From 8b9a0356dec7d99a63c4ed744b78ae707155e9f3 Mon Sep 17 00:00:00 2001
From: Jon <jonathon.lockwood@networkedweb.com>
Date: Sat, 13 May 2023 15:36:31 +0930
Subject: [PATCH] feat(template): added new template for ci pipeline for docker
 containers

!21
---
 type/docker-image.gitlab-ci.yaml | 227 +++++++++++++++++++++++++++++++
 1 file changed, 227 insertions(+)
 create mode 100644 type/docker-image.gitlab-ci.yaml

diff --git a/type/docker-image.gitlab-ci.yaml b/type/docker-image.gitlab-ci.yaml
new file mode 100644
index 0000000..35efdb5
--- /dev/null
+++ b/type/docker-image.gitlab-ci.yaml
@@ -0,0 +1,227 @@
+# This gitlab-ci file is used for creating docker images.
+# by including this file, the jobs will be autocreated.
+
+include:
+  - local: $JOB_ROOT_DIR/.gitlab-ci_common.yaml
+  - local: $JOB_ROOT_DIR/conventional_commits/.gitlab-ci.yml
+  - local: $JOB_ROOT_DIR/git_push_mirror/.gitlab-ci.yml
+  - local: $JOB_ROOT_DIR/gitlab_release/.gitlab-ci.yml
+
+
+variables:
+  # Available platforms: linux/amd64, linux/amd64/v2, linux/amd64/v3, linux/arm64, linux/riscv64, linux/ppc64, linux/ppc64le, linux/s390x, linux/386, linux/mips64le, linux/mips64, linux/arm/v7, linux/arm/v6
+  # DOCKER_IMAGE_BUILD_TARGET_PLATFORMS: "linux/amd64,linux/arm64,linux/arm/v7"
+  DOCKER_IMAGE_BUILD_NAME: $CI_PROJECT_NAME
+  DOCKER_IMAGE_BUILD_REGISTRY: $CI_REGISTRY_IMAGE
+  DOCKER_IMAGE_BUILD_TAG: $CI_COMMIT_SHA
+  
+  # DOCKER_IMAGE_PUBLISH_NAME: $CI_PROJECT_NAME
+  # DOCKER_IMAGE_PUBLISH_REGISTRY: docker.io/nofusscomputing
+  # DOCKER_IMAGE_PUBLISH_URL: https://hub.docker.com/r/nofusscomputing/$DOCKER_IMAGE_PUBLISH_NAME
+  # JOB_STOP_CONVENTIONAL_COMMITS: 'any_value'
+  # JOB_STOP_GIT_PUSH_MIRROR: 'any_value'
+  # GIT_SYNC_URL: "https://$GITHUB_USERNAME_ROBOT:$GITHUB_TOKEN_ROBOT@github.com/NoFussComputing/config.git" # Must be defined for job to run
+  # JOB_STOP_GITLAB_RELEASE: 'any value'
+
+
+
+.build_docker_container:
+  stage: build
+  image: nofusscomputing/docker-buildx-qemu:dev
+  services:
+    - name: docker:23-dind
+      entrypoint: ["env", "-u", "DOCKER_HOST"]
+      command: ["dockerd-entrypoint.sh"]
+  variables:
+    DOCKER_HOST: tcp://docker:2375/
+    DOCKER_DRIVER: overlay2
+    # See https://github.com/docker-library/docker/pull/166
+    DOCKER_TLS_CERTDIR: ""
+  before_script:
+    - docker info
+    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    #- pip3 install -r gitlab-ci/gitlab_release/requirements.txt
+    - pip3 install setuptools wheel
+    - pip3 install commitizen==2.21.0 # version specified so current build works.
+    - pip3 install gitlab-ci/gitlab_release/python-module/cz_nfc/.
+    - update-binfmts --enable # Important: Ensures execution of other binary formats is enabled in the kernel
+    - docker buildx create --driver=docker-container --driver-opt image=moby/buildkit:v0.11.6 --use
+    - docker buildx inspect --bootstrap
+
+
+  #       --label org.opencontainers.image.url="$CI_PROJECT_URL/-/releases/$(cz -n cz_nfc version --project)" \
+  #       --label org.opencontainers.image.version="$(cz -n cz_nfc version --project)" \
+  script: |
+
+    if [ "0$DOCKER_IMAGE_BUILD_TARGET_PLATFORMS" != "0" ]; then
+
+      echo "[DEBUG] building multiarch/specified arch image";
+
+      docker buildx build --platform=$DOCKER_IMAGE_BUILD_TARGET_PLATFORMS . \
+        --label org.opencontainers.image.created="$(date '+%Y-%m-%d %H:%M:%S%:z')" \
+        --label org.opencontainers.image.documentation="$CI_PROJECT_URL" \
+        --label org.opencontainers.image.source="$CI_PROJECT_URL" \
+        --label org.opencontainers.image.revision="$CI_COMMIT_SHA" \
+      --no-cache \
+      --push \
+      --tag $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG;
+
+      docker buildx imagetools inspect $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG;
+
+      # during docker multi platform build there are >=3 additional unknown images added to gitlab container registry. cleanup
+      
+      DOCKER_MULTI_ARCH_IMAGES=$(docker buildx imagetools inspect "$DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG" --format "{{ range .Manifest.Manifests }}{{ if ne (print .Platform) \"&{unknown unknown  [] }\" }}$DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG@{{ println .Digest }}{{end}} {{end}}");
+
+      docker buildx imagetools create $DOCKER_MULTI_ARCH_IMAGES --tag $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG;
+
+      docker buildx imagetools inspect $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG;
+
+    else
+
+      echo "[DEBUG] building image";
+
+      docker build . \
+        --label org.opencontainers.image.created="$(date '+%Y-%m-%d %H:%M:%S%:z')" \
+        --label org.opencontainers.image.documentation="$CI_PROJECT_URL" \
+        --label org.opencontainers.image.source="$CI_PROJECT_URL" \
+        --label org.opencontainers.image.url="$CI_PROJECT_URL/-/releases/$(cz -n cz_nfc version --project)" \
+        --label org.opencontainers.image.version="$(cz -n cz_nfc version --project)" \
+        --label org.opencontainers.image.revision="$CI_COMMIT_SHA" \
+      --no-cache \
+      --tag $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG;
+    
+    docker push $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG;
+
+    fi
+  rules:
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+      when: never
+    - if: $CI_COMMIT_TAG
+      when: on_success
+    - if: '$CI_COMMIT_BRANCH == "development"'
+      when: on_success
+    - if: '$CI_COMMIT_BRANCH != "master"'
+      allow_failure: false
+      when: always
+    - when: never
+
+
+
+.publish-docker-hub:
+  stage: publish
+  image: docker:23-dind
+  services:
+    - docker:23-dind
+  before_script:
+    - |
+
+      docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD;
+
+      if [ "0$DOCKER_IMAGE_BUILD_TARGET_PLATFORMS" != "0" ]; then
+
+        for i in ${DOCKER_IMAGE_BUILD_TARGET_PLATFORMS//,/ }
+        do
+
+          docker buildx imagetools inspect $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG;
+
+          #DOCKER_MULTI_ARCH_IMAGES=$(docker buildx imagetools inspect "$DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG" --format "{{ range .Manifest.Manifests }}{{ if ne (print .Platform) \"&{unknown unknown  [] }\" }}$DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG@{{ println .Digest }}{{end}} {{end}}")
+          DOCKER_MULTI_ARCH_IMAGES=$(docker buildx imagetools inspect "$DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG" --format "{{ range .Manifest.Manifests }}$DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG@{{ println .Digest }} {{end}}")
+
+
+          echo "[DEBUG] DOCKER_MULTI_ARCH_IMAGES=$DOCKER_MULTI_ARCH_IMAGES";
+
+        done;
+
+      else
+
+        docker pull $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG;
+
+      fi
+
+      #docker logout $CI_REGISTRY; # commented out to test if for private repo remaining logged in works to allow pulling image
+
+  script:
+    - docker login docker.io -u $NFC_DOCKERHUB_USERNAME -p $NFC_DOCKERHUB_TOKEN
+    - docker image ls
+    - |
+      DOCKER_HUB_TAG=dev
+
+      if [ "0$CI_COMMIT_TAG" != "0" ]; then
+
+        DOCKER_HUB_TAG=latest
+
+        if [ "0$CI_COMMIT_TAG" == *"rc"* ]; then
+
+          DOCKER_HUB_TAG=dev
+
+        fi
+
+      fi
+
+      echo "[DEBUG] DOCKER_IMAGE_PUBLISH_NAME=$DOCKER_IMAGE_PUBLISH_NAME";
+      echo "[DEBUG] DOCKER_HUB_TAG=$DOCKER_HUB_TAG";
+
+      if [ "0$DOCKER_IMAGE_BUILD_TARGET_PLATFORMS" != "0" ]; then
+
+        echo "[DEBUG] DOCKER_MULTI_ARCH_IMAGES=$DOCKER_MULTI_ARCH_IMAGES";
+        
+        docker buildx imagetools create $DOCKER_MULTI_ARCH_IMAGES --tag $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:$DOCKER_HUB_TAG;
+
+        if [ "0$CI_COMMIT_TAG" != "0"  ]; then
+
+          docker buildx imagetools create $DOCKER_MULTI_ARCH_IMAGES --tag $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:$CI_COMMIT_TAG;
+
+        fi
+
+      else
+
+        docker image tag $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:$DOCKER_HUB_TAG;
+
+        docker push $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_HUB_TAG;
+
+        if [ "0$CI_COMMIT_TAG" != "0" ]; then
+
+          docker image tag $DOCKER_IMAGE_BUILD_NAME/$DOCKER_IMAGE_BUILD_REGISTRY:$DOCKER_IMAGE_BUILD_TAG $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:$CI_COMMIT_TAG;
+
+          docker push $DOCKER_IMAGE_PUBLISH_REGISTRY/$DOCKER_IMAGE_PUBLISH_NAME:$CI_COMMIT_TAG;
+
+        fi
+
+      fi
+
+    - docker logout docker.io
+  needs: [ "Docker Container" ]
+  environment:
+    name: DockerHub
+    url: $DOCKER_IMAGE_PUBLISH_URL
+  rules:
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+      when: never
+    - if: $CI_COMMIT_TAG
+      when: on_success
+    - if: '$CI_COMMIT_BRANCH == "development"'
+      when: on_success
+    - if: '$CI_COMMIT_BRANCH != "master"'
+      allow_failure: true
+      when: manual
+    - when: never
+
+
+
+
+Docker Container:
+  extends: .build_docker_container
+
+
+Docker Hub:
+  extends: .publish-docker-hub
+
+
+Gitlab Release:
+    extends:
+        - .gitlab_release
+
+
+Github (Push --mirror):
+    extends:
+        - .git_push_mirror
\ No newline at end of file