diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 7a6c0f350cee3bd7bffc8279f31cdd8cf3531a7e..36cfe5f43028f4549a634bfb02ec6044b61c2422 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,7 +1,7 @@
stages:
- checks
- tests
- - publish
+ - package
- coverage
variables:
@@ -76,8 +76,39 @@ tests-3.9:
variables:
PYTHON_VERSION: "3.9"
+.image:
+ stage: package
+ tags: [docker]
+ image: docker:latest
+ services:
+ - docker:dind
+ variables:
+ PYTHON_VERSION: "3.9"
+ script:
+ - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
+ - docker build -t "$CI_REGISTRY_IMAGE/$KIND:$CI_COMMIT_SHORT_SHA" -f release/$KIND-image --build-arg PYTHON_VERS=$PYTHON_VERSION .
+ - docker push "$CI_REGISTRY_IMAGE/$KIND:$CI_COMMIT_SHORT_SHA"
+ - docker tag "$CI_REGISTRY_IMAGE/$KIND:$CI_COMMIT_SHORT_SHA" "$CI_REGISTRY_IMAGE/$KIND:$CI_COMMIT_BRANCH"
+ - docker push "$CI_REGISTRY_IMAGE/$KIND:$CI_COMMIT_BRANCH"
+ - docker tag "$CI_REGISTRY_IMAGE/$KIND:$CI_COMMIT_BRANCH" "$CI_REGISTRY_IMAGE/$KIND:latest"
+ - docker push "$CI_REGISTRY_IMAGE/$KIND:latest"
+
+image:poetry:
+ extends: .image
+ variables:
+ KIND: "poetry"
+ rules:
+ - when: manual
+
+image:pip:
+ extends: .image
+ variables:
+ KIND: "pip"
+ rules:
+ - when: manual
+
pypi_test:
- stage: publish
+ stage: package
rules:
- if: $CI_COMMIT_TAG
when: manual
@@ -86,7 +117,7 @@ pypi_test:
- poetry publish --build --username $PYPI_TEST_LOGIN --password $PYPI_TEST_PASSWORD --repository pypi_test
pypi:
- stage: publish
+ stage: package
rules:
- if: $CI_COMMIT_TAG
when: manual
diff --git a/release/pip-image b/release/pip-image
new file mode 100644
index 0000000000000000000000000000000000000000..f6f2c9e12dd80ae46c9dd2e98b741e3264068d8e
--- /dev/null
+++ b/release/pip-image
@@ -0,0 +1,38 @@
+# ------------------------------------------------------------------------------
+# Build Stage
+# ------------------------------------------------------------------------------
+ARG PYTHON_VERS
+FROM python:${PYTHON_VERS}-slim-buster AS build
+
+WORKDIR /silkaj
+
+# Copy source tree
+COPY ./ ./
+
+# Install Silkaj
+RUN pip install .
+
+# ------------------------------------------------------------------------------
+# Final Stage
+# ------------------------------------------------------------------------------
+FROM python:${PYTHON_VERS}-slim-buster
+ARG PYTHON_VERS
+
+# Create silkaj group and user
+RUN groupadd -g 1111 silkaj && \
+ useradd -d /silkaj -g silkaj -u 1111 silkaj
+
+# Install libsodium
+RUN apt update && \
+ apt install --yes libsodium23 && \
+ rm -rf /var/lib/apt/lists
+
+# Copy the build artifact from the build stage
+COPY --from=build /usr/local/bin/silkaj /usr/local/bin/silkaj
+COPY --from=build /usr/local/lib/python${PYTHON_VERS}/site-packages/ /usr/local/lib/python${PYTHON_VERS}/site-packages/
+
+# Use silkaj user
+USER silkaj
+WORKDIR /usr/local/lib/python${PYTHON_VERS}/site-packages/silkaj
+
+CMD ["/usr/local/bin/silkaj"]
diff --git a/release/poetry-image b/release/poetry-image
new file mode 100644
index 0000000000000000000000000000000000000000..4642e2f46c2cf048292397f5da54970097c7f2f4
--- /dev/null
+++ b/release/poetry-image
@@ -0,0 +1,43 @@
+# ------------------------------------------------------------------------------
+# Build Stage
+# ------------------------------------------------------------------------------
+ARG PYTHON_VERS
+FROM registry.duniter.org/docker/python3/poetry/${PYTHON_VERS}:latest AS build
+
+WORKDIR /silkaj
+
+# Copy source tree
+COPY ./ ./
+
+# Install Silkaj
+RUN poetry install --no-dev
+
+# ------------------------------------------------------------------------------
+# Final Stage
+# ------------------------------------------------------------------------------
+FROM registry.duniter.org/docker/python3/poetry/${PYTHON_VERS}:latest
+ARG PYTHON_VERS
+
+# Create silkaj group and user
+RUN groupadd -g 1111 silkaj && \
+ useradd -d /silkaj -g silkaj -u 1111 silkaj
+
+# Install git
+RUN apt update && \
+ apt install --yes git && \
+ rm -rf /var/lib/apt/lists
+
+# Set up alias to directly get silkaj command
+# https://stackoverflow.com/a/3638886
+RUN printf '#!/bin/bash\npoetry run silkaj "$@"' > /usr/bin/silkaj && \
+ chmod +x /usr/bin/silkaj
+
+# Copy the build artifact from the build stage
+COPY --from=build --chown=silkaj:silkaj /silkaj /silkaj
+COPY --from=build --chown=silkaj:silkaj /root/.cache/pypoetry/virtualenvs /silkaj/.cache/pypoetry/virtualenvs
+
+# Use silkaj user
+USER silkaj
+WORKDIR /silkaj
+
+CMD ["/usr/bin/silkaj"]