ruhnet
/
kazoo_firewall_agent
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 1 Wiki Activity
Daemon that listens for AMQP messages to add IP addresses and ports to FirewallD. IP addresses expire and are removed automatically after a configurable timeout.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10 Commits
1 Branch
83 KiB
 
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
kazoo_firewall_agent/bitbucket-pipelines.yml

151 lines
6.4 KiB
Raw Permalink Blame History

####################################################################################################
## NOTE: Environment variables not declared within the actual "script"s sections, are being read ##
## from bitbucket's repository/workspace variables' configuration page or the Docker container. ##
####################################################################################################
image:
name: docker-registry.mysmartpbx.org:5000/kazoo_firewall_agent:1.0-rockylinux-9
username: $DOCKER_REGISTRY_USERNAME
password: $DOCKER_REGISTRY_PASSWORD
# Keeping this parameter just for historic and documentation reasons:
# If "run-as-user" parameter is set to a given user ID (UID) and the given UID does not exist on
# the configured Docker Image, some steps may work as expected but there won't be any output from
# the pipelines steps available on the Pipelines UI. Not matter if the pipeline succeeds or not,
# not output will be available. Once you remove (or comment) the parameter, steps continue working
# as expected and they will also contain all the expected output from the steps' scripts.
#run-as-user: 1000 # circleci UID from main docker image.
definitions:
caches:
go-deps-cache:
key:
files:
- go.mod
path: $HOME/go
steps:
- step: &default
name: "default"
runs-on:
- "self.hosted"
- "linux"
- step: &info-step
name: "Informational step"
clone:
enabled: false
image: "alpine" # Image size is only 5MB! Remember to override it in future steps if needed.
- step: &build-rpm-packages
<<: *default
name: "Build RockyLinux9 RPM packages"
caches:
- go-deps-cache
script:
- |
echo "Preparing source for packaging"
mkdir -vp /tmp/packaging/rpmbuild/{SOURCES,BUILD,BUILDROOT,i386,x86_64,SPECS}
mkdir -vp /tmp/packaging/${BITBUCKET_REPO_SLUG}
cp -R ./* /tmp/packaging/${BITBUCKET_REPO_SLUG}
cp ./kfa.spec /tmp/packaging/rpmbuild/SPECS/.
cd /tmp/packaging
echo " - removing files that should not be packaged in the source tar"
rm -rf ${BITBUCKET_REPO_SLUG}/*.org
rm -rf ${BITBUCKET_REPO_SLUG}/*.md
rm -rf ${BITBUCKET_REPO_SLUG}/.git*
echo " - creating the source tar"
tar -zcvf ${BITBUCKET_REPO_SLUG}.tar.gz ${BITBUCKET_REPO_SLUG}
cp ${BITBUCKET_REPO_SLUG}.tar.gz rpmbuild/SOURCES/.
- |
echo "Packaging"
rpmbuild \
--define "_topdir %(pwd)/rpmbuild" \
--define "_rpmdir %{_topdir}" \
--define "_srcrpmdir %{_topdir}" \
--define "custom_version 1.0" \
-vv -bb rpmbuild/SPECS/kfa.spec
mv /tmp/packaging/rpmbuild/x86_64 $BITBUCKET_CLONE_DIR/RPMS
- |
cd $BITBUCKET_CLONE_DIR
echo "Pushing STEP artifacts to artifacts repository"
ROS_VERSION=$(rpm -E %{rhel})
export ARTIFACTS_FILENAME=artifacts-${BITBUCKET_REPO_SLUG}-build${BITBUCKET_BUILD_NUMBER}-rocky${ROS_VERSION}-step${BITBUCKET_STEP_UUID}-${BITBUCKET_STEP_RUN_NUMBER}.tar.gz
echo " - compressing artifacts into ${ARTIFACTS_FILENAME}"
tar zcvf /tmp/${ARTIFACTS_FILENAME} RPMS/**
export SKIP_METADATA=1 # Instruct upload_pkgs.sh script to skip triggering repositories metadata update.
echo " - pushing compressed artifacts to artifacts server"
/tmp/packager/upload_pkgs.sh "$YUM_REPOSITORY_CREDS" "/artifacts" /tmp/$ARTIFACTS_FILENAME
artifacts:
- RPMS/**
pipelines:
custom: # Manual builds.
pull_artifact_push_packages:
- variables:
- name: ARTIFACT_NAME
description: "Name of the artifact. HINT: can be seen in the output of the step that uploads it."
- name: ROCKY_OS_VERSION
description: "RockyLinux OS version these packages were created for. e.g.: 8. NOTE: Used for filtering files to upload and to know to which folder to upload the packages to."
default: "9"
allowed-values:
- "8"
- "9"
- name: STABILITY
description: "Package stability level."
default: "staging"
allowed-values:
- "stable"
- "staging"
- "experimental"
- step:
name: "Pull artifacts & push packages to YUM repository"
clone:
enabled: false # Not need for the repository content for this step.
script:
- export ARTIFACTS_URL="http://${YUM_REPOSITORY_CREDS}@docker-registry.mysmartpbx.org/artifacts"
- export RPMS_LISTING_PATTERN="RPMS/*\.el${ROCKY_OS_VERSION}\.*\.rpm"
- env # Helpful for debugging purposes.
- curl -v $ARTIFACTS_URL/$ARTIFACT_NAME -o $ARTIFACT_NAME
- tar xvf $ARTIFACT_NAME
- ls -lah $RPMS_LISTING_PATTERN
- export UPLOAD_URI="/packages/upload/rockylinux/${ROCKY_OS_VERSION}/${STABILITY}/"
- /tmp/packager/upload_pkgs.sh "$YUM_REPOSITORY_CREDS" "${UPLOAD_URI}" "${RPMS_LISTING_PATTERN}"
branches:
'master':
- parallel:
name: "Build Rocky 9 packages"
steps:
- step: # Informational step only. I find pipelines lack to appropiately tell what triggered the build.
<<: *info-step
script:
- echo "Pipeline triggered by a change on ${BITBUCKET_BRANCH} branch"
- step:
<<: *build-rpm-packages
pull-requests:
'**':
- parallel:
name: "Build Rocky 9 packages"
steps:
- step: # Informational step only. I find pipelines lack to appropiately tell what triggered the build.
<<: *info-step
script:
- echo "Pipeline triggered by a PR change"
- step:
<<: *build-rpm-packages
tags:
'**':
- parallel:
name: "Build Rocky 9 packages"
steps:
- step: # Informational step only. I find pipelines lack to appropiately tell what triggered the build.
<<: *info-step
script:
- echo "Pipeline triggered by a brand new TAG"
- step:
<<: *build-rpm-packages