Loading .gitignore +1 −1 Original line number Diff line number Diff line Loading @@ -10,4 +10,4 @@ _i18n/*.yml .env __pycache__ *.txt AGENTS*.md .gitlab-ci.yml +33 −3 Original line number Diff line number Diff line Loading @@ -3,6 +3,7 @@ variables: DOCKER_DRIVER: overlay2 stages: - lint - deep-build - build - scan Loading @@ -10,6 +11,35 @@ stages: default: image: docker:20.10 lint:dockerfile: stage: lint tags: - generic_privileged image: hadolint/hadolint:latest-debian script: - for file in Dockerfile Dockerfile.jekyll Dockerfile.nginx; do echo "Linting $file"; hadolint "$file"; done lint:commit_message: stage: lint image: node:18 before_script: - npm install --location=global @commitlint/cli @commitlint/config-conventional - | cat > commitlint.config.js <<'JS' module.exports = { extends: ['@commitlint/config-conventional'] }; JS - git fetch --unshallow || true - git fetch origin $CI_DEFAULT_BRANCH script: - | COMMITS=$(git rev-list origin/$CI_DEFAULT_BRANCH..HEAD) echo "$COMMITS" | while read commit; do echo "Linting commit $commit" git show --no-patch --format=%B $commit | commitlint || exit 1 done # Build stage .build:docker: stage: build Loading Loading @@ -72,17 +102,17 @@ container_scanning: stage: scan variables: SECURE_LOG_LEVEL: 'debug' DOCKER_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG CS_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG jekyll_container_scanner: extends: container_scanning variables: DOCKER_IMAGE: $CI_REGISTRY_IMAGE/jekyll:$CI_COMMIT_REF_SLUG CS_IMAGE: $CI_REGISTRY_IMAGE/jekyll:$CI_COMMIT_REF_SLUG nginx_container_scanner: extends: container_scanning variables: DOCKER_IMAGE: $CI_REGISTRY_IMAGE/nginx:$CI_COMMIT_REF_SLUG CS_IMAGE: $CI_REGISTRY_IMAGE/nginx:$CI_COMMIT_REF_SLUG # Deploy stage .deploy:compose: Loading Dockerfile +7 −0 Original line number Diff line number Diff line Loading @@ -12,4 +12,11 @@ RUN jekyll build -d /tmp/e_docs_website && rm /tmp/Gemfile* #RUN minify -r -o /tmp/e_docs_website/ /tmp/e_docs_website/ FROM registry.gitlab.e.foundation/e/documentation/user/nginx:$IMAGE_TAG COPY --chown=www-data:www-data --from=jekyll /tmp/e_docs_website/ /tmp/e_docs_website/ Dockerfile.jekyll +2 −3 Original line number Diff line number Diff line FROM jekyll/jekyll:stable AS jekyll FROM jekyll/jekyll:4 AS jekyll WORKDIR /tmp COPY --chown=jekyll:jekyll Gemfile Gemfile.lock /tmp/ RUN bundle config set --local deployment 'true' RUN bundle install RUN bundle config set --local deployment 'true' && bundle install Dockerfile.nginx +7 −5 Original line number Diff line number Diff line FROM nginx:stable LABEL maintainer="dev@murena.io" RUN apt-get -y update RUN apt-get -y install rsync RUN apt-get update \ && apt-get install -y --no-install-recommends rsync=3.2.7-1+deb12u2 \ && rm -rf /var/lib/apt/lists/* COPY ./config/nginx/nginx.conf /etc/nginx/nginx.conf COPY ./config/nginx/conf.d /etc/nginx/conf.d COPY ./entrypoint.sh ./entrypoint.sh RUN chmod +x entrypoint.sh COPY ./entrypoint.sh /entrypoint.sh RUN chmod +x /entrypoint.sh ENTRYPOINT [ "./entrypoint.sh" ] ENTRYPOINT [ "/entrypoint.sh" ] Loading
.gitignore +1 −1 Original line number Diff line number Diff line Loading @@ -10,4 +10,4 @@ _i18n/*.yml .env __pycache__ *.txt AGENTS*.md
.gitlab-ci.yml +33 −3 Original line number Diff line number Diff line Loading @@ -3,6 +3,7 @@ variables: DOCKER_DRIVER: overlay2 stages: - lint - deep-build - build - scan Loading @@ -10,6 +11,35 @@ stages: default: image: docker:20.10 lint:dockerfile: stage: lint tags: - generic_privileged image: hadolint/hadolint:latest-debian script: - for file in Dockerfile Dockerfile.jekyll Dockerfile.nginx; do echo "Linting $file"; hadolint "$file"; done lint:commit_message: stage: lint image: node:18 before_script: - npm install --location=global @commitlint/cli @commitlint/config-conventional - | cat > commitlint.config.js <<'JS' module.exports = { extends: ['@commitlint/config-conventional'] }; JS - git fetch --unshallow || true - git fetch origin $CI_DEFAULT_BRANCH script: - | COMMITS=$(git rev-list origin/$CI_DEFAULT_BRANCH..HEAD) echo "$COMMITS" | while read commit; do echo "Linting commit $commit" git show --no-patch --format=%B $commit | commitlint || exit 1 done # Build stage .build:docker: stage: build Loading Loading @@ -72,17 +102,17 @@ container_scanning: stage: scan variables: SECURE_LOG_LEVEL: 'debug' DOCKER_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG CS_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG jekyll_container_scanner: extends: container_scanning variables: DOCKER_IMAGE: $CI_REGISTRY_IMAGE/jekyll:$CI_COMMIT_REF_SLUG CS_IMAGE: $CI_REGISTRY_IMAGE/jekyll:$CI_COMMIT_REF_SLUG nginx_container_scanner: extends: container_scanning variables: DOCKER_IMAGE: $CI_REGISTRY_IMAGE/nginx:$CI_COMMIT_REF_SLUG CS_IMAGE: $CI_REGISTRY_IMAGE/nginx:$CI_COMMIT_REF_SLUG # Deploy stage .deploy:compose: Loading
Dockerfile +7 −0 Original line number Diff line number Diff line Loading @@ -12,4 +12,11 @@ RUN jekyll build -d /tmp/e_docs_website && rm /tmp/Gemfile* #RUN minify -r -o /tmp/e_docs_website/ /tmp/e_docs_website/ FROM registry.gitlab.e.foundation/e/documentation/user/nginx:$IMAGE_TAG COPY --chown=www-data:www-data --from=jekyll /tmp/e_docs_website/ /tmp/e_docs_website/
Dockerfile.jekyll +2 −3 Original line number Diff line number Diff line FROM jekyll/jekyll:stable AS jekyll FROM jekyll/jekyll:4 AS jekyll WORKDIR /tmp COPY --chown=jekyll:jekyll Gemfile Gemfile.lock /tmp/ RUN bundle config set --local deployment 'true' RUN bundle install RUN bundle config set --local deployment 'true' && bundle install
Dockerfile.nginx +7 −5 Original line number Diff line number Diff line FROM nginx:stable LABEL maintainer="dev@murena.io" RUN apt-get -y update RUN apt-get -y install rsync RUN apt-get update \ && apt-get install -y --no-install-recommends rsync=3.2.7-1+deb12u2 \ && rm -rf /var/lib/apt/lists/* COPY ./config/nginx/nginx.conf /etc/nginx/nginx.conf COPY ./config/nginx/conf.d /etc/nginx/conf.d COPY ./entrypoint.sh ./entrypoint.sh RUN chmod +x entrypoint.sh COPY ./entrypoint.sh /entrypoint.sh RUN chmod +x /entrypoint.sh ENTRYPOINT [ "./entrypoint.sh" ] ENTRYPOINT [ "/entrypoint.sh" ]
