From 8856ce96c646131162937aee5a0ca78f44b76cc5 Mon Sep 17 00:00:00 2001
From: Nicholas Shavers <nshavers@contractor.usgs.gov>
Date: Thu, 31 Oct 2024 16:31:47 -0700
Subject: [PATCH 1/4] use projects container registry

---
 .gitlab-ci.yml | 32 +++++++++++++-------------------
 1 file changed, 13 insertions(+), 19 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index cb2a9af1..ef229cca 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -27,7 +27,8 @@ workflow:
   before_script:
     - IMAGE_NAME=usgs/${APP_NAME}:${CI_COMMIT_REF_SLUG}
     - IMAGE_NAME=${IMAGE_NAME/:master/:latest}
-    - INTERNAL_IMAGE_NAME=${CODE_REGISTRY_IMAGE}/${IMAGE_NAME}
+    - PROJECT_IMAGE_NAME=$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
+    - PROJECT_IMAGE_NAME=${PROJECT_IMAGE_NAME/:master/:latest}
 
 .deploy:
   extends:
@@ -41,7 +42,7 @@ workflow:
       scripts/.
     - export APP_NAME=${APP_NAME}
     - export IMAGE_NAME=${IMAGE_NAME}
-    - export REGISTRY=${CODE_REGISTRY_IMAGE}
+    - export REGISTRY=${CI_REGISTRY_IMAGE}
     - export STACK_NAME=${APP_NAME}
     - ./scripts/deploy.sh
   stage: deploy
@@ -91,13 +92,6 @@ workflow:
 
 # template for jobs that need docker-in-docker
 .dind:
-  # TODO: refactor Docker build to different runner
-  # before_script:
-  #   - |
-  #     echo "${CI_REGISTRY_PASSWORD}" | docker login \
-  #       --username "${CI_REGISTRY_USER}" \
-  #       --password-stdin \
-  #       "${CI_REGISTRY}"
   image: code.usgs.gov:5001/devops/images/usgs/docker:20
   services:
     - alias: docker
@@ -216,16 +210,16 @@ Build Docker Image:
     # fail HIGH,CRITICAL vulnerabilities
     - trivy image --exit-code 1 --severity HIGH,CRITICAL "${LOCAL_IMAGE}";
 
-    ## push image
-    - if [ "${CI_PROJECT_PATH}" != "${UPSTREAM_PATH}" ]; then
-      echo "Skipping push on non-upstream (${CI_PROJECT_PATH})";
-      exit 0;
-      fi
-    - |
-      for IMAGE in "${INTERNAL_IMAGE_NAME}"; do
-        docker tag "${LOCAL_IMAGE}" "${IMAGE}";
-        docker push "${IMAGE}";
-      done
+    ## push image to project registry only
+    # - if [ "${CI_PROJECT_PATH}" != "${UPSTREAM_PATH}" ]; then
+    #   echo "Skipping push on non-upstream (${CI_PROJECT_PATH})";
+    #   exit 0;
+    #   fi
+
+    ## push image to user or project registries
+    - echo "$CI_REGISTRY_PASSWORD" | docker login $CI_REGISTRY -u $CI_REGISTRY_USER --password-stdin
+    - docker tag "${LOCAL_IMAGE}" "${PROJECT_IMAGE_NAME}";
+    - docker push "${PROJECT_IMAGE_NAME}";
   stage: integration
   tags:
     # TODO: refactor to separate build/publish steps
-- 
GitLab


From aaa3d09b2efa2f03764f0eb18965192e08a58b85 Mon Sep 17 00:00:00 2001
From: Nicholas Shavers <nshavers@contractor.usgs.gov>
Date: Thu, 31 Oct 2024 16:50:38 -0700
Subject: [PATCH 2/4] needs deploy tag

---
 .gitlab-ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index ef229cca..096c925b 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -223,7 +223,7 @@ Build Docker Image:
   stage: integration
   tags:
     # TODO: refactor to separate build/publish steps
-    - build
+    - deploy
   variables:
     APP_NAME: geomag-algorithms
     FROM_IMAGE: code.usgs.gov:5001/devops/images/usgs/python:3.10-obspy
-- 
GitLab


From 837b6b078354259eebf87487c27637d2ba4d5e86 Mon Sep 17 00:00:00 2001
From: Nicholas Shavers <nshavers@contractor.usgs.gov>
Date: Fri, 1 Nov 2024 08:38:28 -0700
Subject: [PATCH 3/4] image_name updated

---
 .gitlab-ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 096c925b..50688ce4 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -25,7 +25,7 @@ workflow:
 
 .adjust_image_names:
   before_script:
-    - IMAGE_NAME=usgs/${APP_NAME}:${CI_COMMIT_REF_SLUG}
+    - IMAGE_NAME=${APP_NAME}:${CI_COMMIT_REF_SLUG}
     - IMAGE_NAME=${IMAGE_NAME/:master/:latest}
     - PROJECT_IMAGE_NAME=$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
     - PROJECT_IMAGE_NAME=${PROJECT_IMAGE_NAME/:master/:latest}
-- 
GitLab


From be1177a9a4ca936d568095c98d77e156ce4ee56e Mon Sep 17 00:00:00 2001
From: Nicholas Shavers <nshavers@contractor.usgs.gov>
Date: Fri, 1 Nov 2024 09:41:30 -0700
Subject: [PATCH 4/4] refresh staled branch

---
 .gitlab-ci.yml | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 50688ce4..5c3fcbb4 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -210,16 +210,11 @@ Build Docker Image:
     # fail HIGH,CRITICAL vulnerabilities
     - trivy image --exit-code 1 --severity HIGH,CRITICAL "${LOCAL_IMAGE}";
 
-    ## push image to project registry only
-    # - if [ "${CI_PROJECT_PATH}" != "${UPSTREAM_PATH}" ]; then
-    #   echo "Skipping push on non-upstream (${CI_PROJECT_PATH})";
-    #   exit 0;
-    #   fi
-
     ## push image to user or project registries
     - echo "$CI_REGISTRY_PASSWORD" | docker login $CI_REGISTRY -u $CI_REGISTRY_USER --password-stdin
     - docker tag "${LOCAL_IMAGE}" "${PROJECT_IMAGE_NAME}";
     - docker push "${PROJECT_IMAGE_NAME}";
+    
   stage: integration
   tags:
     # TODO: refactor to separate build/publish steps
-- 
GitLab