-
Notifications
You must be signed in to change notification settings - Fork 30
/
Copy pathconfig.yml
176 lines (166 loc) · 4.68 KB
/
config.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
# Golang CircleCI 2.1 configuration file
#
# Check https://circleci.com/docs/2.0/language-go/ for more details
version: 2.1
executors:
golang:
docker:
- image: cimg/go:1.23.5
jobs:
codespell:
docker:
- image: cimg/python:3.12
steps:
- checkout
- run: pip3 install codespell
- run: codespell --skip=".git,./vendor"
build:
executor: golang
environment:
- DOCKER_IMAGE_NAME: "mjtrangoni/flexlm_exporter"
- QUAY_IMAGE_NAME: "quay.io/mjtrangoni/flexlm_exporter"
- GHCR_IMAGE_NAME: "ghcr.io/mjtrangoni/flexlm_exporter"
steps:
# checkout the project
- checkout
# make and test
- run:
name: Binary Build
command: make
- setup_remote_docker:
version: edge
docker_layer_caching: true
# ghcr.io build
- run:
name: GHCR Build
command: |
if [ -n "$CIRCLE_TAG" ]; then
docker build -t $GHCR_IMAGE_NAME:latest -t $GHCR_IMAGE_NAME:$CIRCLE_TAG .
else
docker build -t $GHCR_IMAGE_NAME:$CIRCLE_BRANCH .
fi
- run:
name: GHCR Login
command: echo $GHCR_TOKEN | docker login ghcr.io -u $GHCR_USERNAME --password-stdin
- run:
name: GHCR Push
command: |
if [ -n "$CIRCLE_TAG" ]; then
docker push $GHCR_IMAGE_NAME:latest
docker push $GHCR_IMAGE_NAME:$CIRCLE_TAG
else
docker push $GHCR_IMAGE_NAME:$CIRCLE_BRANCH
fi
# quay.io build
- run:
name: Quay Build
command: |
if [ -n "$CIRCLE_TAG" ]; then
docker build -t $QUAY_IMAGE_NAME:latest -t $QUAY_IMAGE_NAME:$CIRCLE_TAG .
else
docker build -t $QUAY_IMAGE_NAME:$CIRCLE_BRANCH .
fi
- run:
name: QUAY Login
command: echo $QUAYPASSWORD | docker login quay.io -u $QUAYLOGIN --password-stdin
- run:
name: QUAY Push
command: |
if [ -n "$CIRCLE_TAG" ]; then
docker push $QUAY_IMAGE_NAME:latest
docker push $QUAY_IMAGE_NAME:$CIRCLE_TAG
else
docker push $QUAY_IMAGE_NAME:$CIRCLE_BRANCH
fi
- run:
name: Docker Build
command: |
if [ -n "$CIRCLE_TAG" ]; then
docker build -t $DOCKER_IMAGE_NAME:latest -t $DOCKER_IMAGE_NAME:$CIRCLE_TAG .
else
docker build -t $DOCKER_IMAGE_NAME:$CIRCLE_BRANCH .
fi
- run:
name: Docker Login
command: echo $DOCKER_PASSWORD | docker login docker.io -u $DOCKER_LOGIN --password-stdin
- run:
name: Docker Push
command: |
if [ -n "$CIRCLE_TAG" ]; then
docker push $DOCKER_IMAGE_NAME:latest
docker push $DOCKER_IMAGE_NAME:$CIRCLE_TAG
else
docker push $DOCKER_IMAGE_NAME:$CIRCLE_BRANCH
fi
trivy:
docker:
- image: docker:stable-git
environment:
- DOCKER_IMAGE_NAME: "mjtrangoni/flexlm_exporter"
steps:
# checkout the project
- checkout
- setup_remote_docker:
version: edge
docker_layer_caching: true
- run:
name: Install trivy
command: |
apk add --update-cache --upgrade curl
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin
- run:
name: Scan published image with trivy
command: |
if [ -n "$CIRCLE_TAG" ]; then
trivy image --exit-code 0 --no-progress $DOCKER_IMAGE_NAME:latest
else
trivy image --exit-code 0 --no-progress $DOCKER_IMAGE_NAME:$CIRCLE_BRANCH
fi
release:
executor: golang
steps:
- checkout
- add_ssh_keys:
fingerprints:
- "f5:e9:3e:54:1e:4d:db:c8:14:27:1f:8d:60:9f:4e:f5"
- run:
name: Release binaries
command: |
go install github.com/prometheus/promu@v0.17.0
curl -sfL https://goreleaser.com/static/run | DISTRIBUTION=oss bash
workflows:
version: 2
flexlm_exporter:
jobs:
- codespell:
filters:
branches:
only: main
tags:
only: /.*/
- build:
# This enable the environment variables
context: org-global
filters:
branches:
only:
- main
tags:
only:
- /v[0-9]+(\.[0-9]+)*(-.*)*/
- trivy:
requires:
- build
filters:
branches:
only:
- main
tags:
only:
- /v[0-9]+(\.[0-9]+)*(-.*)*/
- release:
filters:
branches:
ignore: /.*/
tags:
only: /v[0-9]+(\.[0-9]+)*(-.*)*/