Compare commits
23 Commits
ea90b8b8b0
...
0.0.27
| Author | SHA1 | Date | |
|---|---|---|---|
a14e0ab2c5
|
|||
|
471fcb2177
|
|||
|
0d4ac4022a
|
|||
|
405d66cdcb
|
|||
|
a32d9fd643
|
|||
|
7f394f82ee
|
|||
|
c8577edf0c
|
|||
|
02aba34391
|
|||
|
1fb4c387a7
|
|||
|
92b61fdae0
|
|||
|
4ddb6cfd30
|
|||
|
0eb761db27
|
|||
|
9cc81373dc
|
|||
|
b856424640
|
|||
|
d6a8f5f436
|
|||
|
4cc4e5cec6
|
|||
|
aec0e3fb0e
|
|||
|
05c5c49cd5
|
|||
|
9156b594e3
|
|||
|
4fbda91e15
|
|||
|
50248acefb
|
|||
|
c9c57445b9
|
|||
|
18631dc02a
|
@ -1,27 +1,40 @@
|
||||
stages:
|
||||
- generate-api-clients
|
||||
- dockerize
|
||||
|
||||
variables:
|
||||
REGISTRY: devnexus.krohne.com:18079/repository/docker-krohne
|
||||
IMAGE_NAME: $REGISTRY/$CI_PROJECT_NAME
|
||||
DTRACK_API_URL: https://dtrack-api-rd.krohne.com
|
||||
DEFECTDOJO_API_URL: https://defectdojo-rd.krohne.com
|
||||
KROHNE_CA_URL: https://devwiki.krohnegroup.com/lib/exe/fetch.php?media=krohne-ca.crt
|
||||
KROHNE_CA_CHECKSUM: a921e440a742f1e67c7714306e2c0d76
|
||||
|
||||
|
||||
generate-dtrack-api:
|
||||
.generate-api:
|
||||
stage: generate-api-clients
|
||||
image: openapitools/openapi-generator-cli:v7.12.0
|
||||
tags:
|
||||
- linux
|
||||
- docker
|
||||
- bash
|
||||
only:
|
||||
refs:
|
||||
- main
|
||||
rules:
|
||||
- if: '$CI_COMMIT_BRANCH == "main"'
|
||||
- if: '$CI_COMMIT_TAG'
|
||||
before_script:
|
||||
- curl --insecure $KROHNE_CA_URL -o krohne-ca.crt
|
||||
- echo "$KROHNE_CA_CHECKSUM krohne-ca.crt" | md5sum -c
|
||||
- mv krohne-ca.crt /usr/local/share/ca-certificates
|
||||
- update-ca-certificates
|
||||
|
||||
|
||||
generate-dtrack-api:
|
||||
extends: .generate-api
|
||||
artifacts:
|
||||
paths:
|
||||
- dtrack-api-client.tgz
|
||||
expire_in: 1 week
|
||||
script:
|
||||
- curl https://dtrack-api.hottis.de/api/openapi.json > dependencytrack-openapi.json
|
||||
- curl ${DTRACK_API_URL}/api/openapi.json > dependencytrack-openapi.json
|
||||
- |
|
||||
docker-entrypoint.sh \
|
||||
author template \
|
||||
@ -41,21 +54,13 @@ generate-dtrack-api:
|
||||
|
||||
|
||||
generate-defectdojo-api:
|
||||
stage: generate-api-clients
|
||||
image: openapitools/openapi-generator-cli:v7.12.0
|
||||
tags:
|
||||
- linux
|
||||
- docker
|
||||
- bash
|
||||
only:
|
||||
refs:
|
||||
- main
|
||||
extends: .generate-api
|
||||
artifacts:
|
||||
paths:
|
||||
- defectdojo-api-client.tgz
|
||||
expire_in: 1 week
|
||||
script:
|
||||
- curl https://defectdojo.hottis.de/api/v2/oa3/schema/?format=json > defectdojo-openapi.json
|
||||
- curl ${DEFECTDOJO_API_URL}/api/v2/oa3/schema/?format=json > defectdojo-openapi.json
|
||||
- |
|
||||
docker-entrypoint.sh \
|
||||
generate \
|
||||
@ -65,45 +70,31 @@ generate-defectdojo-api:
|
||||
--package-name defectdojo_api
|
||||
- tar -czvf defectdojo-api-client.tgz defectdojo-client
|
||||
|
||||
dockerize:
|
||||
stage: dockerize
|
||||
image: devnexus.krohne.com:18079/repository/docker-krohne/krohnedockerbash:0.5
|
||||
tags:
|
||||
- linux
|
||||
- docker
|
||||
- bash
|
||||
rules:
|
||||
- if: '$CI_COMMIT_TAG'
|
||||
script:
|
||||
- tar -xzf defectdojo-api-client.tgz
|
||||
- tar -xzf dtrack-api-client.tgz
|
||||
- docker build --build-arg ADDITIONAL_CA_URL="$KROHNE_CA_URL"
|
||||
--build-arg ADDITIONAL_CA_CHECKSUM=$KROHNE_CA_CHECKSUM
|
||||
--tag $IMAGE_NAME:latest
|
||||
--tag $IMAGE_NAME:$CI_COMMIT_SHA
|
||||
--tag $IMAGE_NAME:$CI_COMMIT_TAG
|
||||
.
|
||||
- docker login -u $NEXUS_USER -p $NEXUS_PASSWORD $REGISTRY
|
||||
- docker push $IMAGE_NAME:latest
|
||||
- docker push $IMAGE_NAME:$CI_COMMIT_SHA
|
||||
- docker push $IMAGE_NAME:$CI_COMMIT_TAG
|
||||
|
||||
|
||||
|
||||
# steps:
|
||||
# generate-dtrack-api:
|
||||
# image: openapitools/openapi-generator-cli:v7.12.0
|
||||
# commands:
|
||||
# - curl https://dtrack-api.hottis.de/api/openapi.json > dependencytrack-openapi.json
|
||||
# - |
|
||||
# docker-entrypoint.sh \
|
||||
# author template \
|
||||
# -g python \
|
||||
# -o dependencytrack-openapi-custom-template
|
||||
# - sed -i 's/import re/import regex as re/' dependencytrack-openapi-custom-template/model_anyof.mustache
|
||||
# - sed -i 's/import re/import regex as re/' dependencytrack-openapi-custom-template/model_generic.mustache
|
||||
# - |
|
||||
# docker-entrypoint.sh \
|
||||
# generate \
|
||||
# -i dependencytrack-openapi.json \
|
||||
# -g python \
|
||||
# -o dependencytrack-client \
|
||||
# --package-name dependencytrack_api \
|
||||
# -t dependencytrack-openapi-custom-template
|
||||
# when:
|
||||
# - event: [ push, tag ]
|
||||
#
|
||||
# generate-defectdojo:
|
||||
# image: openapitools/openapi-generator-cli:v7.12.0
|
||||
# commands:
|
||||
# - curl https://defectdojo.hottis.de/api/v2/oa3/schema/?format=json > defectdojo-openapi.json
|
||||
# - |
|
||||
# docker-entrypoint.sh \
|
||||
# generate \
|
||||
# -i defectdojo-openapi.json \
|
||||
# -g python \
|
||||
# -o defectdojo-client \
|
||||
# --package-name defectdojo_api \
|
||||
# when:
|
||||
# - event: [ push, tag ]
|
||||
#
|
||||
# build:
|
||||
# image: plugins/kaniko
|
||||
|
||||
16
Dockerfile
16
Dockerfile
@ -6,12 +6,26 @@ ENV DEFECTDOJO_URL=""
|
||||
ENV DEFECTDOJO_TOKEN=""
|
||||
|
||||
ARG APP_DIR=/opt/app
|
||||
ARG ADDITIONAL_CA_URL="x"
|
||||
ARG ADDITIONAL_CA_CHECKSUM="y"
|
||||
|
||||
RUN \
|
||||
set -e &&\
|
||||
apk add --no-cache syft &&\
|
||||
adduser -s /bin/sh -D user &&\
|
||||
mkdir -p $APP_DIR &&\
|
||||
chown user:user $APP_DIR
|
||||
chown user:user $APP_DIR &&\
|
||||
echo $ADDITIONAL_CA_URL &&\
|
||||
echo $ADDITIONAL_CA_CHECKSUM &&\
|
||||
if [ "$ADDITIONAL_CA_URL" != "x" ]; then \
|
||||
cd /usr/share/ca-certificates; \
|
||||
wget --no-check-certificate -O custom-ca.crt $ADDITIONAL_CA_URL; \
|
||||
echo "a$ADDITIONAL_CA_CHECKSUM custom-ca.crt" | md5sum -c; \
|
||||
/usr/sbin/update-ca-certificates; \
|
||||
echo "custom ca added"; \
|
||||
else \
|
||||
echo "no additional ca"; \
|
||||
fi
|
||||
|
||||
USER user
|
||||
WORKDIR $APP_DIR
|
||||
|
||||
Reference in New Issue
Block a user