diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 01e2e8ccccd4a11fb33ea4e6f4db9c5fc896734a..3f4428ee57cb03d30bf24f88326cecb23408e3a4 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -4,6 +4,8 @@ variables:
JUNIT_FILES: src/lib/build/test-results/test/TEST-*.xml
REPORTS_DIR: src/lib/build/reports
+image: ${CI_REGISTRY}/devops/images/usgs/java:11
+
stages:
- build
- trigger
@@ -70,10 +72,10 @@ default:
# Docker in Docker
##
.dind:
- image: ${DEVOPS_REGISTRY}docker:19.03-git
+ image: ${CI_REGISTRY}/devops/images/docker:20
services:
- alias: docker
- name: ${DEVOPS_REGISTRY}docker:19.03-dind
+ name: ${CI_REGISTRY}/devops/images/docker:20-dind
variables:
DOCKER_DRIVER: overlay2
@@ -135,9 +137,6 @@ default:
- build
variables:
DOCKERFILE: Dockerfile
- DOCKER_BUILD_ARGS: |
- BUILD_IMAGE=${DEVOPS_REGISTRY}usgs/centos:latest
- FROM_IMAGE=${DEVOPS_REGISTRY}usgs/centos:latest
IMAGE_TAG: ${ENVIRONMENT}-${CI_COMMIT_SHORT_SHA}
####
@@ -154,21 +153,19 @@ Build Image:
- .docker-build
variables:
DOCKER_BUILD_ARGS: |
- BUILD_IMAGE=${DEVOPS_REGISTRY}usgs/amazoncorretto:11
- FROM_IMAGE=${DEVOPS_REGISTRY}usgs/amazoncorretto:11
+ BUILD_IMAGE=${CI_REGISTRY}/devops/images/usgs/java:11
+ FROM_IMAGE=${CI_REGISTRY}/devops/images/usgs/java:11
CI_COMMIT_BRANCH=${CI_COMMIT_BRANCH}
CI_JOB_TOKEN=${CI_JOB_TOKEN}
CI_PROJECT_URL=${CI_PROJECT_URL}
UPSTREAM_PATH: ghsc/nshmp/nshmp-ws-static
Build Project:
- image: ${DEVOPS_REGISTRY}usgs/amazoncorretto:11
script:
- ./gradlew assemble
stage: build
Markdown Lint:
- image: ${DEVOPS_REGISTRY}usgs/amazoncorretto:11
script:
- ./gradlew markdownlint
stage: build
@@ -180,14 +177,12 @@ Unit Tests:
# reports:
# junit: ${JUNIT_FILES}
# coverage: '/Total.*?([0-9]{1,3})%/'
- image: ${DEVOPS_REGISTRY}usgs/amazoncorretto:11
script:
- ./gradlew check
# - cat ${JACOCO_HTML_DIR}/index.html
stage: build
YAML Lint:
- image: ${DEVOPS_REGISTRY}usgs/amazoncorretto:11
script:
- ./gradlew yamllint
stage: build
@@ -206,7 +201,6 @@ Trigger AWS Deployment:
- *staging-env
- *production-env
script:
- - apk add curl
- |
if [ "${ENVIRONMENT}" == 'production' ]; then
REF="production";
@@ -218,6 +212,7 @@ Trigger AWS Deployment:
--form "variables[description]=Triggered by nshmp-ws-static" \
--form "variables[ENVIRONMENT]=${ENVIRONMENT}" \
--form "variables[NSHMP_WS_STATIC_IMAGE]=${IMAGE_NAME}" \
+ --form "variables[SOURCE_PROJECT_NAME]=${CI_PROJECT_NAME}" \
"https://${PRIVATE_GITLAB}/api/v4/projects/${NSHMP_CDK_PROJECT_ID}/trigger/pipeline"
stage: trigger
variables:
diff --git a/Dockerfile b/Dockerfile
index 19ddbde3c8583c3966965d50399cb0d8d7a8b667..4fbf1fd7e4311e274924e5a9c84f4d0dc7c3da32 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,8 +3,8 @@
# docker build -t nshmp-ws-static .
####
-ARG BUILD_IMAGE=usgs/amazoncorretto:11
-ARG FROM_IMAGE=usgs/amazoncorretto:11
+ARG BUILD_IMAGE=code.usgs.gov:5001/devops/images/usgs/java:11
+ARG FROM_IMAGE=code.usgs.gov:5001/devops/images/usgs/java:11
FROM ${BUILD_IMAGE} as builder
@@ -16,8 +16,12 @@ WORKDIR /app
COPY . .
+USER root
+
RUN ./gradlew assemble
+USER usgs-user
+
####
# Run service
####
@@ -34,6 +38,14 @@ ENV NETCDF_FILE ${SERVICE}-example.nc
WORKDIR /app
+USER root
+
+RUN mkdir /asset-output \
+ && chown -R usgs-user:usgs-user /app \
+ && chown -R usgs-user:usgs-user /asset-output
+
+USER usgs-user
+
COPY --from=builder /app/src/aashto/build/libs/aashto-all.jar aashto.jar
COPY --from=builder /app/src/aashto/src/main/resources/aashto-example.nc .