Compare commits
26 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| d79c5366ef | |||
| 8e4f7ad244 | |||
| 39de3a1601 | |||
| cb3d2964d1 | |||
| 6b5390cef8 | |||
| 2736b85de3 | |||
| 82d7778f59 | |||
| 8c99cc0491 | |||
| 955e3d0dbe | |||
| 702ae8bed8 | |||
| b6f0723b75 | |||
| 8a2fb30e59 | |||
| 95b4030120 | |||
| 5c77cfbdc2 | |||
| 5ea42320a9 | |||
| d07ebfc9c6 | |||
| bbb5718184 | |||
| 0d8b54637c | |||
| e51b2e28b9 | |||
| f767140cc8 | |||
| 0d4d69f072 | |||
| a3e628c43f | |||
| a58fa135c1 | |||
| 93c7af6c91 | |||
| ad0e12bf7b | |||
| 498dd6eff6 |
66
.gitea/workflows/default_nottags.yaml
Normal file
66
.gitea/workflows/default_nottags.yaml
Normal file
@@ -0,0 +1,66 @@
|
||||
name: Default (not tags)
|
||||
|
||||
on:
|
||||
push:
|
||||
tags-ignore:
|
||||
- '**'
|
||||
|
||||
env:
|
||||
IMAGE: registry.gitlab.com/hosttoday/ht-docker-node:npmci
|
||||
NPMCI_TOKEN_NPM: ${{secrets.NPMCI_TOKEN_NPM}}
|
||||
NPMCI_TOKEN_NPM2: ${{secrets.NPMCI_TOKEN_NPM2}}
|
||||
NPMCI_GIT_GITHUBTOKEN: ${{secrets.NPMCI_GIT_GITHUBTOKEN}}
|
||||
NPMCI_URL_CLOUDLY: ${{secrets.NPMCI_URL_CLOUDLY}}
|
||||
|
||||
jobs:
|
||||
|
||||
security:
|
||||
runs-on: ubuntu-latest
|
||||
continue-on-error: true
|
||||
container:
|
||||
image: ${{ env.IMAGE }}
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Install pnpm and npmci
|
||||
run: |
|
||||
pnpm install -g pnpm
|
||||
pnpm install -g @shipzone/npmci
|
||||
|
||||
- name: Run npm prepare
|
||||
run: npmci npm prepare
|
||||
|
||||
- name: Audit production dependencies
|
||||
run: |
|
||||
npmci command npm config set registry https://registry.npmjs.org
|
||||
npmci command pnpm audit --audit-level=high --prod
|
||||
continue-on-error: true
|
||||
|
||||
- name: Audit development dependencies
|
||||
run: |
|
||||
npmci command npm config set registry https://registry.npmjs.org
|
||||
npmci command pnpm audit --audit-level=high --dev
|
||||
continue-on-error: true
|
||||
|
||||
test:
|
||||
if: ${{ always() }}
|
||||
needs: security
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: ${{ env.IMAGE }}
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Test stable
|
||||
run: |
|
||||
npmci node install stable
|
||||
npmci npm install
|
||||
npmci npm test
|
||||
|
||||
- name: Test build
|
||||
run: |
|
||||
npmci node install stable
|
||||
npmci npm install
|
||||
npmci npm build
|
||||
108
.gitea/workflows/default_tags.yaml
Normal file
108
.gitea/workflows/default_tags.yaml
Normal file
@@ -0,0 +1,108 @@
|
||||
name: Default (tags)
|
||||
|
||||
on:
|
||||
push:
|
||||
tags:
|
||||
- '*'
|
||||
|
||||
env:
|
||||
IMAGE: registry.gitlab.com/hosttoday/ht-docker-node:npmci
|
||||
NPMCI_TOKEN_NPM: ${{secrets.NPMCI_TOKEN_NPM}}
|
||||
NPMCI_GIT_GITHUBTOKEN: ${{secrets.NPMCI_GIT_GITHUBTOKEN}}
|
||||
NPMCI_LOGIN_DOCKER_GITEA: ${{secrets.NPMCI_DOCKER_REGISTRYURL_DEFAULT}}|${{ gitea.repository_owner }}|${{ secrets.GITEA_TOKEN }}
|
||||
|
||||
jobs:
|
||||
|
||||
security:
|
||||
runs-on: ubuntu-latest
|
||||
continue-on-error: true
|
||||
container:
|
||||
image: ${{ env.IMAGE }}
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Install pnpm and npmci
|
||||
run: |
|
||||
pnpm install -g pnpm
|
||||
pnpm install -g @shipzone/npmci
|
||||
|
||||
- name: Run npm prepare
|
||||
run: npmci npm prepare
|
||||
|
||||
- name: Audit production dependencies
|
||||
run: |
|
||||
npmci command npm config set registry https://registry.npmjs.org
|
||||
npmci command pnpm audit --audit-level=high --prod
|
||||
continue-on-error: true
|
||||
|
||||
- name: Audit development dependencies
|
||||
run: |
|
||||
npmci command npm config set registry https://registry.npmjs.org
|
||||
npmci command pnpm audit --audit-level=high --dev
|
||||
continue-on-error: true
|
||||
|
||||
test:
|
||||
if: ${{ always() }}
|
||||
needs: security
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: ${{ env.IMAGE }}
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Test stable
|
||||
run: |
|
||||
npmci node install stable
|
||||
npmci npm install
|
||||
npmci npm test
|
||||
|
||||
- name: Test build
|
||||
run: |
|
||||
npmci node install stable
|
||||
npmci npm install
|
||||
npmci npm build
|
||||
|
||||
release:
|
||||
needs: test
|
||||
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: ${{ env.IMAGE }}
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Release
|
||||
run: |
|
||||
npmci node install stable
|
||||
npmci npm publish
|
||||
|
||||
metadata:
|
||||
needs: test
|
||||
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: ${{ env.IMAGE }}
|
||||
continue-on-error: true
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Code quality
|
||||
run: |
|
||||
npmci command npm install -g typescript
|
||||
npmci npm prepare
|
||||
npmci npm install
|
||||
|
||||
- name: Trigger
|
||||
run: npmci trigger
|
||||
|
||||
- name: Build docs and upload artifacts
|
||||
run: |
|
||||
npmci node install stable
|
||||
npmci npm install
|
||||
pnpm install -g @gitzone/tsdoc
|
||||
npmci command tsdoc
|
||||
continue-on-error: true
|
||||
127
.gitlab-ci.yml
127
.gitlab-ci.yml
@@ -1,127 +0,0 @@
|
||||
# gitzone ci_default
|
||||
image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
|
||||
|
||||
cache:
|
||||
paths:
|
||||
- .npmci_cache/
|
||||
key: '$CI_BUILD_STAGE'
|
||||
|
||||
stages:
|
||||
- security
|
||||
- test
|
||||
- release
|
||||
- metadata
|
||||
|
||||
before_script:
|
||||
- pnpm install -g pnpm
|
||||
- pnpm install -g @shipzone/pnpm
|
||||
- npmci npm prepare
|
||||
|
||||
# ====================
|
||||
# security stage
|
||||
# ====================
|
||||
# ====================
|
||||
# security stage
|
||||
# ====================
|
||||
auditProductionDependencies:
|
||||
image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
|
||||
stage: security
|
||||
script:
|
||||
- npmci command npm config set registry https://registry.npmjs.org
|
||||
- npmci command pnpm audit --audit-level=high --prod
|
||||
tags:
|
||||
- lossless
|
||||
- docker
|
||||
|
||||
auditDevDependencies:
|
||||
image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
|
||||
stage: security
|
||||
script:
|
||||
- npmci command npm config set registry https://registry.npmjs.org
|
||||
- npmci command pnpm audit --audit-level=high --dev
|
||||
tags:
|
||||
- lossless
|
||||
- docker
|
||||
allow_failure: true
|
||||
|
||||
# ====================
|
||||
# test stage
|
||||
# ====================
|
||||
|
||||
testStable:
|
||||
stage: test
|
||||
script:
|
||||
- npmci node install stable
|
||||
- npmci npm install
|
||||
- npmci npm test
|
||||
coverage: /\d+.?\d+?\%\s*coverage/
|
||||
tags:
|
||||
- docker
|
||||
|
||||
testBuild:
|
||||
stage: test
|
||||
script:
|
||||
- npmci node install stable
|
||||
- npmci npm install
|
||||
- npmci command npm run build
|
||||
coverage: /\d+.?\d+?\%\s*coverage/
|
||||
tags:
|
||||
- docker
|
||||
|
||||
release:
|
||||
stage: release
|
||||
script:
|
||||
- npmci node install stable
|
||||
- npmci npm publish
|
||||
only:
|
||||
- tags
|
||||
tags:
|
||||
- lossless
|
||||
- docker
|
||||
- notpriv
|
||||
|
||||
# ====================
|
||||
# metadata stage
|
||||
# ====================
|
||||
codequality:
|
||||
stage: metadata
|
||||
allow_failure: true
|
||||
only:
|
||||
- tags
|
||||
script:
|
||||
- npmci command npm install -g typescript
|
||||
- npmci npm prepare
|
||||
- npmci npm install
|
||||
tags:
|
||||
- lossless
|
||||
- docker
|
||||
- priv
|
||||
|
||||
trigger:
|
||||
stage: metadata
|
||||
script:
|
||||
- npmci trigger
|
||||
only:
|
||||
- tags
|
||||
tags:
|
||||
- lossless
|
||||
- docker
|
||||
- notpriv
|
||||
|
||||
pages:
|
||||
stage: metadata
|
||||
script:
|
||||
- npmci node install stable
|
||||
- npmci npm install
|
||||
- npmci command npm run buildDocs
|
||||
tags:
|
||||
- lossless
|
||||
- docker
|
||||
- notpriv
|
||||
only:
|
||||
- tags
|
||||
artifacts:
|
||||
expire_in: 1 week
|
||||
paths:
|
||||
- public
|
||||
allow_failure: true
|
||||
36
package.json
36
package.json
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "@shipzone/npmci",
|
||||
"version": "4.0.10",
|
||||
"version": "4.1.11",
|
||||
"private": false,
|
||||
"description": "node and docker in gitlab ci on steroids",
|
||||
"main": "dist_ts/index.js",
|
||||
@@ -26,37 +26,37 @@
|
||||
},
|
||||
"homepage": "https://gitlab.com/gitzone/npmci#README",
|
||||
"devDependencies": {
|
||||
"@gitzone/tsbuild": "^2.1.65",
|
||||
"@gitzone/tsrun": "^1.2.37",
|
||||
"@gitzone/tstest": "^1.0.73",
|
||||
"@pushrocks/tapbundle": "^5.0.4",
|
||||
"@types/node": "^18.8.3"
|
||||
"@gitzone/tsbuild": "^2.1.66",
|
||||
"@gitzone/tsrun": "^1.2.42",
|
||||
"@gitzone/tstest": "^1.0.74",
|
||||
"@pushrocks/tapbundle": "^5.0.8",
|
||||
"@types/node": "^20.3.1"
|
||||
},
|
||||
"dependencies": {
|
||||
"@apiglobal/typedrequest": "^2.0.10",
|
||||
"@pushrocks/lik": "^6.0.0",
|
||||
"@pushrocks/lik": "^6.0.2",
|
||||
"@pushrocks/npmextra": "^3.0.9",
|
||||
"@pushrocks/projectinfo": "^5.0.1",
|
||||
"@pushrocks/qenv": "^5.0.2",
|
||||
"@pushrocks/smartanalytics": "^2.0.15",
|
||||
"@pushrocks/smartcli": "^4.0.6",
|
||||
"@pushrocks/smartdelay": "^2.0.13",
|
||||
"@pushrocks/smartenv": "^5.0.3",
|
||||
"@pushrocks/smartfile": "^10.0.5",
|
||||
"@pushrocks/smartdelay": "^3.0.1",
|
||||
"@pushrocks/smartenv": "^5.0.5",
|
||||
"@pushrocks/smartfile": "^10.0.25",
|
||||
"@pushrocks/smartgit": "^3.0.0",
|
||||
"@pushrocks/smartlog": "^3.0.1",
|
||||
"@pushrocks/smartlog-destination-local": "^8.0.8",
|
||||
"@pushrocks/smartlog": "^3.0.2",
|
||||
"@pushrocks/smartlog-destination-local": "^9.0.0",
|
||||
"@pushrocks/smartparam": "^1.1.6",
|
||||
"@pushrocks/smartpath": "^5.0.5",
|
||||
"@pushrocks/smartpromise": "^3.1.7",
|
||||
"@pushrocks/smartrequest": "^2.0.11",
|
||||
"@pushrocks/smartshell": "^2.0.30",
|
||||
"@pushrocks/smartsocket": "^2.0.7",
|
||||
"@pushrocks/smartpromise": "^4.0.2",
|
||||
"@pushrocks/smartrequest": "^2.0.15",
|
||||
"@pushrocks/smartshell": "^3.0.3",
|
||||
"@pushrocks/smartsocket": "^2.0.19",
|
||||
"@pushrocks/smartssh": "^2.0.0",
|
||||
"@pushrocks/smartstring": "^4.0.5",
|
||||
"@servezone/interfaces": "^1.0.3",
|
||||
"@tsclass/tsclass": "^4.0.21",
|
||||
"@types/through2": "^2.0.36",
|
||||
"@tsclass/tsclass": "^4.0.42",
|
||||
"@types/through2": "^2.0.38",
|
||||
"through2": "^4.0.2"
|
||||
},
|
||||
"files": [
|
||||
|
||||
3238
pnpm-lock.yaml
generated
3238
pnpm-lock.yaml
generated
File diff suppressed because it is too large
Load Diff
@@ -21,7 +21,6 @@ Code Style | [](htt
|
||||
PackagePhobia (total standalone install weight) | [](https://lossless.cloud)
|
||||
PackagePhobia (package size on registry) | [](https://lossless.cloud)
|
||||
BundlePhobia (total size when bundled) | [](https://lossless.cloud)
|
||||
Platform support | [](https://lossless.cloud) [](https://lossless.cloud)
|
||||
|
||||
## Usage
|
||||
|
||||
@@ -106,7 +105,6 @@ We are always happy for code contributions. If you are not the code contributing
|
||||
|
||||
For further information read the linked docs at the top of this readme.
|
||||
|
||||
> MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
|
||||
## Legal
|
||||
> MIT licensed | **©** [Task Venture Capital GmbH](https://task.vc)
|
||||
| By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy)
|
||||
|
||||
[](https://maintainedby.lossless.com)
|
||||
|
||||
@@ -21,6 +21,8 @@ process.cwd = () => {
|
||||
|
||||
let npmci: typeof import('../ts/index.js');
|
||||
|
||||
type TNpmciTypes = typeof import('../ts/index.js');
|
||||
|
||||
tap.preTask('should import npmci', async () => {
|
||||
npmci = await import('../ts/index.js');
|
||||
});
|
||||
|
||||
@@ -3,6 +3,6 @@
|
||||
*/
|
||||
export const commitinfo = {
|
||||
name: '@shipzone/npmci',
|
||||
version: '4.0.10',
|
||||
version: '4.1.11',
|
||||
description: 'node and docker in gitlab ci on steroids'
|
||||
}
|
||||
|
||||
@@ -77,17 +77,20 @@ export class NpmciDockerManager {
|
||||
*/
|
||||
public prepare = async () => {
|
||||
// Always login to GitLab Registry
|
||||
if (!process.env.CI_BUILD_TOKEN || process.env.CI_BUILD_TOKEN === '') {
|
||||
logger.log('error', 'No registry token specified by gitlab!');
|
||||
process.exit(1);
|
||||
if (process.env.GITLAB_CI) {
|
||||
console.log('gitlab ci detected');
|
||||
if (!process.env.CI_JOB_TOKEN || process.env.CI_JOB_TOKEN === '') {
|
||||
logger.log('error', 'Running in Gitlab CI, but no registry token specified by gitlab!');
|
||||
process.exit(1);
|
||||
}
|
||||
this.npmciRegistryStorage.addRegistry(
|
||||
new DockerRegistry({
|
||||
registryUrl: 'registry.gitlab.com',
|
||||
username: 'gitlab-ci-token',
|
||||
password: process.env.CI_JOB_TOKEN,
|
||||
})
|
||||
);
|
||||
}
|
||||
this.npmciRegistryStorage.addRegistry(
|
||||
new DockerRegistry({
|
||||
registryUrl: 'registry.gitlab.com',
|
||||
username: 'gitlab-ci-token',
|
||||
password: process.env.CI_BUILD_TOKEN,
|
||||
})
|
||||
);
|
||||
|
||||
// handle registries
|
||||
await plugins.smartparam.forEachMinimatch(
|
||||
|
||||
@@ -177,14 +177,17 @@ export class Dockerfile {
|
||||
): Promise<string> {
|
||||
logger.log('info', 'checking for env vars to be supplied to the docker build');
|
||||
let buildArgsString: string = '';
|
||||
for (const key of Object.keys(
|
||||
for (const dockerArgKey of Object.keys(
|
||||
npmciDockerManagerRef.npmciRef.npmciConfig.getConfig().dockerBuildargEnvMap
|
||||
)) {
|
||||
const targetValue =
|
||||
process.env[
|
||||
npmciDockerManagerRef.npmciRef.npmciConfig.getConfig().dockerBuildargEnvMap[key]
|
||||
];
|
||||
buildArgsString = `${buildArgsString} --build-arg ${key}="${targetValue}"`;
|
||||
const dockerArgOuterEnvVar =
|
||||
npmciDockerManagerRef.npmciRef.npmciConfig.getConfig().dockerBuildargEnvMap[dockerArgKey];
|
||||
logger.log(
|
||||
'note',
|
||||
`docker ARG "${dockerArgKey}" maps to outer env var "${dockerArgOuterEnvVar}"`
|
||||
);
|
||||
const targetValue = process.env[dockerArgOuterEnvVar];
|
||||
buildArgsString = `${buildArgsString} --build-arg ${dockerArgKey}="${targetValue}"`;
|
||||
}
|
||||
return buildArgsString;
|
||||
}
|
||||
|
||||
@@ -59,6 +59,7 @@ export class NpmciNpmManager {
|
||||
'NPMCI_TOKEN_NPM*',
|
||||
(npmEnvArg: string) => {
|
||||
const npmRegistryUrl = npmEnvArg.split('|')[0];
|
||||
logger.log('ok', `found token for ${npmRegistryUrl}`);
|
||||
let npmToken = npmEnvArg.split('|')[1];
|
||||
if (npmEnvArg.split('|')[2] && npmEnvArg.split('|')[2] === 'plain') {
|
||||
logger.log('ok', 'npm token not base64 encoded.');
|
||||
|
||||
24
ts/mod_precheck/index.ts
Normal file
24
ts/mod_precheck/index.ts
Normal file
@@ -0,0 +1,24 @@
|
||||
import * as plugins from './plugins.js';
|
||||
import * as paths from '../npmci.paths.js';
|
||||
import { logger } from '../npmci.logging.js';
|
||||
import { Npmci } from '../npmci.classes.npmci.js';
|
||||
|
||||
export const handleCli = async (npmciRefArg: Npmci, argvArg: any) => {
|
||||
logger.log('info', 'checking execution context');
|
||||
const presentRunnerTags = process.env.CI_RUNNER_TAGS.split(',').map((stringArg) =>
|
||||
stringArg.trim()
|
||||
);
|
||||
let allDesiredGitlabRunnerTagsPresent = true;
|
||||
for (const desiredRunnerTag of npmciRefArg.npmciConfig.getConfig().gitlabRunnerTags) {
|
||||
if (!presentRunnerTags.includes(desiredRunnerTag)) {
|
||||
allDesiredGitlabRunnerTagsPresent = false;
|
||||
logger.log(
|
||||
'error',
|
||||
`Desired runnerRag ${desiredRunnerTag} is missing in current execution context.`
|
||||
);
|
||||
}
|
||||
}
|
||||
if (!allDesiredGitlabRunnerTagsPresent) {
|
||||
process.exit(1);
|
||||
}
|
||||
};
|
||||
1
ts/mod_precheck/plugins.ts
Normal file
1
ts/mod_precheck/plugins.ts
Normal file
@@ -0,0 +1 @@
|
||||
export * from '../npmci.plugins.js';
|
||||
@@ -79,17 +79,16 @@ export class NpmciCli {
|
||||
}
|
||||
);
|
||||
|
||||
this.smartcli.addCommand('precheck').subscribe(async (argvArg) => {
|
||||
const modPrecheck = await import('./mod_precheck/index.js');
|
||||
await modPrecheck.handleCli(this.npmciRef, argvArg);
|
||||
});
|
||||
|
||||
// trigger
|
||||
this.smartcli.addCommand('ssh').subscribe(
|
||||
async (argvArg) => {
|
||||
const modSsh = await import('./mod_ssh/index.js');
|
||||
await modSsh.handleCli(argvArg);
|
||||
},
|
||||
(err) => {
|
||||
console.log(err);
|
||||
process.exit(1);
|
||||
}
|
||||
);
|
||||
this.smartcli.addCommand('ssh').subscribe(async (argvArg) => {
|
||||
const modSsh = await import('./mod_ssh/index.js');
|
||||
await modSsh.handleCli(argvArg);
|
||||
});
|
||||
|
||||
// trigger
|
||||
this.smartcli.addCommand('trigger').subscribe(
|
||||
|
||||
@@ -20,6 +20,9 @@ export interface INpmciOptions {
|
||||
dockerRegistryRepoMap: { [key: string]: string };
|
||||
dockerBuildargEnvMap: { [key: string]: string };
|
||||
|
||||
// gitlab
|
||||
gitlabRunnerTags: string[];
|
||||
|
||||
// urls
|
||||
urlCloudly: string;
|
||||
}
|
||||
@@ -57,6 +60,7 @@ export class NpmciConfig {
|
||||
dockerRegistryRepoMap: {},
|
||||
npmAccessLevel: 'private',
|
||||
npmRegistryUrl: 'registry.npmjs.org',
|
||||
gitlabRunnerTags: [],
|
||||
dockerBuildargEnvMap: {},
|
||||
urlCloudly: this.npmciQenv.getEnvVarOnDemand('NPMCI_URL_CLOUDLY'),
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user