PyPI - cici-tools - Versions diffs - 0.17.1__tar.gz → 0.18.1__tar.gz - Mend

cici-tools 0.17.1tar.gz → 0.18.1tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (205) hide show

{cici_tools-0.17.1 → cici_tools-0.18.1}/.gitlab-ci.yml RENAMED Viewed

@@ -16,7 +16,7 @@ include:
   - local: cici-bundle.yml
   - local: cici-update.yml
   - project: saferatday0/library/container
-    ref: 0.8.1
+    ref: 0.9.1
     file:
       - container-docker.yml
       - container-hadolint.yml

{cici_tools-0.17.1/cici_tools.egg-info → cici_tools-0.18.1}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cici-tools
-Version: 0.17.1
+Version: 0.18.1
 Summary: Continuous Integration Catalog Interface
 Author-email: Digital Safety Research Institute <contact@dsri.org>
 License: Apache-2.0

{cici_tools-0.17.1 → cici_tools-0.18.1}/cici/_version.py RENAMED Viewed

@@ -28,7 +28,7 @@ version_tuple: VERSION_TUPLE
 commit_id: COMMIT_ID
 __commit_id__: COMMIT_ID
-__version__ = version = '0.17.1'
-__version_tuple__ = version_tuple = (0, 17, 1)
+__version__ = version = '0.18.1'
+__version_tuple__ = version_tuple = (0, 18, 1)
-__commit_id__ = commit_id = 'ge578edc48'
+__commit_id__ = commit_id = 'g340c844f3'

{cici_tools-0.17.1 → cici_tools-0.18.1}/cici/providers/gitlab/serializers.py RENAMED Viewed

@@ -327,13 +327,23 @@ def dump(
     data = unpack_jobs(data)
     data = style_scalars(data)
+    # DEBUG
+    # job = data.get("opentofu-trivy") or {}
+    # script = job.get("script") or []
+    # if script:
+    #     print("\n[DUMP DEBUG] opentofu-trivy script[0] type:", type(script[0]))
+    #     print("[DUMP DEBUG] script[0] repr:", repr(str(script[0])))
+    #     print("[DUMP DEBUG] contains \\n\\n?:", "\n\n" in str(script[0]))
+    #     print("[DUMP DEBUG] contains \\n?:", "\n" in str(script[0]))
+    # END DEBUG
     # user round trip mode to preserve ruamel scalar styles (FoldedScalarString etc)
     yaml = ruamel.yaml.YAML(typ="rt")
     yaml.default_flow_style = False
     yaml.explicit_start = False
     yaml.preserve_quotes = True  # respect the quotes set in style_scalars()
     yaml.indent(mapping=2, sequence=4, offset=2)
-    yaml.width = 1000  # prevent unwanted line wrapping
+    yaml.width = 120  # prevent unwanted line wrapping
     # makes sure ruamel.yml to always emit double quoted strings """"
     yaml.representer.add_representer(DoubleQuotedScalarString, always_double_quoted)

{cici_tools-0.17.1 → cici_tools-0.18.1}/cici/providers/gitlab/yaml_style.py RENAMED Viewed

@@ -46,17 +46,34 @@ def make_scalar_string(line: str, quote: bool = False):
     # fix extra - >- between lines accidentally created with echo commands
     if unindented.startswith("echo "):
-        # inline if short and simple
-        if len(unindented) < 100 and not any(
-            sym in unindented for sym in ("&&", ";", "\\", "|")
+        stripped = unindented.strip()
+        if len(stripped) < 100 and not any(
+            sym in stripped for sym in ("&&", ";", "\\", "|")
         ):
-            return unindented
+            return stripped
-        return FoldedScalarString(wrap_if_long(unindented))
+        folded_scalar = FoldedScalarString(stripped)
+        # If its piping "echo... | docker login ...", fold at the pipe for correct display
+        if " | " in stripped:
+            pipe_position = stripped.index(" | ")
+            folded_scalar.fold_pos = [pipe_position]  # type: ignore[attr-defined]
+        return folded_scalar
-    # Commands and long lines get folded
+    # Folding long lines logic (like a script that is super long so that it does not do anything weird in the folding process)
     if unindented.startswith(("docker ", "helm ", "tar ", "curl ")):
-        return FoldedScalarString(wrap_if_long(unindented))
+        command_string = unindented.strip()
+        folded_scalar = FoldedScalarString(command_string)
+        if " | " in command_string:
+            pipe_position = command_string.index(" | ")
+            # mypy does not like fold_pos however it solves an issue that breaks the .gitlab-ci.yaml
+            folded_scalar.fold_pos = [pipe_position]  # type: ignore[attr-defined]
+        return folded_scalar
     # Multi-command sequences get folded
     if any(sym in unindented for sym in ("&&", ";", "\\")):
@@ -339,7 +356,7 @@ def style_scalars(
             "on_success",
             "on_failure",
             "manual",
-            "cobertura",  # :white_check_mark: coverage format
+            "cobertura",  # coverage format
             "sigstore",
         }
         if stripped in UNQUOTED_KEYWORDS:

{cici_tools-0.17.1 → cici_tools-0.18.1/cici_tools.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cici-tools
-Version: 0.17.1
+Version: 0.18.1
 Summary: Continuous Integration Catalog Interface
 Author-email: Digital Safety Research Institute <contact@dsri.org>
 License: Apache-2.0

{cici_tools-0.17.1 → cici_tools-0.18.1}/cici_tools.egg-info/SOURCES.txt RENAMED Viewed

@@ -85,6 +85,7 @@ tests/test_expand_job_extends.py
 tests/test_import.py
 tests/test_precommit_hook_injection.py
 tests/test_resolve_targets.py
+tests/test_yaml_style.py
 tests/fixtures/gitlab/extends/simple-job.yml
 tests/fixtures/gitlab/extends/.cici/.gitlab-ci.yml
 tests/fixtures/gitlab/helm/helm-cm-push.yml

{cici_tools-0.17.1 → cici_tools-0.18.1}/pyproject.toml RENAMED Viewed

@@ -66,6 +66,7 @@ profile = "black"
 [tool.mypy]
 python_version = "3.10"
+exclude = '(^|/)(venv|\.venv)/'
 [tool.setuptools.package-data]
 "cici" = ["py.typed"]

{cici_tools-0.17.1 → cici_tools-0.18.1}/requirements.txt RENAMED Viewed

@@ -8,7 +8,7 @@ attrs==25.4.0
     #   referencing
 jinja2==3.1.6
     # via cici-tools (pyproject.toml)
-jsonschema==4.25.1
+jsonschema==4.26.0
     # via cici-tools (pyproject.toml)
 jsonschema-specifications==2025.9.1
     # via jsonschema

{cici_tools-0.17.1 → cici_tools-0.18.1}/tests/fixtures/gitlab/helm/helm-cm-push.yml RENAMED Viewed

@@ -30,7 +30,8 @@ helm-cm-push:
   before_script:
     - apk add --no-cache curl
     - >-
-      curl -sS -o - https://get.helm.sh/helm-v3.8.0-linux-amd64.tar.gz | tar --strip-components 1 -xzf - linux-amd64/helm
+      curl -sS -o - https://get.helm.sh/helm-v3.8.0-linux-amd64.tar.gz
+      | tar --strip-components 1 -xzf - linux-amd64/helm
     - install helm /usr/local/bin/
     - rm -f helm
     - >-
@@ -40,8 +41,6 @@ helm-cm-push:
     - >-
       helm plugin install https://github.com/chartmuseum/helm-push
     - >-
-      helm cm-push --version "$HELM_CHART_VERSION" --app-version "$HELM_CHART_VERSION" "$HELM_CHART_PATH"
-      "$HELM_REPOSITORY_URL"
+      helm cm-push --version "$HELM_CHART_VERSION" --app-version "$HELM_CHART_VERSION" "$HELM_CHART_PATH" "$HELM_REPOSITORY_URL"
   rules:
     - if: $CI_COMMIT_TAG

{cici_tools-0.17.1 → cici_tools-0.18.1}/tests/fixtures/gitlab/helm/helm-docs.yml RENAMED Viewed

@@ -27,9 +27,8 @@ helm-docs:
   before_script:
     - apk add --no-cache curl
     - >-
-      curl -sSL -o - https://github.com/norwoodj/helm-docs/releases/download/v1.7.0/helm-docs_1.7.0_Linux_x86_64.tar.gz | tar
-      xzf - helm-docs
+      curl -sSL -o - https://github.com/norwoodj/helm-docs/releases/download/v1.7.0/helm-docs_1.7.0_Linux_x86_64.tar.gz
+      | tar xzf - helm-docs
     - install helm-docs /usr/local/bin/
     - rm -f helm-docs
     - helm-docs --version

{cici_tools-0.17.1 → cici_tools-0.18.1}/tests/fixtures/gitlab/helm/helm-lint.yml RENAMED Viewed

@@ -27,7 +27,8 @@ helm-lint:
   before_script:
     - apk add --no-cache curl
     - >-
-      curl -sS -o - https://get.helm.sh/helm-v3.8.0-linux-amd64.tar.gz | tar --strip-components 1 -xzf - linux-amd64/helm
+      curl -sS -o - https://get.helm.sh/helm-v3.8.0-linux-amd64.tar.gz
+      | tar --strip-components 1 -xzf - linux-amd64/helm
     - install helm /usr/local/bin/
     - rm -f helm
     - >-

{cici_tools-0.17.1 → cici_tools-0.18.1}/tests/fixtures/gitlab/job-variables/opentofu-development-trivy.yml RENAMED Viewed

@@ -47,9 +47,8 @@ opentofu-development-trivy:
     - cd "${OPENTOFU_ROOT}"
   script:
     - >-
-      curl -sSL https://github.com/aquasecurity/trivy/releases/download/v0.49.1/trivy_0.49.1_Linux-64bit.tar.gz | tar -C
-      /usr/local/bin/ -xzf - trivy
+      curl -sSL https://github.com/aquasecurity/trivy/releases/download/v0.49.1/trivy_0.49.1_Linux-64bit.tar.gz
+      | tar -C /usr/local/bin/ -xzf - trivy
     - trivy config "${OPENTOFU_ROOT}/plan.json"
   cache:
     key: $OPENTOFU_STATE_NAME

{cici_tools-0.17.1/tests/fixtures/gitlab/targets-dir → cici_tools-0.18.1/tests/fixtures/gitlab/job-variables}/opentofu-module-build.yml RENAMED Viewed

@@ -41,17 +41,11 @@ opentofu-module-build:
   script:
     - OPENTOFU_MODULE_NAME=$(echo "${OPENTOFU_MODULE_NAME}" | tr " _" -)
     - >-
-      tar -vczf /tmp/${OPENTOFU_MODULE_NAME}-${OPENTOFU_MODULE_SYSTEM}-${OPENTOFU_MODULE_VERSION}.tgz -C
-      ${OPENTOFU_MODULE_DIR} --exclude=./.git .
+      tar -vczf /tmp/${OPENTOFU_MODULE_NAME}-${OPENTOFU_MODULE_SYSTEM}-${OPENTOFU_MODULE_VERSION}.tgz -C ${OPENTOFU_MODULE_DIR}
+      --exclude=./.git .
     - >-
-      curl --fail-with-body --location --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file
-      /tmp/${OPENTOFU_MODULE_NAME}-${OPENTOFU_MODULE_SYSTEM}-${OPENTOFU_MODULE_VERSION}.tgz
-      ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/terraform/modules/${OPENTOFU_MODULE_NAME}/${OPENTOFU_MODULE_SYSTEM}/
-      ${OPENTOFU_MODULE_VERSION}/file
+      curl --fail-with-body --location --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file /tmp/${OPENTOFU_MODULE_NAME}-${OPENTOFU_MODULE_SYSTEM}-${OPENTOFU_MODULE_VERSION}.tgz
+      ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/terraform/modules/${OPENTOFU_MODULE_NAME}/${OPENTOFU_MODULE_SYSTEM}/${OPENTOFU_MODULE_VERSION}/file
   cache: {}
   dependencies: []
   rules:

{cici_tools-0.17.1/tests/fixtures/gitlab/targets-dir → cici_tools-0.18.1/tests/fixtures/gitlab/job-variables}/opentofu-production-trivy.yml RENAMED Viewed

@@ -47,9 +47,8 @@ opentofu-production-trivy:
     - cd "${OPENTOFU_ROOT}"
   script:
     - >-
-      curl -sSL https://github.com/aquasecurity/trivy/releases/download/v0.49.1/trivy_0.49.1_Linux-64bit.tar.gz | tar -C
-      /usr/local/bin/ -xzf - trivy
+      curl -sSL https://github.com/aquasecurity/trivy/releases/download/v0.49.1/trivy_0.49.1_Linux-64bit.tar.gz
+      | tar -C /usr/local/bin/ -xzf - trivy
     - trivy config "${OPENTOFU_ROOT}/plan.json"
   cache:
     key: $OPENTOFU_STATE_NAME

{cici_tools-0.17.1/tests/fixtures/gitlab/targets-dir → cici_tools-0.18.1/tests/fixtures/gitlab/job-variables}/opentofu-staging-trivy.yml RENAMED Viewed

@@ -47,9 +47,8 @@ opentofu-staging-trivy:
     - cd "${OPENTOFU_ROOT}"
   script:
     - >-
-      curl -sSL https://github.com/aquasecurity/trivy/releases/download/v0.49.1/trivy_0.49.1_Linux-64bit.tar.gz | tar -C
-      /usr/local/bin/ -xzf - trivy
+      curl -sSL https://github.com/aquasecurity/trivy/releases/download/v0.49.1/trivy_0.49.1_Linux-64bit.tar.gz
+      | tar -C /usr/local/bin/ -xzf - trivy
     - trivy config "${OPENTOFU_ROOT}/plan.json"
   cache:
     key: $OPENTOFU_STATE_NAME

{cici_tools-0.17.1/tests/fixtures/gitlab/targets-dir → cici_tools-0.18.1/tests/fixtures/gitlab/job-variables}/opentofu-trivy.yml RENAMED Viewed

@@ -46,9 +46,8 @@ opentofu-trivy:
     - cd "${OPENTOFU_ROOT}"
   script:
     - >-
-      curl -sSL https://github.com/aquasecurity/trivy/releases/download/v0.49.1/trivy_0.49.1_Linux-64bit.tar.gz | tar -C
-      /usr/local/bin/ -xzf - trivy
+      curl -sSL https://github.com/aquasecurity/trivy/releases/download/v0.49.1/trivy_0.49.1_Linux-64bit.tar.gz
+      | tar -C /usr/local/bin/ -xzf - trivy
     - trivy config .
   cache:
     key: $OPENTOFU_STATE_NAME

{cici_tools-0.17.1 → cici_tools-0.18.1}/tests/fixtures/gitlab/service-key/container-docker-multiarch-amd64.yml RENAMED Viewed

@@ -91,13 +91,14 @@ container-docker-multiarch-amd64:
     - >-
       docker --version
     - >-
-      echo "$CONTAINER_REGISTRY_PASSWORD" | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
+      echo "$CONTAINER_REGISTRY_PASSWORD"
+      | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER"
-      --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - apk add --no-cache cosign
     - _CONTAINER_OPTS="$CONTAINER_BUILD_OPTS"
     - _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_IMAGE}-${CONTAINER_COMMIT_SHORT_SHA}-${CONTAINER_DOCKER_ARCH}"
@@ -106,14 +107,11 @@ container-docker-multiarch-amd64:
         _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_NAME}:latest-${CONTAINER_DOCKER_ARCH}"
       fi
     - >-
-      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg
-      "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH" --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
-      --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM" --progress plain --push --tag
-      "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
-    - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}' "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
+      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM"
+      --progress plain --push --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+    - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}'
+      "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
     - cosign sign --yes "$COSIGN_IMAGE_DIGEST"
     - mkdir -p dist/container/arch
     - touch "dist/container/arch/${CONTAINER_DOCKER_ARCH}"

{cici_tools-0.17.1 → cici_tools-0.18.1}/tests/fixtures/gitlab/service-key/container-docker-multiarch-arm32v6.yml RENAMED Viewed

@@ -91,13 +91,14 @@ container-docker-multiarch-arm32v6:
     - >-
       docker --version
     - >-
-      echo "$CONTAINER_REGISTRY_PASSWORD" | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
+      echo "$CONTAINER_REGISTRY_PASSWORD"
+      | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER"
-      --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - apk add --no-cache cosign
     - _CONTAINER_OPTS="$CONTAINER_BUILD_OPTS"
     - _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_IMAGE}-${CONTAINER_COMMIT_SHORT_SHA}-${CONTAINER_DOCKER_ARCH}"
@@ -106,14 +107,11 @@ container-docker-multiarch-arm32v6:
         _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_NAME}:latest-${CONTAINER_DOCKER_ARCH}"
       fi
     - >-
-      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg
-      "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH" --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
-      --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM" --progress plain --push --tag
-      "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
-    - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}' "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
+      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM"
+      --progress plain --push --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+    - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}'
+      "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
     - cosign sign --yes "$COSIGN_IMAGE_DIGEST"
     - mkdir -p dist/container/arch
     - touch "dist/container/arch/${CONTAINER_DOCKER_ARCH}"

{cici_tools-0.17.1 → cici_tools-0.18.1}/tests/fixtures/gitlab/service-key/container-docker-multiarch-arm32v7.yml RENAMED Viewed

@@ -91,13 +91,14 @@ container-docker-multiarch-arm32v7:
     - >-
       docker --version
     - >-
-      echo "$CONTAINER_REGISTRY_PASSWORD" | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
+      echo "$CONTAINER_REGISTRY_PASSWORD"
+      | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER"
-      --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - apk add --no-cache cosign
     - _CONTAINER_OPTS="$CONTAINER_BUILD_OPTS"
     - _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_IMAGE}-${CONTAINER_COMMIT_SHORT_SHA}-${CONTAINER_DOCKER_ARCH}"
@@ -106,14 +107,11 @@ container-docker-multiarch-arm32v7:
         _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_NAME}:latest-${CONTAINER_DOCKER_ARCH}"
       fi
     - >-
-      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg
-      "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH" --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
-      --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM" --progress plain --push --tag
-      "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
-    - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}' "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
+      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM"
+      --progress plain --push --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+    - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}'
+      "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
     - cosign sign --yes "$COSIGN_IMAGE_DIGEST"
     - mkdir -p dist/container/arch
     - touch "dist/container/arch/${CONTAINER_DOCKER_ARCH}"

{cici_tools-0.17.1 → cici_tools-0.18.1}/tests/fixtures/gitlab/service-key/container-docker-multiarch-arm64v8.yml RENAMED Viewed

@@ -91,13 +91,14 @@ container-docker-multiarch-arm64v8:
     - >-
       docker --version
     - >-
-      echo "$CONTAINER_REGISTRY_PASSWORD" | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
+      echo "$CONTAINER_REGISTRY_PASSWORD"
+      | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER"
-      --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - apk add --no-cache cosign
     - _CONTAINER_OPTS="$CONTAINER_BUILD_OPTS"
     - _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_IMAGE}-${CONTAINER_COMMIT_SHORT_SHA}-${CONTAINER_DOCKER_ARCH}"
@@ -106,14 +107,11 @@ container-docker-multiarch-arm64v8:
         _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_NAME}:latest-${CONTAINER_DOCKER_ARCH}"
       fi
     - >-
-      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg
-      "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH" --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
-      --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM" --progress plain --push --tag
-      "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
-    - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}' "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
+      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM"
+      --progress plain --push --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+    - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}'
+      "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
     - cosign sign --yes "$COSIGN_IMAGE_DIGEST"
     - mkdir -p dist/container/arch
     - touch "dist/container/arch/${CONTAINER_DOCKER_ARCH}"

{cici_tools-0.17.1 → cici_tools-0.18.1}/tests/fixtures/gitlab/service-key/container-docker-multiarch-i386.yml RENAMED Viewed

@@ -91,13 +91,14 @@ container-docker-multiarch-i386:
     - >-
       docker --version
     - >-
-      echo "$CONTAINER_REGISTRY_PASSWORD" | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
+      echo "$CONTAINER_REGISTRY_PASSWORD"
+      | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER"
-      --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - apk add --no-cache cosign
     - _CONTAINER_OPTS="$CONTAINER_BUILD_OPTS"
     - _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_IMAGE}-${CONTAINER_COMMIT_SHORT_SHA}-${CONTAINER_DOCKER_ARCH}"
@@ -106,14 +107,11 @@ container-docker-multiarch-i386:
         _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_NAME}:latest-${CONTAINER_DOCKER_ARCH}"
       fi
     - >-
-      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg
-      "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH" --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
-      --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM" --progress plain --push --tag
-      "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
-    - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}' "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
+      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM"
+      --progress plain --push --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+    - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}'
+      "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
     - cosign sign --yes "$COSIGN_IMAGE_DIGEST"
     - mkdir -p dist/container/arch
     - touch "dist/container/arch/${CONTAINER_DOCKER_ARCH}"

{cici_tools-0.17.1 → cici_tools-0.18.1}/tests/fixtures/gitlab/service-key/container-docker-multiarch-manifest.yml RENAMED Viewed

@@ -88,13 +88,14 @@ container-docker-multiarch-manifest:
     - >-
       docker --version
     - >-
-      echo "$CONTAINER_REGISTRY_PASSWORD" | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
+      echo "$CONTAINER_REGISTRY_PASSWORD"
+      | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER"
-      --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - apk add --no-cache cosign
     - amend_list=""
     - |-

{cici_tools-0.17.1 → cici_tools-0.18.1}/tests/fixtures/gitlab/service-key/container-docker-multiarch.yml RENAMED Viewed

@@ -88,13 +88,14 @@ container-docker-multiarch:
     - >-
       docker --version
     - >-
-      echo "$CONTAINER_REGISTRY_PASSWORD" | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
+      echo "$CONTAINER_REGISTRY_PASSWORD"
+      | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER"
-      --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - apk add --no-cache cosign
     - _CONTAINER_OPTS="$CONTAINER_BUILD_OPTS"
     - _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_IMAGE}-${CONTAINER_COMMIT_SHORT_SHA}-${CONTAINER_DOCKER_ARCH}"
@@ -103,14 +104,11 @@ container-docker-multiarch:
         _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_NAME}:latest-${CONTAINER_DOCKER_ARCH}"
       fi
     - >-
-      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg
-      "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH" --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
-      --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM" --progress plain --push --tag
-      "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
-    - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}' "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
+      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM"
+      --progress plain --push --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+    - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}'
+      "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
     - cosign sign --yes "$COSIGN_IMAGE_DIGEST"
     - mkdir -p dist/container/arch
     - touch "dist/container/arch/${CONTAINER_DOCKER_ARCH}"

{cici_tools-0.17.1 → cici_tools-0.18.1}/tests/fixtures/gitlab/service-key/container-docker.yml RENAMED Viewed

@@ -88,13 +88,14 @@ container-docker:
     - >-
       docker --version
     - >-
-      echo "$CONTAINER_REGISTRY_PASSWORD" | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
+      echo "$CONTAINER_REGISTRY_PASSWORD"
+      | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER"
-      --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - apk add --no-cache cosign
     - _CONTAINER_OPTS="$CONTAINER_BUILD_OPTS"
     - _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_IMAGE}-${CONTAINER_COMMIT_SHORT_SHA}"
@@ -103,11 +104,9 @@ container-docker:
         _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_NAME}:latest"
       fi
     - >-
-      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_PROXY=$CONTAINER_PROXY"
-      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --progress plain --push --tag
-      "${CONTAINER_IMAGE}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_PROXY=$CONTAINER_PROXY" --build-arg
+      "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --progress plain --push --tag "${CONTAINER_IMAGE}"
+      $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
     - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}' "$CONTAINER_IMAGE")"
     - cosign sign --yes "$COSIGN_IMAGE_DIGEST"
   id_tokens:

{cici_tools-0.17.1 → cici_tools-0.18.1}/tests/fixtures/gitlab/service-key/container-trivy.yml RENAMED Viewed

@@ -88,24 +88,26 @@ container-trivy:
     - >-
       docker --version
     - >-
-      echo "$CONTAINER_REGISTRY_PASSWORD" | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
+      echo "$CONTAINER_REGISTRY_PASSWORD"
+      | docker login "$CONTAINER_REGISTRY" -u "$CONTAINER_REGISTRY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER"
-      --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_DEPENDENCY_PROXY_SERVER" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - >-
-      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
+      echo "$CI_DEPENDENCY_PROXY_PASSWORD"
+      | docker login "$CI_SERVER_HOST" -u "$CI_DEPENDENCY_PROXY_USER" --password-stdin
     - apk add --no-cache curl
     - >-
-      curl -sSL https://github.com/aquasecurity/trivy/releases/download/v0.49.1/trivy_0.49.1_Linux-64bit.tar.gz | tar -xzf -
-      -C /usr/local/bin/
+      curl -sSL https://github.com/aquasecurity/trivy/releases/download/v0.49.1/trivy_0.49.1_Linux-64bit.tar.gz
+      | tar -xzf - -C /usr/local/bin/
     - >-
       docker pull "${CONTAINER_IMAGE}"
     - trivy image "${CONTAINER_IMAGE}" --format json --no-progress -o "${CI_JOB_NAME_SLUG}.json"
     - trivy convert "${CI_JOB_NAME_SLUG}.json"
-    - trivy convert "${CI_JOB_NAME_SLUG}.json" --format template --template "@/usr/local/bin/contrib/gitlab.tpl" -o "${CI_JOB_NAME_SLUG}-gitlab.json"
-    - trivy convert "${CI_JOB_NAME_SLUG}.json" --format template --template "@/usr/local/bin/contrib/html.tpl" -o "${CI_JOB_NAME_SLUG}.html"
+    - trivy convert "${CI_JOB_NAME_SLUG}.json" --format template --template "@/usr/local/bin/contrib/gitlab.tpl" -o
+      "${CI_JOB_NAME_SLUG}-gitlab.json"
+    - trivy convert "${CI_JOB_NAME_SLUG}.json" --format template --template "@/usr/local/bin/contrib/html.tpl" -o
+      "${CI_JOB_NAME_SLUG}.html"
   artifacts:
     paths:
       - ${CI_JOB_NAME_SLUG}.json

{cici_tools-0.17.1 → cici_tools-0.18.1}/tests/fixtures/gitlab/targets-dir/opentofu-development-trivy.yml RENAMED Viewed

@@ -47,9 +47,8 @@ opentofu-development-trivy:
     - cd "${OPENTOFU_ROOT}"
   script:
     - >-
-      curl -sSL https://github.com/aquasecurity/trivy/releases/download/v0.49.1/trivy_0.49.1_Linux-64bit.tar.gz | tar -C
-      /usr/local/bin/ -xzf - trivy
+      curl -sSL https://github.com/aquasecurity/trivy/releases/download/v0.49.1/trivy_0.49.1_Linux-64bit.tar.gz
+      | tar -C /usr/local/bin/ -xzf - trivy
     - trivy config "${OPENTOFU_ROOT}/plan.json"
   cache:
     key: $OPENTOFU_STATE_NAME

cici-tools 0.17.1__tar.gz → 0.18.1__tar.gz

cici-tools 0.17.1tar.gz → 0.18.1tar.gz