basz/gist:87a0467541cc9f8dbd64a2f992a712df Secret

## gistfile1.txt
stages:
  - setup

before_script:
- | # https://docs.gitlab.com/ce/ci/ssh_keys/#ssh-keys-when-using-the-docker-executor
  eval $(ssh-agent -s) && echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
  mkdir -p ~/.ssh && chmod 700 ~/.ssh

- | # https://docs.gitlab.com/ce/ci/ssh_keys/#verifying-the-ssh-host-keys
  # ssh-keyscan -t rsa git.bushbaby.nl # to discover run from trusted network and paste in vars
  echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
  chmod 644 ~/.ssh/known_hosts

- | # this works
  git clone git@git.bushbaby.nl:plhw/applications/hf-app-api.git

- | # this does not (moved up here to speed up testing)
  docker run --rm --volume $(pwd):/app --privileged --volume $SSH_AUTH_SOCK:/ssh-auth.sock --env SSH_AUTH_SOCK=/ssh-auth.sock --volume ~/.ssh:/root/.ssh:ro --volume /root/.ssh/known_hosts:/etc/ssh/ssh_known_hosts:ro --env COMPOSER_HOME=/root/.composer composer require plhw/hf-model-valueobject --no-ansi --ignore-platform-reqs --no-interaction

application:
  stage: setup
  image: docker:git
  variables:
    DOCKERPATH: .docker/application
    CONTAINER_NAME: app
  services:
  - name: docker:dind
    command: ["--experimental"]

  script:
  - alias 'dockerize=git whatchanged HEAD^! | grep -E "([ARM]\t|[R0-9]{4}\t.*\t).*$" >/dev/null'
  - dockerize || (echo "no need to build new image" && exit 0)
  - dockerize && docker run --rm --volume "$PWD":/app --workdir /app node:8 yarn install
  - dockerize && docker run --rm --volume $(pwd):/app --volume $SSH_AUTH_SOCK:/ssh-auth.sock --env SSH_AUTH_SOCK=/ssh-auth.sock --volume "$HOME"/.ssh/known_hosts:/etc/ssh/ssh_known_hosts:ro composer install --optimize-autoloader --no-progress --no-ansi --ignore-platform-reqs --no-interaction
  - dockerize && echo $CI_BUILD_TOKEN | docker login -u gitlab-ci-token --password-stdin $CI_REGISTRY
  - dockerize && docker build --squash --file ${DOCKERPATH}/Dockerfile -t ${CI_REGISTRY}/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/${CONTAINER_NAME}:${CI_BUILD_REF_NAME} -t ${CI_REGISTRY}/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/${CONTAINER_NAME}:latest .
  - dockerize && docker push ${CI_REGISTRY}/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/${CONTAINER_NAME}:${CI_BUILD_REF_NAME}
  - dockerize || exit 0
	stages:
	- setup

	before_script:
	- \| # https://docs.gitlab.com/ce/ci/ssh_keys/#ssh-keys-when-using-the-docker-executor
	eval $(ssh-agent -s) && echo "$SSH_PRIVATE_KEY" \| tr -d '\r' \| ssh-add - > /dev/null
	mkdir -p ~/.ssh && chmod 700 ~/.ssh

	- \| # https://docs.gitlab.com/ce/ci/ssh_keys/#verifying-the-ssh-host-keys
	# ssh-keyscan -t rsa git.bushbaby.nl # to discover run from trusted network and paste in vars
	echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
	chmod 644 ~/.ssh/known_hosts

	- \| # this works
	git clone git@git.bushbaby.nl:plhw/applications/hf-app-api.git

	- \| # this does not (moved up here to speed up testing)
	docker run --rm --volume $(pwd):/app --privileged --volume $SSH_AUTH_SOCK:/ssh-auth.sock --env SSH_AUTH_SOCK=/ssh-auth.sock --volume ~/.ssh:/root/.ssh:ro --volume /root/.ssh/known_hosts:/etc/ssh/ssh_known_hosts:ro --env COMPOSER_HOME=/root/.composer composer require plhw/hf-model-valueobject --no-ansi --ignore-platform-reqs --no-interaction

	application:
	stage: setup
	image: docker:git
	variables:
	DOCKERPATH: .docker/application
	CONTAINER_NAME: app
	services:
	- name: docker:dind
	command: ["--experimental"]

	script:
	- alias 'dockerize=git whatchanged HEAD^! \| grep -E "([ARM]\t\|[R0-9]{4}\t.\t).$" >/dev/null'
	- dockerize \|\| (echo "no need to build new image" && exit 0)
	- dockerize && docker run --rm --volume "$PWD":/app --workdir /app node:8 yarn install
	- dockerize && docker run --rm --volume $(pwd):/app --volume $SSH_AUTH_SOCK:/ssh-auth.sock --env SSH_AUTH_SOCK=/ssh-auth.sock --volume "$HOME"/.ssh/known_hosts:/etc/ssh/ssh_known_hosts:ro composer install --optimize-autoloader --no-progress --no-ansi --ignore-platform-reqs --no-interaction
	- dockerize && echo $CI_BUILD_TOKEN \| docker login -u gitlab-ci-token --password-stdin $CI_REGISTRY
	- dockerize && docker build --squash --file ${DOCKERPATH}/Dockerfile -t ${CI_REGISTRY}/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/${CONTAINER_NAME}:${CI_BUILD_REF_NAME} -t ${CI_REGISTRY}/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/${CONTAINER_NAME}:latest .
	- dockerize && docker push ${CI_REGISTRY}/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/${CONTAINER_NAME}:${CI_BUILD_REF_NAME}
	- dockerize \|\| exit 0