' ')
|
68
|
+
end
|
69
|
+
|
70
|
+
def options
|
71
|
+
kaniko_opts[:options].map { |k, v| "--#{k}=\"#{v}\"" }.join(' ')
|
72
|
+
end
|
73
|
+
|
74
|
+
def build_args
|
75
|
+
kaniko_opts[:build_args].map { |k, v| "--build-arg #{k}=\"#{v}\"" }.join(' ')
|
76
|
+
end
|
77
|
+
|
78
|
+
def ignore_paths
|
79
|
+
Array(kaniko_opts[:ignore_paths]).map { |p| "--ignore-path #{p}" }.join(' ')
|
80
|
+
end
|
81
|
+
|
82
|
+
def insecure_registries
|
83
|
+
Array(kaniko_opts[:insecure_registries]).map do |r|
|
60
84
|
"--insecure-registry #{r}"
|
61
85
|
end.join(' ')
|
62
|
-
|
63
|
-
|
86
|
+
end
|
87
|
+
|
88
|
+
def registry_certificates
|
89
|
+
kaniko_opts[:registry_certificates].map do |k, v|
|
90
|
+
"--registry-certificate #{k}=\"#{v}\""
|
64
91
|
end.join(' ')
|
65
|
-
|
66
|
-
|
92
|
+
end
|
93
|
+
|
94
|
+
def registry_mirrors
|
95
|
+
Array(kaniko_opts[:registry_mirrors]).map { |r| "--registry-mirror #{r}" }.join(' ')
|
96
|
+
end
|
97
|
+
|
98
|
+
def destinations
|
99
|
+
kaniko_opts[:destinations].map { |d| "--destination #{d}" }.join(' ')
|
100
|
+
end
|
101
|
+
|
102
|
+
def skip_tls_verify_registries
|
103
|
+
Array(kaniko_opts[:skip_tls_verify_registry]).map do |r|
|
67
104
|
"--skip-tls-verify-registry #{r}"
|
68
105
|
end.join(' ')
|
69
|
-
destinations_cli = kaniko_opts[:destinations].map { |d| "--destination #{d}" }.join(' ')
|
70
|
-
kaniko_cmds = [
|
71
|
-
"\"#{kaniko_opts[:executor]}\"",
|
72
|
-
'--context',
|
73
|
-
"\"#{kaniko_opts[:context]}\"",
|
74
|
-
'--dockerfile',
|
75
|
-
"\"#{kaniko_opts[:dockerfile]}\"",
|
76
|
-
flags_cli,
|
77
|
-
options_cli,
|
78
|
-
build_args_cli,
|
79
|
-
ignore_paths_cli,
|
80
|
-
insecure_registries_cli,
|
81
|
-
registry_certificates_cli,
|
82
|
-
registry_mirrors_cli,
|
83
|
-
destinations_cli,
|
84
|
-
skip_tls_verify_registrys_cli
|
85
|
-
].reject(&:empty?)
|
86
|
-
script << kaniko_cmds.join(' ')
|
87
|
-
opts[:script] = script
|
88
106
|
end
|
89
107
|
end
|
90
108
|
end
|
@@ -0,0 +1,43 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Pipedawg
|
4
|
+
# util class
|
5
|
+
class Util
|
6
|
+
def self.expand_env_vars(item) # rubocop:disable Metrics/MethodLength
|
7
|
+
case item
|
8
|
+
when Array
|
9
|
+
item.map { |i| expand_env_vars(i) }
|
10
|
+
when Hash
|
11
|
+
item.each { |k, v| item[k] = expand_env_vars(v) }
|
12
|
+
item
|
13
|
+
when String
|
14
|
+
item.gsub(/\${([^} ]+)}/) do |e|
|
15
|
+
ENV[e.gsub('${', '').gsub('}', '')]
|
16
|
+
end
|
17
|
+
else
|
18
|
+
item
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
def self.puts_proxy_vars
|
23
|
+
puts 'Proxy settings:'
|
24
|
+
puts "http_proxy: #{ENV['http_proxy']}"
|
25
|
+
puts "https_proxy: #{ENV['https_proxy']}"
|
26
|
+
puts "no_proxy: #{ENV['no_proxy']}"
|
27
|
+
puts "HTTP_PROXY: #{ENV['HTTP_PROXY']}"
|
28
|
+
puts "HTTPS_PROXY: #{ENV['HTTPS_PROXY']}"
|
29
|
+
puts "NO_PROXY: #{ENV['NO_PROXY']}"
|
30
|
+
end
|
31
|
+
|
32
|
+
def self.echo_proxy_vars
|
33
|
+
script = ['echo Proxy settings:']
|
34
|
+
script << 'echo http_proxy: "${http_proxy}"'
|
35
|
+
script << 'echo https_proxy: "${https_proxy}"'
|
36
|
+
script << 'echo no_proxy: "${no_proxy}"'
|
37
|
+
script << 'echo HTTP_PROXY: "${HTTP_PROXY}"'
|
38
|
+
script << 'echo HTTPS_PROXY: "${HTTPS_PROXY}"'
|
39
|
+
script << 'echo NO_PROXY: "${NO_PROXY}"'
|
40
|
+
script
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
data/lib/pipedawg/version.rb
CHANGED
data/lib/pipedawg.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pipedawg
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- harbottle
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-02-
|
11
|
+
date: 2022-02-08 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: Generate GitLab CI pipelines.
|
14
14
|
email:
|
@@ -20,9 +20,11 @@ files:
|
|
20
20
|
- LICENSE.txt
|
21
21
|
- README.md
|
22
22
|
- lib/pipedawg.rb
|
23
|
+
- lib/pipedawg/helm_copy_job.rb
|
23
24
|
- lib/pipedawg/job.rb
|
24
25
|
- lib/pipedawg/kaniko_job.rb
|
25
26
|
- lib/pipedawg/pipeline.rb
|
27
|
+
- lib/pipedawg/util.rb
|
26
28
|
- lib/pipedawg/version.rb
|
27
29
|
homepage: https://github.com/liger1978/pipedawg
|
28
30
|
licenses:
|