Skip to main content

This component needs to be present in each pipeline.

Usage

include:
- component: $CI_SERVER_FQDN/xrow-public/ci-tools/common@stable

Common pipeline stages

The following stages are implemented by default:

NameDescription
.predefault reserved special stage that is executed before all other stages and is used by some helper tasks
lintLinting stage for all linting jobs before build
buildBuild stage for all software builds
testTest stage to validate all software builds
deployDeploy stage to ship a build to environments
releaseRelease stage to publish software releases
.postdefault post pipeline stage in GitLab used by some helper tasks

Load the library from a protected repository

A bootloader token is not required when loading the library with the default images in this library.

  • Set the global variable CI_BOOTLOADER_TOKEN in your GitLab instance with the value

Inputs

NameDescriptionDefaultType
------------
bootloaderThe internal bootloader to load the CI library. See scripts/bootloader.sh for details.IyEvYmluL2Jhc2gKCiMgZ2VuZXJhdGUgaGFzaCBhbmQgcmVwbGFjZSBpbiB0ZW1wbGF0ZS9jb21tb24vdGVtcGxhdGUueW1sCiMgY2F0IHNjcmlwdHMvYm9vdGxvYWRlci5zaCB8IGJhc2U2NCAtdyAwCgojIFNldCB0byBlbXB0eSB2YWx1ZSBpZiBDSV9CT09UTE9BREVSX1RPS0VOIHdhcyBub3QgZXhwYW5kZWQKaWYgW1sgIiR7Q0lfQk9PVExPQURFUl9UT0tFTn0iID1+IENJX0JPT1RMT0FERVJfVE9LRU4gXV07IHRoZW4KICBleHBvcnQgQ0lfQk9PVExPQURFUl9UT0tFTj0iIgpmaQoKaWYgW1sgLXYgMSBdXTsgdGhlbgogIGV4cG9ydCBDSV9UT09MU19WRVJTSU9OPSIkezF9IgplbHNlCiAgZXhwb3J0IENJX1RPT0xTX1ZFUlNJT049IiR7Q0lfVE9PTFNfVkVSU0lPTjotbWFpbn0iCmZpCgpmdW5jdGlvbiBjaV9sb2FkX2xpYiB7CiAgaWYgW1sgLXggIiQoY29tbWFuZCAtdiBjdXJsKSIgJiYgLXggIiQoY29tbWFuZCAtdiB0YXIpIiAmJiAoIC1uICIke0NJX0JPT1RMT0FERVJfVE9LRU59IiB8fCAiJHtDSV9TRVJWRVJfRlFETn0iID09ICJnaXRsYWIuY29tIiApIF1dOyB0aGVuCiAgICBpZiBbWyAtbiAiJHtDSV9CT09UTE9BREVSX1RPS0VOfSIgXV07IHRoZW4KICAgICAgYXV0aD0iLS1oZWFkZXIgXCJQUklWQVRFLVRPS0VOOiAke0NJX0JPT1RMT0FERVJfVE9LRU59XCIiCiAgICBmaQogICAgbWtkaXIgIiR7Q0lfVE9PTFNfRElSfSIKICAgICMgQWxzbyB3b3JrcyB3aXRoIHRhZyBhbmQgYnJhbmNoIG5hbWVzCiAgICBjdXJsIC1mIC1MIC1zIC0tdXJsICJodHRwczovLyR7Q0lfU0VSVkVSX0ZRRE59L2FwaS92NC9wcm9qZWN0cy94cm93LXB1YmxpYyUyRmNpLXRvb2xzL3JlcG9zaXRvcnkvYXJjaGl2ZS50Z3o/c2hhPSR7Q0lfVE9PTFNfVkVSU0lPTn0iIFwKICAgIC0tb3V0cHV0IC0gfCB0YXIgLXh6IC1DICIke0NJX1RPT0xTX0RJUn0iIC0tc3RyaXAtY29tcG9uZW50cz0xCiAgICByZXR1cm4gMAogIGZpCiAgaWYgW1sgISAteCAiJChjb21tYW5kIC12IGdpdCkiICYmIC14ICIkKGNvbW1hbmQgLXYgZG5mKSIgJiYgIiQod2hvYW1pKSIgPT0gInJvb3QiIF1dOyB0aGVuCiAgICBkbmYgaW5zdGFsbCAteSBnaXQ7CiAgZmkKICBpZiBbWyAhIC14ICIkKGNvbW1hbmQgLXYgZ2l0KSIgJiYgLXggIiQoY29tbWFuZCAtdiBtaWNyb2RuZikiICYmICIkKHdob2FtaSkiID09ICJyb290IiBdXTsgdGhlbgogICAgbWljcm9kbmYgaW5zdGFsbCAteSBnaXQ7CiAgZmkKICBpZiBbWyAhIC14ICIkKGNvbW1hbmQgLXYgZ2l0KSIgJiYgLXggIiQoY29tbWFuZCAtdiBhcHQtZ2V0KSIgJiYgIiQod2hvYW1pKSIgPT0gInJvb3QiIF1dOyB0aGVuCiAgICBhcHQtZ2V0IGluc3RhbGwgLXkgZ2l0CiAgZmkKICBpZiBbWyAteCAiJChjb21tYW5kIC12IGdpdCkiICYmIC12IENJX0pPQl9UT0tFTiBdXTsgdGhlbgogICAgdXJsPSJodHRwczovL2dpdGxhYi1jaS10b2tlbjoke0NJX0pPQl9UT0tFTn1AJENJX1NFUlZFUl9GUUROL3hyb3ctcHVibGljL2NpLXRvb2xzLmdpdCIKICAgIHRtcGRpcj0kKG1rdGVtcCAtZCAtcCAvdG1wKTsKICAgIGdpdCBjb25maWcgLS1nbG9iYWwgYWR2aWNlLmRldGFjaGVkSGVhZCBmYWxzZSB8fCB0cnVlCiAgICBpZiBbWyAiJHtDSV9UT09MU19WRVJTSU9OfSIgPX4gXlthLWYwLTldezQwfSQgXV07IHRoZW4KICAgICAgZ2l0IGNsb25lICR7dXJsfSAke0NJX1RPT0xTX0RJUn0KICAgICAgZ2l0IC1DICR7Q0lfVE9PTFNfRElSfSByZXNldCAke0NJX1RPT0xTX1ZFUlNJT059IC0taGFyZAogICAgZWxzZQogICAgICBnaXQgY2xvbmUgLS1icmFuY2ggJHtDSV9UT09MU19WRVJTSU9OfSAtLXNpbmdsZS1icmFuY2ggJHt1cmx9ICR7Q0lfVE9PTFNfRElSfQogICAgZmkKICAgIGlmIFtbICEgLWQgIiR7Q0lfVE9PTFNfRElSfSIgJiYgJENJX1NFUlZFUl9GUUROICE9ICJnaXRsYWIuY29tIiBdXTsgdGhlbgogICAgICBlY2hvICJbZXJyb3JdIENvdWxkIG5vdCBjbG9uZSBDSSB0b29scyBsaWJyYXJ5IGZyb20gJHtDSV9TRVJWRVJfRlFETn0iCiAgICAgIHJldHVybiAxCiAgICBmaQogICAgcmV0dXJuIDAKICBmaQogIHJldHVybiAxCn0KCmV4cG9ydCBDSV9TRVJWRVJfRlFETj0iJHtDSV9TRVJWRVJfRlFETjotZ2l0bGFiLmNvbX0iCnRtcGRpcj0kKG1rdGVtcCAtZCAtcCAvdG1wKTsKZXhwb3J0IENJX1RPT0xTX0RJUj0iJHt0bXBkaXJ9L2NpLXRvb2xzIgplY2hvICJbaW5mb10gTG9hZCBsaWJyYXJ5OiBob3N0ICR7Q0lfU0VSVkVSX0ZRRE59OyB2ZXJzaW9uICcke0NJX1RPT0xTX1ZFUlNJT059JzsgZGlyZWN0b3J5ICR7Q0lfVE9PTFNfRElSfSIKY2lfbG9hZF9saWIgfHwgewogIGVjaG8gIltlcnJvcl0gQ291bGQgbm90IGxvYWQgQ0kgdG9vbHMgbGlicmFyeSIKICBleGl0IDEKfQpzb3VyY2UgIiR7Q0lfVE9PTFNfRElSfS9zY3JpcHRzL2xpYnJhcnkuc2giCg==string
bootloader-tokenThe deployment token to use for the bootloader to fetch the CI library from private repositories. Needs to be unmasked if used.${CI_BOOTLOADER_TOKEN}string
ca-bundle-pathThe path to the CA bundle file with additional CA certificates.string
registryRegistry to store container image releases in$CI_REGISTRYstring
reporegistry.gitlab.com/xrow-public/ci-toolsstring
repository-pathRepository to store container image releases in$CI_PROJECT_PATHstring
stagesThe stages available in the pipeline.["lint","build","test","release","deploy"]array
trivy-repositoryThe image repository to use for trivy.ghcr.io/aquasecuritystring
validate-enabledEnable validation of the GitLab CI configurationfalseboolean