ci: render

Rendered by https://gitlab.com/developerdurp/yml/-/pipelines/949411795
Merge branch 'main' into 'release/1.0.0'
2023-07-29 12:49:10 +00:00 · 2023-07-29 12:48:06 +00:00 · 2023-07-29 12:44:00 +00:00
64 changed files with 129 additions and 1226 deletions
--- a/.gitlab/.gitlab-ci.yml
+++ b/.gitlab/.gitlab-ci.yml
--- a/job-templates.tpl.yml
+++ b/job-templates.tpl.yml
@@ -11,20 +11,29 @@ workflow:

 render-job-templates-yml:
  stage: render
-  image: registry.internal.durp.info/debian:bullseye-slim
+  image:  registry.durp.info/debian:bullseye-slim
  script:
    - ./scripts/install-curl.sh
    - ./scripts/install-git.sh
    - ./scripts/install-yq.sh
    - ./scripts/render-job-templates.sh
    - ./scripts/commit-and-push-changes.sh
+  rules:
+    - if: $CI_COMMIT_BRANCH
+      changes:
+        - .gitlab-ci.yml
+        - scripts/**
+        - templates/**        
+        - job-templates.yml
+        - job-templates.tpl.yml

 render-pipelines-to-branch:
  stage: render
-  image: registry.internal.durp.info/debian:bullseye-slim
  script:
    - ./scripts/install-curl.sh
    - ./scripts/install-git.sh
    - ./scripts/install-yq.sh  
    - ./scripts/render-pipelines-branch.sh
    - ./scripts/commit-and-push-changes.sh
+  rules:
+    - if: $CI_COMMIT_BRANCH =~ /^release*/
--- a/job-templates.yml
+++ b/job-templates.yml
@@ -12,7 +12,7 @@ workflow:
    - if: '$CI_COMMIT_BRANCH && $CI_SCRIPTS_SKIP_PIPELINE != "true"'
 render-job-templates-yml:
  stage: render
-  image: registry.internal.durp.info/debian:bullseye-slim
+  image: registry.durp.info/debian:bullseye-slim
  script:
    # Begin of install-curl.sh
    - |
@@ -31,7 +31,7 @@ render-job-templates-yml:
    # End of install-yq.sh

    # Begin of render-job-templates.sh
-    - "# render job-templates.yml from job-templates.tpl.yml\nset -euo pipefail\nfor pwsh in  $(find ./scripts -name '*.ps1'); do\n  script=$(cat $pwsh)\n  sh_file=\"${pwsh%.ps1}.sh\"\n     \n  # Escape double quotes and dollar signs\n  script=\"${script//\\\"/\\\\\\\"}\"\n  script=\"${script//\\$/\\\\\\$}\"\n  pwsh_command=\"pwsh -c \\\"$script\\\"\"\n  echo '#!/usr/bin/env bash' > \"$sh_file\"\n  echo '#%%MULTILINE_YAML_START' >> \"$sh_file\"\n  echo \"$pwsh_command\" >> \"$sh_file\"\ndone\nfor script in $(find ./scripts -name '*.sh'); do\n  awk -v script_name=\"$(basename \"$script\")\" '\n  NR==1 && /^#!/ {printf(\"# Begin of %s\\n\",script_name); next}   # strip shebang in first line, print head comment\n  /^\\s*$/ {next}         # strip any newlines or whitespace\n  /^#%%MULTILINE_YAML_START$/ { print \"- |\"; multiline=1; next } # detect start of multiline yaml block, print \"- |\" into output yml\n  /^#%%MULTILINE_YAML_END$/ { multiline=0; next }                # detect end   of multiline yaml block\n  multiline==1 {printf(\"  %s\\n\",$0)}                             # print indented script of multiline yaml block\n  multiline==0 {printf(\"- !!str %s\\n\",$0)}                       # not in multiline yaml, just print with \"- !!str\" (explicit yaml tag to avoid any quoting)\n  END { printf(\"# End of %s\\n\",script_name) }                    # print trailing comment\n  ' \"$script\" >\"$script.yml\"\ndone\n# start with copy and then edit in place using yq -i\ncat <<EOF >job-templates.yml\n### WARNING ###\n### THIS FILE IS RENDERED! DO NOT EDIT! ANY CHANGE WILL BE REVERTED BY RENDERING PIPELINE\n### Edit the template file job-templates.tpl.yml instead!\nEOF\ncat job-templates.tpl.yml >> job-templates.yml\n# shellcheck disable=SC2016 # \"unquoted $ warning\"\n./yq -i '(.[] | select(keys | .[] | select(tag == \"!!str\") | test(\"^(before_|after_|)script$\")) | .\"*script\") ref $scripts\n       | ($scripts | .. | select(. == \"./scripts/*.sh\")) |= (load(. + \".yml\") | .[] style=\"\")\n       | ($scripts | .[] | select(type == \"!reference\")) |= ([.] | . style=\"flow\")\n       | ($scripts | select(type == \"!!seq\")) |= flatten(1)\n       | explode .\n        ' job-templates.yml\nfor template in templates/*.tpl.yml\n  do \n    export pipeline=$(basename $template | sed \"s/.tpl//\")\n    cat $template > jobs/$pipeline \n    ./yq -i '(.[] | select(keys | .[] | select(tag == \"!!str\") | test(\"^(before_|after_|)script$\")) | .\"*script\") ref $scripts\n    | ($scripts | .. | select(. == \"./scripts/*.sh\")) |= (load(. + \".yml\") | .[] style=\"\")\n    | ($scripts | .[] | select(type == \"!reference\")) |= ([.] | . style=\"flow\")\n    | ($scripts | select(type == \"!!seq\")) |= flatten(1)\n    | explode .\n    ' jobs/$pipeline\ndone\n"
+    - "# render job-templates.yml from job-templates.tpl.yml\nset -euo pipefail\nfor script in scripts/*.sh; do\n  awk -v script_name=\"$(basename \"$script\")\" '\n  NR==1 && /^#!/ {printf(\"# Begin of %s\\n\",script_name); next}   # strip shebang in first line, print head comment\n  /^\\s*$/ {next}         # strip any newlines or whitespace\n  /^#%%MULTILINE_YAML_START$/ { print \"- |\"; multiline=1; next } # detect start of multiline yaml block, print \"- |\" into output yml\n  /^#%%MULTILINE_YAML_END$/ { multiline=0; next }                # detect end   of multiline yaml block\n  multiline==1 {printf(\"  %s\\n\",$0)}                             # print indented script of multiline yaml block\n  multiline==0 {printf(\"- !!str %s\\n\",$0)}                       # not in multiline yaml, just print with \"- !!str\" (explicit yaml tag to avoid any quoting)\n  END { printf(\"# End of %s\\n\",script_name) }                    # print trailing comment\n  ' \"$script\" >\"$script.yml\"\ndone\n# start with copy and then edit in place using yq -i\ncat <<EOF >job-templates.yml\n### WARNING ###\n### THIS FILE IS RENDERED! DO NOT EDIT! ANY CHANGE WILL BE REVERTED BY RENDERING PIPELINE\n### Edit the template file job-templates.tpl.yml instead!\nEOF\ncat job-templates.tpl.yml >> job-templates.yml\n# shellcheck disable=SC2016 # \"unquoted $ warning\"\n./yq -i '(.[] | select(keys | .[] | select(tag == \"!!str\") | test(\"^(before_|after_|)script$\")) | .\"*script\") ref $scripts\n       | ($scripts | .. | select(. == \"./scripts/*.sh\")) |= (load(. + \".yml\") | .[] style=\"\")\n       | ($scripts | .[] | select(type == \"!reference\")) |= ([.] | . style=\"flow\")\n       | ($scripts | select(type == \"!!seq\")) |= flatten(1)\n       | explode .\n        ' job-templates.yml\nfor template in templates/*.tpl.yml\n  do \n    export pipeline=$(basename $template | sed \"s/.tpl//\")\n    cat $template > jobs/$pipeline \n    ./yq -i '(.[] | select(keys | .[] | select(tag == \"!!str\") | test(\"^(before_|after_|)script$\")) | .\"*script\") ref $scripts\n    | ($scripts | .. | select(. == \"./scripts/*.sh\")) |= (load(. + \".yml\") | .[] style=\"\")\n    | ($scripts | .[] | select(type == \"!reference\")) |= ([.] | . style=\"flow\")\n    | ($scripts | select(type == \"!!seq\")) |= flatten(1)\n    | explode .\n    ' jobs/$pipeline\ndone\n"
    # End of render-job-templates.sh

    # Begin of commit-and-push-changes.sh
@@ -47,9 +47,16 @@ render-job-templates-yml:
      git push -o ci.variable="CI_SCRIPTS_SKIP_PIPELINE=true" "https://oauth2:${GITLAB_TOKEN}@${CI_SERVER_HOST}/${CI_PROJECT_PATH}.git" "HEAD:$CI_COMMIT_BRANCH"
      curl --silent --fail --request POST --form token="$CI_JOB_TOKEN" --form ref="$CI_COMMIT_BRANCH" "$CI_API_V4_URL/projects/$CI_PROJECT_ID/trigger/pipeline" >/dev/null
    # End of commit-and-push-changes.sh
+  rules:
+    - if: $CI_COMMIT_BRANCH
+      changes:
+        - .gitlab-ci.yml
+        - scripts/**
+        - templates/**
+        - job-templates.yml
+        - job-templates.tpl.yml
 render-pipelines-to-branch:
  stage: render
-  image: registry.internal.durp.info/debian:bullseye-slim
  script:
    # Begin of install-curl.sh
    - |
@@ -84,3 +91,5 @@ render-pipelines-to-branch:
      git push -o ci.variable="CI_SCRIPTS_SKIP_PIPELINE=true" "https://oauth2:${GITLAB_TOKEN}@${CI_SERVER_HOST}/${CI_PROJECT_PATH}.git" "HEAD:$CI_COMMIT_BRANCH"
      curl --silent --fail --request POST --form token="$CI_JOB_TOKEN" --form ref="$CI_COMMIT_BRANCH" "$CI_API_V4_URL/projects/$CI_PROJECT_ID/trigger/pipeline" >/dev/null
    # End of commit-and-push-changes.sh
+  rules:
+    - if: $CI_COMMIT_BRANCH =~ /^release*/
--- a/jobs/codescan.yml
+++ b/jobs/codescan.yml
@@ -1,58 +0,0 @@
-.generate_sbom:
-  image: registry.internal.durp.info/nixos/nix:latest
-  script:
-    # Begin of syft-install.sh
-    - |
-      #Syft install
-      nix-env -iA nixpkgs.syft
-    # End of syft-install.sh
-
-    # Begin of syft-mkdir.sh
-    - |
-      #mkdir for syft files
-      mkdir $CI_PROJECT_DIR/syft
-    # End of syft-mkdir.sh
-
-    # Begin of syft-go.sh
-    - |
-      #Syft scan for go
-      if [ -f "go.mod" ]; then
-          syft go.mod -o cyclonedx-json=syft/${CI_PROJECT_NAME}.sbom.json
-      fi
-    # End of syft-go.sh
-
-    # Begin of syft-docker.sh
-    - |
-      #Syft scan for docker
-      for i in packages/*.tar.gz;
-      do filename=${i%.*.*.*.tar.gz};
-        filename="$(basename -- "$filename")"
-        syft $i -o cyclonedx-json=syft/$filename.docker.sbom.json;
-      done
-    # End of syft-docker.sh
-  artifacts:
-    expire_in: 1 hour
-    paths:
-      - $CI_PROJECT_DIR/syft
-.generate_cve:
-  image: registry.internal.durp.info/nixos/nix:latest
-  script:
-    # Begin of grype-install.sh
-    - |
-      #Syft install
-      nix-env -iA nixpkgs.grype
-    # End of grype-install.sh
-
-    # Begin of grype.sh
-    - |
-      #grype scan sboms
-      for i in syft/*.sbom.json;
-      do filename=${i%*.sbom.json};
-        filename=${filename##/};
-        grype $i -o json --file $filename.cve.json;
-      done
-    # End of grype.sh
-  artifacts:
-    expire_in: 1 hour
-    paths:
-      - $CI_PROJECT_DIR/syft
--- a/jobs/docker.yml
+++ b/jobs/docker.yml
@@ -1,5 +1,5 @@
 .docker-build-container:
-  image: registry.internal.durp.info/docker:20.10.17
+  image: registry.durp.info/docker:20.10.17
  variables:
    DOCKER_DRIVER: overlay2
    DOCKER_TLS_CERTDIR: ""
@@ -21,64 +21,3 @@
      docker push "$CI_REGISTRY/$CI_PROJECT_PATH:latest"
      docker push "$CI_REGISTRY/$CI_PROJECT_PATH:$VERSION"
    # End of docker-build.sh
-.docker_build:
-  image: registry.internal.durp.info/docker:20.10.17
-  variables:
-    DOCKER_DRIVER: overlay2
-    DOCKER_TLS_CERTDIR: ""
-    DOCKER_HOST: tcp://127.0.0.1:2375/
-  services:
-    - name: docker:dind
-      entrypoint: ["dockerd-entrypoint.sh", "--tls=false"]
-  script:
-    # Begin of version.sh
-    - |
-      #check for Version variable
-      if [ -z "${VERSION}" ]; then
-          # If not, assign a default value
-          VERSION=$CI_COMMIT_SHORT_SHA
-      fi
-    # End of version.sh
-
-    # Begin of build.sh
-    - |
-      #Build Docker Container
-      mkdir $CI_PROJECT_DIR/packages
-      containername=$(echo "$PROJECT_NAME" | awk '{print tolower($0)}')
-      docker build -t $containername .
-      docker save -o $CI_PROJECT_DIR/packages/$containername.$VERSION.tar.gz $containername
-    # End of build.sh
-  artifacts:
-    expire_in: 1 hour
-    paths:
-      - $CI_PROJECT_DIR/packages
-.docker_push_gitlab:
-  image: registry.internal.durp.info/docker:20.10.17
-  variables:
-    DOCKER_DRIVER: overlay2
-    DOCKER_TLS_CERTDIR: ""
-    DOCKER_HOST: tcp://127.0.0.1:2375/
-  services:
-    - name: docker:dind
-      entrypoint: ["dockerd-entrypoint.sh", "--tls=false"]
-  script:
-    # Begin of login.sh
-    - |
-      #Docker Login
-      docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY/$CI_PROJECT_PATH
-    # End of login.sh
-
-    # Begin of push-gitlab.sh
-    - |
-      #Push container to gitlab
-      containername=$(echo "$PROJECT_NAME" | awk '{print tolower($0)}')
-      if echo "$VERSION" | grep -Eq '^[0-9]+(\.[0-9]+)*$'; then
-        tag="latest"
-      else
-        tag="dev"
-      fi
-      docker import $CI_PROJECT_DIR/packages/$containername.$VERSION.tar.gz $CI_REGISTRY/$CI_PROJECT_PATH:$VERSION
-      docker import $CI_PROJECT_DIR/packages/$containername.$VERSION.tar.gz $CI_REGISTRY/$CI_PROJECT_PATH:$tag
-      docker push "$CI_REGISTRY/$CI_PROJECT_PATH:$VERSION"
-      docker push "$CI_REGISTRY/$CI_PROJECT_PATH:$tag"
-    # End of push-gitlab.sh
--- a/jobs/gitlab.yml
+++ b/jobs/gitlab.yml
@@ -1,80 +0,0 @@
-.gitlab-move-files:
-  image: registry.internal.durp.info/debian:latest
-  script:
-    # Begin of movefiles.sh
-    - |
-      #move files to output
-      mkdir $CI_PROJECT_DIR/output
-      for i in $(echo $PROJECT_NAME | tr ";" "\n");
-        do mkdir $CI_PROJECT_DIR/output/$i;
-        cp -r $CI_PROJECT_DIR/$i $CI_PROJECT_DIR/output/;
-        done
-    # End of movefiles.sh
-  artifacts:
-    expire_in: 1 hour
-    paths:
-      - $CI_PROJECT_DIR/output
-.gitlab-deploy:
-  stage: deploy
-  image: mcr.microsoft.com/powershell:latest
-  script:
-    # Begin of update-chart.sh
-    - |
-      pwsh -c "Install-Module -Name powershell-yaml -Confirm:\$false -Force
-      \$template = (Invoke-RestMethod -Headers @{ 'PRIVATE-TOKEN'= \$ENV:GITLAB_TOKEN } -Uri \"https://gitlab.com/api/v4/projects/45028985/repository/files/durpapi%2FChart.yaml/raw?ref=main\") | ConvertFrom-Yaml
-      \$template.version = \$ENV:VERSION
-      \$body = @{
-        branch = \"main\"
-        commit_message = \"Update Chart\"
-        content = \"\$(\$template | convertto-yaml)\"
-      } | ConvertTo-Json
-      Invoke-RestMethod -Headers @{ 'PRIVATE-TOKEN'= \$ENV:GITLAB_TOKEN } -ContentType \"application/json\" -Method Put -body \$body -Uri \"https://gitlab.com/api/v4/projects/45028985/repository/files/durpapi%2FChart.yaml\""
-    # End of update-chart.sh
-  environment:
-    name: production
-    url: https://api.durp.info/goapi
-  rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/'
-      when: manual
-  needs:
-    - job: version
-      artifacts: true
-.generate-config:
-  stage: build
-  needs:
-    - job: version
-      artifacts: true
-  script:
-    # Begin of create-environment.sh
-    - |
-      #test deployment
-      echo "
-      $VERSION:
-        stage: deploy
-        image: mcr.microsoft.com/powershell:latest
-        script:
-      " >> generated-config.yml
-      echo '
-          - |
-            pwsh -c "Install-Module -Name powershell-yaml -Confirm:\$false -Force
-            \$template = (Invoke-RestMethod -Headers @{ \"PRIVATE-TOKEN\"= \$ENV:GITLAB_TOKEN } -Uri \"\$ENV:CI_API_V4_URL/projects/\$ENV:GITLAB_PROJECT_ID/repository/files/\$ENV:GITLAB_CHART_PATH/raw?ref=\$ENV:ENVIRONMENT\") | ConvertFrom-Yaml
-            \$template.version = \$ENV:VERSION
-            \$body = @{
-              branch = \"\$ENV:ENVIRONMENT\"
-              commit_message = \"Update Chart\"
-              content = \"\$(\$template | convertto-yaml)\"
-            } | ConvertTo-Json
-            Invoke-RestMethod -Headers @{ \"PRIVATE-TOKEN\"= \$ENV:GITLAB_TOKEN } -ContentType \"application/json\" -Method Put -body \$body -Uri \"\$ENV:CI_API_V4_URL/projects/\$ENV:GITLAB_PROJECT_ID/repository/files/\$ENV:GITLAB_CHART_PATH\""
-        needs:
-          - pipeline: $PARENT_PIPELINE_ID
-            job: version
-      ' >> generated-config.yml
-      echo "
-        environment:
-          name: $ENVIRONMENT
-      " >> generated-config.yml
-    # End of create-environment.sh
-  artifacts:
-    expire_in: never
-    paths:
-      - generated-config.yml
--- a/jobs/golang.yml
+++ b/jobs/golang.yml
@@ -1,20 +1,19 @@
-.golang-build:
+.golang-build-api:
  variables:
-  #GOPROXY: https://nexus.durp.info/repository/go/
-  image: registry.internal.durp.info/golang:${GO_VERSION}
+    GOPROXY: https://nexus.durp.info/repository/go/
+  image: registry.durp.info/golang:1.20
  script:
-    # Begin of golang-build.sh
-    - "#Build golang project\nexport GOPATH=/go\nexport PATH=$PATH:$GOPATH/bin\nmkdir output\n#go install \ngo mod download\n# Check if go.mod contains \"swag\"\nif grep -q \"swag\" go.mod; then\n    echo \"Found 'swag' in go.mod. Running swag init...\"\n    go install github.com/swaggo/swag/cmd/swag@latest\n    swag init --parseDependency\nfi\nCGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o ./output/main .\n"
-    # End of golang-build.sh
+    # Begin of golang-build-api.sh
+    - "#Build golang api\nexport GOPATH=/go\nexport PATH=$PATH:$GOPATH/bin\nmkdir output\ngo install \ngo install github.com/swaggo/swag/cmd/swag@v1.8.12 \nswag init\nCGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o ./output/main .\n"
+    # End of golang-build-api.sh
  artifacts:
    expire_in: 1 hour
    paths:
      - $CI_PROJECT_DIR/output
 .golang-lint:
  variables:
-    #GOPROXY: https://nexus.durp.info/repository/go/
-    CGO_ENABLED: 0
-  image: registry.internal.durp.info/golangci/golangci-lint:${GOLANGCI_LINT_VERISON}
+    GOPROXY: https://nexus.durp.info/repository/go/
+  image: registry.durp.info/golangci/golangci-lint:latest
  script:
    # Begin of golang-lint.sh
    - |
--- a/jobs/helm.yml
+++ b/jobs/helm.yml
@@ -1,6 +1,12 @@
-.helm-build:
-  image: registry.internal.durp.info/dtzar/helm-kubectl
+.helm-createchart:
+  image: registry.durp.info/dtzar/helm-kubectl
  script:
+    # Begin of helm-addrepo.sh
+    - |
+      #Helm repo add
+      helm repo add --username gitlab-ci-token --password ${CI_JOB_TOKEN} ${CI_PROJECT_NAME} ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/stable
+    # End of helm-addrepo.sh
+
    # Begin of helm-package.sh
    - |
      #Helm Package
@@ -11,18 +17,6 @@
        fi
      done
    # End of helm-package.sh
-  artifacts:
-    expire_in: 1 hour
-    paths:
-      - $CI_PROJECT_DIR/packages
-.helm-push:
-  image: registry.internal.durp.info/dtzar/helm-kubectl
-  script:
-    # Begin of helm-addrepo.sh
-    - |
-      #Helm repo add
-      helm repo add --username gitlab-ci-token --password ${CI_JOB_TOKEN} ${CI_PROJECT_NAME} ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/stable
-    # End of helm-addrepo.sh

    # Begin of helm-push.sh
    - "#Helm Push    \n    \nhelm plugin install https://github.com/chartmuseum/helm-push\nfor chart in packages/*; do\n    helm cm-push ./$chart ${CI_PROJECT_NAME}\ndone\n"
--- a/jobs/nuget.yml
+++ b/jobs/nuget.yml
@@ -1,11 +0,0 @@
-.nuget_push:
-  image: registry.internal.durp.info/dotnet/core/sdk:latest
-  script:
-    # Begin of push.sh
-    - |
-      #Nuget Push
-      dotnet nuget add source "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/nuget/index.json" --name gitlab --username gitlab-ci-token --password $CI_JOB_TOKEN --store-password-in-clear-text
-      for i in $(echo $PROJECT_NAME | tr ";" "\n");
-        do dotnet nuget push "${CI_PROJECT_DIR}/packages/$i.$VERSION.nupkg" --source gitlab;
-      done
-    # End of push.sh
--- a/jobs/octopus.yml
+++ b/jobs/octopus.yml
@@ -1,24 +0,0 @@
-.octo_package:
-  image: registry.internal.durp.info/octopusdeploy/octo:latest
-  script:
-    # Begin of pack.sh
-    - |
-      #Package with octopus
-      mkdir $CI_PROJECT_DIR/packages
-      for dir in ./output/*/;
-      do dir=${dir%*/};
-          dir=${dir##*/};
-          dotnet /octo/octo.dll pack --id=$dir --version=$VERSION --outFolder=$CI_PROJECT_DIR/packages --basePath=$CI_PROJECT_DIR/output/$dir;
-      done
-    # End of pack.sh
-  artifacts:
-    paths:
-      - $CI_PROJECT_DIR/packages
-.octo_release:
-  image: registry.internal.durp.info/octopusdeploy/octo:latest
-  script:
-    # Begin of create_release.sh
-    - |
-      #Octopus Create Release
-      dotnet /octo/octo.dll create-release --project=$OCTO_PROJECT_NAME --releaseNumber=$VERSION --server=https://octopus.internal.durp.info/ --apiKey=$OCTOAPI --packagesFolder=$CI_PROJECT_DIR/packages --gitRef main
-    # End of create_release.sh
--- a/jobs/sonarqube.yml
+++ b/jobs/sonarqube.yml
@@ -3,7 +3,7 @@
    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
    GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
  image:
-    name: registry.internal.durp.info/sonarsource/sonar-scanner-cli:latest
+    name: registry.durp.info/sonarsource/sonar-scanner-cli:latest
    entrypoint: [""]
  cache:
    key: "${CI_JOB_NAME}"
--- a/jobs/terraform.yml
+++ b/jobs/terraform.yml
@@ -1,83 +0,0 @@
-.terraform_fmt:
-  script:
-    # Begin of cd-workdir.sh
-    - |
-      #change directory
-      cd $WORKDIR
-    # End of cd-workdir.sh
-
-    # Begin of fmt.sh
-    - |
-      #Terraform fmt
-      tofu fmt -diff -check -write=false
-    # End of fmt.sh
-.terraform_validate:
-  script:
-    # Begin of cd-workdir.sh
-    - |
-      #change directory
-      cd $WORKDIR
-    # End of cd-workdir.sh
-
-    # Begin of init.sh
-    - "#Terraform init    \ntofu init -reconfigure -backend-config=\"address=${GITLAB_TF_ADDRESS}\" -backend-config=\"lock_address=${GITLAB_TF_ADDRESS}/lock\" -backend-config=\"unlock_address=${GITLAB_TF_ADDRESS}/lock\" -backend-config=\"username=gitlab-ci-token\" -backend-config=\"password=${CI_JOB_TOKEN}\" -backend-config=\"lock_method=POST\" -backend-config=\"unlock_method=DELETE\" -backend-config=\"retry_wait_min=5\"  \n"
-    # End of init.sh
-
-    # Begin of validate.sh
-    - "#Terraform validate\ntofu validate    \n"
-    # End of validate.sh
-.terraform_plan:
-  variables:
-    PLAN: plan.tfplan
-    JSON_PLAN_FILE: tfplan.json
-  script:
-    # Begin of cd-workdir.sh
-    - |
-      #change directory
-      cd $WORKDIR
-    # End of cd-workdir.sh
-
-    # Begin of init.sh
-    - "#Terraform init    \ntofu init -reconfigure -backend-config=\"address=${GITLAB_TF_ADDRESS}\" -backend-config=\"lock_address=${GITLAB_TF_ADDRESS}/lock\" -backend-config=\"unlock_address=${GITLAB_TF_ADDRESS}/lock\" -backend-config=\"username=gitlab-ci-token\" -backend-config=\"password=${CI_JOB_TOKEN}\" -backend-config=\"lock_method=POST\" -backend-config=\"unlock_method=DELETE\" -backend-config=\"retry_wait_min=5\"  \n"
-    # End of init.sh
-
-    # Begin of plan.sh
-    - "#Terraform plan    \napk add --update curl jq \nalias convert_report=\"jq -r '([.resource_changes[].change.actions?]|flatten)|{\\\"create\\\":(map(select(.==\\\"create\\\"))|length),\\\"update\\\":(map(select(.==\\\"update\\\"))|length),\\\"delete\\\":(map(select(.==\\\"delete\\\"))|length)}'\"\ntofu plan -out=$PLAN $ARGUMENTS\ntofu show --json $PLAN | jq -r '([.resource_changes[].change.actions?]|flatten)|{\"create\":(map(select(.==\"create\"))|length),\"update\":(map(select(.==\"update\"))|length),\"delete\":(map(select(.==\"delete\"))|length)}' > $JSON_PLAN_FILE\n"
-    # End of plan.sh
-  artifacts:
-    reports:
-      terraform: $WORKDIR/$JSON_PLAN_FILE
-.terraform_apply:
-  script:
-    # Begin of cd-workdir.sh
-    - |
-      #change directory
-      cd $WORKDIR
-    # End of cd-workdir.sh
-
-    # Begin of init.sh
-    - "#Terraform init    \ntofu init -reconfigure -backend-config=\"address=${GITLAB_TF_ADDRESS}\" -backend-config=\"lock_address=${GITLAB_TF_ADDRESS}/lock\" -backend-config=\"unlock_address=${GITLAB_TF_ADDRESS}/lock\" -backend-config=\"username=gitlab-ci-token\" -backend-config=\"password=${CI_JOB_TOKEN}\" -backend-config=\"lock_method=POST\" -backend-config=\"unlock_method=DELETE\" -backend-config=\"retry_wait_min=5\"  \n"
-    # End of init.sh
-
-    # Begin of apply.sh
-    - |
-      #Terraform validate
-      tofu apply -auto-approve $ARGUMENTS
-    # End of apply.sh
-.terraform_destroy:
-  script:
-    # Begin of cd-workdir.sh
-    - |
-      #change directory
-      cd $WORKDIR
-    # End of cd-workdir.sh
-
-    # Begin of init.sh
-    - "#Terraform init    \ntofu init -reconfigure -backend-config=\"address=${GITLAB_TF_ADDRESS}\" -backend-config=\"lock_address=${GITLAB_TF_ADDRESS}/lock\" -backend-config=\"unlock_address=${GITLAB_TF_ADDRESS}/lock\" -backend-config=\"username=gitlab-ci-token\" -backend-config=\"password=${CI_JOB_TOKEN}\" -backend-config=\"lock_method=POST\" -backend-config=\"unlock_method=DELETE\" -backend-config=\"retry_wait_min=5\"  \n"
-    # End of init.sh
-
-    # Begin of destroy.sh
-    - |
-      #Terraform validate
-      tofu destroy -auto-approve $ARGUMENTS
-    # End of destroy.sh
--- a/jobs/version.yml
+++ b/jobs/version.yml
@@ -1,9 +1,9 @@
 .version:
-  image: registry.internal.durp.info/gittools/gitversion:5.12.0
+  image: registry.durp.info/gittools/gitversion:5.12.0
  variables:
    GIT_DEPTH: "0"
  script:
-    # Begin of version.sh
+    # Begin of version-number.sh
    - |
      #Check for configuration
      echo "mode: ContinuousDeployment
@@ -37,8 +37,7 @@
      version=$(/tools/dotnet-gitversion /showvariable NuGetVersionV2)
      echo "VERSION=$version" >> version.env
      cat version.env
-    # End of version.sh
+    # End of version-number.sh
  artifacts:
-    expire_in: never
    reports:
      dotenv: version.env
--- a/pipeline.yml
+++ b/pipeline.yml
@@ -1,21 +0,0 @@
-stages:
-  - deploy
-
-variables:
-  GO_VERSION: "1.22"
-  GOLANGCI_LINT_VERISON: "v1.58.0"
-  UPLOAD_PACKAGE: "false"
-
-build_go:
-  stage: deploy
-  allow_failure: false
-  trigger: 
-    include: 
-    - project: 'developerdurp/yml'
-      ref: 'main'
-      file:
-        - 'pipelines/go-build.yml'
-    strategy: depend
-  rules:
-    - exists:
-      - "go.mod"  
--- a/pipelines/docker-build-generic.yml
+++ b/pipelines/docker-build-generic.yml
@@ -1,47 +0,0 @@
-stages:
-  - build
-  - package
-  - publish
-
-include:
-  - template: Security/Secret-Detection.gitlab-ci.yml
-  - project: 'developerdurp/yml'
-    ref: 'main'
-    file: 
-      - 'jobs/docker.yml'
-      - 'jobs/version.yml'
-
-secret_detection:
-  stage: .pre
-  rules:
-    - when: always
-  allow_failure: false
-
-version:
-  extends: .version
-  stage: .pre
-  rules:
-    - when: always
-
-build_container: 
-  extends: .docker-build-container
-  stage: build
-  artifacts:
-    paths:
-     - $CI_PROJECT_DIR/packages
-  needs: 
-    - job: version
-      artifacts: true
-
-#publish_container:
-#  extends: .docker_push_gitlab
-#  stage: publish
-#  needs: 
-#    - job: version
-#      artifacts: true
-#    - job: build_container
-#      artifacts: true
-#  rules:
-#    - if: $CI_COMMIT_BRANCH =~ '/^release/'
-#    - if: $CI_COMMIT_BRANCH =~ 'main'
-#    - when: never
--- a/pipelines/gitlab_generic_packages.yml
+++ b/pipelines/gitlab_generic_packages.yml
@@ -1,63 +0,0 @@
-stages:
-  - build
-  - package
-  - publish
-
-include:
-  - project: 'developerdurp/yml'
-    ref: 'main'
-    file: 
-      - 'jobs/octopus.yml'
-      - 'jobs/version.yml'
-      - 'jobs/nuget.yml'
-      - 'jobs/gitlab.yml'
-
-version:
-  extends: .version
-  stage: .pre
-  rules:
-    - when: always
-
-build: 
-  extends: .gitlab-move-files 
-  stage: build
-
-package:
-  extends: .octo_package
-  stage: package
-  needs: 
-    - job: build
-      artifacts: true
-    - job: version
-      artifacts: true
-  rules:
-    - if: $CI_COMMIT_BRANCH =~ '/^release/'
-    - if: $CI_COMMIT_BRANCH =~ 'main'
-    - when: never
-
-upload:
-  extends: .nuget_push
-  stage: package
-  needs: 
-    - job: version
-      artifacts: true
-    - job: package
-      artifacts: true
-  rules:
-    - if: $CI_COMMIT_BRANCH =~ '/^release/'
-    - if: $CI_COMMIT_BRANCH =~ 'main'
-    - when: never
-
-publish:
-  extends: .octo_release
-  stage: publish
-  needs: 
-    - job: package
-      artifacts: true
-    - job: version
-      artifacts: true
-    - job: upload
-  rules:
-    - if: $CI_COMMIT_BRANCH =~ '/^release/'
-    - if: $CI_COMMIT_BRANCH =~ 'main'
-    - when: never
--- a/pipelines/go-build.yml
+++ b/pipelines/go-build.yml
@@ -1,61 +0,0 @@
-stages:
-  - build
-  - validate
-  - publish 
-
-include:
-  - template: Security/Secret-Detection.gitlab-ci.yml
-  - project: 'developerdurp/yml'
-    ref: 'main'
-    file: 
-      - 'jobs/golang.yml'
-      - 'jobs/golang.yml'
-      - 'jobs/docker.yml'
-      - 'rules/rules.yml'
-      - 'pipelines/templates/security.yml'
-
-golang-lint:
-  extends: .golang-lint
-  stage: validate
-  rules:
-    - !reference [.mr_only_rules, rules]
-
-docker-build:
-  extends: .docker-build-container
-  stage: build
-  needs:
-    - job: gobuild
-      artifacts: true
-    - pipeline: $PARENT_PIPELINE_ID
-      job: version
-  rules:
-    - !reference [.docker_rules, rules]
-
-gobuild:
-  variables:
-    GOPROXY: https://nexus.durp.info/repository/go/
-  extends: .golang-build
-  stage: build
-  rules:
-    - !reference [.default_mr_rules, rules]
-
-      #docker-build:
-      #  extends: .docker_build
-      #  stage: build
-      #  needs:
-      #    - job: gobuild
-      #      artifacts: true
-      #    - pipeline: $PARENT_PIPELINE_ID
-      #      job: version
-      #  rules:
-      #    - !reference [.docker_rules, rules]
-      #docker-push:
-      #  extends: .docker_push_gitlab
-      #  stage: publish
-      #  needs:
-      #    - job: docker-build
-      #      artifacts: true
-      #    - pipeline: $PARENT_PIPELINE_ID
-      #      job: version
-      #  rules:
-      #    - !reference [.docker_publish_rules, rules]
--- a/pipelines/golang.yml
+++ b/pipelines/golang.yml
@@ -0,0 +1,56 @@
+stages:
+  - build
+  - package
+  - publish 
+
+include:
+  - project: 'developerdurp/yml'
+    ref: 'release/1.0.0'
+    file: 
+      - 'jobs/version.yml'
+      - 'jobs/sonarqube.yml'
+      - 'jobs/golang.yml'
+      - 'jobs/docker.yml'
+      - 'jobs/helm.yml'
+
+version:
+  extends: .version
+  stage: .pre
+  rules:
+    - if: $CI_COMMIT_REF_NAME == 'main'
+
+sonarqube:
+  extends: .sonarcloud-check
+  stage: .pre
+  rules:
+    - if: $CI_COMMIT_REF_NAME == 'main' || $CI_PIPELINE_SOURCE == 'merge_request_event'
+
+golang-lint:
+  extends: .golang-lint
+  stage: .pre
+
+gobuild:
+  extends: .golang-build-api
+  stage: build
+
+docker:
+  extends: .docker-build-container
+  stage: publish
+  needs:
+    - job: gobuild
+      artifacts: true
+    - job: version
+      artifacts: true        
+  rules:
+    - if: $CI_COMMIT_REF_NAME == 'main'
+
+helm:
+  extends: .helm-createchart
+  stage: publish
+  needs:
+    - job: gobuild
+      artifacts: false
+    - job: version
+      artifacts: true      
+  rules:
+    - if: $CI_COMMIT_REF_NAME == 'main'
--- a/pipelines/helm.yml
+++ b/pipelines/helm.yml
@@ -1,39 +0,0 @@
-stages:
-  - build  
-  - publish 
-
-include:
-  - project: 'developerdurp/yml'
-    ref: 'main'
-    file: 
-      - 'jobs/version.yml'
-      - 'jobs/helm.yml'
-
-version:
-  extends: .version
-  stage: .pre
-  rules:
-    - if: $CI_COMMIT_REF_NAME == 'main'
-    - if: $CI_COMMIT_BRANCH =~ '/^release/'
-
-helm-build:
-  extends: .helm-build
-  stage: build
-  needs:
-    - job: version
-      artifacts: true      
-  rules:
-    - if: $CI_COMMIT_REF_NAME == 'main'
-    - if: $CI_COMMIT_BRANCH =~ '/^release/'
-
-helm-push:
-  extends: .helm-push
-  stage: publish
-  needs:
-    - job: helm-build
-      artifacts: true
-    - job: version
-      artifacts: true      
-  rules:
-    - if: $CI_COMMIT_REF_NAME == 'main'
-    - if: $CI_COMMIT_BRANCH =~ '/^release/'
--- a/pipelines/octo-templates.yml
+++ b/pipelines/octo-templates.yml
@@ -1,25 +0,0 @@
-stages:
-  - package
-  - publish 
-
-include:
-  - project: 'developerdurp/yml'
-    ref: 'main'
-    file: 
-      - 'jobs/version.yml'
-      - 'jobs/octopus.yml'
-
-
-version:
-  extends: .version
-  stage: .pre
-  rules:
-    - if: $CI_COMMIT_REF_NAME == 'main'
-
-pack:
-  variables:
-    WORKDIR: $CI_PROJECT_DIR
-  extends: .octo_package
-  stage: package
-  rules:
-    - if: $CI_COMMIT_REF_NAME == 'main'
--- a/pipelines/templates/security.yml
+++ b/pipelines/templates/security.yml
@@ -1,43 +0,0 @@
-stages:
-  - build
-
-include:
-  - template: Security/Secret-Detection.gitlab-ci.yml
-  - project: 'developerdurp/yml'
-    ref: 'main'
-    file: 
-      - 'jobs/codescan.yml'
-      - 'jobs/sonarqube.yml'
-      - 'rules/rules.yml'
-
-secret_detection:
-  stage: validate
-  rules:
-    - !reference [.mr_only_rules, rules]
-  allow_failure: false
-
-generate_sbom:
-  extends: .generate_sbom
-  stage: build
-  needs:
-    - job: docker-build
-      optional: true
-      artifacts: true
-  rules:
-    - !reference [.mr_only_rules, rules]
-
-generate_cve:
-  extends: .generate_cve
-  stage: build
-  needs:
-    - job: generate_sbom
-      artifacts: true
-  rules:
-    - !reference [.mr_only_rules, rules]
-
-sonarqube:
-  extends: .sonarcloud-check
-  stage: validate
-  allow_failure: true
-  rules:
-    - !reference [.sonarqube_rules, rules]
--- a/pipelines/terraform-gitlab.yml
+++ b/pipelines/terraform-gitlab.yml
@@ -1,37 +0,0 @@
-stages:
-  - plan
-  - apply
-  - destroy
-
-variables:
-  WORKDIR: $CI_PROJECT_DIR/.tf
-  GITLAB_TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/gitlab
-  TF_VAR_GITLAB_PROJECT_ID: $CI_PROJECT_ID
-  TF_VAR_GITLAB_PROJECT_NAME: $CI_PROJECT_NAME
-  TF_VAR_GITLAB_TOKEN: $CI_JOB_TOKEN
-
-image:
-  name: registry.durp.info/hashicorp/terraform:light
-  #name: hashicorp/terraform:light
-  entrypoint: [""]
-
-include:
-  - project: 'developerdurp/yml'
-    ref: 'main'
-    file: 
-      - 'jobs/terraform.yml'
-
-format:
-  stage: .pre
-  allow_failure: false
-  extends: .terraform_fmt
-
-validate:
-  stage: .pre
-  allow_failure: false
-  extends: .terraform_validate
-
-apply:
-  stage: apply
-  allow_failure: false
-  extends: .terraform_apply
--- a/pipelines/terraform.yml
+++ b/pipelines/terraform.yml
@@ -1,94 +0,0 @@
-stages:
-  - plan
-  - apply
-  - destroy
-
-variables:
-  WORKDIR: $CI_PROJECT_DIR/terraform
-  GITLAB_TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${ENVIRONMENT_NAME}  
-
-image:
-  name: registry.internal.durp.info/opentofu/opentofu:latest
-  entrypoint: [""]
-
-include:
-  - project: 'developerdurp/yml'
-    ref: 'main'
-    file: 
-      - 'jobs/terraform.yml'
-
-format:
-  stage: .pre
-  allow_failure: false
-  extends: .terraform_fmt
-
-validate:
-  stage: .pre
-  allow_failure: false
-  extends: .terraform_validate
-    
-plan-development:
-  stage: plan
-  environment:
-    name: development
-  variables:
-    ENVIRONMENT_NAME: dev
-  allow_failure: false
-  extends: .terraform_plan
-  needs: ["validate","format"]
-
-plan-production:
-  stage: plan
-  environment:
-    name: production
-  variables:
-    ENVIRONMENT_NAME: prd
-  allow_failure: false
-  extends: .terraform_plan
-  needs: ["validate","format"]  
-
-apply-development:
-  stage: apply
-  environment:
-    name: development
-  variables:
-    ENVIRONMENT_NAME: dev
-  allow_failure: false
-  extends: .terraform_apply   
-  rules:
-    - when: manual
-
-apply-production:
-  stage: apply
-  environment:
-    name: production
-  variables:
-    ENVIRONMENT_NAME: prd
-  allow_failure: false
-  extends: .terraform_apply   
-  rules:
-    - when: manual        
-
-destroy-development:
-  stage: destroy
-  environment:
-    name: development
-  variables:
-    ENVIRONMENT_NAME: dev
-  allow_failure: false
-  extends: .terraform_destroy  
-  needs: ["apply-development"]
-  rules:       
-    - when: manual
-
-destroy-production:
-  stage: destroy
-  environment:
-    name: production
-  variables:
-    ENVIRONMENT_NAME: prd
-  allow_failure: false
-  extends: .terraform_destroy  
-  needs: ["apply-production"]
-  rules:       
-    - when: manual       
--- a/rules/rules.yml
+++ b/rules/rules.yml
@@ -1,47 +0,0 @@
-.default_rules:
-  rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH 
-    - if: $CI_COMMIT_BRANCH =~ '/^release/'
-
-.sonarqube_rules:
-  rules:
-    - if: $CI_MERGE_REQUEST_IID
-      exists:
-        - "sonar-project.properties"  
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH 
-      exists:
-        - "sonar-project.properties"  
-    - if: $CI_COMMIT_BRANCH =~ '/^release/'
-      exists:
-        - "sonar-project.properties"  
-
-.default_mr_rules:
-  rules:
-    - if: $CI_MERGE_REQUEST_IID
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH 
-    - if: $CI_COMMIT_BRANCH =~ '/^release/'
-
-.mr_only_rules:
-  rules:
-    - if: $CI_MERGE_REQUEST_IID
-
-.docker_rules:
-  rules:
-    - if: $CI_MERGE_REQUEST_IID
-      exists:
-        - "Dockerfile"  
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH 
-      exists:
-        - "Dockerfile"  
-    - if: $CI_COMMIT_BRANCH =~ '/^release/'
-      exists:
-        - "Dockerfile"  
-
-.docker_publish_rules:
-  rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH 
-      exists:
-        - "Dockerfile"  
-    - if: $CI_COMMIT_BRANCH =~ '/^release/'
-      exists:
-        - "Dockerfile"  
--- a/scripts/cd-workdir.sh
+++ b/scripts/cd-workdir.sh
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#change directory
-cd $WORKDIR
--- a/scripts/checkvariable/version.sh
+++ b/scripts/checkvariable/version.sh
@@ -1,9 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#check for Version variable
-
-if [ -z "${VERSION}" ]; then
-    # If not, assign a default value
-    VERSION=$CI_COMMIT_SHORT_SHA
-fi
-
--- a/scripts/docker/build.sh
+++ b/scripts/docker/build.sh
@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Build Docker Container
-mkdir $CI_PROJECT_DIR/packages
-containername=$(echo "$PROJECT_NAME" | awk '{print tolower($0)}')
-
-docker build -t $containername .
-docker save -o $CI_PROJECT_DIR/packages/$containername.$VERSION.tar.gz $containername
--- a/scripts/docker/login.sh
+++ b/scripts/docker/login.sh
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Docker Login
-docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY/$CI_PROJECT_PATH
--- a/scripts/docker/push-gitlab.sh
+++ b/scripts/docker/push-gitlab.sh
@@ -1,16 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Push container to gitlab
-containername=$(echo "$PROJECT_NAME" | awk '{print tolower($0)}')
-
-if echo "$VERSION" | grep -Eq '^[0-9]+(\.[0-9]+)*$'; then
-  tag="latest"
-else
-  tag="dev"
-fi
-
-docker import $CI_PROJECT_DIR/packages/$containername.$VERSION.tar.gz $CI_REGISTRY/$CI_PROJECT_PATH:$VERSION
-docker import $CI_PROJECT_DIR/packages/$containername.$VERSION.tar.gz $CI_REGISTRY/$CI_PROJECT_PATH:$tag
-
-docker push "$CI_REGISTRY/$CI_PROJECT_PATH:$VERSION"
-docker push "$CI_REGISTRY/$CI_PROJECT_PATH:$tag"
--- a/scripts/gitlab/create-environment.sh
+++ b/scripts/gitlab/create-environment.sh
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#test deployment
-
-echo "
-$VERSION:
-  stage: deploy
-  image: mcr.microsoft.com/powershell:latest
-  script:
-" >> generated-config.yml
-
-echo '
-    - |
-      pwsh -c "Install-Module -Name powershell-yaml -Confirm:\$false -Force
-      \$template = (Invoke-RestMethod -Headers @{ \"PRIVATE-TOKEN\"= \$ENV:GITLAB_TOKEN } -Uri \"\$ENV:CI_API_V4_URL/projects/\$ENV:GITLAB_PROJECT_ID/repository/files/\$ENV:GITLAB_CHART_PATH/raw?ref=\$ENV:ENVIRONMENT\") | ConvertFrom-Yaml
-      \$template.version = \$ENV:VERSION
-      \$body = @{
-        branch = \"\$ENV:ENVIRONMENT\"
-        commit_message = \"Update Chart\"
-        content = \"\$(\$template | convertto-yaml)\"
-      } | ConvertTo-Json
-      Invoke-RestMethod -Headers @{ \"PRIVATE-TOKEN\"= \$ENV:GITLAB_TOKEN } -ContentType \"application/json\" -Method Put -body \$body -Uri \"\$ENV:CI_API_V4_URL/projects/\$ENV:GITLAB_PROJECT_ID/repository/files/\$ENV:GITLAB_CHART_PATH\""
-  needs:
-    - pipeline: $PARENT_PIPELINE_ID
-      job: version
-' >> generated-config.yml
-
-echo "
-  environment:
-    name: $ENVIRONMENT
-" >> generated-config.yml
--- a/scripts/gitlab/movefiles.sh
+++ b/scripts/gitlab/movefiles.sh
@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#move files to output
-mkdir $CI_PROJECT_DIR/output
-for i in $(echo $PROJECT_NAME | tr ";" "\n");
-  do mkdir $CI_PROJECT_DIR/output/$i;
-  cp -r $CI_PROJECT_DIR/$i $CI_PROJECT_DIR/output/;
-  done
--- a/scripts/gitlab/update-chart.ps1
+++ b/scripts/gitlab/update-chart.ps1
@@ -1,12 +0,0 @@
-Install-Module -Name powershell-yaml -Confirm:$false -Force
-
-$template = (Invoke-RestMethod -Headers @{ 'PRIVATE-TOKEN'= $ENV:GITLAB_TOKEN } -Uri "https://gitlab.com/api/v4/projects/45028985/repository/files/durpapi%2FChart.yaml/raw?ref=main") | ConvertFrom-Yaml
-$template.version = $ENV:VERSION
-
-$body = @{
-  branch = "main"
-  commit_message = "Update Chart"
-  content = "$($template | convertto-yaml)"
-} | ConvertTo-Json
-
-Invoke-RestMethod -Headers @{ 'PRIVATE-TOKEN'= $ENV:GITLAB_TOKEN } -ContentType "application/json" -Method Put -body $body -Uri "https://gitlab.com/api/v4/projects/45028985/repository/files/durpapi%2FChart.yaml"
--- a/scripts/gitlab/update-chart.sh
+++ b/scripts/gitlab/update-chart.sh
@@ -1,14 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-pwsh -c "Install-Module -Name powershell-yaml -Confirm:\$false -Force
-
-\$template = (Invoke-RestMethod -Headers @{ 'PRIVATE-TOKEN'= \$ENV:GITLAB_TOKEN } -Uri \"https://gitlab.com/api/v4/projects/45028985/repository/files/durpapi%2FChart.yaml/raw?ref=main\") | ConvertFrom-Yaml
-\$template.version = \$ENV:VERSION
-
-\$body = @{
-  branch = \"main\"
-  commit_message = \"Update Chart\"
-  content = \"\$(\$template | convertto-yaml)\"
-} | ConvertTo-Json
-
-Invoke-RestMethod -Headers @{ 'PRIVATE-TOKEN'= \$ENV:GITLAB_TOKEN } -ContentType \"application/json\" -Method Put -body \$body -Uri \"https://gitlab.com/api/v4/projects/45028985/repository/files/durpapi%2FChart.yaml\""
--- a/scripts/golang-build-api.sh
+++ b/scripts/golang-build-api.sh
@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+#%%MULTILINE_YAML_START
+#Build golang api
+export GOPATH=/go
+export PATH=$PATH:$GOPATH/bin
+
+mkdir output
+
+go install 
+go install github.com/swaggo/swag/cmd/swag@v1.8.12 
+swag init
+
+CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o ./output/main .
--- a/scripts/golang-build.sh
+++ b/scripts/golang-build.sh
@@ -1,19 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Build golang project
-export GOPATH=/go
-export PATH=$PATH:$GOPATH/bin
-
-mkdir output
-
-#go install 
-go mod download
-
-# Check if go.mod contains "swag"
-if grep -q "swag" go.mod; then
-    echo "Found 'swag' in go.mod. Running swag init..."
-    go install github.com/swaggo/swag/cmd/swag@latest
-    swag init --parseDependency
-fi
-
-CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o ./output/main .
--- a/scripts/golang-lint.sh
+++ b/scripts/golang-lint.sh
@@ -1,4 +1,4 @@
 #!/usr/bin/env bash
 #%%MULTILINE_YAML_START
 #run linter
-golangci-lint run ./... --timeout 5m0s
+golangci-lint run ./... --timeout 5m0s
--- a/scripts/helm-login.sh
+++ b/scripts/helm-login.sh
@@ -1,5 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Helm login
-
-helm registry login ${CI_REGISTRY} -u gitlab-ci-token -p ${CI_JOB_TOKEN}
--- a/scripts/nuget/push.sh
+++ b/scripts/nuget/push.sh
@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Nuget Push
-dotnet nuget add source "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/nuget/index.json" --name gitlab --username gitlab-ci-token --password $CI_JOB_TOKEN --store-password-in-clear-text
-for i in $(echo $PROJECT_NAME | tr ";" "\n");
-  do dotnet nuget push "${CI_PROJECT_DIR}/packages/$i.$VERSION.nupkg" --source gitlab;
-done
--- a/scripts/octopus/create_release.sh
+++ b/scripts/octopus/create_release.sh
@@ -1,6 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Octopus Create Release
-dotnet /octo/octo.dll create-release --project=$OCTO_PROJECT_NAME --releaseNumber=$VERSION --server=https://octopus.internal.durp.info/ --apiKey=$OCTOAPI --packagesFolder=$CI_PROJECT_DIR/packages --gitRef main
-
-
--- a/scripts/octopus/pack.sh
+++ b/scripts/octopus/pack.sh
@@ -1,10 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Package with octopus
-mkdir $CI_PROJECT_DIR/packages
-
-for dir in ./output/*/;
-do dir=${dir%*/};
-    dir=${dir##*/};
-    dotnet /octo/octo.dll pack --id=$dir --version=$VERSION --outFolder=$CI_PROJECT_DIR/packages --basePath=$CI_PROJECT_DIR/output/$dir;
-done
--- a/scripts/render-job-templates.sh
+++ b/scripts/render-job-templates.sh
@@ -2,24 +2,7 @@
 #%%MULTILINE_YAML_START
 # render job-templates.yml from job-templates.tpl.yml
 set -euo pipefail
-for pwsh in  $(find ./scripts -name '*.ps1'); do
-  script=$(cat $pwsh)
-  sh_file="${pwsh%.ps1}.sh"
-     
-  # Escape double quotes and dollar signs
-  script="${script//\"/\\\"}"
-  script="${script//\$/\\\$}"
-
-  pwsh_command="pwsh -c \"$script\""
-
-  echo '#!/usr/bin/env bash' > "$sh_file"
-  echo '#%%MULTILINE_YAML_START' >> "$sh_file"
-  echo "$pwsh_command" >> "$sh_file"
-done
-
-
-
-for script in $(find ./scripts -name '*.sh'); do
+for script in scripts/*.sh; do
  awk -v script_name="$(basename "$script")" '
  NR==1 && /^#!/ {printf("# Begin of %s\n",script_name); next}   # strip shebang in first line, print head comment
  /^\s*$/ {next}         # strip any newlines or whitespace
--- a/scripts/scanner/grype-install.sh
+++ b/scripts/scanner/grype-install.sh
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Syft install
-nix-env -iA nixpkgs.grype
--- a/scripts/scanner/grype.sh
+++ b/scripts/scanner/grype.sh
@@ -1,9 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#grype scan sboms
-
-for i in syft/*.sbom.json;
-do filename=${i%*.sbom.json};
-  filename=${filename##/};
-  grype $i -o json --file $filename.cve.json;
-done
--- a/scripts/scanner/syft-docker.sh
+++ b/scripts/scanner/syft-docker.sh
@@ -1,9 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Syft scan for docker
-
-for i in packages/*.tar.gz;
-do filename=${i%.*.*.*.tar.gz};
-  filename="$(basename -- "$filename")"
-  syft $i -o cyclonedx-json=syft/$filename.docker.sbom.json;
-done
--- a/scripts/scanner/syft-go.sh
+++ b/scripts/scanner/syft-go.sh
@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Syft scan for go
-
-if [ -f "go.mod" ]; then
-    syft go.mod -o cyclonedx-json=syft/${CI_PROJECT_NAME}.sbom.json
-fi
--- a/scripts/scanner/syft-install.sh
+++ b/scripts/scanner/syft-install.sh
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Syft install
-nix-env -iA nixpkgs.syft
--- a/scripts/scanner/syft-mkdir.sh
+++ b/scripts/scanner/syft-mkdir.sh
@@ -1,5 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#mkdir for syft files
-
-mkdir $CI_PROJECT_DIR/syft
--- a/scripts/terraform/apply.sh
+++ b/scripts/terraform/apply.sh
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Terraform validate
-tofu apply -auto-approve $ARGUMENTS
--- a/scripts/terraform/destroy.sh
+++ b/scripts/terraform/destroy.sh
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Terraform validate
-tofu destroy -auto-approve $ARGUMENTS
--- a/scripts/terraform/fmt.sh
+++ b/scripts/terraform/fmt.sh
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Terraform fmt
-tofu fmt -diff -check -write=false
--- a/scripts/terraform/init.sh
+++ b/scripts/terraform/init.sh
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Terraform init    
-tofu init -reconfigure -backend-config="address=${GITLAB_TF_ADDRESS}" -backend-config="lock_address=${GITLAB_TF_ADDRESS}/lock" -backend-config="unlock_address=${GITLAB_TF_ADDRESS}/lock" -backend-config="username=gitlab-ci-token" -backend-config="password=${CI_JOB_TOKEN}" -backend-config="lock_method=POST" -backend-config="unlock_method=DELETE" -backend-config="retry_wait_min=5"  
--- a/scripts/terraform/plan.sh
+++ b/scripts/terraform/plan.sh
@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Terraform plan    
-apk add --update curl jq 
-alias convert_report="jq -r '([.resource_changes[].change.actions?]|flatten)|{\"create\":(map(select(.==\"create\"))|length),\"update\":(map(select(.==\"update\"))|length),\"delete\":(map(select(.==\"delete\"))|length)}'"
-tofu plan -out=$PLAN $ARGUMENTS
-tofu show --json $PLAN | jq -r '([.resource_changes[].change.actions?]|flatten)|{"create":(map(select(.=="create"))|length),"update":(map(select(.=="update"))|length),"delete":(map(select(.=="delete"))|length)}' > $JSON_PLAN_FILE
--- a/scripts/terraform/validate.sh
+++ b/scripts/terraform/validate.sh
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-#%%MULTILINE_YAML_START
-#Terraform validate
-tofu validate    
--- a/scripts/gitversion/version.sh
+++ b/scripts/gitversion/version.sh
--- a/templates/codescan.tpl.yml
+++ b/templates/codescan.tpl.yml
@@ -1,21 +0,0 @@
-.generate_sbom:
-  image: registry.internal.durp.info/nixos/nix:latest
-  script:
-    - ./scripts/scanner/syft-install.sh
-    - ./scripts/scanner/syft-mkdir.sh
-    - ./scripts/scanner/syft-go.sh
-    - ./scripts/scanner/syft-docker.sh
-  artifacts:
-    expire_in: 1 hour
-    paths:
-      - $CI_PROJECT_DIR/syft
-
-.generate_cve:
-  image: registry.internal.durp.info/nixos/nix:latest
-  script:
-    - ./scripts/scanner/grype-install.sh
-    - ./scripts/scanner/grype.sh
-  artifacts:
-    expire_in: 1 hour
-    paths:
-      - $CI_PROJECT_DIR/syft
--- a/templates/docker.tpl.yml
+++ b/templates/docker.tpl.yml
@@ -1,5 +1,5 @@
 .docker-build-container:
-  image: registry.internal.durp.info/docker:20.10.17
+  image: registry.durp.info/docker:20.10.17
  variables:
    DOCKER_DRIVER: overlay2
    DOCKER_TLS_CERTDIR: ""
@@ -10,34 +10,4 @@
  script:
    - ./scripts/docker-login.sh
    - ./scripts/docker-build.sh
-       

-.docker_build:
-  image: registry.internal.durp.info/docker:20.10.17
-  variables:
-    DOCKER_DRIVER: overlay2
-    DOCKER_TLS_CERTDIR: ""
-    DOCKER_HOST: tcp://127.0.0.1:2375/
-  services:
-    - name: docker:dind
-      entrypoint: ["dockerd-entrypoint.sh", "--tls=false"]
-  script:
-    - ./scripts/checkvariable/version.sh
-    - ./scripts/docker/build.sh
-  artifacts:
-    expire_in: 1 hour
-    paths:
-      - $CI_PROJECT_DIR/packages
-
-.docker_push_gitlab:
-  image: registry.internal.durp.info/docker:20.10.17
-  variables:
-    DOCKER_DRIVER: overlay2
-    DOCKER_TLS_CERTDIR: ""
-    DOCKER_HOST: tcp://127.0.0.1:2375/
-  services:
-    - name: docker:dind
-      entrypoint: ["dockerd-entrypoint.sh", "--tls=false"]
-  script:
-    - ./scripts/docker/login.sh
-    - ./scripts/docker/push-gitlab.sh
--- a/templates/gitlab.tpl.yml
+++ b/templates/gitlab.tpl.yml
@@ -1,35 +0,0 @@
-.gitlab-move-files:
-  image: registry.internal.durp.info/debian:latest
-  script:
-    - ./scripts/gitlab/movefiles.sh
-  artifacts:
-    expire_in: 1 hour
-    paths:
-     - $CI_PROJECT_DIR/output
-
-.gitlab-deploy:
-  stage: deploy
-  image: mcr.microsoft.com/powershell:latest
-  script:
-    - ./scripts/gitlab/update-chart.sh
-  environment:
-    name: production
-    url: https://api.durp.info/goapi
-  rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ '/^release/'
-      when: manual
-  needs: 
-    - job: version
-      artifacts: true
-
-.generate-config:
-  stage: build
-  needs:
-    - job: version
-      artifacts: true
-  script:
-    - ./scripts/gitlab/create-environment.sh
-  artifacts:
-    expire_in: never
-    paths:
-      - generated-config.yml
--- a/templates/golang.tpl.yml
+++ b/templates/golang.tpl.yml
@@ -1,9 +1,9 @@
-.golang-build:
+.golang-build-api:
  variables:
-    #GOPROXY: https://nexus.durp.info/repository/go/
-  image: registry.internal.durp.info/golang:${GO_VERSION}
+    GOPROXY: https://nexus.durp.info/repository/go/
+  image: registry.durp.info/golang:1.20
  script:
-    - ./scripts/golang-build.sh
+    - ./scripts/golang-build-api.sh
  artifacts:
    expire_in: 1 hour
    paths:
@@ -11,8 +11,7 @@

 .golang-lint:
  variables:
-    #GOPROXY: https://nexus.durp.info/repository/go/
-    CGO_ENABLED: 0
-  image: registry.internal.durp.info/golangci/golangci-lint:${GOLANGCI_LINT_VERISON}
+    GOPROXY: https://nexus.durp.info/repository/go/
+  image: registry.durp.info/golangci/golangci-lint:latest
  script:
-    - ./scripts/golang-lint.sh
+    - ./scripts/golang-lint.sh
--- a/templates/helm.tpl.yml
+++ b/templates/helm.tpl.yml
@@ -1,14 +1,6 @@
-.helm-build:
-  image: registry.internal.durp.info/dtzar/helm-kubectl
-  script:
-    - ./scripts/helm-package.sh
-  artifacts:
-    expire_in: 1 hour
-    paths:
-      - $CI_PROJECT_DIR/packages        
-
-.helm-push:
-  image: registry.internal.durp.info/dtzar/helm-kubectl
+.helm-createchart:
+  image: registry.durp.info/dtzar/helm-kubectl
  script:
    - ./scripts/helm-addrepo.sh
+    - ./scripts/helm-package.sh
    - ./scripts/helm-push.sh
--- a/templates/nuget.tpl.yml
+++ b/templates/nuget.tpl.yml
@@ -1,4 +0,0 @@
-.nuget_push:
-  image: registry.internal.durp.info/dotnet/core/sdk:latest
-  script:
-    - ./scripts/nuget/push.sh
--- a/templates/octopus.tpl.yml
+++ b/templates/octopus.tpl.yml
@@ -1,12 +0,0 @@
-.octo_package:
-  image: registry.internal.durp.info/octopusdeploy/octo:latest
-  script: 
-    - ./scripts/octopus/pack.sh
-  artifacts:
-    paths:
-    - $CI_PROJECT_DIR/packages
-
-.octo_release:
-  image: registry.internal.durp.info/octopusdeploy/octo:latest
-  script: 
-    - ./scripts/octopus/create_release.sh
--- a/templates/sonarqube.tpl.yml
+++ b/templates/sonarqube.tpl.yml
@@ -3,7 +3,7 @@
    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
    GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
  image:
-    name: registry.internal.durp.info/sonarsource/sonar-scanner-cli:latest
+    name: registry.durp.info/sonarsource/sonar-scanner-cli:latest
    entrypoint: [""]
  cache:
    key: "${CI_JOB_NAME}"
--- a/templates/terraform.tpl.yml
+++ b/templates/terraform.tpl.yml
@@ -1,35 +0,0 @@
-.terraform_fmt:
-  script:
-    - ./scripts/cd-workdir.sh
-    - ./scripts/terraform/fmt.sh
-
-.terraform_validate:
-  script:
-    - ./scripts/cd-workdir.sh
-    - ./scripts/terraform/init.sh
-    - ./scripts/terraform/validate.sh
-    
-.terraform_plan:
-  variables:
-    PLAN: plan.tfplan
-    JSON_PLAN_FILE: tfplan.json
-  script:
-    - ./scripts/cd-workdir.sh
-    - ./scripts/terraform/init.sh
-    - ./scripts/terraform/plan.sh
-  artifacts:
-    reports:
-      terraform: $WORKDIR/$JSON_PLAN_FILE
-
-
-.terraform_apply:
-  script:
-    - ./scripts/cd-workdir.sh
-    - ./scripts/terraform/init.sh
-    - ./scripts/terraform/apply.sh
-
-.terraform_destroy:
-  script:
-    - ./scripts/cd-workdir.sh
-    - ./scripts/terraform/init.sh
-    - ./scripts/terraform/destroy.sh
--- a/templates/version.tpl.yml
+++ b/templates/version.tpl.yml
@@ -1,10 +1,9 @@
 .version:
-  image: registry.internal.durp.info/gittools/gitversion:5.12.0
+  image: registry.durp.info/gittools/gitversion:5.12.0
  variables:
    GIT_DEPTH: "0"
  script:
-    - ./scripts/gitversion/version.sh
+    - ./scripts/version-number.sh
  artifacts:
-    expire_in: never
    reports:
      dotenv: version.env
Author	SHA1	Message	Date
DeveloperDurpBot	62b340ca7f	ci: render Rendered by https://gitlab.com/developerdurp/yml/-/pipelines/949411795	2023-07-29 12:49:10 +00:00
DeveloperDurp	f2daaa601e	Merge branch 'main' into 'release/1.0.0' ci: render See merge request developerdurp/yml!2	2023-07-29 12:48:06 +00:00
DeveloperDurp	efaf322887	Merge branch 'main' into 'release/1.0.0' ci: render See merge request developerdurp/yml!1	2023-07-29 12:44:00 +00:00