Commit 1b44134c authored by Nigel Kukard's avatar Nigel Kukard

Initial CI deployment integration

parent 829a41fc
.gitlab-ci.yml export-ignore
.gitattributes export-ignore
stages:
- code-quality
- make-test
- make-install
- sources-upload
code-quality:
stage: code-quality
script:
- export DEBIAN_FRONTEND=noninteractive
- apt-get update
- apt-get dist-upgrade -y
- apt-get install -y libperl-critic-perl make
- perlcritic --stern "$CI_PROJECT_DIR"
make-test:
stage: make-test
script:
- export DEBIAN_FRONTEND=noninteractive
# Install IDMS Linux Enterprise
- apt-get update
- apt-get install -y wget
- echo "deb http://cdn.idms-linux.org/enterprise/ jessie enterprise" > /etc/apt/sources.list.d/idms-linux-enterprise.list
- wget -O- -q http://cdn.idms-linux.org/enterprise/enterprise.asc | apt-key add -
- atp-get update
- apt-get dist-upgrade -y
- apt-get install -y make
- apt-get install -y libdatetime-perl libdatetime-timezone-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libjson-perl libwww-perl libcrypt-openssl-pkcs10-perl
- cd "$CI_PROJECT_DIR"
- perl Makefile.PL
- make test
make-install:
stage: make-install
script:
- export DEBIAN_FRONTEND=noninteractive
# Install IDMS Linux Enterprise
- apt-get update
- apt-get install -y wget
- echo "deb http://cdn.idms-linux.org/enterprise/ jessie enterprise" > /etc/apt/sources.list.d/idms-linux-enterprise.list
- wget -O- -q http://cdn.idms-linux.org/enterprise/enterprise.asc | apt-key add -
- apt-get update
- apt-get dist-upgrade -y
- apt-get install -y make
- apt-get install -y libdatetime-perl libdatetime-timezone-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libjson-perl libwww-perl libcrypt-openssl-pkcs10-perl
- cd "$CI_PROJECT_DIR"
- perl Makefile.PL
- make install
sources-upload:
stage: sources-upload
only:
- tags@allworldit/awit-certmaster
except:
- master
script:
- export DEBIAN_FRONTEND=noninteractive
- apt-get update
- apt-get dist-upgrade -y
- apt-get install -y git xz-utils curl lftp gnupg
- cd "$CI_PROJECT_DIR"
# Import signing key
- echo "$SOURCES_GPG_SIGNKEY" | gpg --import
# Work out naming
- export ARCHIVE_VERSION="${CI_BUILD_TAG%%-*}"
- export ARCHIVE_NAME=${CI_PROJECT_NAME}-${ARCHIVE_VERSION##v}
# Create tar archive
- git archive --format=tar --prefix=${ARCHIVE_NAME}/ ${CI_BUILD_TAG} > ../${ARCHIVE_NAME}.tar
# Create compressed versions
- xz --keep --extreme -9 ../${ARCHIVE_NAME}.tar
# Sign compressed tar files
- gpg --sign --detach-sign --armor ../${ARCHIVE_NAME}.tar.xz
# Upload files, translating .asc into .sign
- lftp -e "set ssl:ca-file '/etc/ssl/certs/ca-certificates.crt'; set net:max-retries '5'; set net:timeout '60'; rm -r -f '${ARCHIVE_VERSION}'; mkdir '${ARCHIVE_VERSION}' && put ../'${ARCHIVE_NAME}.tar.xz' -o '${ARCHIVE_VERSION}/${ARCHIVE_NAME}.tar.xz' && put ../'${ARCHIVE_NAME}.tar.xz.asc' -o '${ARCHIVE_VERSION}/${ARCHIVE_NAME}.tar.xz.sign'; quit" -u "$UPLOAD_CRED" "$UPLOAD_HOST" 2>&1
# Test uploaded files
- curl --fail -o /dev/null "$DOWNLOAD_URL/${ARCHIVE_VERSION}/${ARCHIVE_NAME}.tar.xz"
- curl --fail -o /dev/null "$DOWNLOAD_URL/${ARCHIVE_VERSION}/${ARCHIVE_NAME}.tar.xz.sign"
stages:
- quality
- tests
- install
code-quality:
stage: quality
script:
- export DEBIAN_FRONTEND=noninteractive
- apt-get update
- apt-get dist-upgrade -y
- apt-get install -y libperl-critic-perl make
- perlcritic --stern "$CI_PROJECT_DIR"
make-test:
stage: tests
script:
- export DEBIAN_FRONTEND=noninteractive
- apt-get update
- apt-get dist-upgrade -y
- apt-get install -y make
- apt-get install -y libdatetime-perl libdatetime-timezone-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libjson-perl libwww-perl libcrypt-openssl-pkcs10-perl
- cd "$CI_PROJECT_DIR"
- perl Makefile.PL
- make test
make-install:
stage: install
script:
- export DEBIAN_FRONTEND=noninteractive
- apt-get update
- apt-get dist-upgrade -y
- apt-get install -y make
- apt-get install -y libdatetime-perl libdatetime-timezone-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libjson-perl libwww-perl libcrypt-openssl-pkcs10-perl
- cd "$CI_PROJECT_DIR"
- perl Makefile.PL
- make install
# Makefile
# Copyright (C) 2016, AllWorldIT
# Copyright (C) 2016-2017, AllWorldIT
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
......@@ -25,5 +25,11 @@ WriteMakefile(
VERSION_FROM => "awit-certmaster",
EXE_FILES => [qw( awit-certmaster )],
MAN1EXT => "1",
MAN1PODS => {
'awit-certmaster' => 'blib/man1/awit-certmaster.1',
},
);
#!/usr/bin/perl
# awit-certmaster - SSL certificate maintainer for servers
# Copyright (c) 2016, AllWorldIT
# Copyright (c) 2016-2017, AllWorldIT
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
......@@ -15,11 +15,32 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
=encoding utf8
=head1 NAME
awit-certmaster - SSL certificate maintainer for servers
=head1 SYNOPSIS
awit-certmaster <MAIN OPTIONS> <CERT OPTIONS>
=cut
=head1 DESCRIPTION
awit-certmaster is an SSL maintenance utility which makes use of multiple certificate providers to provision SSL certificates to
web platforms automagically.
=cut
use strict;
use warnings;
package AWIT::CertMaster;
......@@ -1724,12 +1745,86 @@ use Getopt::Long;
my $NAME = "AWIT-CertMaster";
our $VERSION = "1.1.1";
our $VERSION = "1.1.2";
print(STDERR "$NAME v$VERSION - Copyright (c) 2016-2017, AllWorldIT\n\n");
=head1 MAIN OPTIONS
C<awit-certmaster> provides the below commandline options...
=cut
=head2 --help|?
Display this help information.
=cut
=head2 --version
Display version information.
=cut
=head2 --nginx <CERT OPTIONS>
Process nginx configuration and generate certificates.
=cut
=head2 --apache <CERT OPTIONS>
Process apache configuration and generate certificates.
=cut
print(STDERR "$NAME v$VERSION - Copyright (c) 2016, AllWorldIT\n\n");
=head1 CERT OPTIONS
The following certificate operations are available for each server type above.
=cut
=head2 --check-only
Only check if certificates need to be re-issued.
=cut
=head2 --force=<DOMAIN>
Force generation of certificate for <DOMAIN>. This option can be specified multiple times.
=cut
=head2 --force-verfity=<DOMAIN>
Force verification of domain with certificate provider. This option can be specified multiple times.
=cut
=head2 --live
Run in LIVE mode. By default awit-certmaster runs in TEST mode.
=cut
=head2 --only=<DOMAIN>
ONLY process domain <DOMAIN> and none of the others. This option can be specified multiple times.
=cut
=head2 --use-dns=<DOMAIN>
Use DNS validation method for domain and not HTTP. THIS OPTION CURRENTLY DOES NOT WORK.
=cut
# Grab options
......@@ -1826,3 +1921,29 @@ EOF
__END__
=head1 AUTHORS
Nigel Kukard E<lt>nkukard@allworld.itE<gt>.
=head1 BUGS
All bugs should be reported via the project issue tracker
L<https://gitlab.devlabs.linuxassist.net/allworldit/awit-certmaster/issues>.
=head1 LICENSE AND COPYRIGHT
Copyright (C) 2016-2017, AllWorldIT
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
=head1 SEE ALSO
L<httpd>(1), L<nginx>(1).
=cut
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment