-
Notifications
You must be signed in to change notification settings - Fork 1
/
eosio-ci-env.cb.yaml
119 lines (105 loc) · 3.18 KB
/
eosio-ci-env.cb.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
### commit and push those values in !
substitutions:
_REPOSITORY: "[email protected]:dfuse-io/eos.git"
_IMAGE_TAG: ubuntu-18.04
_BRANCH: v2.0.12-dm-12.0 # Can be either a tag or a branch, branch can be used when "testing" stuff out
steps:
# Download SSH encrypted private key and SSH known hosts file
- id: download-ssh-files
name: 'gcr.io/cloud-builders/gsutil'
entrypoint: 'bash'
args:
- '-ce'
- |
gsutil cp gs://${PROJECT_ID}_cloudbuild/github_id_rsa.enc /root/.ssh/github_id_rsa.enc
gsutil cp gs://${PROJECT_ID}_cloudbuild/github_known_hosts /root/.ssh/known_hosts
volumes:
- name: 'ssh'
path: /root/.ssh
- id: download-ssh-known-hosts-file
name: 'gcr.io/cloud-builders/gsutil'
args: ['cp', 'gs://${PROJECT_ID}_cloudbuild/github_known_hosts', '/root/.ssh/known_hosts']
volumes:
- name: 'ssh'
path: /root/.ssh
# Decrypting SSH encrypted private key
- id: decrypt-ssh-encrypted-private-key
name: 'gcr.io/cloud-builders/gcloud'
args:
- kms
- decrypt
- --project=eoscanada-public
- --ciphertext-file=/root/.ssh/github_id_rsa.enc
- --plaintext-file=/root/.ssh/id_rsa
- --location=global
- --keyring=github-keys
- --key=github-key
volumes:
- name: 'ssh'
path: /root/.ssh
# Initializing Git with SSH credentials and URL transformation
- id: configure-git-for-private-repositories-access
name: 'gcr.io/cloud-builders/git'
entrypoint: 'bash'
args:
- '-ce'
- |
chmod 600 /root/.ssh/id_rsa
cat <<EOF >/root/.ssh/config
Hostname github.com
IdentityFile /root/.ssh/id_rsa
EOF
git config --global --add url."[email protected]:dfuse-io/".insteadOf "https://github.com/dfuse-io/"
git config --global --add url."[email protected]:eoscanada/".insteadOf "https://github.com/eoscanada/"
# Use our own fork of ultra-fc for now since CloubBuild credentials doesn't have access to this ...
git config --global --add url."[email protected]:dfuse-io/eosio-fc-private".insteadOf "[email protected]:ultraio/ultra-fc"
volumes:
- name: 'ssh'
path: /root/.ssh
- name: 'git_home'
path: /root/.git
- id: clone-source
name: gcr.io/cloud-builders/git
args: [
'clone',
'--branch=${_BRANCH}',
'--depth=1',
'--recursive',
'${_REPOSITORY}',
'/git',
]
volumes:
- name: 'git'
path: '/git'
- name: 'ssh'
path: /root/.ssh
- name: 'git_home'
path: /root/.git
- id: docker-image
name: gcr.io/cloud-builders/docker
entrypoint: 'bash'
env:
- PLATFORM_TYPE=pinned
- IMAGE_TAG=${_IMAGE_TAG}-pinned
- FORCE_BASE_IMAGE=true
# Supports for both <= 2.0.7 and >= 2.0.8
- IMAGE_NAME=gcr.io/${PROJECT_ID}/eosio-ci # Used by <= 2.0.7
- MIRROR_REGISTRY=gcr.io/${PROJECT_ID}/eosio-ci # Used by >= 2.0.8
args:
- '-cxe'
- |
env
cd /git
./.cicd/generate-base-images.sh
. .cicd/helpers/file-hash.sh .cicd/platforms/$$PLATFORM_TYPE/$$IMAGE_TAG.dockerfile
docker tag $$FULL_TAG gcr.io/${PROJECT_ID}/eosio-ci:${_IMAGE_TAG}-latest
# We push the full tag image right away otherwise the tag is lost
docker push $$FULL_TAG
volumes:
- name: 'git'
path: '/git'
options:
machineType: 'N1_HIGHCPU_32'
images:
- gcr.io/${PROJECT_ID}/eosio-ci:${_IMAGE_TAG}-latest
timeout: 1h