Refactor to new CHT pipeline pattern

- Removes gitlab versioned folders prior to 12.8 - Unwraps the 12.8 folder into the root - Removes the prebuild.sh script in favor of download.json - Drops the build script for now - Update prepare script to use local downloaded artifact

Refactor to new CHT pipeline pattern
- Removes gitlab versioned folders prior to 12.8 - Unwraps the 12.8 folder into the root - Removes the prebuild.sh script in favor of download.json - Drops the build script for now - Update prepare script to use local downloaded artifact
5598658c · DJ Mountney · 98ed7563 · 5598658c · 5598658c · 5598658c
Verified Commit 5598658c authored Mar 09, 2020 by DJ Mountney
14 changed files
--- a/12.8/Dockerfile
+++ b/12.8/Dockerfile
@@ -9,15 +9,13 @@ ARG RAILS_IMAGE=${BASE_REGISTRY}/gitlab/gitlab/gitlab-rails:12.8
 FROM ${UBI_IMAGE} AS builder
-ARG NEXUS_SERVER
+ARG GITLAB_VERSION
-ARG VENDOR=gitlab
 ARG PACKAGE_NAME=ubi8-build-dependencies-${GITLAB_VERSION}.tar
-ARG PACKAGE_URL=https://${NEXUS_SERVER}/repository/dsop/${VENDOR}/gitlab-task-runner/${PACKAGE_NAME}
+COPY ${PACKAGE_NAME} /opt/
 ADD build-scripts/ /build-scripts/
-RUN /build-scripts/prepare.sh "${PACKAGE_URL}"
+RUN /build-scripts/prepare.sh "/opt/${PACKAGE_NAME}"
 FROM ${RAILS_IMAGE}

--- a/12.5/LICENSE
+++ b/12.5/LICENSE
--- a/README.md
+++ b/README.md
 # gitlab-task-runner-container
+Task Runner is an entry point for interaction with other containers in the cluster. It contains scripts for running Rake tasks, backup, restore, and tools to intract with object storage.
+## GitLab Build
+The hardened containers for GitLab require the gitlab correctly version assets blob to be available for download.
+There are some included scripts to make this easier for user building images offline on their machine.
+## Building
+1. Switch to the desired versioned directory
+2. Run `./build-scripts/build.sh`
+   * Runs docker build, and takes care of setting the appropriate build args for users running locally
+`build-script/build.sh` is provided as an example and helpful for building locally. You can also instead call docker build and pass build-args directly.
+## Build Phases
+Some of the GitLab containers are build ontop of previous containers, building the containers in ordered phases is necessary to build all containers.
+- Phase One
+  * kubectl
+  * gitlab-ruby
+  * gitlab-container-registry
+- Phase Two
+  * git-base
+  * gitlab-exporter
+  * gitlab-mailroom
+  * gitlab-shell
+  * gitlab-rails
+  * gitlab-workhorse
+- Phase 3
+  * gitaly
+- Phase 4
+  * gitlab-sidekiq
+  * gitlab-task-runner
+  * gitlab-unicorn
--- a/12.8/build-scripts/build.sh
+++ b/12.8/build-scripts/build.sh
@@ -6,8 +6,6 @@ set -euxo pipefail
 TAG=${1:-12.8}
 REPOSITORY=${2:-}
-NEXUS_SERVER=${NEXUS_SERVER:-}
-PACKAGE_URL=${PACKAGE_URL:-}
 DOCKER_OPTS=${DOCKER_OPTS:-""}
 imageName() {
@@ -29,13 +27,5 @@ buildImage() {
 # Cleanup log outputs from previous build
 rm -f *.out failed.log
-if [ $NEXUS_SERVER ]; then
-  DOCKER_OPTS="$DOCKER_OPTS --build-arg NEXUS_SERVER=${NEXUS_SERVER}"
-fi
-if [ $PACKAGE_URL ]; then
-  DOCKER_OPTS="$DOCKER_OPTS --build-arg PACKAGE_URL=${PACKAGE_URL}"
-fi
 DOCKER_OPTS="$DOCKER_OPTS --build-arg RAILS_IMAGE=$(imageName gitlab-rails)"
 buildImage gitlab-task-runner
--- a/12.5/build-scripts/cleanup.sh
+++ b/12.5/build-scripts/cleanup.sh
--- a/12.7/build-scripts/prepare.sh
+++ b/12.7/build-scripts/prepare.sh
@@ -2,23 +2,14 @@
 set -euxo pipefail
-PACKAGE_URL=$1
+PACKAGE_PATH=$1
 WORKSPACE="${WORKSPACE:-/prepare}"
-PACKAGE_NAME="${PACKAGE_NAME:-ubi8-build-dependencies.tar}"
-# Download UBI dependencies package and it sha256
+mkdir -p ${WORKSPACE}/dependencies
-curl -fLk --create-dirs "${PACKAGE_URL}.sha256" -o "${WORKSPACE}/${PACKAGE_NAME}.sha256"
-curl -fLk --create-dirs "${PACKAGE_URL}" -o "${WORKSPACE}/${PACKAGE_NAME}"
-# Verify the package integrity
-echo "$(cat ${PACKAGE_NAME}.sha256) ${PACKAGE_NAME}" | sha256sum --check --status \
-&& if [ $? == '0' ]; then printf "\nSHA256 check for ${PACKAGE_NAME} succeeded\n\n"; \
-else printf "SHA256 check for ${PACKAGE_NAME} failed\n\n"; fi
 # Extract UBI dependencies
-tar -xvf "${WORKSPACE}/${PACKAGE_NAME}" -C "${WORKSPACE}"
+tar -xvf "${PACKAGE_PATH}" -C "${WORKSPACE}"
 # Extract the specific depenencies needed for this contianer
-mkdir ${WORKSPACE}/dependencies
 tar -xvf "${WORKSPACE}/gitlab-python.tar.gz" -C "${WORKSPACE}/dependencies"
 tar -xvf "${WORKSPACE}/gitlab-task-runner-ee.tar.gz" -C "${WORKSPACE}/dependencies"
--- a/download.json
+++ b/download.json
+{ "resources":
+	[
+		{ "url" : "https://gitlab-ubi.s3.us-east-2.amazonaws.com/ubi8-build-dependencies-v12.8.1-ubi8.tar",
+			"filename": "ubi8-build-dependencies-v12.8.1-ubi8.tar",
+			"sha256": "1d49f47924738132f4d10cb9b32ce6d9c20b151dfc3b056c298607f267c75571"
+		}
+] }
--- a/12.7/scripts/bin/backup-utility
+++ b/12.7/scripts/bin/backup-utility
--- a/12.3/scripts/bin/entrypoint.sh
+++ b/12.3/scripts/bin/entrypoint.sh
--- a/12.3/scripts/bin/gitlab-rails
+++ b/12.3/scripts/bin/gitlab-rails
--- a/12.3/scripts/bin/gitlab-rake
+++ b/12.3/scripts/bin/gitlab-rake
--- a/12.3/scripts/bin/object-storage-backup
+++ b/12.3/scripts/bin/object-storage-backup
--- a/12.3/scripts/bin/object-storage-restore
+++ b/12.3/scripts/bin/object-storage-restore
--- a/12.4/scripts/lib/object_storage_backup.rb
+++ b/12.4/scripts/lib/object_storage_backup.rb