├── .gitignore ├── test └── integration │ ├── cinc-tests │ ├── inspec.lock │ ├── README.md │ ├── inspec.yml │ └── controls │ │ ├── fips_mode.rb │ │ ├── executables.rb │ │ └── win-executables.rb │ └── cinc-sources │ ├── inspec.lock │ ├── README.md │ ├── inspec.yml │ └── controls │ └── source_spec.rb ├── scripts ├── install-cinc-macos.sh ├── uninstall-cinc.ps1 ├── uninstall-cinc-macos.sh └── install-cinc.ps1 ├── docker-bake.hcl ├── deploy.sh ├── publish-gems.sh ├── patch.sh ├── docker.sh ├── .gitlab ├── test.yml └── package.yml ├── README.md ├── LICENSE └── .gitlab-ci.yml /.gitignore: -------------------------------------------------------------------------------- 1 | /bundle/* 2 | /cache/* 3 | /chef* 4 | /chef-zero* 5 | /inspec* 6 | -------------------------------------------------------------------------------- /test/integration/cinc-tests/inspec.lock: -------------------------------------------------------------------------------- 1 | --- 2 | lockfile_version: 1 3 | depends: [] 4 | -------------------------------------------------------------------------------- /test/integration/cinc-sources/inspec.lock: -------------------------------------------------------------------------------- 1 | --- 2 | lockfile_version: 1 3 | depends: [] 4 | -------------------------------------------------------------------------------- /test/integration/cinc-sources/README.md: -------------------------------------------------------------------------------- 1 | # Cinc sources inspec profile 2 | 3 | This profile ensure cinc sources tarball have been made properly and still match their checksum. 4 | -------------------------------------------------------------------------------- /test/integration/cinc-tests/README.md: -------------------------------------------------------------------------------- 1 | # Cinc trademark validation 2 | 3 | This profile implement multiple tests to ensure our builds of chef-client are trademark free and matching expectations. 4 | -------------------------------------------------------------------------------- /scripts/install-cinc-macos.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -ex 3 | hdiutil attach $(find data -name '*.dmg') 4 | sudo installer -package "$(find "/Volumes/Cinc Client/" -name '*.pkg')" -target / 5 | hdiutil detach "/Volumes/Cinc Client/" 6 | -------------------------------------------------------------------------------- /test/integration/cinc-tests/inspec.yml: -------------------------------------------------------------------------------- 1 | name: cinc-tests 2 | title: Cinc trademark validation 3 | maintainer: Cinc maintainers 4 | copyright: Cinc Maintainerss 5 | copyright_email: maintainersàcinc.sh 6 | license: Apache-2.0 7 | summary: Validate cinc binaries outputs and others executable 8 | version: 0.1.0 9 | supports: 10 | platform: os -------------------------------------------------------------------------------- /test/integration/cinc-sources/inspec.yml: -------------------------------------------------------------------------------- 1 | name: cinc-sources 2 | title: Cinc sourecs validation 3 | maintainer: Cinc maintainers 4 | copyright: Cinc Maintainerss 5 | copyright_email: maintainersàcinc.sh 6 | license: Apache-2.0 7 | summary: Validate source files tarballs are matching their checksums 8 | version: 0.1.0 9 | supports: 10 | platform: os -------------------------------------------------------------------------------- /test/integration/cinc-sources/controls/source_spec.rb: -------------------------------------------------------------------------------- 1 | control 'Validate source tarballs' do 2 | impact 1.0 3 | title 'Ensure source tarball are correct' 4 | desc 'Ensure the tarballs match their respective shasum' 5 | 6 | describe command 'bash -c "cd source/ && sha256sum -c cinc-[0-9]*.tar.xz.sha256sum"' do 7 | its('exit_status') { should eq 0 } 8 | its('stdout') { should match /OK$/ } 9 | end 10 | describe command 'bash -c "cd source/ && sha512sum -c cinc-[0-9]*.tar.xz.sha512sum"' do 11 | its('exit_status') { should eq 0 } 12 | its('stdout') { should match /OK$/ } 13 | end 14 | end 15 | -------------------------------------------------------------------------------- /scripts/uninstall-cinc.ps1: -------------------------------------------------------------------------------- 1 | $ErrorActionPreference = "Stop" 2 | Write-Host "Finding MSI..." 3 | $msi = gci -recurse -filter '*.msi' $env:CI_PROJECT_DIR/data/windows/ | select -expand FullName 4 | Write-Host "Found MSI at $msi, uninstalling..." 5 | $p = Start-Process -FilePath "msiexec.exe" -ArgumentList "/qn /x $msi" -Passthru -Wait -NoNewWindow 6 | $p.WaitForExit() 7 | if ($p.ExitCode -ne 0) { 8 | throw "msiexec was not successful. Received exit code $($p.ExitCode)" 9 | } 10 | if (Test-Path C:\cinc-project) { 11 | throw "MSI was uninstalled however C:\cinc-project still exists" 12 | } else { 13 | Write-Host "MSI Uninstalled successfully!" 14 | } 15 | -------------------------------------------------------------------------------- /docker-bake.hcl: -------------------------------------------------------------------------------- 1 | variable "CHANNEL" { 2 | default = "current" 3 | } 4 | 5 | variable "VERSION" {} 6 | variable "MAJ" {} 7 | variable "MIN" {} 8 | 9 | target "default" { 10 | context = "." 11 | dockerfile = "Dockerfile" 12 | platforms = [ 13 | "linux/amd64", 14 | "linux/arm64" 15 | ] 16 | 17 | args = { 18 | VERSION = VERSION 19 | } 20 | 21 | tags = CHANNEL == "current" ? [ 22 | "cincproject/cinc:${VERSION}", 23 | "cincproject/cinc:current" 24 | ] : [ 25 | "cincproject/cinc:${VERSION}", 26 | "cincproject/cinc:latest", 27 | "cincproject/cinc:${MAJ}.${MIN}", 28 | "cincproject/cinc:${MAJ}" 29 | ] 30 | } 31 | -------------------------------------------------------------------------------- /scripts/uninstall-cinc-macos.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | if [ $(osascript -e 'application "Cinc Client" is running') = 'true' ]; then 4 | echo "Closing Cinc Client..." 5 | sudo osascript -e 'quit app "Cinc Client"' > /dev/null 2>&1; 6 | fi 7 | echo "Uninstalling Cinc Client..." 8 | echo " -> Removing files..." 9 | sudo rm -rf '/opt/cinc' 10 | sudo rm -rf '/Applications/Cinc Client.app' 11 | echo " -> Removing binary links in /usr/local/bin..." 12 | sudo find /usr/local/bin -lname '/opt/cinc/*' -delete 13 | echo " -> Forgeting com.cinc-project.pkg.cinc package..." 14 | sudo pkgutil --forget com.cinc-project.pkg.cinc > /dev/null 2>&1; 15 | echo "Cinc Client Uninstalled." 16 | -------------------------------------------------------------------------------- /scripts/install-cinc.ps1: -------------------------------------------------------------------------------- 1 | $ErrorActionPreference = "Stop" 2 | if (Test-Path C:\cinc-project) { 3 | Write-Host "Found existing directory C:\cinc-project, removing.." 4 | Remove-Item -Recurse -Force C:\cinc-project 5 | } 6 | Write-Host "Finding MSI..." 7 | $msi = gci -recurse -filter '*.msi' $env:CI_PROJECT_DIR/data/windows/ | select -expand FullName 8 | Write-Host "Found MSI at $msi, installing..." 9 | $p = Start-Process -FilePath "msiexec.exe" -ArgumentList "/qn /i $msi" -Passthru -Wait -NoNewWindow 10 | $p.WaitForExit() 11 | if ($p.ExitCode -ne 0) { 12 | throw "msiexec was not successful. Received exit code $($p.ExitCode)" 13 | } 14 | if (Test-Path C:\cinc-project) { 15 | Write-Host "MSI Installed successfully!" 16 | } else { 17 | throw "MSI was installed however C:\cinc-project does not exist" 18 | } 19 | -------------------------------------------------------------------------------- /test/integration/cinc-tests/controls/fips_mode.rb: -------------------------------------------------------------------------------- 1 | title 'Check fips mode' 2 | # FIPS is not supported on MacOS, aarch64 and ppc64le 3 | control 'Validate fips mode' do 4 | impact 1.0 5 | title 'Test calling OpenSSL.fips_mode' 6 | desc 'Test that fips modes is enabled on supported os and architectures' 7 | # Windows currently disabled due to: 8 | # https://discourse.chef.io/t/chef-infra-client-18-0-169-released/21570#known-issues-5 9 | only_if { os.family != 'darwin' && os.arch != 'aarch64' && os.family != 'windows'} 10 | 11 | ruby_path = '/opt/cinc/embedded/bin/ruby' 12 | # Overwrite the ruby_path if we're under windows 13 | ruby_path = 'C:\cinc-project\cinc\embedded\bin\ruby.exe' if os.family == 'windows' 14 | 15 | describe command "#{ruby_path} -ropenssl -e 'puts OpenSSL.fips_mode'" do 16 | its('exit_status') { should eq 0 } 17 | its('stdout') { should match /false/ } 18 | end 19 | 20 | describe command "#{ruby_path} -ropenssl -e 'puts OpenSSL.fips_mode=true'" do 21 | its('exit_status') { should eq 0 } 22 | its('stdout') { should match /true/ } 23 | end 24 | end 25 | -------------------------------------------------------------------------------- /deploy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | # 3 | # Author:: Lance Albertson 4 | # Copyright:: Copyright 2024-2025, Cinc Project 5 | # License:: Apache License, Version 2.0 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | 19 | TOP_DIR="$(pwd)" 20 | set -ex 21 | # Fix windows permissions 22 | chmod -R o-w data/windows 23 | # Add symlinks to other supported versions of Windows 24 | cd data/windows 25 | ln -s 2016 2012r2 26 | ln -s 2016 2019 27 | ln -s 2016 2022 28 | ln -s 2016 10 29 | ln -s 2016 11 30 | cd ${TOP_DIR} 31 | # TODO: temporary work around for upcoming debian release 32 | mkdir -p data/debian/trixie 33 | cd data/debian/trixie 34 | ln -s ../13 sid 35 | cd ${TOP_DIR} 36 | # Deploy to primary mirror 37 | ssh cinc@${DOWNLOADS_HOST} "mkdir -p /data/incoming/files/${CHANNEL}/cinc/$(cat VERSION)" 38 | ssh cinc@${DOWNLOADS_HOST} "mkdir -p /data/incoming/source/${CHANNEL}/cinc/" 39 | rsync -avH --delete data/ cinc@${DOWNLOADS_HOST}:/data/incoming/files/${CHANNEL}/cinc/$(cat VERSION)/ 40 | rsync -avH --delete source/ cinc@${DOWNLOADS_HOST}:/data/incoming/source/${CHANNEL}/cinc/ 41 | ssh cinc@${DOWNLOADS_HOST} "chmod 755 /data/incoming/files/${CHANNEL}/cinc/$(cat VERSION)/" 42 | -------------------------------------------------------------------------------- /publish-gems.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | # 3 | # Author:: Lance Albertson 4 | # Copyright:: Copyright 2020-2025, Cinc Project 5 | # License:: Apache License, Version 2.0 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | 19 | TOP_DIR="$(pwd)" 20 | export PATH="/opt/omnibus-toolchain/embedded/bin/:${PATH}" 21 | 22 | source /home/omnibus/load-omnibus-toolchain.sh 23 | set -x 24 | cd ${TOP_DIR}/chef/chef-utils 25 | gem build chef-utils.gemspec 26 | # chef gem requires chef-utils to build the gems 27 | gem install -N chef-utils-[0-9]*.gem 28 | cd ${TOP_DIR}/chef 29 | gem build chef.gemspec 30 | gem build chef-universal-mingw-ucrt.gemspec 31 | cd ${TOP_DIR}/chef/chef-bin 32 | gem build chef-bin.gemspec 33 | cd ${TOP_DIR}/chef/chef-config 34 | gem build chef-config.gemspec 35 | cd ${TOP_DIR}/chef/knife 36 | gem build knife.gemspec 37 | cd $TOP_DIR/chef 38 | VERSION="$(cat VERSION)" 39 | gem push chef-${VERSION}.gem --host https://rubygems.cinc.sh 40 | gem push chef-${VERSION}-universal-mingw-ucrt.gem --host https://rubygems.cinc.sh 41 | gem push chef-bin/chef-bin-${VERSION}.gem --host https://rubygems.cinc.sh 42 | gem push chef-config/chef-config-${VERSION}.gem --host https://rubygems.cinc.sh 43 | gem push chef-utils/chef-utils-${VERSION}.gem --host https://rubygems.cinc.sh 44 | gem push knife/knife-${VERSION}.gem --host https://rubygems.cinc.sh 45 | -------------------------------------------------------------------------------- /patch.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | # 3 | # Author:: Lance Albertson 4 | # Copyright:: Copyright 2019-2025, Cinc Project 5 | # License:: Apache License, Version 2.0 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | 19 | # This will patch Chef using Cinc branded patches 20 | git_patch() { 21 | if [ -n "${2}" ] ; then 22 | CINC_BRANCH="${2}" 23 | elif [ "${REF}" == "main" -o -z "${REF}" ] ; then 24 | CINC_BRANCH="stable/cinc" 25 | else 26 | CINC_BRANCH="stable/cinc-${REF}" 27 | fi 28 | echo "Patching ${1} from ${CINC_BRANCH}..." 29 | git remote add -f --no-tags -t ${CINC_BRANCH} cinc https://gitlab.com/cinc-project/upstream/${1}.git 30 | git merge --no-edit cinc/${CINC_BRANCH} 31 | } 32 | 33 | TOP_DIR="$(pwd)" 34 | source /home/omnibus/load-omnibus-toolchain.sh 35 | set -ex 36 | # remove any previous builds 37 | rm -rf chef 38 | git config --global user.email || git config --global user.email "maintainers@cinc.sh" 39 | echo "Cloning ${REF:-main} branch from ${ORIGIN:-https://github.com/chef/chef.git}" 40 | git clone -q -b ${REF:-main} ${ORIGIN:-https://github.com/chef/chef.git} 41 | cd chef 42 | git_patch chef ${CINC_REF} 43 | cd $TOP_DIR 44 | 45 | echo "Updating Gemfile.lock" 46 | cd chef 47 | gem install -N bundler:2.3.7 48 | bundle lock 49 | echo "Commit the new Gemfile.lock" 50 | git add Gemfile.lock 51 | git commit -m 'Update Gemfile.lock to handle cinc-auditor' 52 | cd $TOP_DIR 53 | -------------------------------------------------------------------------------- /docker.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | # 3 | # Author:: Lance Albertson 4 | # Copyright:: Copyright 2020-2025, Cinc Project 5 | # License:: Apache License, Version 2.0 6 | # 7 | # Licensed under the Apache License, Version 2.0 (the "License"); 8 | # you may not use this file except in compliance with the License. 9 | # You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, software 14 | # distributed under the License is distributed on an "AS IS" BASIS, 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | # See the License for the specific language governing permissions and 17 | # limitations under the License. 18 | cat << EOF > /tmp/docker-token 19 | $DOCKER_TOKEN 20 | EOF 21 | cat /tmp/docker-token | docker login --username $DOCKER_USERNAME --password-stdin 22 | rm -rf /tmp/docker-token 23 | cd chef 24 | 25 | export VERSION="$(cat VERSION)" 26 | export MAJ="$(cat VERSION | cut -d '.' -f 1)" 27 | export MIN="$(cat VERSION | cut -d '.' -f 2)" 28 | # Point directly to OSUOSL master mirror 29 | URL="https://ftp-osl.osuosl.org/pub/cinc/files/${CHANNEL}/cinc/${VERSION}/el/8/cinc-${VERSION}-1.el8.x86_64.rpm" 30 | COUNT=0 31 | SLEEP=10 32 | MAX_COUNT=300 33 | 34 | # The Dockerfile pulls a built rpm from a URL instead of using the source. The 35 | # following ensures that we wait until the RPM has been deployed onto our 36 | # mirrors. By default, it will try the URL, wait 10 seconds if it fails and keep 37 | # doing that for 5 minutes. If nothing happens within those five minutes, then 38 | # something is obviously wrong and exits with 1. 39 | while [ ${COUNT} -le ${MAX_COUNT} ] ; do 40 | if [ ${COUNT} -ge ${MAX_COUNT} ] ; then 41 | echo "Exceeded ${MAX_COUNT} seconds, giving up..." 42 | exit 1 43 | fi 44 | curl --output /dev/null --silent --head --fail "$URL" 45 | STATUS=$? 46 | if [ "${STATUS}" -eq 0 ] ; then 47 | echo "${URL} ready!" 48 | break 49 | else 50 | echo "${URL} is not ready, waiting for ${SLEEP} seconds... (${COUNT}/${MAX_COUNT})" 51 | sleep ${SLEEP} 52 | COUNT=`expr ${COUNT} + ${SLEEP}` 53 | fi 54 | done 55 | 56 | set -x 57 | docker buildx bake -f ../docker-bake.hcl --push 58 | -------------------------------------------------------------------------------- /.gitlab/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | .test: 3 | stage: test 4 | script: 5 | - /opt/cinc/bin/cinc-auditor exec test/integration/cinc-tests --no-distinct-exit --reporter cli junit:junit.xml 6 | artifacts: 7 | reports: 8 | junit: junit.xml 9 | 10 | .test:amazonlinux: 11 | extends: .test 12 | before_script: 13 | - yum -y install data/amazon/${PLATFORM_VER}/cinc*.rpm 14 | after_script: 15 | - yum -y remove cinc 16 | 17 | .test:centos: 18 | extends: .test 19 | before_script: 20 | - yum -y install data/el/${PLATFORM_VER}/cinc*.rpm 21 | after_script: 22 | - yum -y remove cinc 23 | 24 | .test:debian: 25 | extends: .test 26 | before_script: 27 | - dpkg -i data/debian/${PLATFORM_VER}/cinc*.deb 28 | after_script: 29 | - apt-get -y remove cinc 30 | 31 | .test:freebsd: 32 | extends: .test 33 | before_script: 34 | - sudo sh data/freebsd/${PLATFORM_VER}/cinc*.sh 35 | script: 36 | - sudo /opt/cinc/bin/cinc-auditor exec test/integration/cinc-tests --no-distinct-exit --reporter cli junit:junit.xml 37 | after_script: 38 | - sudo rm -rf /opt/cinc 39 | 40 | .test:macos: 41 | extends: .test 42 | script: 43 | - sudo scripts/install-cinc-macos.sh 44 | - sudo /opt/cinc/bin/cinc-auditor exec test/integration/cinc-tests --no-distinct-exit --reporter cli junit:junit.xml 45 | - sudo scripts/uninstall-cinc-macos.sh 46 | artifacts: 47 | reports: 48 | junit: junit.xml 49 | 50 | .test:opensuse: 51 | extends: .test 52 | before_script: 53 | - rpm -iU data/sles/${PLATFORM_VER}/cinc*.rpm 54 | 55 | .test:rockylinux: 56 | extends: .test 57 | before_script: 58 | - yum -y install data/rocky/${PLATFORM_VER}/cinc*.rpm 59 | after_script: 60 | - yum -y remove cinc 61 | 62 | .test:ubuntu: 63 | extends: .test 64 | before_script: 65 | - dpkg -i data/ubuntu/${PLATFORM_VER}/cinc*.deb 66 | after_script: 67 | - apt-get -y remove cinc 68 | 69 | .test:windows: 70 | stage: test 71 | before_script: 72 | - ./scripts/install-cinc.ps1 73 | script: 74 | - $ErrorActionPreference = "Stop" 75 | - $env:Path = [System.Environment]::GetEnvironmentVariable("Path","Machine") + ";" + [System.Environment]::GetEnvironmentVariable("Path","User") 76 | - echo $env:PATH 77 | - cinc-auditor.bat exec test\integration\cinc-tests --no-distinct-exit --reporter cli junit:junit.xml 78 | artifacts: 79 | reports: 80 | junit: junit.xml 81 | after_script: 82 | - ./scripts/uninstall-cinc.ps1 83 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 2 | Cinc-client is a FOSS distribution of Chef Infra™ client, licensed under Apache-2.0. 3 | 4 | This repo contains all the required pipeline code to output functional builds of of the Chef Infra™ codebase under the rebranded name Cinc Client, designed to be compliant with Chef Software's [Policy on Trademarks](https://www.chef.io/trademark-policy/) 5 | 6 | ## Functioning 7 | 8 | We use gitlab-ci. In our [fork of chef/chef](https://gitlab.com/cinc-project/upstream/chef) we maintain a branch named `stable/cinc`. This branch hosts a handful of commits required to rebrand the original code. When the pipeline runs, it clones a fresh copy of the upstream repository, merges in `stable/cinc` and executes the omnibus build. 9 | 10 | We run builds for a variety of operating systems: 11 | - Ubuntu 18.04+ 12 | - Centos 7+ 13 | - Debian 9+ 14 | - Opensuse 15 15 | - Windows 2012r2+ 16 | - MacOS 10.14+ 17 | 18 | To build: go to pipelines and launch a pipeline on branch master, add a variable `ORIGIN` with which source you want to use (default to https://github.com/chef/chef on master branch) 19 | To use a specific branch or a PR as source, find the branch and source of the PR and use `-b https://github.com//chef` as value 20 | 21 | ## Getting started with Cinc 22 | 23 | See the [quick start](https://www.cinc.sh/quickstart/) section of our website, or jump directly to [downloads](http://downloads.cinc.sh/files/stable/cinc/). 24 | 25 | ## Contributing 26 | 27 | See the [contributing section of our website](https://www.cinc.sh/contributing/) 28 | 29 | # Authors 30 | 31 | The Cinc Project 32 | 33 | Originally written by [Tensibai Zhaoying](mailto:tensibai@iabis.net) 34 | 35 | Contributions by [Lance Albertson](lance@osuosl.org), [Artem Sidorenko](artem@posteo.de) and [Marc Chamberland](chamberland.marc@gmail.com) 36 | 37 | ## License and copyright 38 | 39 | Copyrights Cinc Project 40 | 41 | Licensed under the Apache License, Version 2.0 (the "License"); 42 | you may not use this file except in compliance with the License. 43 | You may obtain a copy of the License at 44 | 45 | http://www.apache.org/licenses/LICENSE-2.0 46 | 47 | Unless required by applicable law or agreed to in writing, software 48 | distributed under the License is distributed on an "AS IS" BASIS, 49 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 50 | See the License for the specific language governing permissions and 51 | limitations under the License. 52 | -------------------------------------------------------------------------------- /test/integration/cinc-tests/controls/executables.rb: -------------------------------------------------------------------------------- 1 | title 'Cinc executables' 2 | 3 | control 'Common tests for all platforms' do 4 | impact 1.0 5 | title 'Validate basic functionality on all platforms' 6 | desc 'Common test to all platforms' 7 | 8 | describe command 'cinc-client --version' do 9 | its('exit_status') { should eq 0 } 10 | its('stdout') { should match /^Cinc Client:/ } 11 | end 12 | 13 | describe command 'cinc-solo --version' do 14 | its('exit_status') { should eq 0 } 15 | its('stdout') { should match /^Cinc Client:/ } 16 | end 17 | 18 | describe command 'cinc-apply --version' do 19 | its('exit_status') { should eq 0 } 20 | end 21 | 22 | describe command 'cinc-shell --version' do 23 | its('exit_status') { should eq 0 } 24 | end 25 | 26 | describe command 'ohai --version' do 27 | its('exit_status') { should eq 0 } 28 | end 29 | end 30 | 31 | control 'cinc-*nix' do 32 | impact 1.0 33 | title 'Validate executables outputs on linux and mac' 34 | desc 'Outputs should not contain trademarks on linux or mac' 35 | only_if { os.family != 'windows' } 36 | 37 | describe command 'chef-client --version' do 38 | its('exit_status') { should eq 0 } 39 | its('stderr') { should match /^Redirecting to cinc-client/ } 40 | its('stdout') { should match /^Cinc Client:/ } 41 | end 42 | 43 | describe command 'chef-solo -l info -o ""' do 44 | its('exit_status') { should eq 0 } 45 | its('stderr') { should match /^Redirecting to cinc-solo/ } 46 | its('stdout') { should match /Cinc Zero/ } 47 | its('stdout') { should match /Cinc Client/ } 48 | its('stdout') { should match /Cinc-client/ } 49 | its('stdout') { should match %r{/var/cinc} } 50 | its('stdout') { should_not match /Chef Infra Zero/ } 51 | its('stdout') { should_not match /Chef Infra Client/ } 52 | its('stdout') { should_not match /Chef-client/ } 53 | its('stdout') { should_not match %r{/etc/chef/client.rb} } 54 | its('stdout') { should_not match %r{/var/chef} } 55 | end 56 | 57 | describe command '/opt/cinc/embedded/bin/cinc-zero --version' do 58 | its('exit_status') { should eq 0 } 59 | end unless ENV['HAB_TEST'] 60 | 61 | describe command '/opt/cinc/bin/cinc-auditor version' do 62 | its('exit_status') { should eq 0 } 63 | end 64 | 65 | describe command '/opt/cinc/bin/cinc-auditor detect' do 66 | its('exit_status') { should eq 0 } 67 | end 68 | 69 | describe command '/opt/cinc/bin/inspec version' do 70 | its('exit_status') { should eq 0 } 71 | its('stderr') { should match /^Redirecting to cinc-auditor/ } 72 | end 73 | end 74 | -------------------------------------------------------------------------------- /test/integration/cinc-tests/controls/win-executables.rb: -------------------------------------------------------------------------------- 1 | title 'Windows Cinc executables' 2 | 3 | control 'cinc-windows' do 4 | impact 1.0 5 | title 'Validate executables outputs on Windows' 6 | desc 'Outputs should not contain trademarks on Windows' 7 | only_if { os.family == 'windows' } 8 | 9 | describe command %q(cinc-solo -l info -o '""') do 10 | its('exit_status') { should eq 0 } 11 | its('stdout') { should match /Cinc Zero/ } 12 | its('stdout') { should match /Cinc Client/ } 13 | its('stdout') { should match /Cinc-client/ } 14 | its('stdout') { should_not match /Chef Infra Zero/ } 15 | its('stdout') { should_not match /Chef Infra Client/ } 16 | its('stdout') { should_not match /Chef-client/ } 17 | its('stdout') { should match %r{C:/cinc/client.rb.} } 18 | its('stdout') { should match %r{C:/cinc} } 19 | its('stdout') { should_not match %r{C:/chef/client.rb} } 20 | its('stdout') { should_not match %r{C:/chef} } 21 | end 22 | 23 | describe command 'C:\cinc-project\cinc\embedded\bin\cinc-zero.bat --version' do 24 | its('exit_status') { should eq 0 } 25 | end 26 | 27 | describe command 'cinc-auditor.bat version' do 28 | its('exit_status') { should eq 0 } 29 | end 30 | 31 | describe command 'cinc-auditor.bat detect' do 32 | its('exit_status') { should eq 0 } 33 | end 34 | 35 | describe command 'chef-client --version' do 36 | its('exit_status') { should eq 0 } 37 | # its('stderr') { should match /^Redirecting to cinc-client/ } # Train bug https://github.com/inspec/train/issues/288 38 | its('stdout') { should match /^Cinc Client:/ } 39 | end 40 | 41 | describe command %q(chef-solo -l info) do # No -o as escaping with wrapper in inspec under windows is a hell 42 | its('exit_status') { should eq 0 } 43 | # its('stderr') { should match /^Redirecting to cinc-solo/ } # Train bug https://github.com/inspec/train/issues/288 44 | its('stdout') { should match /Cinc Zero/ } 45 | its('stdout') { should match /Cinc Client/ } 46 | its('stdout') { should match /Cinc-client/ } 47 | its('stdout') { should_not match /Chef Infra Zero/ } 48 | its('stdout') { should_not match /Chef Infra Client/ } 49 | its('stdout') { should_not match /Chef-client/ } 50 | its('stdout') { should match %r{C:/cinc/client.rb.} } 51 | its('stdout') { should match %r{C:/cinc} } 52 | its('stdout') { should_not match %r{C:/chef/client.rb} } 53 | its('stdout') { should_not match %r{C:/chef} } 54 | end 55 | 56 | describe command 'inspec version' do 57 | its('exit_status') { should eq 0 } 58 | # its('stderr') { should match /^Redirecting to cinc-auditor/ } 59 | end 60 | end 61 | -------------------------------------------------------------------------------- /.gitlab/package.yml: -------------------------------------------------------------------------------- 1 | --- 2 | .package: 3 | stage: package 4 | needs: 5 | - patch 6 | script: 7 | - ./build.sh 8 | - cd chef/omnibus 9 | - mkdir ${CI_PROJECT_DIR}/data 10 | - mv -v pkg/cinc* ${CI_PROJECT_DIR}/data/ 11 | - cp ../VERSION ${CI_PROJECT_DIR}/ 12 | cache: 13 | paths: 14 | - cache/* 15 | - bundle/vendor/* 16 | when: always 17 | artifacts: 18 | expire_in: 1mo 19 | paths: 20 | - data/* 21 | - VERSION 22 | 23 | .package:amazonlinux: 24 | extends: .package 25 | after_script: 26 | - mkdir -p ${CI_PROJECT_DIR}/data/amazon/${PLATFORM_VER} 27 | - mv -v ${CI_PROJECT_DIR}/data/*.{rpm,json} ${CI_PROJECT_DIR}/data/amazon/${PLATFORM_VER}/ 28 | 29 | .package:centos: 30 | extends: .package 31 | after_script: 32 | - mkdir -p ${CI_PROJECT_DIR}/data/el/${PLATFORM_VER} 33 | - mv -v ${CI_PROJECT_DIR}/data/*.{rpm,json} ${CI_PROJECT_DIR}/data/el/${PLATFORM_VER}/ 34 | 35 | .package:debian: 36 | extends: .package 37 | after_script: 38 | - mkdir -p ${CI_PROJECT_DIR}/data/debian/${PLATFORM_VER} 39 | - mv -v ${CI_PROJECT_DIR}/data/*.{deb,json} ${CI_PROJECT_DIR}/data/debian/${PLATFORM_VER}/ 40 | 41 | .package:freebsd: 42 | extends: .package 43 | before_script: 44 | script: 45 | - bash build-freebsd.sh 46 | after_script: 47 | - mkdir -p ${CI_PROJECT_DIR}/data/freebsd/${PLATFORM_VER} 48 | - mv -v ${CI_PROJECT_DIR}/data/cinc*sh* ${CI_PROJECT_DIR}/data/freebsd/${PLATFORM_VER}/ 49 | - sudo rm -rf /opt/cinc/ 50 | variables: 51 | OMNIBUS_FIPS_MODE: "false" 52 | 53 | .package:macos: 54 | extends: .package 55 | script: 56 | - bash build-macos.sh 57 | after_script: 58 | - mkdir -p ${CI_PROJECT_DIR}/data/mac_os_x/${PLATFORM_VER} 59 | - mv -v ${CI_PROJECT_DIR}/data/cinc*dmg* ${CI_PROJECT_DIR}/data/mac_os_x/${PLATFORM_VER}/ 60 | - sudo chown -R omnibus cache/ bundle/ 61 | - sudo rm -rf /opt/cinc/ '/Applications/Cinc Foundation.app' 62 | - sudo pkgutil --forget com.cinc-project.pkg.cinc-foundation 63 | variables: 64 | OMNIBUS_FIPS_MODE: "false" 65 | 66 | .package:opensuse: 67 | extends: .package 68 | after_script: 69 | - mkdir -p ${CI_PROJECT_DIR}/data/sles/${PLATFORM_VER} 70 | - mv -v ${CI_PROJECT_DIR}/data/*.{rpm,json} ${CI_PROJECT_DIR}/data/sles/${PLATFORM_VER}/ 71 | 72 | .package:rockylinux: 73 | extends: .package 74 | after_script: 75 | - mkdir -p ${CI_PROJECT_DIR}/data/rocky/${PLATFORM_VER} 76 | - mv -v ${CI_PROJECT_DIR}/data/*.{rpm,json} ${CI_PROJECT_DIR}/data/rocky/${PLATFORM_VER}/ 77 | 78 | .package:windows: 79 | extends: .package 80 | before_script: 81 | - "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12" 82 | - . { Invoke-WebRequest -useb https://omnitruck.cinc.sh/install.ps1 } | Invoke-Expression; install -channel "stable" -project "cinc-foundation" -version "${CINC_FOUNDATION_VERSION}" 83 | script: 84 | - $ErrorActionPreference = "Stop" 85 | - C:\omnibus\load-omnibus-toolchain.ps1 86 | - bash.exe build-windows.sh 87 | after_script: 88 | - $ErrorActionPreference = "Stop" 89 | - mkdir.exe -p ${CI_PROJECT_DIR}/data/windows/${PLATFORM_VER} 90 | - mv.exe -v ${CI_PROJECT_DIR}/data/cinc* ${CI_PROJECT_DIR}/data/windows/${PLATFORM_VER} 91 | - $application = Get-WmiObject -Class Win32_Product -Filter "Name = 'Cinc Foundation v${CINC_FOUNDATION_VERSION}'" 92 | - $application.Uninstall() 93 | - Remove-Item -Recurse -Force C:\cinc-project 94 | 95 | .package:ubuntu: 96 | extends: .package 97 | after_script: 98 | - mkdir -p ${CI_PROJECT_DIR}/data/ubuntu/${PLATFORM_VER} 99 | - mv -v ${CI_PROJECT_DIR}/data/*.{deb,json} ${CI_PROJECT_DIR}/data/ubuntu/${PLATFORM_VER}/ 100 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "{}" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright 2019 Cinc Project 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /.gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | --- 2 | image: cincproject/omnibus-debian 3 | 4 | stages: 5 | - patch 6 | - package 7 | - test 8 | - cleanup 9 | - deploy 10 | - publish 11 | 12 | variables: 13 | ORIGIN: https://github.com/chef/chef.git 14 | REF: main 15 | CHANNEL: unstable 16 | CINC_PRODUCT: cinc 17 | CINC_FOUNDATION_VERSION: "3.2.15" 18 | OMNIBUS_FIPS_MODE: "true" 19 | OMNIBUS_LOG_LEVEL: "info" 20 | 21 | workflow: 22 | rules: 23 | # Run if we trigger a pipeline from the web 24 | - if: $CI_PIPELINE_SOURCE == "web" 25 | # Run if we trigger a pipeline from another project (i.e. upstream/chef) 26 | - if: $CI_PIPELINE_SOURCE == "pipeline" 27 | # Run if this is a merge request 28 | - if: $CI_MERGE_REQUEST_ID 29 | 30 | include: 31 | - local: .gitlab/package.yml 32 | - local: .gitlab/test.yml 33 | 34 | patch: 35 | stage: patch 36 | tags: 37 | - docker-x86_64 38 | script: 39 | - ./patch.sh 40 | artifacts: 41 | expire_in: 1mo 42 | paths: 43 | - chef/ 44 | 45 | # Package stage 46 | 47 | package:source: 48 | stage: package 49 | needs: 50 | - patch 51 | tags: 52 | - docker-x86_64 53 | script: 54 | - ./build-source.sh cinc chef 55 | artifacts: 56 | expire_in: 1mo 57 | paths: 58 | - source/* 59 | 60 | package:amazonlinux-2023:x86_64: 61 | extends: .package:amazonlinux 62 | image: cincproject/omnibus-amazonlinux:2023 63 | cache: 64 | key: amazonlinux:2023:x86_64 65 | tags: 66 | - docker-x86_64 67 | variables: 68 | PLATFORM_VER: "2023" 69 | 70 | package:amazonlinux-2023:aarch64: 71 | extends: .package:amazonlinux 72 | image: cincproject/omnibus-amazonlinux:2023 73 | cache: 74 | key: amazonlinux:2023:aarch64 75 | tags: 76 | - docker-aarch64-v8.2-a 77 | variables: 78 | PLATFORM_VER: "2023" 79 | OMNIBUS_FIPS_MODE: "false" 80 | 81 | package:centos-8:x86_64: 82 | extends: .package:centos 83 | image: cincproject/omnibus-almalinux:8 84 | cache: 85 | key: centos-8-x86_64 86 | tags: 87 | - docker-x86_64 88 | variables: 89 | PLATFORM_VER: "8" 90 | 91 | package:centos-8:aarch64: 92 | extends: .package:centos 93 | image: cincproject/omnibus-almalinux:8 94 | cache: 95 | key: centos-8-aarch64 96 | tags: 97 | - docker-aarch64 98 | variables: 99 | PLATFORM_VER: "8" 100 | OMNIBUS_FIPS_MODE: "false" 101 | 102 | package:centos-8:ppc64le: 103 | extends: .package:centos 104 | image: cincproject/omnibus-almalinux:8 105 | cache: 106 | key: centos-8-ppc64le 107 | tags: 108 | - docker-ppc64le 109 | variables: 110 | PLATFORM_VER: "8" 111 | 112 | package:centos-8:s390x: 113 | extends: .package:centos 114 | image: cincproject/omnibus-almalinux:8 115 | cache: 116 | key: centos-8-s390x 117 | tags: 118 | - docker-s390x 119 | needs: 120 | - patch 121 | variables: 122 | PLATFORM_VER: "8" 123 | 124 | package:centos-9:x86_64: 125 | extends: .package:centos 126 | image: cincproject/omnibus-almalinux:9 127 | cache: 128 | key: centos-9-x86_64 129 | tags: 130 | - docker-x86_64 131 | variables: 132 | PLATFORM_VER: "9" 133 | 134 | package:centos-9:aarch64: 135 | extends: .package:centos 136 | image: cincproject/omnibus-almalinux:9 137 | cache: 138 | key: centos-9-aarch64 139 | tags: 140 | - docker-aarch64 141 | variables: 142 | PLATFORM_VER: "9" 143 | OMNIBUS_FIPS_MODE: "false" 144 | 145 | package:centos-9:ppc64le: 146 | extends: .package:centos 147 | image: cincproject/omnibus-almalinux:9 148 | cache: 149 | key: centos-9-ppc64le 150 | tags: 151 | - docker-ppc64le-p9 152 | variables: 153 | PLATFORM_VER: "9" 154 | 155 | package:centos-9:s390x: 156 | extends: .package:centos 157 | image: cincproject/omnibus-almalinux:9 158 | cache: 159 | key: centos-9-s390x 160 | tags: 161 | - docker-s390x 162 | needs: 163 | - patch 164 | variables: 165 | PLATFORM_VER: "9" 166 | 167 | package:centos-10:x86_64: 168 | extends: .package:centos 169 | image: cincproject/omnibus-almalinux:10-kitten 170 | cache: 171 | key: centos-10-x86_64 172 | tags: 173 | - docker-x86_64-v3 174 | variables: 175 | PLATFORM_VER: "10" 176 | 177 | package:centos-10:aarch64: 178 | extends: .package:centos 179 | image: cincproject/omnibus-almalinux:10-kitten 180 | cache: 181 | key: centos-10-aarch64 182 | tags: 183 | - docker-aarch64 184 | variables: 185 | PLATFORM_VER: "10" 186 | OMNIBUS_FIPS_MODE: "false" 187 | 188 | package:centos-10:ppc64le: 189 | extends: .package:centos 190 | image: cincproject/omnibus-almalinux:10-kitten 191 | cache: 192 | key: centos-10-ppc64le 193 | tags: 194 | - docker-ppc64le-p9 195 | variables: 196 | PLATFORM_VER: "10" 197 | 198 | package:centos-10:s390x: 199 | extends: .package:centos 200 | image: cincproject/omnibus-almalinux:10-kitten 201 | cache: 202 | key: centos-10-s390x 203 | tags: 204 | - docker-s390x 205 | needs: 206 | - patch 207 | variables: 208 | PLATFORM_VER: "10" 209 | 210 | package:debian-11:x86_64: 211 | extends: .package:debian 212 | image: cincproject/omnibus-debian:11 213 | cache: 214 | key: debian:11:x86_64 215 | tags: 216 | - docker-x86_64 217 | variables: 218 | PLATFORM_VER: "11" 219 | 220 | package:debian-11:aarch64: 221 | extends: .package:debian 222 | image: cincproject/omnibus-debian:11 223 | cache: 224 | key: debian:11:aarch64 225 | tags: 226 | - docker-aarch64 227 | variables: 228 | PLATFORM_VER: "11" 229 | OMNIBUS_FIPS_MODE: "false" 230 | 231 | package:debian-12:x86_64: 232 | extends: .package:debian 233 | image: cincproject/omnibus-debian:12 234 | cache: 235 | key: debian:12:x86_64 236 | tags: 237 | - docker-x86_64 238 | variables: 239 | PLATFORM_VER: "12" 240 | 241 | package:debian-12:aarch64: 242 | extends: .package:debian 243 | image: cincproject/omnibus-debian:12 244 | cache: 245 | key: debian:12:aarch64 246 | tags: 247 | - docker-aarch64 248 | variables: 249 | PLATFORM_VER: "12" 250 | OMNIBUS_FIPS_MODE: "false" 251 | 252 | package:debian-13:riscv64: 253 | extends: .package:debian 254 | image: cincproject/omnibus-debian:13 255 | cache: 256 | key: debian-13-riscv64 257 | tags: 258 | - docker-riscv64 259 | variables: 260 | PLATFORM_VER: "13" 261 | OMNIBUS_FIPS_MODE: "false" 262 | 263 | package:freebsd-13: 264 | extends: .package:freebsd 265 | cache: 266 | key: freebsd-13 267 | tags: 268 | - freebsd-13 269 | variables: 270 | PLATFORM_VER: "13" 271 | OMNIBUS_FIPS_MODE: "false" 272 | 273 | package:freebsd-14: 274 | extends: .package:freebsd 275 | cache: 276 | key: freebsd-14 277 | tags: 278 | - freebsd-14 279 | variables: 280 | PLATFORM_VER: "14" 281 | OMNIBUS_FIPS_MODE: "false" 282 | 283 | package:macos-12: 284 | extends: .package:macos 285 | cache: 286 | key: macos-12 287 | tags: 288 | - macos-12 289 | variables: 290 | PLATFORM_VER: "12" 291 | OMNIBUS_FIPS_MODE: "false" 292 | 293 | package:macos-12:aarch64: 294 | extends: .package:macos 295 | cache: 296 | key: macos:12:aarch64 297 | tags: 298 | - macos-12-aarch64 299 | variables: 300 | PLATFORM_VER: "12" 301 | OMNIBUS_FIPS_MODE: "false" 302 | 303 | package:macos-13: 304 | extends: .package:macos 305 | cache: 306 | key: macos:13 307 | tags: 308 | - macos-13 309 | variables: 310 | PLATFORM_VER: "13" 311 | OMNIBUS_FIPS_MODE: "false" 312 | 313 | package:macos-13:aarch64: 314 | extends: .package:macos 315 | cache: 316 | key: macos:13:aarch64 317 | tags: 318 | - macos-13-aarch64 319 | variables: 320 | PLATFORM_VER: "13" 321 | OMNIBUS_FIPS_MODE: "false" 322 | 323 | package:macos-14: 324 | extends: .package:macos 325 | cache: 326 | key: macos:14 327 | tags: 328 | - macos-14 329 | variables: 330 | PLATFORM_VER: "14" 331 | OMNIBUS_FIPS_MODE: "false" 332 | 333 | package:macos-14:aarch64: 334 | extends: .package:macos 335 | cache: 336 | key: macos:14:aarch64 337 | tags: 338 | - macos-14-aarch64 339 | variables: 340 | PLATFORM_VER: "14" 341 | OMNIBUS_FIPS_MODE: "false" 342 | 343 | package:macos-15: 344 | extends: .package:macos 345 | cache: 346 | key: macos-15 347 | tags: 348 | - macos-15 349 | variables: 350 | PLATFORM_VER: "15" 351 | OMNIBUS_FIPS_MODE: "false" 352 | 353 | package:macos-15:aarch64: 354 | extends: .package:macos 355 | cache: 356 | key: macos-15-aarch64 357 | tags: 358 | - macos-15-aarch64 359 | variables: 360 | PLATFORM_VER: "15" 361 | OMNIBUS_FIPS_MODE: "false" 362 | 363 | package:opensuse-15:x86_64: 364 | extends: .package:opensuse 365 | image: cincproject/omnibus-opensuse:15 366 | cache: 367 | key: opensuse:15:x86_64 368 | tags: 369 | - docker-x86_64 370 | variables: 371 | PLATFORM_VER: "15" 372 | 373 | package:opensuse-15:aarch64: 374 | extends: .package:opensuse 375 | image: cincproject/omnibus-opensuse:15 376 | cache: 377 | key: opensuse:15:aarch64 378 | tags: 379 | - docker-aarch64 380 | variables: 381 | PLATFORM_VER: "15" 382 | OMNIBUS_FIPS_MODE: "false" 383 | 384 | package:windows-2016: 385 | extends: .package:windows 386 | cache: 387 | key: windows-2016 388 | tags: 389 | - windows-2016 390 | variables: 391 | PLATFORM_VER: "2016" 392 | 393 | package:ubuntu-18.04:x86_64: 394 | extends: .package:ubuntu 395 | image: cincproject/omnibus-ubuntu:18.04 396 | cache: 397 | key: ubuntu:18.04:x86_64 398 | tags: 399 | - docker-x86_64 400 | variables: 401 | PLATFORM_VER: "18.04" 402 | 403 | package:ubuntu-18.04:aarch64: 404 | extends: .package:ubuntu 405 | image: cincproject/omnibus-ubuntu:18.04 406 | cache: 407 | key: ubuntu:18.04:aarch64 408 | tags: 409 | - docker-aarch64 410 | variables: 411 | PLATFORM_VER: "18.04" 412 | OMNIBUS_FIPS_MODE: "false" 413 | 414 | package:rockylinux-8:x86_64: 415 | extends: .package:rockylinux 416 | image: cincproject/omnibus-rockylinux:8 417 | cache: 418 | key: rockylinux:8:x86_64 419 | tags: 420 | - docker-x86_64 421 | variables: 422 | PLATFORM_VER: "8" 423 | 424 | package:rockylinux-8:aarch64: 425 | extends: .package:rockylinux 426 | image: cincproject/omnibus-rockylinux:8 427 | cache: 428 | key: rockylinux:8:aarch64 429 | tags: 430 | - docker-aarch64 431 | variables: 432 | PLATFORM_VER: "8" 433 | OMNIBUS_FIPS_MODE: "false" 434 | 435 | package:rockylinux-9:x86_64: 436 | extends: .package:rockylinux 437 | image: cincproject/omnibus-rockylinux:9 438 | cache: 439 | key: rockylinux:9:x86_64 440 | tags: 441 | - docker-x86_64 442 | variables: 443 | PLATFORM_VER: "9" 444 | 445 | package:rockylinux-9:aarch64: 446 | extends: .package:rockylinux 447 | image: cincproject/omnibus-rockylinux:9 448 | cache: 449 | key: rockylinux:9:aarch64 450 | tags: 451 | - docker-aarch64 452 | variables: 453 | PLATFORM_VER: "9" 454 | OMNIBUS_FIPS_MODE: "false" 455 | 456 | package:ubuntu-20.04:x86_64: 457 | extends: .package:ubuntu 458 | image: cincproject/omnibus-ubuntu:20.04 459 | cache: 460 | key: ubuntu:20.04:x86_64 461 | tags: 462 | - docker-x86_64 463 | variables: 464 | PLATFORM_VER: "20.04" 465 | 466 | package:ubuntu-20.04:aarch64: 467 | extends: .package:ubuntu 468 | image: cincproject/omnibus-ubuntu:20.04 469 | cache: 470 | key: ubuntu:20.04:aarch64 471 | tags: 472 | - docker-aarch64 473 | variables: 474 | PLATFORM_VER: "20.04" 475 | OMNIBUS_FIPS_MODE: "false" 476 | 477 | package:ubuntu-22.04:x86_64: 478 | extends: .package:ubuntu 479 | image: cincproject/omnibus-ubuntu:22.04 480 | cache: 481 | key: ubuntu:22.04:x86_64 482 | tags: 483 | - docker-x86_64 484 | variables: 485 | PLATFORM_VER: "22.04" 486 | 487 | package:ubuntu-22.04:aarch64: 488 | extends: .package:ubuntu 489 | image: cincproject/omnibus-ubuntu:22.04 490 | cache: 491 | key: ubuntu:22.04:aarch64 492 | tags: 493 | - docker-aarch64 494 | variables: 495 | PLATFORM_VER: "22.04" 496 | OMNIBUS_FIPS_MODE: "false" 497 | 498 | package:ubuntu-24.04:x86_64: 499 | extends: .package:ubuntu 500 | image: cincproject/omnibus-ubuntu:24.04 501 | cache: 502 | key: ubuntu:24.04:x86_64 503 | tags: 504 | - docker-x86_64 505 | variables: 506 | PLATFORM_VER: "24.04" 507 | 508 | package:ubuntu-24.04:aarch64: 509 | extends: .package:ubuntu 510 | image: cincproject/omnibus-ubuntu:24.04 511 | cache: 512 | key: ubuntu:24.04:aarch64 513 | tags: 514 | - docker-aarch64 515 | variables: 516 | PLATFORM_VER: "24.04" 517 | OMNIBUS_FIPS_MODE: "false" 518 | 519 | package:ubuntu-24.04:riscv64: 520 | extends: .package:ubuntu 521 | image: cincproject/omnibus-ubuntu:24.04 522 | cache: 523 | key: ubuntu-24.04-riscv64 524 | tags: 525 | - docker-riscv64 526 | variables: 527 | PLATFORM_VER: "24.04" 528 | OMNIBUS_FIPS_MODE: "false" 529 | 530 | # Test stage 531 | test:amazonlinux-2023:x86_64: 532 | extends: .test:amazonlinux 533 | image: cincproject/omnibus-amazonlinux:2023 534 | needs: 535 | - package:amazonlinux-2023:x86_64 536 | tags: 537 | - docker-x86_64 538 | variables: 539 | PLATFORM_VER: "2023" 540 | 541 | test:amazonlinux-2023:aarch64: 542 | extends: .test:amazonlinux 543 | image: cincproject/omnibus-amazonlinux:2023 544 | needs: 545 | - package:amazonlinux-2023:aarch64 546 | tags: 547 | - docker-aarch64-v8.2-a 548 | variables: 549 | PLATFORM_VER: "2023" 550 | 551 | test:centos-8:x86_64: 552 | extends: .test:centos 553 | image: cincproject/omnibus-almalinux:8 554 | needs: 555 | - package:centos-8:x86_64 556 | tags: 557 | - docker-x86_64 558 | variables: 559 | PLATFORM_VER: "8" 560 | 561 | test:centos-8:aarch64: 562 | extends: .test:centos 563 | image: cincproject/omnibus-almalinux:8 564 | needs: 565 | - package:centos-8:aarch64 566 | tags: 567 | - docker-aarch64 568 | variables: 569 | PLATFORM_VER: "8" 570 | 571 | test:centos-8:ppc64le: 572 | extends: .test:centos 573 | image: cincproject/omnibus-almalinux:8 574 | needs: 575 | - package:centos-8:ppc64le 576 | tags: 577 | - docker-ppc64le 578 | variables: 579 | PLATFORM_VER: "8" 580 | 581 | test:centos-8:s390x: 582 | extends: .test:centos 583 | image: cincproject/omnibus-almalinux:8 584 | needs: 585 | - package:centos-8:s390x 586 | tags: 587 | - docker-s390x 588 | variables: 589 | PLATFORM_VER: "8" 590 | 591 | test:centos-9:x86_64: 592 | extends: .test:centos 593 | image: cincproject/omnibus-almalinux:9 594 | needs: 595 | - package:centos-9:x86_64 596 | tags: 597 | - docker-x86_64 598 | variables: 599 | PLATFORM_VER: "9" 600 | 601 | test:centos-9:aarch64: 602 | extends: .test:centos 603 | image: cincproject/omnibus-almalinux:9 604 | needs: 605 | - package:centos-9:aarch64 606 | tags: 607 | - docker-aarch64 608 | variables: 609 | PLATFORM_VER: "9" 610 | 611 | test:centos-9:ppc64le: 612 | extends: .test:centos 613 | image: cincproject/omnibus-almalinux:9 614 | needs: 615 | - package:centos-9:ppc64le 616 | tags: 617 | - docker-ppc64le-p9 618 | variables: 619 | PLATFORM_VER: "9" 620 | 621 | test:centos-9:s390x: 622 | extends: .test:centos 623 | image: cincproject/omnibus-almalinux:9 624 | needs: 625 | - package:centos-9:s390x 626 | tags: 627 | - docker-s390x 628 | variables: 629 | PLATFORM_VER: "9" 630 | 631 | test:centos-10:x86_64: 632 | extends: .test:centos 633 | image: cincproject/omnibus-almalinux:10-kitten 634 | needs: 635 | - package:centos-10:x86_64 636 | tags: 637 | - docker-x86_64-v3 638 | variables: 639 | PLATFORM_VER: "10" 640 | 641 | test:centos-10:aarch64: 642 | extends: .test:centos 643 | image: cincproject/omnibus-almalinux:10-kitten 644 | needs: 645 | - package:centos-10:aarch64 646 | tags: 647 | - docker-aarch64 648 | variables: 649 | PLATFORM_VER: "10" 650 | OMNIBUS_FIPS_MODE: "false" 651 | 652 | test:centos-10:ppc64le: 653 | extends: .test:centos 654 | image: cincproject/omnibus-almalinux:10-kitten 655 | needs: 656 | - package:centos-10:ppc64le 657 | tags: 658 | - docker-ppc64le-p9 659 | variables: 660 | PLATFORM_VER: "10" 661 | 662 | test:centos-10:s390x: 663 | extends: .test:centos 664 | image: cincproject/omnibus-almalinux:10-kitten 665 | needs: 666 | - package:centos-10:s390x 667 | tags: 668 | - docker-s390x 669 | variables: 670 | PLATFORM_VER: "10" 671 | 672 | test:debian-11:x86_64: 673 | extends: .test:debian 674 | image: cincproject/omnibus-debian:11 675 | needs: 676 | - package:debian-11:x86_64 677 | tags: 678 | - docker-x86_64 679 | variables: 680 | PLATFORM_VER: "11" 681 | 682 | test:debian-11:aarch64: 683 | extends: .test:debian 684 | image: cincproject/omnibus-debian:11 685 | needs: 686 | - package:debian-11:aarch64 687 | tags: 688 | - docker-aarch64 689 | variables: 690 | PLATFORM_VER: "11" 691 | 692 | test:debian-12:x86_64: 693 | extends: .test:debian 694 | image: cincproject/omnibus-debian:12 695 | needs: 696 | - package:debian-12:x86_64 697 | tags: 698 | - docker-x86_64 699 | variables: 700 | PLATFORM_VER: "12" 701 | 702 | test:debian-12:aarch64: 703 | extends: .test:debian 704 | image: cincproject/omnibus-debian:12 705 | needs: 706 | - package:debian-12:aarch64 707 | tags: 708 | - docker-aarch64 709 | variables: 710 | PLATFORM_VER: "12" 711 | 712 | test:debian-13:riscv64: 713 | extends: .test:debian 714 | image: cincproject/omnibus-debian:13 715 | needs: 716 | - package:debian-13:riscv64 717 | tags: 718 | - docker-riscv64 719 | variables: 720 | PLATFORM_VER: "13" 721 | OMNIBUS_FIPS_MODE: "false" 722 | 723 | test:freebsd-13: 724 | extends: .test:freebsd 725 | needs: 726 | - package:freebsd-13 727 | tags: 728 | - freebsd-13 729 | variables: 730 | PLATFORM_VER: "13" 731 | OMNIBUS_FIPS_MODE: "false" 732 | 733 | test:freebsd-14: 734 | extends: .test:freebsd 735 | needs: 736 | - package:freebsd-14 737 | tags: 738 | - freebsd-14 739 | variables: 740 | PLATFORM_VER: "14" 741 | OMNIBUS_FIPS_MODE: "false" 742 | 743 | test:macos-12: 744 | extends: .test:macos 745 | needs: 746 | - package:macos-12 747 | tags: 748 | - macos-12 749 | variables: 750 | PLATFORM_VER: "12" 751 | 752 | test:macos-12:aarch64: 753 | extends: .test:macos 754 | needs: 755 | - package:macos-12:aarch64 756 | tags: 757 | - macos-12-aarch64 758 | variables: 759 | PLATFORM_VER: "12" 760 | 761 | test:macos-13: 762 | extends: .test:macos 763 | needs: 764 | - package:macos-13 765 | tags: 766 | - macos-13 767 | variables: 768 | PLATFORM_VER: "13" 769 | 770 | test:macos-13:aarch64: 771 | extends: .test:macos 772 | needs: 773 | - package:macos-13:aarch64 774 | tags: 775 | - macos-13-aarch64 776 | variables: 777 | PLATFORM_VER: "13" 778 | 779 | test:macos-14: 780 | extends: .test:macos 781 | needs: 782 | - package:macos-14 783 | tags: 784 | - macos-14 785 | variables: 786 | PLATFORM_VER: "14" 787 | 788 | test:macos-14:aarch64: 789 | extends: .test:macos 790 | needs: 791 | - package:macos-14:aarch64 792 | tags: 793 | - macos-14-aarch64 794 | variables: 795 | PLATFORM_VER: "14" 796 | 797 | test:macos-15: 798 | extends: .test:macos 799 | needs: 800 | - package:macos-15 801 | tags: 802 | - macos-15 803 | variables: 804 | PLATFORM_VER: "15" 805 | 806 | test:macos-15:aarch64: 807 | extends: .test:macos 808 | needs: 809 | - package:macos-15:aarch64 810 | tags: 811 | - macos-15-aarch64 812 | variables: 813 | PLATFORM_VER: "15" 814 | 815 | test:opensuse-15:x86_64: 816 | extends: .test:opensuse 817 | image: cincproject/omnibus-opensuse:15 818 | needs: 819 | - package:opensuse-15:x86_64 820 | tags: 821 | - docker-x86_64 822 | variables: 823 | PLATFORM_VER: "15" 824 | 825 | test:opensuse-15:aarch64: 826 | extends: .test:opensuse 827 | image: cincproject/omnibus-opensuse:15 828 | needs: 829 | - package:opensuse-15:aarch64 830 | tags: 831 | - docker-aarch64 832 | variables: 833 | PLATFORM_VER: "15" 834 | 835 | test:rockylinux-8:x86_64: 836 | extends: .test:rockylinux 837 | image: cincproject/omnibus-rockylinux:8 838 | needs: 839 | - package:rockylinux-8:x86_64 840 | tags: 841 | - docker-x86_64 842 | variables: 843 | PLATFORM_VER: "8" 844 | 845 | test:rockylinux-8:aarch64: 846 | extends: .test:rockylinux 847 | image: cincproject/omnibus-rockylinux:8 848 | needs: 849 | - package:rockylinux-8:aarch64 850 | tags: 851 | - docker-aarch64 852 | variables: 853 | PLATFORM_VER: "8" 854 | 855 | test:rockylinux-9:x86_64: 856 | extends: .test:rockylinux 857 | image: cincproject/omnibus-rockylinux:9 858 | needs: 859 | - package:rockylinux-9:x86_64 860 | tags: 861 | - docker-x86_64 862 | variables: 863 | PLATFORM_VER: "9" 864 | 865 | test:rockylinux-9:aarch64: 866 | extends: .test:rockylinux 867 | image: cincproject/omnibus-rockylinux:9 868 | needs: 869 | - package:rockylinux-9:aarch64 870 | tags: 871 | - docker-aarch64 872 | variables: 873 | PLATFORM_VER: "9" 874 | 875 | test:ubuntu-18.04:x86_64: 876 | extends: .test:ubuntu 877 | image: cincproject/omnibus-ubuntu:18.04 878 | needs: 879 | - package:ubuntu-18.04:x86_64 880 | tags: 881 | - docker-x86_64 882 | variables: 883 | PLATFORM_VER: "18.04" 884 | 885 | test:ubuntu-18.04:aarch64: 886 | extends: .test:ubuntu 887 | image: cincproject/omnibus-ubuntu:18.04 888 | needs: 889 | - package:ubuntu-18.04:aarch64 890 | tags: 891 | - docker-aarch64 892 | variables: 893 | PLATFORM_VER: "18.04" 894 | 895 | test:ubuntu-20.04:x86_64: 896 | extends: .test:ubuntu 897 | image: cincproject/omnibus-ubuntu:20.04 898 | needs: 899 | - package:ubuntu-20.04:x86_64 900 | tags: 901 | - docker-x86_64 902 | variables: 903 | PLATFORM_VER: "20.04" 904 | 905 | test:ubuntu-20.04:aarch64: 906 | extends: .test:ubuntu 907 | image: cincproject/omnibus-ubuntu:20.04 908 | needs: 909 | - package:ubuntu-20.04:aarch64 910 | tags: 911 | - docker-aarch64 912 | variables: 913 | PLATFORM_VER: "20.04" 914 | 915 | test:ubuntu-22.04:x86_64: 916 | extends: .test:ubuntu 917 | image: cincproject/omnibus-ubuntu:22.04 918 | needs: 919 | - package:ubuntu-22.04:x86_64 920 | tags: 921 | - docker-x86_64 922 | variables: 923 | PLATFORM_VER: "22.04" 924 | 925 | test:ubuntu-22.04:aarch64: 926 | extends: .test:ubuntu 927 | image: cincproject/omnibus-ubuntu:22.04 928 | needs: 929 | - package:ubuntu-22.04:aarch64 930 | tags: 931 | - docker-aarch64 932 | variables: 933 | PLATFORM_VER: "22.04" 934 | 935 | test:ubuntu-24.04:x86_64: 936 | extends: .test:ubuntu 937 | image: cincproject/omnibus-ubuntu:24.04 938 | needs: 939 | - package:ubuntu-24.04:x86_64 940 | tags: 941 | - docker-x86_64 942 | variables: 943 | PLATFORM_VER: "24.04" 944 | 945 | test:ubuntu-24.04:aarch64: 946 | extends: .test:ubuntu 947 | image: cincproject/omnibus-ubuntu:24.04 948 | needs: 949 | - package:ubuntu-24.04:aarch64 950 | tags: 951 | - docker-aarch64 952 | variables: 953 | PLATFORM_VER: "24.04" 954 | 955 | test:ubuntu-24.04:riscv64: 956 | extends: .test:ubuntu 957 | image: cincproject/omnibus-ubuntu:24.04 958 | needs: 959 | - package:ubuntu-24.04:riscv64 960 | tags: 961 | - docker-riscv64 962 | variables: 963 | PLATFORM_VER: "24.04" 964 | OMNIBUS_FIPS_MODE: "false" 965 | 966 | test:sources: 967 | image: cincproject/docker-auditor 968 | stage: test 969 | needs: 970 | - package:source 971 | tags: 972 | - docker-x86_64 973 | script: 974 | - apk add bash outils-sha256 975 | - cinc-auditor exec test/integration/cinc-sources --no-distinct-exit --reporter cli junit:junit.xml 976 | artifacts: 977 | reports: 978 | junit: junit.xml 979 | 980 | test:windows-2016: 981 | extends: .test:windows 982 | needs: 983 | - package:windows-2016 984 | tags: 985 | - windows-x64-package-testing 986 | variables: 987 | PLATFORM_VER: "2016" 988 | 989 | # Deploy stage 990 | 991 | .ssh-setup: 992 | before_script: 993 | - eval $(ssh-agent -s) 994 | - echo "${SSH_PRIVATE_KEY}" | tr -d '\r' | ssh-add - > /dev/null 995 | - mkdir -p ~/.ssh 996 | - chmod 700 ~/.ssh 997 | - echo "${SSH_KNOWN_HOSTS}" > ~/.ssh/known_hosts 998 | - chmod 644 ~/.ssh/known_hosts 999 | 1000 | deploy: 1001 | allow_failure: false 1002 | stage: deploy 1003 | extends: .ssh-setup 1004 | # Only run if this is triggered from the web 1005 | rules: 1006 | - if: $CI_PIPELINE_SOURCE == "web" 1007 | when: manual 1008 | - when: never 1009 | tags: 1010 | - docker-x86_64 1011 | dependencies: 1012 | - package:source 1013 | - package:amazonlinux-2023:x86_64 1014 | - package:amazonlinux-2023:aarch64 1015 | - package:centos-8:aarch64 1016 | - package:centos-8:ppc64le 1017 | - package:centos-8:x86_64 1018 | - package:centos-8:s390x 1019 | - package:centos-9:aarch64 1020 | - package:centos-9:ppc64le 1021 | - package:centos-9:x86_64 1022 | - package:centos-9:s390x 1023 | - package:centos-10:aarch64 1024 | - package:centos-10:ppc64le 1025 | - package:centos-10:s390x 1026 | - package:centos-10:x86_64 1027 | - package:debian-11:aarch64 1028 | - package:debian-11:x86_64 1029 | - package:debian-12:aarch64 1030 | - package:debian-12:x86_64 1031 | - package:debian-13:riscv64 1032 | - package:freebsd-13 1033 | - package:freebsd-14 1034 | - package:macos-12 1035 | - package:macos-12:aarch64 1036 | - package:macos-13 1037 | - package:macos-13:aarch64 1038 | - package:macos-14 1039 | - package:macos-14:aarch64 1040 | - package:macos-15 1041 | - package:macos-15:aarch64 1042 | - package:opensuse-15:aarch64 1043 | - package:opensuse-15:x86_64 1044 | - package:rockylinux-8:aarch64 1045 | - package:rockylinux-8:x86_64 1046 | - package:rockylinux-9:aarch64 1047 | - package:rockylinux-9:x86_64 1048 | - package:ubuntu-18.04:aarch64 1049 | - package:ubuntu-18.04:x86_64 1050 | - package:ubuntu-20.04:aarch64 1051 | - package:ubuntu-20.04:x86_64 1052 | - package:ubuntu-22.04:aarch64 1053 | - package:ubuntu-22.04:x86_64 1054 | - package:ubuntu-24.04:aarch64 1055 | - package:ubuntu-24.04:x86_64 1056 | - package:ubuntu-24.04:riscv64 1057 | - package:windows-2016 1058 | script: 1059 | - bash deploy.sh 1060 | 1061 | # Publish stage 1062 | 1063 | publish: 1064 | stage: publish 1065 | extends: .ssh-setup 1066 | dependencies: [] 1067 | # Only run if this is triggered from the web 1068 | rules: 1069 | - if: $CI_PIPELINE_SOURCE == "web" 1070 | when: on_success 1071 | - when: never 1072 | tags: 1073 | - downloads 1074 | script: 1075 | - sudo mkdir -p /data/mirror/{files,source}/${CHANNEL}/cinc 1076 | - sudo /usr/bin/rsync -avH /data/incoming/files/${CHANNEL}/cinc/ /data/mirror/files/${CHANNEL}/cinc/ 1077 | - sudo /usr/bin/rsync -avH /data/incoming/source/${CHANNEL}/cinc/ /data/mirror/source/${CHANNEL}/cinc/ 1078 | - sudo -E -u cinc /usr/local/bin/update-cinc-api 1079 | - ssh -q cinc@${MIRROR_HOST} "~/sync-from-master" 1080 | 1081 | publish-gems: 1082 | stage: publish 1083 | # Only run if this is triggered from the web 1084 | rules: 1085 | - if: $CI_PIPELINE_SOURCE == "web" 1086 | when: on_success 1087 | - when: never 1088 | tags: 1089 | - docker-x86_64 1090 | dependencies: 1091 | - patch 1092 | script: 1093 | - ./publish-gems.sh 1094 | 1095 | publish-docker: 1096 | image: docker:latest 1097 | services: 1098 | - docker:dind 1099 | stage: publish 1100 | # Only run if this is triggered from the web 1101 | rules: 1102 | - if: $CI_PIPELINE_SOURCE == "web" 1103 | when: on_success 1104 | - if: $CHANNEL == "unstable" 1105 | when: never 1106 | - when: never 1107 | tags: 1108 | - docker-x86_64 1109 | dependencies: 1110 | - patch 1111 | before_script: 1112 | - apk add curl bash 1113 | - eval $(ssh-agent -s) 1114 | - echo "${BUILDX_SSH_PRIVATE_KEY}" | tr -d '\r' | ssh-add -q - > /dev/null 1115 | - mkdir -p ~/.ssh 1116 | - chmod 700 ~/.ssh 1117 | - echo "${BUILDX_SSH_KNOWN_HOSTS}" > ~/.ssh/known_hosts 1118 | - chmod 644 ~/.ssh/known_hosts 1119 | - docker context create amd64 1120 | - docker context use amd64 1121 | - docker buildx create --name $BUILDER_NAME --use amd64 --platform linux/amd64 --config buildkitd.toml 1122 | - docker context create arm64 --docker "host=ssh://${BUILDX_ARM64}" 1123 | - docker buildx create --name $BUILDER_NAME --append arm64 --platform linux/arm64 --config buildkitd.toml 1124 | script: 1125 | - bash docker.sh 1126 | - docker buildx ls --no-trunc 1127 | - docker buildx stop $BUILDER_NAME 1128 | - docker buildx rm -f $BUILDER_NAME 1129 | variables: 1130 | DOCKER_DRIVER: overlay2 1131 | DOCKER_TLS_VERIFY: 1 1132 | DOCKER_CERT_PATH: "/certs/client" 1133 | DOCKER_TLS_CERTDIR: "/certs" 1134 | BUILDER_NAME: "${CI_PROJECT_PATH_SLUG}-${CI_PIPELINE_ID}-${CI_JOB_NAME_SLUG}" 1135 | 1136 | .cleanup: 1137 | stage: cleanup 1138 | dependencies: [] 1139 | variables: 1140 | GIT_CHECKOUT: "false" 1141 | when: always 1142 | script: 1143 | - sudo rm -rf chef/ 1144 | - sudo rm -rf ${CI_PROJECT_DIR}/cinc-project/distribution/client/ 1145 | 1146 | cleanup:macos-12: 1147 | extends: .cleanup 1148 | tags: 1149 | - macos-12 1150 | 1151 | cleanup:macos-12-aarch64: 1152 | extends: .cleanup 1153 | tags: 1154 | - macos-12-aarch64 1155 | 1156 | cleanup:macos-13: 1157 | extends: .cleanup 1158 | tags: 1159 | - macos-13 1160 | 1161 | cleanup:macos-13-aarch64: 1162 | extends: .cleanup 1163 | tags: 1164 | - macos-13-aarch64 1165 | 1166 | cleanup:macos-14: 1167 | extends: .cleanup 1168 | tags: 1169 | - macos-14 1170 | 1171 | cleanup:macos-14-aarch64: 1172 | extends: .cleanup 1173 | tags: 1174 | - macos-14-aarch64 1175 | 1176 | cleanup:macos-15: 1177 | extends: .cleanup 1178 | tags: 1179 | - macos-15 1180 | 1181 | cleanup:macos-15-aarch64: 1182 | extends: .cleanup 1183 | tags: 1184 | - macos-15-aarch64 1185 | --------------------------------------------------------------------------------