cici-tools 0.19.0__tar.gz → 0.19.2__tar.gz

{cici_tools-0.19.0 → cici_tools-0.19.2}/.gitlab-ci.yml

@@ -16,7 +16,7 @@ include:
   - local: cici-bundle.yml
   - local: cici-update.yml
   - project: saferatday0/library/container
-    ref: 0.9.2
+    ref: 0.9.3
     file:
       - container-docker.yml
       - container-hadolint.yml
@@ -33,15 +33,15 @@ include:
     file:
       - mkdocs-build.yml
   - project: saferatday0/library/pages
-    ref: 0.5.0
+    ref: 0.6.0
     file:
       - pages.yml
   - project: saferatday0/library/prettier
-    ref: 0.7.1
+    ref: 0.8.0
     file:
       - prettier.yml
   - project: saferatday0/library/python
-    ref: 0.22.0
+    ref: 0.23.0
     file:
       - python-autoflake.yml
       - python-black.yml

{cici_tools-0.19.0 → cici_tools-0.19.2}/.pre-commit-config.yaml

@@ -12,12 +12,13 @@ repos:
       - id: trailing-whitespace
 
   - repo: https://gitlab.com/saferatday0/library/python
-    rev: "0.22.0"
+    rev: "0.23.0"
     hooks:
       - id: python-autoflake
       - id: python-black
       - id: python-docformatter
       - id: python-isort
+      - id: python-pyroma
       - id: python-pip-compile
         args:
           [
@@ -30,18 +31,18 @@ repos:
           ]
 
   - repo: https://gitlab.com/saferatday0/library/container
-    rev: "0.8.1"
+    rev: "0.9.3"
     hooks:
       - id: container-hadolint
 
   - repo: https://gitlab.com/saferatday0/library/prettier
-    rev: "0.7.1"
+    rev: "0.8.0"
     hooks:
       - id: prettier
         exclude: "^\\.gitlab-ci\\.yml$"
 
   - repo: https://gitlab.com/saferatday0/badgie
-    rev: "0.14.2"
+    rev: "0.14.4"
     hooks:
       - id: badgie
 
@@ -73,7 +74,7 @@ repos:
         always_run: true
 
   - repo: https://gitlab.com/saferatday0/library/license-eye
-    rev: "0.9.0"
+    rev: "0.10.0"
     hooks:
       - id: license-eye-header-fix
 

{cici_tools-0.19.0 → cici_tools-0.19.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cici-tools
-Version: 0.19.0
+Version: 0.19.2
 Summary: Continuous Integration Catalog Interface
 Author-email: Digital Safety Research Institute <contact@dsri.org>
 License: Apache-2.0

{cici_tools-0.19.0 → cici_tools-0.19.2}/cici/_version.py

@@ -28,7 +28,7 @@ version_tuple: VERSION_TUPLE
 commit_id: COMMIT_ID
 __commit_id__: COMMIT_ID
 
-__version__ = version = '0.19.0'
-__version_tuple__ = version_tuple = (0, 19, 0)
+__version__ = version = '0.19.2'
+__version_tuple__ = version_tuple = (0, 19, 2)
 
-__commit_id__ = commit_id = 'g2f00c2fa8'
+__commit_id__ = commit_id = 'g5f755c70a'

{cici_tools-0.19.0 → cici_tools-0.19.2}/cici/providers/gitlab/models.py

@@ -85,7 +85,7 @@ class IDToken(msgspec.Struct, omit_defaults=True, frozen=True, kw_only=True):
     aud: Union[str, list[str]] = field(default_factory=list)
 
 
-class Image(msgspec.Struct, omit_defaults=True, frozen=True, kw_only=True, tag="image"):
+class Image(msgspec.Struct, omit_defaults=True, frozen=True, kw_only=True, tag=False):
     name: str
     entrypoint: Union[str, list[str]] = field(default_factory=list)
     pull_policy: Union[str, list[str]] = field(default_factory=list)

{cici_tools-0.19.0 → cici_tools-0.19.2}/cici/providers/gitlab/normalizers.py

@@ -3,7 +3,9 @@
 
 from typing import Any, Union
 
-from ruamel.yaml.scalarstring import ScalarString
+from ruamel.yaml.scalarstring import FoldedScalarString, ScalarString
+
+FOLDED_SCALAR_FOLD_POINTS = {}
 
 
 # Recursivley convert ruamel ScalarStrng objects into plain str """
@@ -11,7 +13,15 @@ from ruamel.yaml.scalarstring import ScalarString
 # they will be turned into plain "foo" which msgspec can handle
 # test this frst, test for each of the ifs and make sure the nesting is right.
 # do simplest tests first, so one that is empty etc. Need to verify.
+#
+# Keep fold_pos for folded scalar strings, if strings aren't changed
+# then re-use fold_pos instead of trying to find best fold positions
 def normalize_scalars(obj):
+    if isinstance(obj, FoldedScalarString):
+        full_str = str(obj)
+        if hasattr(obj, "fold_pos"):
+            FOLDED_SCALAR_FOLD_POINTS[full_str] = obj.fold_pos
+        return full_str
     if isinstance(obj, ScalarString):
         return str(obj)
     elif isinstance(obj, dict):
@@ -24,13 +34,6 @@ def normalize_scalars(obj):
         return obj
 
 
-# bridge between raw YAML and ruamels quirky Python objects
-# and the strict Job/File models
-def normalize_all(data: dict) -> dict:
-    # Apply all normalizations for comparisons
-    return normalize_variables(normalize_jobs_in_data(data))
-
-
 def normalize_variables(data: dict, *, inside_job: bool = False) -> dict:
     # Normalize variables: keep top-level structured, flatten job-level
     # inside_job is going to tell me if i am currently in a job definition or not

{cici_tools-0.19.0 → cici_tools-0.19.2}/cici/providers/gitlab/yaml_style.py

@@ -10,26 +10,30 @@ from ruamel.yaml.scalarstring import (
     PreservedScalarString,
 )
 
+from .normalizers import FOLDED_SCALAR_FOLD_POINTS
+
 
 # to force ruamel.yml to always emit double quoted strings """" and not single "''"
 def always_double_quoted(dumper, data):
     return dumper.represent_scalar("tag:yaml.org,2002:str", data, style='"')
 
 
-def wrap_if_long(s: str, width: int = 120) -> str:
-    # Wrap long strings into multiple lines for YAML folding.
-    if len(s) <= width:
-        return s
-    # break on spaces without splitting words
-    parts = []
-    while len(s) > width:
-        split_at = s.rfind(" ", 0, width)
-        if split_at == -1:
-            split_at = width
-        parts.append(s[:split_at].rstrip())
-        s = s[split_at:].lstrip()
-    parts.append(s)
-    return "\n".join(parts)
+# Return indexes of spaces where a long string should fold into multiple lines.
+# fold_pos is highest index of a space < width, if no space then lowest index > width
+def get_fold_positions(s: str, width: int = 120) -> list[int]:
+    all_pos = []
+    start_pos = 0
+    while start_pos + width < len(s):
+        end_pos = start_pos + width
+        fold_pos = s.rfind(" ", start_pos, end_pos)
+        if fold_pos == -1:
+            fold_pos = s.find(" ", end_pos)
+        if fold_pos > -1:
+            all_pos.append(fold_pos)
+            start_pos = fold_pos + 1
+        else:
+            start_pos = len(s)
+    return all_pos
 
 
 # handling string literals
@@ -44,6 +48,13 @@ def make_scalar_string(line: str, quote: bool = False):
     if "\n" in unindented:
         return PreservedScalarString(line)
 
+    # if it was a folded scalar string before, make it one again
+    # and re-use fold_pos instead of trying to find good breakpoints
+    if unindented in FOLDED_SCALAR_FOLD_POINTS:
+        folded = FoldedScalarString(unindented)
+        folded.fold_pos = FOLDED_SCALAR_FOLD_POINTS[unindented]  # type: ignore[attr-defined]
+        return folded
+
     # fix extra - >- between lines accidentally created with echo commands
     if unindented.startswith("echo "):
         stripped = unindented.strip()
@@ -77,7 +88,9 @@ def make_scalar_string(line: str, quote: bool = False):
 
     # Multi-command sequences get folded
     if any(sym in unindented for sym in ("&&", ";", "\\")):
-        return FoldedScalarString(wrap_if_long(unindented))
+        folded = FoldedScalarString(unindented)
+        folded.fold_pos = get_fold_positions(unindented)  # type: ignore[attr-defined]
+        return folded
 
     # Long assignments get folded
     if (
@@ -85,7 +98,9 @@ def make_scalar_string(line: str, quote: bool = False):
         and not unindented.startswith(("export ", "set ", "$"))
         and len(unindented) > 100
     ):
-        return FoldedScalarString(wrap_if_long(unindented))
+        folded = FoldedScalarString(unindented)
+        folded.fold_pos = get_fold_positions(unindented)  # type: ignore[attr-defined]
+        return folded
 
     # Explicit quoting when requested
     if quote:
@@ -114,7 +129,6 @@ def style_scalars(
         styled: dict[str, Any] = {}
 
         for k, v in list(obj.items()):
-            v = obj[k]
             # 1. keep GitLab workflow 'if' rules unquoted
             if k == "if" and isinstance(v, str):
                 styled[k] = v
@@ -283,7 +297,6 @@ def style_scalars(
             # 9. everything else, recurse normally
             else:
                 styled[k] = style_scalars(v, quote_keys=quote_keys, parent_key=k)
-
         # reinsert any keys skipped during iteration ie dependencies
         for k, v in obj.items():
             if k not in styled:
@@ -308,7 +321,7 @@ def style_scalars(
                 elif parent_key in {"script", "before_script", "after_script"}:
                     stripped_item = item.strip()
 
-                    # keep raw shell assignements in plain text (avoid escaping inside quotes)
+                    # keep raw shell assignments in plain text (avoid escaping inside quotes)
                     if "=" in stripped_item.split()[0] and not stripped_item.startswith(
                         "$"
                     ):

{cici_tools-0.19.0 → cici_tools-0.19.2}/cici/utils.py

@@ -1,7 +1,6 @@
 # SPDX-FileCopyrightText: UL Research Institutes
 # SPDX-License-Identifier: Apache-2.0
 
-from typing import Any, Union
 
 from ruamel.yaml.scalarstring import (
     DoubleQuotedScalarString,
@@ -31,10 +30,6 @@ def merge_dict(orig: dict, new: dict) -> dict:
     return final
 
 
-def make_multiline_string(line):
-    return PreservedScalarString(line)
-
-
 def make_scalar_string(line, quote=False):
     if "\n" in line.strip():
         return PreservedScalarString(line)
@@ -43,25 +38,3 @@ def make_scalar_string(line, quote=False):
     elif quote:
         return DoubleQuotedScalarString(line)
     return line
-
-
-def make_quoted_string(line):
-    return make_scalar_string(line, quote=True)
-
-
-def make_scalar_list(value: list[str]) -> list[Any]:
-    return [make_scalar_string(line) for line in value]
-
-
-def make_quoted_list(value: list[str]) -> list[Any]:
-    return [make_scalar_string(line, quote=True) for line in value]
-
-
-def make_quoted_list_or_string(object: Union[str, list[str]]) -> list[Any]:
-    if isinstance(object, str):
-        return make_quoted_string(object)
-    return make_quoted_list(object)
-
-
-def make_quoted_dict(object):
-    return {key: make_quoted_string(value) for key, value in object.items()}

{cici_tools-0.19.0 → cici_tools-0.19.2}/cici_tools.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cici-tools
-Version: 0.19.0
+Version: 0.19.2
 Summary: Continuous Integration Catalog Interface
 Author-email: Digital Safety Research Institute <contact@dsri.org>
 License: Apache-2.0

{cici_tools-0.19.0 → cici_tools-0.19.2}/cici_tools.egg-info/SOURCES.txt

@@ -92,6 +92,9 @@ tests/fixtures/gitlab/helm/helm-cm-push.yml
 tests/fixtures/gitlab/helm/helm-docs.yml
 tests/fixtures/gitlab/helm/helm-lint.yml
 tests/fixtures/gitlab/helm/.cici/.gitlab-ci.yml
+tests/fixtures/gitlab/image/image-check.yml
+tests/fixtures/gitlab/image/.cici/.gitlab-ci.yml
+tests/fixtures/gitlab/image/.cici/config.yaml
 tests/fixtures/gitlab/job-variables/opentofu-development-apply.yml
 tests/fixtures/gitlab/job-variables/opentofu-development-auto-apply.yml
 tests/fixtures/gitlab/job-variables/opentofu-development-destroy.yml
@@ -130,6 +133,8 @@ tests/fixtures/gitlab/library-validator/.cici/README.md.j2
 tests/fixtures/gitlab/library-validator/.cici/config.yaml
 tests/fixtures/gitlab/list-anchors/install.yml
 tests/fixtures/gitlab/list-anchors/.cici/.gitlab-ci.yml
+tests/fixtures/gitlab/multi-line-script/container-docker-multiarch.yml
+tests/fixtures/gitlab/multi-line-script/.cici/.gitlab-ci.yml
 tests/fixtures/gitlab/nested-extends/simple-job.yml
 tests/fixtures/gitlab/nested-extends/.cici/.gitlab-ci.yml
 tests/fixtures/gitlab/reports/reports-container-scanning.yml

cici_tools-0.19.2/tests/fixtures/gitlab/image/.cici/.gitlab-ci.yml

@@ -0,0 +1,27 @@
+# SPDX-FileCopyrightText: UL Research Institutes
+# SPDX-License-Identifier: Apache-2.0
+
+stages:
+  - test
+  - build
+  - deploy
+
+workflow:
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "push" && $CI_OPEN_MERGE_REQUESTS
+      when: never
+    - when: always
+
+image-check:
+  stage: test
+  image:
+    name: "${CONTAINER_PROXY}apache/skywalking-eyes"
+    entrypoint: ["/bin/sh", "-ce"]
+  cache: {}
+  dependencies: []
+  variables:
+    GIT_DEPTH: "1"
+    GIT_SUBMODULE_STRATEGY: "none"
+  script:
+    - license-eye header check
+  needs: []

cici_tools-0.19.2/tests/fixtures/gitlab/image/.cici/config.yaml

@@ -0,0 +1,14 @@
+# SPDX-FileCopyrightText: UL Research Institutes
+# SPDX-License-Identifier: Apache-2.0
+
+name: image-check
+
+brief: >-
+  Check image keyword.
+
+targets:
+  - name: image-check
+    brief: >-
+      check image keyword works
+    groups:
+      - format

cici_tools-0.19.2/tests/fixtures/gitlab/image/image-check.yml

@@ -0,0 +1,31 @@
+#
+# This file is generated by cici-tools with the following command:
+#
+#     cici bundle
+#
+stages:
+  - test
+  - build
+  - deploy
+
+workflow:
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "push" && $CI_OPEN_MERGE_REQUESTS
+      when: never
+    - when: always
+
+image-check:
+  stage: test
+  image:
+    name: ${CONTAINER_PROXY}apache/skywalking-eyes
+    entrypoint:
+      - "/bin/sh"
+      - "-ce"
+  variables:
+    GIT_DEPTH: "1"
+    GIT_SUBMODULE_STRATEGY: none
+  script:
+    - license-eye header check
+  cache: {}
+  dependencies: []
+  needs: []

cici_tools-0.19.2/tests/fixtures/gitlab/multi-line-script/.cici/.gitlab-ci.yml

@@ -0,0 +1,35 @@
+# SPDX-FileCopyrightText: UL Research Institutes
+# SPDX-License-Identifier: Apache-2.0
+
+# check folded lines don't break commands
+
+
+container-docker-multiarch:
+  stage: build
+  script:
+    # build image
+    # CONTAINER_PROXY cannot be used for multiarch container builds
+    # due to https://gitlab.com/gitlab-org/gitlab/-/issues/325669, so it
+    # is not passed via --build-arg
+    - >-
+      docker buildx build
+      --build-arg "CONTAINER_NAME=$CONTAINER_NAME"
+      --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
+      --file "${CONTAINER_DOCKERFILE}"
+      --platform "$CONTAINER_DOCKER_PLATFORM"
+      --progress plain
+      --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}"
+      $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+
+    - pass
+
+    # run trivy
+    - >-
+      trivy image
+      --format json
+      --no-progress
+      -o "${CI_JOB_NAME_SLUG}.json"
+      $CONTAINER_TRIVY_OPTS
+      "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}"
+      || { TRIVY_FAILED=1 && test "$CONTAINER_TRIVY_ALLOW_FAIL" != 0 ; }

cici_tools-0.19.2/tests/fixtures/gitlab/multi-line-script/container-docker-multiarch.yml

@@ -0,0 +1,27 @@
+#
+# This file is generated by cici-tools with the following command:
+#
+#     cici bundle
+#
+container-docker-multiarch:
+  stage: build
+  script:
+    - >-
+      docker buildx build
+      --build-arg "CONTAINER_NAME=$CONTAINER_NAME"
+      --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
+      --file "${CONTAINER_DOCKERFILE}"
+      --platform "$CONTAINER_DOCKER_PLATFORM"
+      --progress plain
+      --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}"
+      $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+    - pass
+    - >-
+      trivy image
+      --format json
+      --no-progress
+      -o "${CI_JOB_NAME_SLUG}.json"
+      $CONTAINER_TRIVY_OPTS
+      "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}"
+      || { TRIVY_FAILED=1 && test "$CONTAINER_TRIVY_ALLOW_FAIL" != 0 ; }

{cici_tools-0.19.0 → cici_tools-0.19.2}/tests/fixtures/gitlab/service-key/container-docker-multiarch-amd64.yml

@@ -107,9 +107,16 @@ container-docker-multiarch-amd64:
         _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_NAME}:latest-${CONTAINER_DOCKER_ARCH}"
       fi
     - >-
-      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
-      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM"
-      --progress plain --push --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+      docker buildx build
+      --build-arg "CONTAINER_NAME=$CONTAINER_NAME"
+      --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
+      --file "${CONTAINER_DOCKERFILE}"
+      --platform "$CONTAINER_DOCKER_PLATFORM"
+      --progress plain
+      --push
+      --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}"
+      $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
     - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}'
       "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
     - cosign sign --yes "$COSIGN_IMAGE_DIGEST"

{cici_tools-0.19.0 → cici_tools-0.19.2}/tests/fixtures/gitlab/service-key/container-docker-multiarch-arm32v6.yml

@@ -107,9 +107,16 @@ container-docker-multiarch-arm32v6:
         _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_NAME}:latest-${CONTAINER_DOCKER_ARCH}"
       fi
     - >-
-      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
-      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM"
-      --progress plain --push --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+      docker buildx build
+      --build-arg "CONTAINER_NAME=$CONTAINER_NAME"
+      --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
+      --file "${CONTAINER_DOCKERFILE}"
+      --platform "$CONTAINER_DOCKER_PLATFORM"
+      --progress plain
+      --push
+      --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}"
+      $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
     - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}'
       "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
     - cosign sign --yes "$COSIGN_IMAGE_DIGEST"

{cici_tools-0.19.0 → cici_tools-0.19.2}/tests/fixtures/gitlab/service-key/container-docker-multiarch-arm32v7.yml

@@ -107,9 +107,16 @@ container-docker-multiarch-arm32v7:
         _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_NAME}:latest-${CONTAINER_DOCKER_ARCH}"
       fi
     - >-
-      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
-      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM"
-      --progress plain --push --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+      docker buildx build
+      --build-arg "CONTAINER_NAME=$CONTAINER_NAME"
+      --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
+      --file "${CONTAINER_DOCKERFILE}"
+      --platform "$CONTAINER_DOCKER_PLATFORM"
+      --progress plain
+      --push
+      --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}"
+      $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
     - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}'
       "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
     - cosign sign --yes "$COSIGN_IMAGE_DIGEST"

{cici_tools-0.19.0 → cici_tools-0.19.2}/tests/fixtures/gitlab/service-key/container-docker-multiarch-arm64v8.yml

@@ -107,9 +107,16 @@ container-docker-multiarch-arm64v8:
         _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_NAME}:latest-${CONTAINER_DOCKER_ARCH}"
       fi
     - >-
-      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
-      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM"
-      --progress plain --push --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+      docker buildx build
+      --build-arg "CONTAINER_NAME=$CONTAINER_NAME"
+      --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
+      --file "${CONTAINER_DOCKERFILE}"
+      --platform "$CONTAINER_DOCKER_PLATFORM"
+      --progress plain
+      --push
+      --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}"
+      $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
     - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}'
       "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
     - cosign sign --yes "$COSIGN_IMAGE_DIGEST"

{cici_tools-0.19.0 → cici_tools-0.19.2}/tests/fixtures/gitlab/service-key/container-docker-multiarch-i386.yml

@@ -107,9 +107,16 @@ container-docker-multiarch-i386:
         _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_NAME}:latest-${CONTAINER_DOCKER_ARCH}"
       fi
     - >-
-      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
-      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM"
-      --progress plain --push --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+      docker buildx build
+      --build-arg "CONTAINER_NAME=$CONTAINER_NAME"
+      --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
+      --file "${CONTAINER_DOCKERFILE}"
+      --platform "$CONTAINER_DOCKER_PLATFORM"
+      --progress plain
+      --push
+      --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}"
+      $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
     - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}'
       "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
     - cosign sign --yes "$COSIGN_IMAGE_DIGEST"

{cici_tools-0.19.0 → cici_tools-0.19.2}/tests/fixtures/gitlab/service-key/container-docker-multiarch.yml

@@ -104,9 +104,16 @@ container-docker-multiarch:
         _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_NAME}:latest-${CONTAINER_DOCKER_ARCH}"
       fi
     - >-
-      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
-      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --platform "$CONTAINER_DOCKER_PLATFORM"
-      --progress plain --push --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}" $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
+      docker buildx build
+      --build-arg "CONTAINER_NAME=$CONTAINER_NAME"
+      --build-arg "CONTAINER_DOCKER_MACHINE_ARCH=$CONTAINER_DOCKER_MACHINE_ARCH"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
+      --file "${CONTAINER_DOCKERFILE}"
+      --platform "$CONTAINER_DOCKER_PLATFORM"
+      --progress plain
+      --push
+      --tag "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}"
+      $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
     - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}'
       "${CONTAINER_IMAGE}-${CONTAINER_DOCKER_ARCH}")"
     - cosign sign --yes "$COSIGN_IMAGE_DIGEST"

{cici_tools-0.19.0 → cici_tools-0.19.2}/tests/fixtures/gitlab/service-key/container-docker.yml

@@ -104,8 +104,14 @@ container-docker:
         _CONTAINER_OPTS="$_CONTAINER_OPTS --tag ${CONTAINER_NAME}:latest"
       fi
     - >-
-      docker buildx build --build-arg "CONTAINER_NAME=$CONTAINER_NAME" --build-arg "CONTAINER_PROXY=$CONTAINER_PROXY" --build-arg
-      "CONTAINER_VERSION=$CONTAINER_VERSION" --file "${CONTAINER_DOCKERFILE}" --progress plain --push --tag "${CONTAINER_IMAGE}"
+      docker buildx build
+      --build-arg "CONTAINER_NAME=$CONTAINER_NAME"
+      --build-arg "CONTAINER_PROXY=$CONTAINER_PROXY"
+      --build-arg "CONTAINER_VERSION=$CONTAINER_VERSION"
+      --file "${CONTAINER_DOCKERFILE}"
+      --progress plain
+      --push
+      --tag "${CONTAINER_IMAGE}"
       $_CONTAINER_OPTS "${CONTAINER_CONTEXT}"
     - COSIGN_IMAGE_DIGEST="$(docker inspect --format='{{index .RepoDigests 0}}' "$CONTAINER_IMAGE")"
     - cosign sign --yes "$COSIGN_IMAGE_DIGEST"

{cici_tools-0.19.0 → cici_tools-0.19.2}/tests/fixtures/gitlab/service-key/container-trivy.yml

@@ -102,12 +102,22 @@ container-trivy:
       | tar -xzf - -C /usr/local/bin/
     - >-
       docker pull "${CONTAINER_IMAGE}"
-    - trivy image "${CONTAINER_IMAGE}" --format json --no-progress -o "${CI_JOB_NAME_SLUG}.json"
+    - >-
+      trivy image "${CONTAINER_IMAGE}"
+      --format json
+      --no-progress
+      -o "${CI_JOB_NAME_SLUG}.json"
     - trivy convert "${CI_JOB_NAME_SLUG}.json"
-    - trivy convert "${CI_JOB_NAME_SLUG}.json" --format template --template "@/usr/local/bin/contrib/gitlab.tpl" -o
-      "${CI_JOB_NAME_SLUG}-gitlab.json"
-    - trivy convert "${CI_JOB_NAME_SLUG}.json" --format template --template "@/usr/local/bin/contrib/html.tpl" -o
-      "${CI_JOB_NAME_SLUG}.html"
+    - >-
+      trivy convert "${CI_JOB_NAME_SLUG}.json"
+      --format template
+      --template "@/usr/local/bin/contrib/gitlab.tpl"
+      -o "${CI_JOB_NAME_SLUG}-gitlab.json"
+    - >-
+      trivy convert "${CI_JOB_NAME_SLUG}.json"
+      --format template
+      --template "@/usr/local/bin/contrib/html.tpl"
+      -o "${CI_JOB_NAME_SLUG}.html"
   artifacts:
     paths:
       - ${CI_JOB_NAME_SLUG}.json