CI Updates (#3)

# Added
- Deployment step in CI
- Initial commit of Docker, CI build, and configuration
- Move `certbot` directory from `moodle-docker` to this repo
- CONTRIBUTION.md

 # Changed
- Clean up CI configuration
- Update scripts
  - tag checking
  - docker publish

Author: hrpatel

.travis.yml

@@ -1,26 +1,26 @@
-
+# Define build stages
 stages:
   - Tests
   - SDLC Tasks
   - Build and Publish
 
+# Use minimal image
+language: minimal
+
 jobs:
   include:
   - stage: Tests
     name: Shellcheck
     env:
       - SHELLCHECK_OPTS="-e SC1008 -e SC2154"
-    language: bash
     script:
       - shellcheck $(find . -type f -name '*.sh')
   - name: Dockerfile linter
-    language: minimal
     script:
       - docker run --rm -v $PWD:/root/ projectatomic/dockerfile-lint dockerfile_lint -f ./Dockerfile
   - stage: "SDLC Tasks"
     name: Tag & iteration update
     sudo: required
-    language: bash
     script:
       - bash bin/travis-ci/check_tag.sh
   - stage: Build and Publish
@@ -29,11 +29,15 @@ jobs:
       - secure: "syHwTME2FzcgZnn8VZgi2WGSctRlhYmt+6F3KVwhOUfgwRLqJZuohXSWm7/siS6BAqtk6poXIjpn7uAJXk+h7gEefQPaqe4GwwXJAn+zNq7K1Q1DCOhHlTjWdEn0dd1lH1rc8PnrS48U+TkP5yjQ24Y/20MnJy2omQ2awxBphZbBK1X5L8DIeYeMXi39/qhY+yUdmkS7kmC0eYMGK0ijVhDCQGt+MBkTPtdq2XwtGy0L5wHGeGz+epXRSLU8JIN1w29dTbEIR+SfrRfOB3fJo8rNoIecMt68+Jb5Xg33AehYL4t65Cx2z9+KtGvWeLIQEGlsG9gntJjMHqTUjcZnrO7b5ynSUKn5loaHJc4oM8IA2cpwidDHGVD1hNqo9Bg4k6zHn98t+VqS8Cztxp2acHyubR+32jESxVbU+eR3A0eGSWTa8o+HLU1cEDw43x3qwG4E++msGAarnhKSYuKys6l2UKBYy9OP3j1rT9B+Oxm+dPQooUY1ueBhDwq7ijSt/n4qjwP7ZExCdggvT1PDeCwtwedMqJ5MskWLKwqpT3Hny7twBXBgZv+jKSb7ZxID4imbmr3lO0O+cuqve6N1Exc2labZEu90pawqem+a6OaspXriNu1YBD9GyXlUmpGBh5YgzCDBnwjlSTJ7p6xiXTF6AEd7nnnhWPwkp2SxPdI="
       - secure: "aAjuXpAhD67jVis8/gHoe4mwXESRCKCOrsmgqDpIJzj+0WIs1Z9bEq84dcCmkAz+Fz6eA6kiJIHrHsHzASOysVtAIpJ0ApKkUtyDP41GjF7nS4d9SuMKzamEfgoFTQDBwF2i+L9wwdQ0UNVQ53bZomU1cbwhcDWXoKcpSvW3fWL0q8rKN4f0oLi73FYMQ3+Dq9NM5r7DH7CUtjxwVZuvxWnP5JC+Rqm8Du+ObVSxbLvkzSebnCPXh0BZxEIJYh3da3rcckJQfDIyTgXKytEjnbEf4vmlnKsNIIR3NuzgWFLToPKeckI/BNY930QxX3epZs2Pa6EgTzBdDZBuGmAPdnXRTD9i5y+6Ffpv7duRpTngRAujUmAzdwU/B2utmW1BnJpvbbepBcFjyHDOGHgeL1Q0JmpH573oRkkOip85nkIWv03qWVqOZSky5DtfQuPp6SEd5/WlvhC7Etcz49YZb6Wjl+cOYV+WYorjBwe1jSPOQO4oJ5Qlnbw8NQ3lNk93t71z7/YWtyaoHp/NHMPdf+ZsOZn+YS2Iu2dXfoTZNTgpJpFaAu3mkTV09XsygM5uDJ83kqAwMNoToHU1iyGD/SRzfpojyMeSXOyHaIqiHdSrqaKopyD1o81oiIdji4pKTw9sGFOmnFRvWHd7+/8kYFnK/IwN6CbmLdBcCMVhegg="
       - secure: "okThdoKinSf0fpKZLb2Xw31nW5PdMZyF2l0FAP6TrjtcSc2PQ56BhcwWY8yjvFNfR8o2uVTwfKYhitXDDOngqBiJclRMV6zJfBzNKig/a3ouXQHbMybjxiAcH3kBYBzZEpkf7nf/R2xH0TfiMQS34b17VU0yYkOHjDe9NIWLZ8qDHPOMa3p0vuw23WpIaU6HaoD2Pzn/YqD79HlDwo4x+9FA4ffF0iYzRhRAlMK05WNXX0ZMoEvTMKwyGkVgu0U7kI+Tzj4z0O3ZIEc0tmthBuhOdjxc9FPjIN09tRhh15HeV55gn/uoZN79AOgBUG1ZLRahMEEXSGMtiWbBE8RRH8u46mP/bR6SLfqZ5whsDzQ4d8a1uNB7GRxaTHLZW+6Ij3YyNP6xtHQJiGk6U9iYTf4yUI4C2SkcDH+Zq+ipNuyJI4JduH5H1mQaK28I5Mu/s/BBVp6PJ7B/V3YKbv4Rv/DwiC8tGAfR+EQ/DGOvu69xiIKLc3IC4wI9TtLRQWrm7KZnPI1KlfFtYE7O/GotxoAbf/8kQ1HXfx1q0mP3o4ithtsz8XQX3h63jhD4hsBmNfiwEJCxO6Qwtq7ihxJOOh2rM9YGv8Ib3JQ6r+SLyfCO6Uhz0/buE/Xg+Xo1J8hMHmfy3T/d+MU7g+oOO2Oj9dxTSDiH7aLWwOlG653ltIM="
-    language: minimal
     sudo: required
     services:
       - docker
     script:
       - bash bin/travis-ci/docker_upgrade.sh
       - bash bin/travis-ci/docker_build.sh
-      - if [[ ${TRAVIS_BRANCH} = "master" ]]; then bash bin/travis-ci/docker_publish.sh; fi
+    deploy:
+      skip_cleanup: true
+      provider: script
+      script: bash bin/travis-ci/docker_publish.sh
+      on:
+        tags: true

CHANGELOG.md

@@ -4,8 +4,21 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## [v0.1.2] - 2018-10-02
+### Added
+- Deployment step in CI
+- Initial commit of Docker, CI build, and configuration
+- Move `certbot` directory from `moodle-docker` to this repo
+- CONTRIBUTION.md
+
+### Changed
+- Clean up CI configuration
+- Update scripts
+  - tag checking
+  - docker publish
+
 ## [v0.1.1] - 2018-10-02
 ### Added
 - Project `CHANGELOG.md`, `README.md`, and `LICENSE`
 - Initial commit of Docker, CI build, and configuration
-- Move `certbot` directory from `moodle-docker` to this repo
+- Move `certbot` directory from `moodle-docker` to this repo

CONTRIBUTING.md

@@ -0,0 +1,28 @@
+# Contributing to `certbot-docker`
+
+## Tags
+### Summary
+* Tag `develop` after merging feature branches
+* Tag `master` after merging `develop`
+* Tag creation generate DEB package and pushes container to registry
+  * See `.travis.yml` and `bin/travis-ci/*.sh` for details
+
+### Procedure
+1. Push changes to appropriate branch (See [Pull Requests](#pull-requests)) 
+    * In addition to any code changes, add a new entry in `CHANGELOG.md` with version bump and update `BUILD_VERSION` in `.env` to match
+2. Create PR
+3. Verify that all status checks pass
+4. Merge PR once approved
+5. Create a tag on the appropriate branch
+
+## Pull Requests
+
+### Feature Pull Requests
+* Base: `develop`
+* Increment PATCH version (e.g. `v0.1.12` -> `v0.1.13`)
+* Tag `master` after merging PR
+
+### `master` Pull Requests
+* Base: `master`
+* Increment MINOR version  (e.g. `v0.1.12` -> `v0.2.0`)
+* Tag `master` after merging PR

bin/travis-ci/check_tag.sh

@@ -17,32 +17,49 @@
 
 set -eo pipefail
 
-# echo "Installing shtdlib"
+echo "Installing shtdlib"
 shtdlib_local_path="/usr/local/bin/shtdlib.sh"
 sudo curl -s -L -o "${shtdlib_local_path}" https://github.com/sdelements/shtdlib/raw/master/shtdlib.sh
 sudo chmod 775 "${shtdlib_local_path}"
 # shellcheck disable=SC1091,SC1090
 source "${shtdlib_local_path}"
 color_echo green "shtdlib.sh installed successfully"
 
+version_pattern='v\d+\.\d+\.\d+(?:qa)?'
+version_pattern_line="^${version_pattern}$"
+
 # Get the latest tag from GitHub
 latest_tag="$(git fetch -t && git tag -l | sort --version-sort | tail -n1)"
-color_echo green "Latest Git tag: '${latest_tag}'"
+color_echo green "Latest Git tag from repo: '${latest_tag}'"
 
 # Get the latest tag from the CHANGELOG
-changelog_ver="$(grep -oP '\[v\d\.\d\.\d\]' CHANGELOG.md | tr -d '[]' | sort -nr | head -n1)"
+changelog_ver="$(grep -oP "\[${version_pattern}\]" CHANGELOG.md | tr -d '[]' | sort --version-sort -r | head -n1)"
 color_echo green "CHANGELOG version: '${changelog_ver}'"
 
 # Validate version strings
-version_pattern='^v\d\.\d\.\d$'
-echo "${latest_tag}" | grep -qP ${version_pattern} || ( color_echo red "Invalid tag from repo: '${latest_tag}'" && exit 1 )
-echo "${changelog_ver}" | grep -qP ${version_pattern} || ( color_echo red "Invalid tag from CHANGELOG: '${changelog_ver}'" && exit 1 )
-
-# Ensure tags in CHANGELOG and iteration are greater than highest repo tag
-if [ "${latest_tag}" = "${changelog_ver}" ] \
-   || ! compare_versions "${latest_tag}" "${changelog_ver}"; then
-    color_echo red "Error: Version in CHANGELOG.md not updated"
-    exit 1
+echo "${latest_tag}" | grep -qP "${version_pattern_line}" || ( color_echo red "Invalid tag from repo: '${latest_tag}'" && exit 1 )
+echo "${changelog_ver}" | grep -qP "${version_pattern_line}" || ( color_echo red "Invalid tag from CHANGELOG: '${changelog_ver}'" && exit 1 )
+
+# Check if a tag triggered the build
+if [[ -z "${TRAVIS_TAG}" ]]; then
+    # Ensure tags in CHANGELOG and iteration are greater than highest repo tag
+    if [ "${latest_tag}" = "${changelog_ver}" ] \
+       || ! compare_versions "${latest_tag}" "${changelog_ver}"; then
+        color_echo red "Error: Incorrect version update. CHANGELOG.md (${changelog_ver}) not updated"
+        exit 1
+    else
+        color_echo green "Version bumps PASS!"
+    fi
 else
-    color_echo green "Version bumps PASS!"
+    color_echo green "Newly created tag: '${TRAVIS_TAG}'"
+    # Validate version strings
+    echo "${TRAVIS_TAG}" | grep -qP "${version_pattern_line}" || ( color_echo red "Invalid tag name created: '${TRAVIS_TAG}'" && exit 1 )
+
+    # Ensure all the tags match up
+    if [ ! "${TRAVIS_TAG}" = "${changelog_ver}" ]; then
+        color_echo red "Error: tag version (${TRAVIS_TAG}) should match CHANGELOG.md (${changelog_ver})"
+        exit 1
+    else
+        color_echo green "Version bumps PASS!"
+    fi
 fi

bin/travis-ci/docker_build.sh

@@ -18,5 +18,5 @@
 set -eo pipefail
 
 # Build image
-docker build --no-cache --tag "${DOCKER_REGISTRY_URL}/postfix" .
+docker build --no-cache --tag "${DOCKER_REGISTRY_URL}/certbot" .
 docker images

bin/travis-ci/docker_publish.sh

@@ -20,5 +20,10 @@ set -eo pipefail
 # Log into our Docker registry
 echo "${DOCKER_REGISTRY_PASSWORD}" | docker login -u "${DOCKER_REGISTRY_USER}" --password-stdin "${DOCKER_REGISTRY_URL}"
 
-# Push image
-docker push "${DOCKER_REGISTRY_URL}/postfix:latest"
+echo "Tagging container"
+docker tag "${DOCKER_REGISTRY_URL}/certbot:latest" "${DOCKER_REGISTRY_URL}/certbot:${TRAVIS_TAG}"
+
+# Push images
+docker push "${DOCKER_REGISTRY_URL}/certbot:latest"
+docker push "${DOCKER_REGISTRY_URL}/certbot:${TRAVIS_TAG}"
+docker images