4.1.8

.gitea/workflows/default_nottags.yaml

@@ -0,0 +1,66 @@
+name: Default (not tags)
+
+on:
+  push:
+    tags-ignore:
+      - '**'
+
+env:
+  IMAGE: registry.gitlab.com/hosttoday/ht-docker-node:npmci
+  NPMCI_TOKEN_NPM: ${{secrets.NPMCI_TOKEN_NPM}}
+  NPMCI_TOKEN_NPM2: ${{secrets.NPMCI_TOKEN_NPM2}}
+  NPMCI_GIT_GITHUBTOKEN: ${{secrets.NPMCI_GIT_GITHUBTOKEN}}
+  NPMCI_URL_CLOUDLY: ${{secrets.NPMCI_URL_CLOUDLY}}
+
+jobs:
+
+  security:
+    runs-on: ubuntu-latest
+    continue-on-error: true
+    container:
+      image: ${{ env.IMAGE }}
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Install pnpm and npmci
+      run: |
+        pnpm install -g pnpm
+        pnpm install -g @shipzone/npmci
+
+    - name: Run npm prepare
+      run: npmci npm prepare
+
+    - name: Audit production dependencies
+      run: |
+        npmci command npm config set registry https://registry.npmjs.org
+        npmci command pnpm audit --audit-level=high --prod
+      continue-on-error: true
+
+    - name: Audit development dependencies
+      run: |
+        npmci command npm config set registry https://registry.npmjs.org
+        npmci command pnpm audit --audit-level=high --dev
+      continue-on-error: true
+
+  test:
+    if: ${{ always() }}
+    needs: security
+    runs-on: ubuntu-latest
+    container:
+      image: ${{ env.IMAGE }}
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Test stable
+      run: |
+        npmci node install stable
+        npmci npm install
+        npmci npm test
+
+    - name: Test build
+      run: |
+        npmci node install stable
+        npmci npm install
+        npmci npm build

.gitea/workflows/default_tags.yaml

@@ -0,0 +1,107 @@
+name: Default (tags)
+
+on:
+  push:
+    tags:
+      - '*'
+
+env:
+  IMAGE: registry.gitlab.com/hosttoday/ht-docker-node:npmci
+  NPMCI_TOKEN_NPM: ${{secrets.NPMCI_TOKEN_NPM}}
+  NPMCI_GIT_GITHUBTOKEN: ${{secrets.NPMCI_GIT_GITHUBTOKEN}}
+
+jobs:
+
+  security:
+    runs-on: ubuntu-latest
+    continue-on-error: true
+    container:
+      image: ${{ env.IMAGE }}
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Install pnpm and npmci
+      run: |
+        pnpm install -g pnpm
+        pnpm install -g @shipzone/npmci
+
+    - name: Run npm prepare
+      run: npmci npm prepare
+
+    - name: Audit production dependencies
+      run: |
+        npmci command npm config set registry https://registry.npmjs.org
+        npmci command pnpm audit --audit-level=high --prod
+      continue-on-error: true
+
+    - name: Audit development dependencies
+      run: |
+        npmci command npm config set registry https://registry.npmjs.org
+        npmci command pnpm audit --audit-level=high --dev
+      continue-on-error: true
+
+  test:
+    if: ${{ always() }}
+    needs: security
+    runs-on: ubuntu-latest
+    container:
+      image: ${{ env.IMAGE }}
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Test stable
+      run: |
+        npmci node install stable
+        npmci npm install
+        npmci npm test
+
+    - name: Test build
+      run: |
+        npmci node install stable
+        npmci npm install
+        npmci npm build
+
+  release:
+    needs: test
+    if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
+    runs-on: ubuntu-latest
+    container:
+      image: ${{ env.IMAGE }}
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Release
+      run: |
+        npmci node install stable
+        npmci npm publish
+
+  metadata:
+    needs: test
+    if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
+    runs-on: ubuntu-latest
+    container:
+      image: ${{ env.IMAGE }}
+    continue-on-error: true
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Code quality
+      run: |
+        npmci command npm install -g typescript
+        npmci npm prepare
+        npmci npm install
+
+    - name: Trigger
+      run: npmci trigger
+
+    - name: Build docs and upload artifacts
+      run: |
+        npmci node install stable
+        npmci npm install
+        pnpm install -g @gitzone/tsdoc
+        npmci command tsdoc
+      continue-on-error: true

.gitlab-ci.yml

@@ -1,141 +0,0 @@
-# gitzone ci_default
-image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
-
-cache:
-  paths:
-    - .npmci_cache/
-  key: '$CI_BUILD_STAGE'
-
-stages:
-  - security
-  - test
-  - release
-  - metadata
-
-before_script:
-  - pnpm install -g @shipzone/npmci pnpm
-
-# ====================
-# security stage
-# ====================
-mirror:
-  stage: security
-  script:
-    - npmci git mirror
-  only:
-    - tags
-  tags:
-    - lossless
-    - docker
-    - notpriv
-
-auditProductionDependencies:
-  image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
-  stage: security
-  script:
-    - npmci npm prepare
-    - npmci command npm install --production --ignore-scripts
-    - npmci command npm config set registry https://registry.npmjs.org
-    - npmci command npm audit --audit-level=high --only=prod --production
-  tags:
-    - docker
-  allow_failure: true
-
-auditDevDependencies:
-  image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
-  stage: security
-  script:
-    - npmci npm prepare
-    - npmci command npm install --ignore-scripts
-    - npmci command npm config set registry https://registry.npmjs.org
-    - npmci command npm audit --audit-level=high --only=dev
-  tags:
-    - docker
-  allow_failure: true
-
-# ====================
-# test stage
-# ====================
-
-testStable:
-  stage: test
-  script:
-    - npmci npm prepare
-    - npmci node install stable
-    - npmci npm install
-    - npmci npm test
-  coverage: /\d+.?\d+?\%\s*coverage/
-  tags:
-    - docker
-
-testBuild:
-  stage: test
-  script:
-    - npmci npm prepare
-    - npmci node install stable
-    - npmci npm install
-    - npmci command npm run build
-  coverage: /\d+.?\d+?\%\s*coverage/
-  tags:
-    - docker
-
-release:
-  stage: release
-  script:
-    - npmci node install stable
-    - npmci npm publish
-  only:
-    - tags
-  tags:
-    - lossless
-    - docker
-    - notpriv
-
-# ====================
-# metadata stage
-# ====================
-codequality:
-  stage: metadata
-  allow_failure: true
-  only:
-    - tags
-  script:
-    - npmci command npm install -g tslint typescript
-    - npmci npm prepare
-    - npmci npm install
-    - npmci command "tslint -c tslint.json ./ts/**/*.ts"
-  tags:
-    - lossless
-    - docker
-    - priv
-
-trigger:
-  stage: metadata
-  script:
-    - npmci trigger
-  only:
-    - tags
-  tags:
-    - lossless
-    - docker
-    - notpriv
-
-pages:
-  stage: metadata
-  script:
-    - npmci node install lts
-    - npmci command npm install -g @gitzone/tsdoc
-    - npmci npm prepare
-    - npmci npm install
-    - npmci command tsdoc
-  tags:
-    - lossless
-    - docker
-    - notpriv
-  only:
-    - tags
-  artifacts:
-    expire_in: 1 week
-    paths:
-      - public
-  allow_failure: true

npmextra.json

@@ -14,7 +14,7 @@
       "githost": "gitlab.com",
       "gitscope": "shipzone",
       "gitrepo": "npmci",
-      "shortDescription": "node and docker in gitlab ci on steroids",
+      "description": "node and docker in gitlab ci on steroids",
       "npmPackagename": "@shipzone/npmci",
       "license": "MIT"
     }

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@shipzone/npmci",
-  "version": "4.0.9",
+  "version": "4.1.8",
   "private": false,
   "description": "node and docker in gitlab ci on steroids",
   "main": "dist_ts/index.js",
@@ -12,7 +12,8 @@
   "scripts": {
     "test": "tstest test/",
     "build": "tsbuild --allowimplicitany && (npm run testVersion)",
-    "testVersion": "(cd test/assets/ && node ../../cli.js -v)"
+    "testVersion": "(cd test/assets/ && node ../../cli.js -v)",
+    "buildDocs": "tsdoc"
   },
   "repository": {
     "type": "git",

readme.md

@@ -21,7 +21,6 @@ Code Style | [![Code Style](https://badgen.net/badge/style/prettier/purple)](htt
 PackagePhobia (total standalone install weight) | [![PackagePhobia](https://badgen.net/packagephobia/install/@shipzone/npmci)](https://lossless.cloud)
 PackagePhobia (package size on registry) | [![PackagePhobia](https://badgen.net/packagephobia/publish/@shipzone/npmci)](https://lossless.cloud)
 BundlePhobia (total size when bundled) | [![BundlePhobia](https://badgen.net/bundlephobia/minzip/@shipzone/npmci)](https://lossless.cloud)
-Platform support | [![Supports Windows 10](https://badgen.net/badge/supports%20Windows%2010/yes/green?icon=windows)](https://lossless.cloud) [![Supports Mac OS X](https://badgen.net/badge/supports%20Mac%20OS%20X/yes/green?icon=apple)](https://lossless.cloud)
 
 ## Usage
 
@@ -106,7 +105,6 @@ We are always happy for code contributions. If you are not the code contributing
 
 For further information read the linked docs at the top of this readme.
 
-> MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
+## Legal
+> MIT licensed | **©** [Task Venture Capital GmbH](https://task.vc)
 | By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy)
-
-[![repo-footer](https://lossless.gitlab.io/publicrelations/repofooter.svg)](https://maintainedby.lossless.com)

test/test.cloudly.ts

@@ -1,23 +1,26 @@
-process.env["NODE_TLS_REJECT_UNAUTHORIZED"] = '0';
+process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = '0';
 import { tap, expect } from '@pushrocks/tapbundle';
 
 import * as cloudlyConnectorMod from '../ts/connector.cloudly/cloudlyconnector.js';
 
 tap.test('should be able to announce a container to cloudly', async () => {
   const cloudlyConnector = new cloudlyConnectorMod.CloudlyConnector(null);
-  await cloudlyConnector.announceDockerContainer({
+  await cloudlyConnector.announceDockerContainer(
+    {
       registryUrl: 'registry.losssless.com',
       tag: 'testcontainer',
       version: 'x.x.x',
-    labels: []
-  }, 'cloudly.lossless.one')
+      labels: [],
+    },
+    'cloudly.lossless.one'
+  );
 });
 
 tap.test('should close the program despite socket timeout', async (toolsArg) => {
   // TODO: remove when unreffed timeouts in webrequest have been solved.
   toolsArg.delayFor(0).then(() => {
     process.exit();
-  })
-})
+  });
+});
 
 tap.start();

test/test.ts

@@ -3,7 +3,7 @@ import * as path from 'path';
 import * as smartpath from '@pushrocks/smartpath';
 
 process.env.NPMTS_TEST = 'true';
-process.env.NPMCI_URL_CLOUDLY = 'localhost'
+process.env.NPMCI_URL_CLOUDLY = 'localhost';
 
 // set up environment
 process.env.CI_REPOSITORY_URL = 'https://yyyyyy:xxxxxxxx@gitlab.com/mygroup/myrepo.git';
@@ -23,7 +23,7 @@ let npmci: typeof import('../ts/index.js');
 
 tap.preTask('should import npmci', async () => {
   npmci = await import('../ts/index.js');
-})
+});
 
 // ======
 // Docker

ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@shipzone/npmci',
-  version: '4.0.9',
+  version: '4.1.8',
   description: 'node and docker in gitlab ci on steroids'
 }

ts/connector.cloudly/cloudlyconnector.ts

@@ -33,7 +33,7 @@ export class CloudlyConnector {
       );
 
     const response = await typedrequest.fire({
-      containerImageInfo: optionsArg
+      containerImageInfo: optionsArg,
     });
   }
 }

ts/manager.docker/index.ts

@@ -77,7 +77,7 @@ export class NpmciDockerManager {
    */
   public prepare = async () => {
     // Always login to GitLab Registry
-    if (!process.env.CI_BUILD_TOKEN || process.env.CI_BUILD_TOKEN === '') {
+    if (!process.env.CI_JOB_TOKEN || process.env.CI_JOB_TOKEN === '') {
       logger.log('error', 'No registry token specified by gitlab!');
       process.exit(1);
     }
@@ -85,7 +85,7 @@ export class NpmciDockerManager {
       new DockerRegistry({
         registryUrl: 'registry.gitlab.com',
         username: 'gitlab-ci-token',
-        password: process.env.CI_BUILD_TOKEN,
+        password: process.env.CI_JOB_TOKEN,
       })
     );
 

ts/manager.docker/mod.classes.dockerfile.ts

@@ -177,14 +177,17 @@ export class Dockerfile {
   ): Promise<string> {
     logger.log('info', 'checking for env vars to be supplied to the docker build');
     let buildArgsString: string = '';
-    for (const key of Object.keys(
+    for (const dockerArgKey of Object.keys(
       npmciDockerManagerRef.npmciRef.npmciConfig.getConfig().dockerBuildargEnvMap
     )) {
-      const targetValue =
-        process.env[
-          npmciDockerManagerRef.npmciRef.npmciConfig.getConfig().dockerBuildargEnvMap[key]
-        ];
-      buildArgsString = `${buildArgsString} --build-arg ${key}="${targetValue}"`;
+      const dockerArgOuterEnvVar =
+        npmciDockerManagerRef.npmciRef.npmciConfig.getConfig().dockerBuildargEnvMap[dockerArgKey];
+      logger.log(
+        'note',
+        `docker ARG "${dockerArgKey}" maps to outer env var "${dockerArgOuterEnvVar}"`
+      );
+      const targetValue = process.env[dockerArgOuterEnvVar];
+      buildArgsString = `${buildArgsString} --build-arg ${dockerArgKey}="${targetValue}"`;
     }
     return buildArgsString;
   }
@@ -276,8 +279,7 @@ export class Dockerfile {
       registryUrl: this.pushTag,
       tag: this.buildTag,
       labels: [],
-      version:
-        this.npmciDockerManagerRef.npmciRef.npmciConfig.getConfig().projectInfo.npm.version,
+      version: this.npmciDockerManagerRef.npmciRef.npmciConfig.getConfig().projectInfo.npm.version,
     });
   }
 

ts/manager.npm/index.ts

@@ -59,6 +59,7 @@ export class NpmciNpmManager {
       'NPMCI_TOKEN_NPM*',
       (npmEnvArg: string) => {
         const npmRegistryUrl = npmEnvArg.split('|')[0];
+        logger.log('ok', `found token for ${npmRegistryUrl}`);
         let npmToken = npmEnvArg.split('|')[1];
         if (npmEnvArg.split('|')[2] && npmEnvArg.split('|')[2] === 'plain') {
           logger.log('ok', 'npm token not base64 encoded.');

ts/mod_precheck/index.ts

@@ -0,0 +1,24 @@
+import * as plugins from './plugins.js';
+import * as paths from '../npmci.paths.js';
+import { logger } from '../npmci.logging.js';
+import { Npmci } from '../npmci.classes.npmci.js';
+
+export const handleCli = async (npmciRefArg: Npmci, argvArg: any) => {
+  logger.log('info', 'checking execution context');
+  const presentRunnerTags = process.env.CI_RUNNER_TAGS.split(',').map((stringArg) =>
+    stringArg.trim()
+  );
+  let allDesiredGitlabRunnerTagsPresent = true;
+  for (const desiredRunnerTag of npmciRefArg.npmciConfig.getConfig().gitlabRunnerTags) {
+    if (!presentRunnerTags.includes(desiredRunnerTag)) {
+      allDesiredGitlabRunnerTagsPresent = false;
+      logger.log(
+        'error',
+        `Desired runnerRag ${desiredRunnerTag} is missing in current execution context.`
+      );
+    }
+  }
+  if (!allDesiredGitlabRunnerTagsPresent) {
+    process.exit(1);
+  }
+};

ts/mod_precheck/plugins.ts

@@ -0,0 +1 @@
+export * from '../npmci.plugins.js';

ts/npmci.classes.npmcicli.ts

@@ -79,17 +79,16 @@ export class NpmciCli {
       }
     );
 
+    this.smartcli.addCommand('precheck').subscribe(async (argvArg) => {
+      const modPrecheck = await import('./mod_precheck/index.js');
+      await modPrecheck.handleCli(this.npmciRef, argvArg);
+    });
+
     // trigger
-    this.smartcli.addCommand('ssh').subscribe(
-      async (argvArg) => {
+    this.smartcli.addCommand('ssh').subscribe(async (argvArg) => {
       const modSsh = await import('./mod_ssh/index.js');
       await modSsh.handleCli(argvArg);
-      },
-      (err) => {
-        console.log(err);
-        process.exit(1);
-      }
-    );
+    });
 
     // trigger
     this.smartcli.addCommand('trigger').subscribe(

ts/npmci.classes.npmciconfig.ts

@@ -20,6 +20,9 @@ export interface INpmciOptions {
   dockerRegistryRepoMap: { [key: string]: string };
   dockerBuildargEnvMap: { [key: string]: string };
 
+  // gitlab
+  gitlabRunnerTags: string[];
+
   // urls
   urlCloudly: string;
 }
@@ -57,6 +60,7 @@ export class NpmciConfig {
       dockerRegistryRepoMap: {},
       npmAccessLevel: 'private',
       npmRegistryUrl: 'registry.npmjs.org',
+      gitlabRunnerTags: [],
       dockerBuildargEnvMap: {},
       urlCloudly: this.npmciQenv.getEnvVarOnDemand('NPMCI_URL_CLOUDLY'),
     };

ts/npmci.paths.ts

@@ -3,7 +3,10 @@ import * as plugins from './npmci.plugins.js';
 export const cwd = process.cwd();
 
 // package paths
-export const NpmciPackageRoot = plugins.path.join(plugins.smartpath.get.dirnameFromImportMetaUrl(import.meta.url), '../');
+export const NpmciPackageRoot = plugins.path.join(
+  plugins.smartpath.get.dirnameFromImportMetaUrl(import.meta.url),
+  '../'
+);
 export const NpmciPackageConfig = plugins.path.join(NpmciPackageRoot, './config.json');
 
 // project paths

ts/npmci.plugins.ts

@@ -57,9 +57,7 @@ export {
 // @tsclass scope
 import * as tsclass from '@tsclass/tsclass';
 
-export {
-  tsclass
-}
+export { tsclass };
 
 // third party
 import * as through2 from 'through2';