Skip to content

container Submodule

Structs

AWSRegistryProps

Initializer 

1
2
3
import { container } from '@gcix/gcix'

const aWSRegistryProps: container.AWSRegistryProps = { ... }

Properties

Name Type Description
accountId string AWS account id.
region string AWS region where the ECR repository lives in.
accountIdOptional 
1
public readonly accountId: string;
  • Type: string
  • Default: AWSAccount.awsAccountId()

AWS account id.

regionOptional 
1
public readonly region: string;
  • Type: string
  • Default: AWSAccount.awsRegion()

AWS region where the ECR repository lives in.

BuildContainerCollectionProps

Initializer 

1
2
3
import { container } from '@gcix/gcix'

const buildContainerCollectionProps: container.BuildContainerCollectionProps = { ... }

Properties

Name Type Description
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
doCranePush boolean Set to false to skip the Crane push job.
doDiveScan boolean Set to false to skip the Dive scan job.
doTrivyignoreCheck boolean Set to false to skip the existance check of the .trivyignore file.
doTrivyScan boolean Set to false to skip the Trivy scan job.
imageName string Image name with stage in the registry.
imageTag string Image tag.
jobName string The name of the Bootstrap job.
jobStage string The stage of the Bootstrap job.
registry string | Registry Container registry to push the image to.
dockerClientConfigOptional 
1
public readonly dockerClientConfig: DockerClientConfig;
  • Type: DockerClientConfig
  • Default: DockerClientConfig with login to the official Docker Hub and expecting credentials given as environment variables REGISTRY_USER and REGISTRY_LOGIN.

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

doCranePushOptional 
1
public readonly doCranePush: boolean;
  • Type: boolean
  • Default: true

Set to false to skip the Crane push job.

doDiveScanOptional 
1
public readonly doDiveScan: boolean;
  • Type: boolean
  • Default: true

Set to false to skip the Dive scan job.

doTrivyignoreCheckOptional 
1
public readonly doTrivyignoreCheck: boolean;
  • Type: boolean
  • Default: true

Set to false to skip the existance check of the .trivyignore file.

doTrivyScanOptional 
1
public readonly doTrivyScan: boolean;
  • Type: boolean
  • Default: true

Set to false to skip the Trivy scan job.

imageNameOptional 
1
public readonly imageName: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectName

Image name with stage in the registry.

e.g. username/imageName.

imageTagOptional 
1
public readonly imageTag: string;
  • Type: string
  • Default: PredefinedVariables.ciCommitRefName

Image tag.

Depending of the build it defaults either to the git tag or to the actual branch name.

jobNameOptional 
1
public readonly jobName: string;
  • Type: string

The name of the Bootstrap job.

jobStageOptional 
1
public readonly jobStage: string;
  • Type: string

The stage of the Bootstrap job.

registryOptional 
1
public readonly registry: string | Registry;
  • Type: string | Registry
  • Default: Registry.DOCKER

Container registry to push the image to.

If the container registry needs authentication, you have to provide a DockerClientConfig object with credentials.

CopyContainerCollectionProps

Initializer 

1
2
3
import { container } from '@gcix/gcix'

const copyContainerCollectionProps: container.CopyContainerCollectionProps = { ... }

Properties

Name Type Description
imageName string Image name with stage in the registry.
imageTag string Container image tag to pull from srcRegistry and push to dstRegistry.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
doDiveScan boolean Set to false to skip the Dive scan job.
doTrivyignoreCheck boolean Set to false to skip the existance check of the .trivyignore file.
doTrivyScan boolean Set to false to skip the Trivy scan job.
dstRegistry string | Registry Container registry to push the image to.
jobName string The name of the Bootstrap job.
jobStage string The stage of the Bootstrap job.
srcRegistry string | Registry Container registry to pull the image from.
imageNameRequired 
1
public readonly imageName: string;
  • Type: string

Image name with stage in the registry.

e.g. username/image_name.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string

Container image tag to pull from srcRegistry and push to dstRegistry.

dockerClientConfigOptional 
1
public readonly dockerClientConfig: DockerClientConfig;
  • Type: DockerClientConfig
  • Default: DockerClientConfig with login to the official Docker Hub and expecting credentials given as environment variables REGISTRY_USER and REGISTRY_LOGIN.

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

doDiveScanOptional 
1
public readonly doDiveScan: boolean;
  • Type: boolean
  • Default: true

Set to false to skip the Dive scan job.

doTrivyignoreCheckOptional 
1
public readonly doTrivyignoreCheck: boolean;
  • Type: boolean
  • Default: true

Set to false to skip the existance check of the .trivyignore file.

doTrivyScanOptional 
1
public readonly doTrivyScan: boolean;
  • Type: boolean
  • Default: true

Set to false to skip the Trivy scan job.

dstRegistryOptional 
1
public readonly dstRegistry: string | Registry;
  • Type: string | Registry
  • Default: Registry.DOCKER

Container registry to push the image to.

If the container registry needs authentication, you have to provide a DockerClientConfig object with credentials.

jobNameOptional 
1
public readonly jobName: string;
  • Type: string

The name of the Bootstrap job.

jobStageOptional 
1
public readonly jobStage: string;
  • Type: string

The stage of the Bootstrap job.

srcRegistryOptional 
1
public readonly srcRegistry: string | Registry;
  • Type: string | Registry
  • Default: Registry.DOCKER

Container registry to pull the image from.

If the container registry needs authentication, you have to provide a DockerClientConfig object with credentials.

CraneCopyProps

Initializer 

1
2
3
import { container } from '@gcix/gcix'

const craneCopyProps: container.CraneCopyProps = { ... }

Properties

Name Type Description
dstRegistry string | Registry Registry URL to copy container image to.
srcRegistry string | Registry Registry URL to copy container image from.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, used by crane to authenticate against given registries.
jobName string The name of the Bootstrap job.
jobStage string The stage of the Bootstrap job.
dstRegistryRequired 
1
public readonly dstRegistry: string | Registry;

Registry URL to copy container image to.

srcRegistryRequired 
1
public readonly srcRegistry: string | Registry;

Registry URL to copy container image from.

dockerClientConfigOptional 
1
public readonly dockerClientConfig: DockerClientConfig;

Creates the Docker configuration file base on objects settings, used by crane to authenticate against given registries.

jobNameOptional 
1
public readonly jobName: string;
  • Type: string

The name of the Bootstrap job.

jobStageOptional 
1
public readonly jobStage: string;
  • Type: string

The stage of the Bootstrap job.

CranePullProps

Initializer 

1
2
3
import { container } from '@gcix/gcix'

const cranePullProps: container.CranePullProps = { ... }

Properties

Name Type Description
srcRegistry string | Registry Registry URL to pull container image from.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
imageName string Container image with namespace to pull from srcRegistry.
imageTag string Tag of the image which will be pulled.
jobName string The name of the Bootstrap job.
jobStage string The stage of the Bootstrap job.
tarPath string Path where to save the container image tarball.
srcRegistryRequired 
1
public readonly srcRegistry: string | Registry;

Registry URL to pull container image from.

dockerClientConfigOptional 
1
public readonly dockerClientConfig: DockerClientConfig;
  • Type: DockerClientConfig
  • Default: DockerClientConfig with login to the official Docker Hub and expecting credentials given as environment variables REGISTRY_USER and REGISTRY_LOGIN.

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

imageNameOptional 
1
public readonly imageName: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectName

Container image with namespace to pull from srcRegistry.

imageTagOptional 
1
public readonly imageTag: string;
  • Type: string
  • Default: latest

Tag of the image which will be pulled.

jobNameOptional 
1
public readonly jobName: string;
  • Type: string

The name of the Bootstrap job.

jobStageOptional 
1
public readonly jobStage: string;
  • Type: string

The stage of the Bootstrap job.

tarPathOptional 
1
public readonly tarPath: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectDir

Path where to save the container image tarball.

CranePushProps

Initializer 

1
2
3
import { container } from '@gcix/gcix'

const cranePushProps: container.CranePushProps = { ... }

Properties

Name Type Description
dstRegistry string | Registry Registry URL to copy container image to.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
imageName string Container image name, searched for in imagePath and gets .tar appended.
imageTag string The tag the image will be tagged with.
jobName string The name of the Bootstrap job.
jobStage string The stage of the Bootstrap job.
tarPath string Path where to find the container image tarball.
dstRegistryRequired 
1
public readonly dstRegistry: string | Registry;

Registry URL to copy container image to.

dockerClientConfigOptional 
1
public readonly dockerClientConfig: DockerClientConfig;

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

Defaults to a DockerClientConfig with login to the official Docker Hub and expecting credentials given as environment variables REGISTRY_USER and REGISTRY_LOGIN.

imageNameOptional 
1
public readonly imageName: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectName

Container image name, searched for in imagePath and gets .tar appended.

imageTagOptional 
1
public readonly imageTag: string;
  • Type: string
  • Default: PredefinedVariables.ciCommitTag

The tag the image will be tagged with.

jobNameOptional 
1
public readonly jobName: string;
  • Type: string

The name of the Bootstrap job.

jobStageOptional 
1
public readonly jobStage: string;
  • Type: string

The stage of the Bootstrap job.

tarPathOptional 
1
public readonly tarPath: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectDir

Path where to find the container image tarball.

DiveScanProps

Initializer 

1
2
3
import { container } from '@gcix/gcix'

const diveScanProps: container.DiveScanProps = { ... }

Properties

Name Type Description
highestUserWastedPercent number Highest allowable percentage of bytes wasted (as a ratio between 0-1), otherwise CI validation will fail.
highestWastedBytes number Highest allowable bytes wasted, otherwise CI validation will fail.
ignoreErrors boolean Ignore image parsing errors and run the analysis anyway.
imageName string Name of the container image to scan, if source is docker-archive argument gets prefix .tar.
imagePath string Path to the image can be either a remote container registry, as well as a local path to an image.
imageTag string The tag the image will be tagged with.
jobName string The name of the Bootstrap job.
jobStage string The stage of the Bootstrap job.
lowestEfficiency number Lowest allowable image efficiency (as a ratio between 0-1), otherwise CI validation will fail.
source string The container engine to fetch the image from.
highestUserWastedPercentOptional 
1
public readonly highestUserWastedPercent: number;
  • Type: number
  • Default: 0.1

Highest allowable percentage of bytes wasted (as a ratio between 0-1), otherwise CI validation will fail.

highestWastedBytesOptional 
1
public readonly highestWastedBytes: number;
  • Type: number

Highest allowable bytes wasted, otherwise CI validation will fail.

ignoreErrorsOptional 
1
public readonly ignoreErrors: boolean;
  • Type: boolean
  • Default: false

Ignore image parsing errors and run the analysis anyway.

imageNameOptional 
1
public readonly imageName: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectName

Name of the container image to scan, if source is docker-archive argument gets prefix .tar.

imagePathOptional 
1
public readonly imagePath: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectPath

Path to the image can be either a remote container registry, as well as a local path to an image.

imageTagOptional 
1
public readonly imageTag: string;
  • Type: string
  • Default: PredefinedVariables.ciCommitTag

The tag the image will be tagged with.

jobNameOptional 
1
public readonly jobName: string;
  • Type: string

The name of the Bootstrap job.

jobStageOptional 
1
public readonly jobStage: string;
  • Type: string

The stage of the Bootstrap job.

lowestEfficiencyOptional 
1
public readonly lowestEfficiency: number;
  • Type: number
  • Default: 0.9

Lowest allowable image efficiency (as a ratio between 0-1), otherwise CI validation will fail.

sourceOptional 
1
public readonly source: string;
  • Type: string
  • Default: "docker-archive

The container engine to fetch the image from.

Allowed values: docker, podman, docker-archive

DockerBuildProps

Initializer 

1
2
3
import { container } from '@gcix/gcix'

const dockerBuildProps: container.DockerBuildProps = { ... }

Properties

Name Type Description
repository string The Docker repository name ([<registry>/]<image>).
context string The Docker build context (the directory containing the Dockerfile).
jobName string The name of the Bootstrap job.
jobStage string The stage of the Bootstrap job.
tag string A Docker image tag applied to the image.
repositoryRequired 
1
public readonly repository: string;
  • Type: string

The Docker repository name ([<registry>/]<image>).

contextOptional 
1
public readonly context: string;
  • Type: string
  • Default: .

The Docker build context (the directory containing the Dockerfile).

jobNameOptional 
1
public readonly jobName: string;
  • Type: string

The name of the Bootstrap job.

jobStageOptional 
1
public readonly jobStage: string;
  • Type: string

The stage of the Bootstrap job.

tagOptional 
1
public readonly tag: string;
  • Type: string

A Docker image tag applied to the image.

If not set docker uses latest

DockerClientConfigProps

Initializer 

1
2
3
import { container } from '@gcix/gcix'

const dockerClientConfigProps: container.DockerClientConfigProps = { ... }

Properties

Name Type Description
configFilePath string Docker client config path.
configFilePathOptional 
1
public readonly configFilePath: string;
  • Type: string
  • Default: $HOME/.docker/config.json

Docker client config path.

DockerPushProps

Initializer 

1
2
3
import { container } from '@gcix/gcix'

const dockerPushProps: container.DockerPushProps = { ... }

Properties

Name Type Description
containerImage string The name of the Docker image to push to the registry.
jobName string The name of the Bootstrap job.
jobStage string The stage of the Bootstrap job.
loginEnvVar string If you have to login to the registry before the push, you have to provide the name of the environment variable, which contains the password or token, here.
registry string The Docker registry the image should be pushed to.
tag string The Docker image tag that should be pushed to the registry.
userEnvVar string If you have to login to the registry before the push, you have to provide the name of the environment variable, which contains the username value, here.
containerImageRequired 
1
public readonly containerImage: string;
  • Type: string

The name of the Docker image to push to the registry.

jobNameOptional 
1
public readonly jobName: string;
  • Type: string

The name of the Bootstrap job.

jobStageOptional 
1
public readonly jobStage: string;
  • Type: string

The stage of the Bootstrap job.

loginEnvVarOptional 
1
public readonly loginEnvVar: string;
  • Type: string

If you have to login to the registry before the push, you have to provide the name of the environment variable, which contains the password or token, here.

DO NOT PROVIDE THE LOGIN VALUE ITSELF! This would be a security issue!

registryOptional 
1
public readonly registry: string;
  • Type: string
  • Default: index.docker.io/v1

The Docker registry the image should be pushed to.

tagOptional 
1
public readonly tag: string;
  • Type: string
  • Default: latest

The Docker image tag that should be pushed to the registry.

userEnvVarOptional 
1
public readonly userEnvVar: string;
  • Type: string

If you have to login to the registry before the push, you have to provide the name of the environment variable, which contains the username value, here.

DO NOT PROVIDE THE USERNAME VALUE ITSELF! This would be a security issue!

KanikoExecuteProps

Initializer 

1
2
3
import { container } from '@gcix/gcix'

const kanikoExecuteProps: container.KanikoExecuteProps = { ... }

Properties

Name Type Description
buildArgs {[ key: string ]: any} Container build arguments, used to instrument the container image build.
buildTarget string For container multistage builds name of the build stage you want to create.
context string Context which will be send to kaniko.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
dockerfile string Name of the dockerfile to use.
enablePush boolean Enable push to container registry, disabled to allow subsequent jobs to.
imageName string Image name which will be created.
imageTag string The tag the image will be tagged with.
jobName string The name of the Bootstrap job.
jobStage string The stage of the Bootstrap job.
registries string[] | Registry[] List of container registries to push created image to.
tarPath string Container images created by kaniko are tarball files.
verbosity string Verbosity of kaniko logging.
buildArgsOptional 
1
public readonly buildArgs: {[ key: string ]: any};
  • Type: {[ key: string ]: any}

Container build arguments, used to instrument the container image build.

buildTargetOptional 
1
public readonly buildTarget: string;
  • Type: string

For container multistage builds name of the build stage you want to create.

Image tag will be appended with the build_target. e.g. latest-buildtarget.

contextOptional 
1
public readonly context: string;
  • Type: string

Context which will be send to kaniko.

Defaults to None which implies the local directory is the context.

dockerClientConfigOptional 
1
public readonly dockerClientConfig: DockerClientConfig;

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

Defaults to a DockerClientConfig with login to the official Docker Hub and expecting credentials given as environment variables REGISTRY_USER and REGISTRY_LOGIN.

dockerfileOptional 
1
public readonly dockerfile: string;
  • Type: string
  • Default: "Dockerfile"

Name of the dockerfile to use.

File is relative to context.

enablePushOptional 
1
public readonly enablePush: boolean;
  • Type: boolean
  • Default: false act on container tarball.

Enable push to container registry, disabled to allow subsequent jobs to.

imageNameOptional 
1
public readonly imageName: string;
  • Type: string
  • Default: PredefinedVariables.CI_PROJECT_NAME.

Image name which will be created.

imageTagOptional 
1
public readonly imageTag: string;
  • Type: string
  • Default: PredefinedVariables.CI_COMMIT_TAG

The tag the image will be tagged with.

jobNameOptional 
1
public readonly jobName: string;
  • Type: string

The name of the Bootstrap job.

jobStageOptional 
1
public readonly jobStage: string;
  • Type: string

The stage of the Bootstrap job.

registriesOptional 
1
public readonly registries: string[] | Registry[];

List of container registries to push created image to.

tarPathOptional 
1
public readonly tarPath: string;
  • Type: string

Container images created by kaniko are tarball files.

This is the path where to store the image, will be named with suffix .tar. This path will be created if not present.

verbosityOptional 
1
public readonly verbosity: string;
  • Type: string
  • Default: "info"

Verbosity of kaniko logging.

TrivyIgnoreFileCheckProps

Initializer 

1
2
3
import { container } from '@gcix/gcix'

const trivyIgnoreFileCheckProps: container.TrivyIgnoreFileCheckProps = { ... }

Properties

Name Type Description
jobName string The name of the Bootstrap job.
jobStage string The stage of the Bootstrap job.
trivyignorePath string Path to the .trivyignore file.
jobNameOptional 
1
public readonly jobName: string;
  • Type: string

The name of the Bootstrap job.

jobStageOptional 
1
public readonly jobStage: string;
  • Type: string

The stage of the Bootstrap job.

trivyignorePathOptional 
1
public readonly trivyignorePath: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectDir/.trivyignore

Path to the .trivyignore file.

TrivyScanLocalImageProps

Initializer 

1
2
3
import { container } from '@gcix/gcix'

const trivyScanLocalImageProps: container.TrivyScanLocalImageProps = { ... }

Properties

Name Type Description
debug boolean If trivy should run in debug mode.
exitIfVulnerable boolean Exit code when vulnerabilities were found.
imageName string Container image name, searched for in imagePath and gets .tar appended.
imagePath string Path where to find the container image.
imageTag string The tag the image will be tagged with.
jobName string The name of the Bootstrap job.
jobStage string The stage of the Bootstrap job.
outputFormat string Scan output format, possible values (table, json).
severity string Severities of vulnerabilities to be displayed (comma separated).
trivyConfig string Additional options to pass to trivy binary.
vulnerabilityTypes string List of vulnerability types (comma separated).
debugOptional 
1
public readonly debug: boolean;
  • Type: boolean
  • Default: false

If trivy should run in debug mode.

exitIfVulnerableOptional 
1
public readonly exitIfVulnerable: boolean;
  • Type: boolean
  • Default: true

Exit code when vulnerabilities were found.

If true exit code is 1 else 0.

imageNameOptional 
1
public readonly imageName: string;
  • Type: string
  • Default: PredefinedVariables.CI_PROJECT_NAME

Container image name, searched for in imagePath and gets .tar appended.

imagePathOptional 
1
public readonly imagePath: string;
  • Type: string
  • Default: PredefinedVariables.CI_PROJECT_DIR

Path where to find the container image.

imageTagOptional 
1
public readonly imageTag: string;
  • Type: string
  • Default: PredefinedVariables.CI_COMMIT_TAG

The tag the image will be tagged with.

jobNameOptional 
1
public readonly jobName: string;
  • Type: string

The name of the Bootstrap job.

jobStageOptional 
1
public readonly jobStage: string;
  • Type: string

The stage of the Bootstrap job.

outputFormatOptional 
1
public readonly outputFormat: string;
  • Type: string
  • Default: "table"

Scan output format, possible values (table, json).

severityOptional 
1
public readonly severity: string;
  • Type: string
  • Default: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"

Severities of vulnerabilities to be displayed (comma separated).

trivyConfigOptional 
1
public readonly trivyConfig: string;
  • Type: string

Additional options to pass to trivy binary.

vulnerabilityTypesOptional 
1
public readonly vulnerabilityTypes: string;
  • Type: string
  • Default: "os,library"

List of vulnerability types (comma separated).

Classes

BuildContainerCollection

Creates a gcip.Sequence to build, scan and push a container image.

The build step is executed by KanikoExecute, it will build the container image an outputs it to a tarball. There are two scan's, optimization scan with DiveScan to scan storage wasting in container image and a vulnerability scan with TrivyScanLocalImage. Both outputs are uploaded as an artifact to the GitLab instance. The container image is uploaded with CranePush.

Initializers 

1
2
3
import { container } from '@gcix/gcix'

new container.BuildContainerCollection(props: BuildContainerCollectionProps)
Name Type Description
props BuildContainerCollectionProps No description.
propsRequired

Methods

Name Description
addChildren Add gcix.Jobs or other gcix.JobCollections to this JobCollection.
addDependencies No description.
addNeeds No description.
addParent No description.
addTags No description.
addVariables No description.
appendRules No description.
appendScripts No description.
assignArtifacts No description.
assignCache No description.
getAllInstanceNames Return all instance names from the given child.
initializeAllowFailure Calling gcix.Job.assignAllowFailure() to all jobs within this JobCollection that haven't been set the allowFailure before.
initializeArtifacts Sets gcix.Job.artifacts to all jobs within this JobCollection that haven't been set the artifacs before.
initializeCache Calling gcix.Job.assigneCache() to all jobs within this JobCollection that haven't been set the cache before.
initializeDependencies Calling gcix.Job.assignDependencies() to all jobs within the first stage of this JobCollection that haven't been added dependencies before.
initializeImage Calling gcix.Job.assignImage() to all jobs within this JobCollection.
initializeNeeds Calling gcix.Job.assignNeeds() to all jobs within the first stage of this JobCollection that haven't been added needs before.
initializeRules Calling gcix.Job.append_rules() to all jobs within this JobCollection that haven't been added rules before.
initializeTags Calling gcix.Job.addTags([...]) to all jobs within this JobCollection that haven't been added tags before.
initializeVariables Calling gcix.Job.addVariables({...}) to all jobs within this JobCollection that haven't been added variables before.
isEqual isEqual checks if this object is equal to given object.
overrideAllowFailure Calling gcix.Job.assignAllowFailure() to all jobs within this JobCollection overriding any previous set value.
overrideDependencies Calling gcix.Job.assignDependencies() to all jobs within the first stage of this JobCollection and overriding any previously added dependencies to that jobs.
overrideImage Calling gcix.Job.assignImage() to all jobs within this JobCollection overriding any previous set value.
overrideNeeds Calling gcix.Job.assignNeeds() to all jobs within the first stage of this JobCollection and overriding any previously added needs to that jobs.
overrideRules Calling gcix.Job.overrideRules() to all jobs within this JobCollection and overriding any previously added rules to that jobs.
overrideTags Calling gcix.Job.addTags([...]) to all jobs within this JobCollection and overriding any previously added tags to that jobs.
overrideVariables Calling gcix.Job.addVariables({...}) to all jobs within this JobCollection and overriding any previously added variables to that jobs.
prependRules No description.
prependScripts No description.
render Returns a representation of any object which implements IBase.
addChildren 
1
public addChildren(props: AddChildrenProps): JobCollection

Add gcix.Jobs or other gcix.JobCollections to this JobCollection.

Adding a child creates a copy of that child. You should provide a name or stage when adding children, to make them different from other places where they will be used.

propsRequired
  • Type: @gcix/gcix.AddChildrenProps
addDependencies 
1
public addDependencies(dependencies: Job | JobCollection | Need[]): JobCollection
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addNeeds 
1
public addNeeds(needs: Job | JobCollection | Need[]): JobCollection
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addParent 
1
public addParent(parent: JobCollection): void
parentRequired
  • Type: @gcix/gcix.JobCollection
addTags 
1
public addTags(tags: string[]): JobCollection
tagsRequired
  • Type: string[]
addVariables 
1
public addVariables(variables: {[ key: string ]: string}): JobCollection
variablesRequired
  • Type: {[ key: string ]: string}
appendRules 
1
public appendRules(rules: Rule[]): JobCollection
rulesRequired
  • Type: @gcix/gcix.Rule[]
appendScripts 
1
public appendScripts(scripts: string[]): JobCollection
scriptsRequired
  • Type: string[]
assignArtifacts 
1
public assignArtifacts(artifacts: Artifacts): JobCollection
artifactsRequired
  • Type: @gcix/gcix.Artifacts
assignCache 
1
public assignCache(cache: Cache): JobCollection
cacheRequired
  • Type: @gcix/gcix.Cache
getAllInstanceNames 
1
public getAllInstanceNames(child?: Job | JobCollection): OrderedStringSet

Return all instance names from the given child.

That means all combinations of the childs name and stage within this JobCollection and all parent JobCollection's.

childOptional
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
initializeAllowFailure 
1
public initializeAllowFailure(allowFailure: boolean | number[]): JobCollection

Calling gcix.Job.assignAllowFailure() to all jobs within this JobCollection that haven't been set the allowFailure before.

allowFailureRequired
  • Type: boolean | number[]
initializeArtifacts 
1
public initializeArtifacts(artifacts: Artifacts): JobCollection

Sets gcix.Job.artifacts to all jobs within this JobCollection that haven't been set the artifacs before.

artifactsRequired
  • Type: @gcix/gcix.Artifacts
initializeCache 
1
public initializeCache(cache: Cache): JobCollection

Calling gcix.Job.assigneCache() to all jobs within this JobCollection that haven't been set the cache before.

cacheRequired
  • Type: @gcix/gcix.Cache
initializeDependencies 
1
public initializeDependencies(dependencies: Job | JobCollection | Need[]): JobCollection

Calling gcix.Job.assignDependencies() to all jobs within the first stage of this JobCollection that haven't been added dependencies before.

An empty parameter list means that jobs will get an empty dependency list and thus does not download artifacts by default.

dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
initializeImage 
1
public initializeImage(image: string | Image): JobCollection

Calling gcix.Job.assignImage() to all jobs within this JobCollection.

imageRequired
  • Type: string | @gcix/gcix.Image
initializeNeeds 
1
public initializeNeeds(needs: Job | JobCollection | Need[]): JobCollection

Calling gcix.Job.assignNeeds() to all jobs within the first stage of this JobCollection that haven't been added needs before.

An empty parameter list means that jobs will get an empty dependency list and thus does not depend on other jobs by default.

needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
initializeRules 
1
public initializeRules(rules: Rule[]): JobCollection

Calling gcix.Job.append_rules() to all jobs within this JobCollection that haven't been added rules before.

rulesRequired
  • Type: @gcix/gcix.Rule[]
initializeTags 
1
public initializeTags(tags: string[]): JobCollection

Calling gcix.Job.addTags([...]) to all jobs within this JobCollection that haven't been added tags before.

tagsRequired
  • Type: string[]
initializeVariables 
1
public initializeVariables(variables: {[ key: string ]: string}): JobCollection

Calling gcix.Job.addVariables({...}) to all jobs within this JobCollection that haven't been added variables before.

variablesRequired
  • Type: {[ key: string ]: string}
isEqual 
1
public isEqual(comparable: IBase): boolean

isEqual checks if this object is equal to given object.

comparableRequired
  • Type: @gcix/gcix.IBase
overrideAllowFailure 
1
public overrideAllowFailure(allowFailure: boolean | number[]): JobCollection

Calling gcix.Job.assignAllowFailure() to all jobs within this JobCollection overriding any previous set value.

allowFailureRequired
  • Type: boolean | number[]
overrideDependencies 
1
public overrideDependencies(dependencies: Job | JobCollection | Need[]): JobCollection

Calling gcix.Job.assignDependencies() to all jobs within the first stage of this JobCollection and overriding any previously added dependencies to that jobs.

An empty parameter list means that jobs will get an empty dependency list and thus does not download artifacts.

dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
overrideImage 
1
public overrideImage(image: string | Image): JobCollection

Calling gcix.Job.assignImage() to all jobs within this JobCollection overriding any previous set value.

imageRequired
  • Type: string | @gcix/gcix.Image
overrideNeeds 
1
public overrideNeeds(needs: Job | JobCollection | Need[]): JobCollection

Calling gcix.Job.assignNeeds() to all jobs within the first stage of this JobCollection and overriding any previously added needs to that jobs.

An empty parameter list means that jobs will get an empty dependency list and thus does not depend on other jobs.

needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
overrideRules 
1
public overrideRules(rules: Rule[]): JobCollection

Calling gcix.Job.overrideRules() to all jobs within this JobCollection and overriding any previously added rules to that jobs.

rulesRequired
  • Type: @gcix/gcix.Rule[]
overrideTags 
1
public overrideTags(tags: string[]): JobCollection

Calling gcix.Job.addTags([...]) to all jobs within this JobCollection and overriding any previously added tags to that jobs.

tagsRequired
  • Type: string[]
overrideVariables 
1
public overrideVariables(variables: {[ key: string ]: string}): JobCollection

Calling gcix.Job.addVariables({...}) to all jobs within this JobCollection and overriding any previously added variables to that jobs.

variablesRequired
  • Type: {[ key: string ]: string}
prependRules 
1
public prependRules(rules: Rule[]): JobCollection
rulesRequired
  • Type: @gcix/gcix.Rule[]
prependScripts 
1
public prependScripts(scripts: string[]): JobCollection
scriptsRequired
  • Type: string[]
render 
1
public render(): any

Returns a representation of any object which implements IBase.

The rendered representation is used by the gcix to dump it in YAML format as part of the .gitlab-ci.yml pipeline.

Properties

Name Type Description
lastJobsExecuted @gcix/gcix.Job[] This property returns all Jobs from the last stage of this JobCollection.
nestedJobs @gcix/gcix.Job[] No description.
populatedJobs @gcix/gcix.Job[] Returns a list with populated copies of all nested jobs of this JobCollection.
children @gcix/gcix.ChildDict[] No description.
orderedTags @gcix/gcix.OrderedStringSet No description.
orderedTagsForInitialization @gcix/gcix.OrderedStringSet No description.
orderedTagsForReplacement @gcix/gcix.OrderedStringSet No description.
parents @gcix/gcix.Job | @gcix/gcix.JobCollection[] No description.
allowFailureForInitialization string | boolean | number[] No description.
allowFailureForReplacement string | boolean | number[] No description.
artifacts @gcix/gcix.Artifacts No description.
artifactsForInitialization @gcix/gcix.Artifacts No description.
artifactsForReplacement @gcix/gcix.Artifacts No description.
cache @gcix/gcix.Cache No description.
cacheForInitialization @gcix/gcix.Cache No description.
dependencies @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
dependenciesForInitialization @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
dependenciesForReplacement @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
imageForInitialization string | @gcix/gcix.Image No description.
imageForReplacement string | @gcix/gcix.Image No description.
needs @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
needsForInitialization @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
needsForReplacement @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
rulesForInitialization @gcix/gcix.Rule[] No description.
rulesForReplacement @gcix/gcix.Rule[] No description.
rulesToAppend @gcix/gcix.Rule[] No description.
rulesToPrepend @gcix/gcix.Rule[] No description.
scriptsToAppend string[] No description.
scriptsToPrepend string[] No description.
variables {[ key: string ]: string} No description.
variablesForInitialization {[ key: string ]: string} No description.
variablesForReplacement {[ key: string ]: string} No description.
cranePushJob CranePush Crane push job.
diveScanJob DiveScan Dive scan job.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
doCranePush boolean Set to false to skip the Crane push job.
doDiveScan boolean Set to false to skip the Dive scan job.
doTrivyignoreCheck boolean Set to false to skip the existance check of the .trivyignore file.
doTrivyScan boolean Set to false to skip the Trivy scan job.
imageName string Image name with stage in the registry.
imageTag string Image tag.
kanikoExecuteJob KanikoExecute Kaniko execute job.
registry string | Registry Container registry to push the image to.
trivyIgnoreFileCheckJob TrivyIgnoreFileCheck Trivy ignore file check job.
trivyScanLocalImageJob TrivyScanLocalImage Trivy scan local image job.
lastJobsExecutedRequired 
1
public readonly lastJobsExecuted: Job[];
  • Type: @gcix/gcix.Job[]

This property returns all Jobs from the last stage of this JobCollection.

This is typically be requested from a job which has setup this JobCollection as need, to determine all actual jobs of this JobCollection as need.

nestedJobsRequired 
1
public readonly nestedJobs: Job[];
  • Type: @gcix/gcix.Job[]
populatedJobsRequired 
1
public readonly populatedJobs: Job[];
  • Type: @gcix/gcix.Job[]

Returns a list with populated copies of all nested jobs of this JobCollection.

Populated means, that all attributes of a Job which depends on its context are resolved to their final values. The context is primarily the JobCollection within the jobs resides but also dependencies to other jobs and JobCollection's. Thus this JobCollection will apply its own configuration, like variables to add, tags to set, etc., to all its jobs and JobCollection's.

Copies means what it says, that the returned job are not the same job objects, originally added to this JobCollection, but copies of them.

Nested means, that also jobs from JobCollection's within this JobCollection, are returned, as well as jobs from JobCollection's within JobCollection's within this JobCollection and so on.

childrenRequired 
1
public readonly children: ChildDict[];
  • Type: @gcix/gcix.ChildDict[]
orderedTagsRequired 
1
public readonly orderedTags: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
orderedTagsForInitializationRequired 
1
public readonly orderedTagsForInitialization: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
orderedTagsForReplacementRequired 
1
public readonly orderedTagsForReplacement: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
parentsRequired 
1
public readonly parents: Job | JobCollection[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection[]
allowFailureForInitializationOptional 
1
public readonly allowFailureForInitialization: string | boolean | number[];
  • Type: string | boolean | number[]
allowFailureForReplacementOptional 
1
public readonly allowFailureForReplacement: string | boolean | number[];
  • Type: string | boolean | number[]
artifactsOptional 
1
public readonly artifacts: Artifacts;
  • Type: @gcix/gcix.Artifacts
artifactsForInitializationOptional 
1
public readonly artifactsForInitialization: Artifacts;
  • Type: @gcix/gcix.Artifacts
artifactsForReplacementOptional 
1
public readonly artifactsForReplacement: Artifacts;
  • Type: @gcix/gcix.Artifacts
cacheOptional 
1
public readonly cache: Cache;
  • Type: @gcix/gcix.Cache
cacheForInitializationOptional 
1
public readonly cacheForInitialization: Cache;
  • Type: @gcix/gcix.Cache
dependenciesOptional 
1
public readonly dependencies: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
dependenciesForInitializationOptional 
1
public readonly dependenciesForInitialization: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
dependenciesForReplacementOptional 
1
public readonly dependenciesForReplacement: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
imageForInitializationOptional 
1
public readonly imageForInitialization: string | Image;
  • Type: string | @gcix/gcix.Image
imageForReplacementOptional 
1
public readonly imageForReplacement: string | Image;
  • Type: string | @gcix/gcix.Image
needsOptional 
1
public readonly needs: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
needsForInitializationOptional 
1
public readonly needsForInitialization: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
needsForReplacementOptional 
1
public readonly needsForReplacement: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
rulesForInitializationOptional 
1
public readonly rulesForInitialization: Rule[];
  • Type: @gcix/gcix.Rule[]
rulesForReplacementOptional 
1
public readonly rulesForReplacement: Rule[];
  • Type: @gcix/gcix.Rule[]
rulesToAppendOptional 
1
public readonly rulesToAppend: Rule[];
  • Type: @gcix/gcix.Rule[]
rulesToPrependOptional 
1
public readonly rulesToPrepend: Rule[];
  • Type: @gcix/gcix.Rule[]
scriptsToAppendOptional 
1
public readonly scriptsToAppend: string[];
  • Type: string[]
scriptsToPrependOptional 
1
public readonly scriptsToPrepend: string[];
  • Type: string[]
variablesOptional 
1
public readonly variables: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
variablesForInitializationOptional 
1
public readonly variablesForInitialization: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
variablesForReplacementOptional 
1
public readonly variablesForReplacement: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
cranePushJobRequired 
1
public readonly cranePushJob: CranePush;

Crane push job.

diveScanJobRequired 
1
public readonly diveScanJob: DiveScan;

Dive scan job.

dockerClientConfigRequired 
1
public readonly dockerClientConfig: DockerClientConfig;

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

doCranePushRequired 
1
public readonly doCranePush: boolean;
  • Type: boolean

Set to false to skip the Crane push job.

doDiveScanRequired 
1
public readonly doDiveScan: boolean;
  • Type: boolean

Set to false to skip the Dive scan job.

doTrivyignoreCheckRequired 
1
public readonly doTrivyignoreCheck: boolean;
  • Type: boolean

Set to false to skip the existance check of the .trivyignore file.

doTrivyScanRequired 
1
public readonly doTrivyScan: boolean;
  • Type: boolean

Set to false to skip the Trivy scan job.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string

Image name with stage in the registry.

e.g. username/imageName.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string

Image tag.

Depending of the build it defaults either to the git tag or to the actual branch name.

kanikoExecuteJobRequired 
1
public readonly kanikoExecuteJob: KanikoExecute;

Kaniko execute job.

registryRequired 
1
public readonly registry: string | Registry;

Container registry to push the image to.

If the container registry needs authentication, you have to provide a DockerClientConfig object with credentials.

trivyIgnoreFileCheckJobRequired 
1
public readonly trivyIgnoreFileCheckJob: TrivyIgnoreFileCheck;

Trivy ignore file check job.

trivyScanLocalImageJobRequired 
1
public readonly trivyScanLocalImageJob: TrivyScanLocalImage;

Trivy scan local image job.

BuildGitlabContainerCollection

BuildGitlabContainerCollection class.

Orchestrates a GitLab-specific CI/CD pipeline for building, scanning, and pushing container images. Extends the BuildContainerCollection class. Handles GitLab-specific configurations, such as image name, registry, and Docker client authentication.

Initializers 

1
2
3
import { container } from '@gcix/gcix'

new container.BuildGitlabContainerCollection(props: BuildContainerCollectionProps)
Name Type Description
props BuildContainerCollectionProps - Configuration properties for the collection.
propsRequired

Configuration properties for the collection.

Methods

Name Description
addChildren Add gcix.Jobs or other gcix.JobCollections to this JobCollection.
addDependencies No description.
addNeeds No description.
addParent No description.
addTags No description.
addVariables No description.
appendRules No description.
appendScripts No description.
assignArtifacts No description.
assignCache No description.
getAllInstanceNames Return all instance names from the given child.
initializeAllowFailure Calling gcix.Job.assignAllowFailure() to all jobs within this JobCollection that haven't been set the allowFailure before.
initializeArtifacts Sets gcix.Job.artifacts to all jobs within this JobCollection that haven't been set the artifacs before.
initializeCache Calling gcix.Job.assigneCache() to all jobs within this JobCollection that haven't been set the cache before.
initializeDependencies Calling gcix.Job.assignDependencies() to all jobs within the first stage of this JobCollection that haven't been added dependencies before.
initializeImage Calling gcix.Job.assignImage() to all jobs within this JobCollection.
initializeNeeds Calling gcix.Job.assignNeeds() to all jobs within the first stage of this JobCollection that haven't been added needs before.
initializeRules Calling gcix.Job.append_rules() to all jobs within this JobCollection that haven't been added rules before.
initializeTags Calling gcix.Job.addTags([...]) to all jobs within this JobCollection that haven't been added tags before.
initializeVariables Calling gcix.Job.addVariables({...}) to all jobs within this JobCollection that haven't been added variables before.
isEqual isEqual checks if this object is equal to given object.
overrideAllowFailure Calling gcix.Job.assignAllowFailure() to all jobs within this JobCollection overriding any previous set value.
overrideDependencies Calling gcix.Job.assignDependencies() to all jobs within the first stage of this JobCollection and overriding any previously added dependencies to that jobs.
overrideImage Calling gcix.Job.assignImage() to all jobs within this JobCollection overriding any previous set value.
overrideNeeds Calling gcix.Job.assignNeeds() to all jobs within the first stage of this JobCollection and overriding any previously added needs to that jobs.
overrideRules Calling gcix.Job.overrideRules() to all jobs within this JobCollection and overriding any previously added rules to that jobs.
overrideTags Calling gcix.Job.addTags([...]) to all jobs within this JobCollection and overriding any previously added tags to that jobs.
overrideVariables Calling gcix.Job.addVariables({...}) to all jobs within this JobCollection and overriding any previously added variables to that jobs.
prependRules No description.
prependScripts No description.
render Returns a representation of any object which implements IBase.
addChildren 
1
public addChildren(props: AddChildrenProps): JobCollection

Add gcix.Jobs or other gcix.JobCollections to this JobCollection.

Adding a child creates a copy of that child. You should provide a name or stage when adding children, to make them different from other places where they will be used.

propsRequired
  • Type: @gcix/gcix.AddChildrenProps
addDependencies 
1
public addDependencies(dependencies: Job | JobCollection | Need[]): JobCollection
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addNeeds 
1
public addNeeds(needs: Job | JobCollection | Need[]): JobCollection
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addParent 
1
public addParent(parent: JobCollection): void
parentRequired
  • Type: @gcix/gcix.JobCollection
addTags 
1
public addTags(tags: string[]): JobCollection
tagsRequired
  • Type: string[]
addVariables 
1
public addVariables(variables: {[ key: string ]: string}): JobCollection
variablesRequired
  • Type: {[ key: string ]: string}
appendRules 
1
public appendRules(rules: Rule[]): JobCollection
rulesRequired
  • Type: @gcix/gcix.Rule[]
appendScripts 
1
public appendScripts(scripts: string[]): JobCollection
scriptsRequired
  • Type: string[]
assignArtifacts 
1
public assignArtifacts(artifacts: Artifacts): JobCollection
artifactsRequired
  • Type: @gcix/gcix.Artifacts
assignCache 
1
public assignCache(cache: Cache): JobCollection
cacheRequired
  • Type: @gcix/gcix.Cache
getAllInstanceNames 
1
public getAllInstanceNames(child?: Job | JobCollection): OrderedStringSet

Return all instance names from the given child.

That means all combinations of the childs name and stage within this JobCollection and all parent JobCollection's.

childOptional
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
initializeAllowFailure 
1
public initializeAllowFailure(allowFailure: boolean | number[]): JobCollection

Calling gcix.Job.assignAllowFailure() to all jobs within this JobCollection that haven't been set the allowFailure before.

allowFailureRequired
  • Type: boolean | number[]
initializeArtifacts 
1
public initializeArtifacts(artifacts: Artifacts): JobCollection

Sets gcix.Job.artifacts to all jobs within this JobCollection that haven't been set the artifacs before.

artifactsRequired
  • Type: @gcix/gcix.Artifacts
initializeCache 
1
public initializeCache(cache: Cache): JobCollection

Calling gcix.Job.assigneCache() to all jobs within this JobCollection that haven't been set the cache before.

cacheRequired
  • Type: @gcix/gcix.Cache
initializeDependencies 
1
public initializeDependencies(dependencies: Job | JobCollection | Need[]): JobCollection

Calling gcix.Job.assignDependencies() to all jobs within the first stage of this JobCollection that haven't been added dependencies before.

An empty parameter list means that jobs will get an empty dependency list and thus does not download artifacts by default.

dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
initializeImage 
1
public initializeImage(image: string | Image): JobCollection

Calling gcix.Job.assignImage() to all jobs within this JobCollection.

imageRequired
  • Type: string | @gcix/gcix.Image
initializeNeeds 
1
public initializeNeeds(needs: Job | JobCollection | Need[]): JobCollection

Calling gcix.Job.assignNeeds() to all jobs within the first stage of this JobCollection that haven't been added needs before.

An empty parameter list means that jobs will get an empty dependency list and thus does not depend on other jobs by default.

needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
initializeRules 
1
public initializeRules(rules: Rule[]): JobCollection

Calling gcix.Job.append_rules() to all jobs within this JobCollection that haven't been added rules before.

rulesRequired
  • Type: @gcix/gcix.Rule[]
initializeTags 
1
public initializeTags(tags: string[]): JobCollection

Calling gcix.Job.addTags([...]) to all jobs within this JobCollection that haven't been added tags before.

tagsRequired
  • Type: string[]
initializeVariables 
1
public initializeVariables(variables: {[ key: string ]: string}): JobCollection

Calling gcix.Job.addVariables({...}) to all jobs within this JobCollection that haven't been added variables before.

variablesRequired
  • Type: {[ key: string ]: string}
isEqual 
1
public isEqual(comparable: IBase): boolean

isEqual checks if this object is equal to given object.

comparableRequired
  • Type: @gcix/gcix.IBase
overrideAllowFailure 
1
public overrideAllowFailure(allowFailure: boolean | number[]): JobCollection

Calling gcix.Job.assignAllowFailure() to all jobs within this JobCollection overriding any previous set value.

allowFailureRequired
  • Type: boolean | number[]
overrideDependencies 
1
public overrideDependencies(dependencies: Job | JobCollection | Need[]): JobCollection

Calling gcix.Job.assignDependencies() to all jobs within the first stage of this JobCollection and overriding any previously added dependencies to that jobs.

An empty parameter list means that jobs will get an empty dependency list and thus does not download artifacts.

dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
overrideImage 
1
public overrideImage(image: string | Image): JobCollection

Calling gcix.Job.assignImage() to all jobs within this JobCollection overriding any previous set value.

imageRequired
  • Type: string | @gcix/gcix.Image
overrideNeeds 
1
public overrideNeeds(needs: Job | JobCollection | Need[]): JobCollection

Calling gcix.Job.assignNeeds() to all jobs within the first stage of this JobCollection and overriding any previously added needs to that jobs.

An empty parameter list means that jobs will get an empty dependency list and thus does not depend on other jobs.

needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
overrideRules 
1
public overrideRules(rules: Rule[]): JobCollection

Calling gcix.Job.overrideRules() to all jobs within this JobCollection and overriding any previously added rules to that jobs.

rulesRequired
  • Type: @gcix/gcix.Rule[]
overrideTags 
1
public overrideTags(tags: string[]): JobCollection

Calling gcix.Job.addTags([...]) to all jobs within this JobCollection and overriding any previously added tags to that jobs.

tagsRequired
  • Type: string[]
overrideVariables 
1
public overrideVariables(variables: {[ key: string ]: string}): JobCollection

Calling gcix.Job.addVariables({...}) to all jobs within this JobCollection and overriding any previously added variables to that jobs.

variablesRequired
  • Type: {[ key: string ]: string}
prependRules 
1
public prependRules(rules: Rule[]): JobCollection
rulesRequired
  • Type: @gcix/gcix.Rule[]
prependScripts 
1
public prependScripts(scripts: string[]): JobCollection
scriptsRequired
  • Type: string[]
render 
1
public render(): any

Returns a representation of any object which implements IBase.

The rendered representation is used by the gcix to dump it in YAML format as part of the .gitlab-ci.yml pipeline.

Properties

Name Type Description
lastJobsExecuted @gcix/gcix.Job[] This property returns all Jobs from the last stage of this JobCollection.
nestedJobs @gcix/gcix.Job[] No description.
populatedJobs @gcix/gcix.Job[] Returns a list with populated copies of all nested jobs of this JobCollection.
children @gcix/gcix.ChildDict[] No description.
orderedTags @gcix/gcix.OrderedStringSet No description.
orderedTagsForInitialization @gcix/gcix.OrderedStringSet No description.
orderedTagsForReplacement @gcix/gcix.OrderedStringSet No description.
parents @gcix/gcix.Job | @gcix/gcix.JobCollection[] No description.
allowFailureForInitialization string | boolean | number[] No description.
allowFailureForReplacement string | boolean | number[] No description.
artifacts @gcix/gcix.Artifacts No description.
artifactsForInitialization @gcix/gcix.Artifacts No description.
artifactsForReplacement @gcix/gcix.Artifacts No description.
cache @gcix/gcix.Cache No description.
cacheForInitialization @gcix/gcix.Cache No description.
dependencies @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
dependenciesForInitialization @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
dependenciesForReplacement @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
imageForInitialization string | @gcix/gcix.Image No description.
imageForReplacement string | @gcix/gcix.Image No description.
needs @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
needsForInitialization @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
needsForReplacement @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
rulesForInitialization @gcix/gcix.Rule[] No description.
rulesForReplacement @gcix/gcix.Rule[] No description.
rulesToAppend @gcix/gcix.Rule[] No description.
rulesToPrepend @gcix/gcix.Rule[] No description.
scriptsToAppend string[] No description.
scriptsToPrepend string[] No description.
variables {[ key: string ]: string} No description.
variablesForInitialization {[ key: string ]: string} No description.
variablesForReplacement {[ key: string ]: string} No description.
cranePushJob CranePush Crane push job.
diveScanJob DiveScan Dive scan job.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
doCranePush boolean Set to false to skip the Crane push job.
doDiveScan boolean Set to false to skip the Dive scan job.
doTrivyignoreCheck boolean Set to false to skip the existance check of the .trivyignore file.
doTrivyScan boolean Set to false to skip the Trivy scan job.
imageName string Image name with stage in the registry.
imageTag string Image tag.
kanikoExecuteJob KanikoExecute Kaniko execute job.
registry string | Registry Container registry to push the image to.
trivyIgnoreFileCheckJob TrivyIgnoreFileCheck Trivy ignore file check job.
trivyScanLocalImageJob TrivyScanLocalImage Trivy scan local image job.
lastJobsExecutedRequired 
1
public readonly lastJobsExecuted: Job[];
  • Type: @gcix/gcix.Job[]

This property returns all Jobs from the last stage of this JobCollection.

This is typically be requested from a job which has setup this JobCollection as need, to determine all actual jobs of this JobCollection as need.

nestedJobsRequired 
1
public readonly nestedJobs: Job[];
  • Type: @gcix/gcix.Job[]
populatedJobsRequired 
1
public readonly populatedJobs: Job[];
  • Type: @gcix/gcix.Job[]

Returns a list with populated copies of all nested jobs of this JobCollection.

Populated means, that all attributes of a Job which depends on its context are resolved to their final values. The context is primarily the JobCollection within the jobs resides but also dependencies to other jobs and JobCollection's. Thus this JobCollection will apply its own configuration, like variables to add, tags to set, etc., to all its jobs and JobCollection's.

Copies means what it says, that the returned job are not the same job objects, originally added to this JobCollection, but copies of them.

Nested means, that also jobs from JobCollection's within this JobCollection, are returned, as well as jobs from JobCollection's within JobCollection's within this JobCollection and so on.

childrenRequired 
1
public readonly children: ChildDict[];
  • Type: @gcix/gcix.ChildDict[]
orderedTagsRequired 
1
public readonly orderedTags: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
orderedTagsForInitializationRequired 
1
public readonly orderedTagsForInitialization: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
orderedTagsForReplacementRequired 
1
public readonly orderedTagsForReplacement: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
parentsRequired 
1
public readonly parents: Job | JobCollection[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection[]
allowFailureForInitializationOptional 
1
public readonly allowFailureForInitialization: string | boolean | number[];
  • Type: string | boolean | number[]
allowFailureForReplacementOptional 
1
public readonly allowFailureForReplacement: string | boolean | number[];
  • Type: string | boolean | number[]
artifactsOptional 
1
public readonly artifacts: Artifacts;
  • Type: @gcix/gcix.Artifacts
artifactsForInitializationOptional 
1
public readonly artifactsForInitialization: Artifacts;
  • Type: @gcix/gcix.Artifacts
artifactsForReplacementOptional 
1
public readonly artifactsForReplacement: Artifacts;
  • Type: @gcix/gcix.Artifacts
cacheOptional 
1
public readonly cache: Cache;
  • Type: @gcix/gcix.Cache
cacheForInitializationOptional 
1
public readonly cacheForInitialization: Cache;
  • Type: @gcix/gcix.Cache
dependenciesOptional 
1
public readonly dependencies: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
dependenciesForInitializationOptional 
1
public readonly dependenciesForInitialization: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
dependenciesForReplacementOptional 
1
public readonly dependenciesForReplacement: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
imageForInitializationOptional 
1
public readonly imageForInitialization: string | Image;
  • Type: string | @gcix/gcix.Image
imageForReplacementOptional 
1
public readonly imageForReplacement: string | Image;
  • Type: string | @gcix/gcix.Image
needsOptional 
1
public readonly needs: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
needsForInitializationOptional 
1
public readonly needsForInitialization: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
needsForReplacementOptional 
1
public readonly needsForReplacement: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
rulesForInitializationOptional 
1
public readonly rulesForInitialization: Rule[];
  • Type: @gcix/gcix.Rule[]
rulesForReplacementOptional 
1
public readonly rulesForReplacement: Rule[];
  • Type: @gcix/gcix.Rule[]
rulesToAppendOptional 
1
public readonly rulesToAppend: Rule[];
  • Type: @gcix/gcix.Rule[]
rulesToPrependOptional 
1
public readonly rulesToPrepend: Rule[];
  • Type: @gcix/gcix.Rule[]
scriptsToAppendOptional 
1
public readonly scriptsToAppend: string[];
  • Type: string[]
scriptsToPrependOptional 
1
public readonly scriptsToPrepend: string[];
  • Type: string[]
variablesOptional 
1
public readonly variables: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
variablesForInitializationOptional 
1
public readonly variablesForInitialization: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
variablesForReplacementOptional 
1
public readonly variablesForReplacement: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
cranePushJobRequired 
1
public readonly cranePushJob: CranePush;

Crane push job.

diveScanJobRequired 
1
public readonly diveScanJob: DiveScan;

Dive scan job.

dockerClientConfigRequired 
1
public readonly dockerClientConfig: DockerClientConfig;

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

doCranePushRequired 
1
public readonly doCranePush: boolean;
  • Type: boolean

Set to false to skip the Crane push job.

doDiveScanRequired 
1
public readonly doDiveScan: boolean;
  • Type: boolean

Set to false to skip the Dive scan job.

doTrivyignoreCheckRequired 
1
public readonly doTrivyignoreCheck: boolean;
  • Type: boolean

Set to false to skip the existance check of the .trivyignore file.

doTrivyScanRequired 
1
public readonly doTrivyScan: boolean;
  • Type: boolean

Set to false to skip the Trivy scan job.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string

Image name with stage in the registry.

e.g. username/imageName.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string

Image tag.

Depending of the build it defaults either to the git tag or to the actual branch name.

kanikoExecuteJobRequired 
1
public readonly kanikoExecuteJob: KanikoExecute;

Kaniko execute job.

registryRequired 
1
public readonly registry: string | Registry;

Container registry to push the image to.

If the container registry needs authentication, you have to provide a DockerClientConfig object with credentials.

trivyIgnoreFileCheckJobRequired 
1
public readonly trivyIgnoreFileCheckJob: TrivyIgnoreFileCheck;

Trivy ignore file check job.

trivyScanLocalImageJobRequired 
1
public readonly trivyScanLocalImageJob: TrivyScanLocalImage;

Trivy scan local image job.

CopyContainerCollection

Creates a gcip.Sequence to pull, scan and push a container image.

The pull step is executed by CranePull, it will pull the container image and outputs it to a tarball. There are two scan's, optimization scan with DiveScan to scan storage wasting in container image and a vulnerability scan with TrivyScanLocalImage. Both outputs are uploaded as an artifact to the GitLab instance. Built container image is uploaded with CranePush.

NOTE: We decided to use caches instead of artifacts to pass the Docker image tar archive from one job to another. This is because those tar archives could become very large - especially larger then the maximum artifact size limit. This limit can just be adjusted by the admin of the gitlab instance, so your pipeline would never work, your Gitlab provider would not adjust this limit for you. For caches on the other hand you can define storage backends at the base of your Gitlab runners.

Furthermore we set the cache key to the pipeline ID. This is because the name and tag of the image does not ensure that the downloaded tar is unique, as the image behind the image tag could be overridden. So we ensure uniqueness by downloading the image once per pipeline.

Initializers 

1
2
3
import { container } from '@gcix/gcix'

new container.CopyContainerCollection(props: CopyContainerCollectionProps)
Name Type Description
props CopyContainerCollectionProps No description.
propsRequired

Methods

Name Description
addChildren Add gcix.Jobs or other gcix.JobCollections to this JobCollection.
addDependencies No description.
addNeeds No description.
addParent No description.
addTags No description.
addVariables No description.
appendRules No description.
appendScripts No description.
assignArtifacts No description.
assignCache No description.
getAllInstanceNames Return all instance names from the given child.
initializeAllowFailure Calling gcix.Job.assignAllowFailure() to all jobs within this JobCollection that haven't been set the allowFailure before.
initializeArtifacts Sets gcix.Job.artifacts to all jobs within this JobCollection that haven't been set the artifacs before.
initializeCache Calling gcix.Job.assigneCache() to all jobs within this JobCollection that haven't been set the cache before.
initializeDependencies Calling gcix.Job.assignDependencies() to all jobs within the first stage of this JobCollection that haven't been added dependencies before.
initializeImage Calling gcix.Job.assignImage() to all jobs within this JobCollection.
initializeNeeds Calling gcix.Job.assignNeeds() to all jobs within the first stage of this JobCollection that haven't been added needs before.
initializeRules Calling gcix.Job.append_rules() to all jobs within this JobCollection that haven't been added rules before.
initializeTags Calling gcix.Job.addTags([...]) to all jobs within this JobCollection that haven't been added tags before.
initializeVariables Calling gcix.Job.addVariables({...}) to all jobs within this JobCollection that haven't been added variables before.
isEqual isEqual checks if this object is equal to given object.
overrideAllowFailure Calling gcix.Job.assignAllowFailure() to all jobs within this JobCollection overriding any previous set value.
overrideDependencies Calling gcix.Job.assignDependencies() to all jobs within the first stage of this JobCollection and overriding any previously added dependencies to that jobs.
overrideImage Calling gcix.Job.assignImage() to all jobs within this JobCollection overriding any previous set value.
overrideNeeds Calling gcix.Job.assignNeeds() to all jobs within the first stage of this JobCollection and overriding any previously added needs to that jobs.
overrideRules Calling gcix.Job.overrideRules() to all jobs within this JobCollection and overriding any previously added rules to that jobs.
overrideTags Calling gcix.Job.addTags([...]) to all jobs within this JobCollection and overriding any previously added tags to that jobs.
overrideVariables Calling gcix.Job.addVariables({...}) to all jobs within this JobCollection and overriding any previously added variables to that jobs.
prependRules No description.
prependScripts No description.
render Returns a representation of any object which implements IBase.
addChildren 
1
public addChildren(props: AddChildrenProps): JobCollection

Add gcix.Jobs or other gcix.JobCollections to this JobCollection.

Adding a child creates a copy of that child. You should provide a name or stage when adding children, to make them different from other places where they will be used.

propsRequired
  • Type: @gcix/gcix.AddChildrenProps
addDependencies 
1
public addDependencies(dependencies: Job | JobCollection | Need[]): JobCollection
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addNeeds 
1
public addNeeds(needs: Job | JobCollection | Need[]): JobCollection
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addParent 
1
public addParent(parent: JobCollection): void
parentRequired
  • Type: @gcix/gcix.JobCollection
addTags 
1
public addTags(tags: string[]): JobCollection
tagsRequired
  • Type: string[]
addVariables 
1
public addVariables(variables: {[ key: string ]: string}): JobCollection
variablesRequired
  • Type: {[ key: string ]: string}
appendRules 
1
public appendRules(rules: Rule[]): JobCollection
rulesRequired
  • Type: @gcix/gcix.Rule[]
appendScripts 
1
public appendScripts(scripts: string[]): JobCollection
scriptsRequired
  • Type: string[]
assignArtifacts 
1
public assignArtifacts(artifacts: Artifacts): JobCollection
artifactsRequired
  • Type: @gcix/gcix.Artifacts
assignCache 
1
public assignCache(cache: Cache): JobCollection
cacheRequired
  • Type: @gcix/gcix.Cache
getAllInstanceNames 
1
public getAllInstanceNames(child?: Job | JobCollection): OrderedStringSet

Return all instance names from the given child.

That means all combinations of the childs name and stage within this JobCollection and all parent JobCollection's.

childOptional
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
initializeAllowFailure 
1
public initializeAllowFailure(allowFailure: boolean | number[]): JobCollection

Calling gcix.Job.assignAllowFailure() to all jobs within this JobCollection that haven't been set the allowFailure before.

allowFailureRequired
  • Type: boolean | number[]
initializeArtifacts 
1
public initializeArtifacts(artifacts: Artifacts): JobCollection

Sets gcix.Job.artifacts to all jobs within this JobCollection that haven't been set the artifacs before.

artifactsRequired
  • Type: @gcix/gcix.Artifacts
initializeCache 
1
public initializeCache(cache: Cache): JobCollection

Calling gcix.Job.assigneCache() to all jobs within this JobCollection that haven't been set the cache before.

cacheRequired
  • Type: @gcix/gcix.Cache
initializeDependencies 
1
public initializeDependencies(dependencies: Job | JobCollection | Need[]): JobCollection

Calling gcix.Job.assignDependencies() to all jobs within the first stage of this JobCollection that haven't been added dependencies before.

An empty parameter list means that jobs will get an empty dependency list and thus does not download artifacts by default.

dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
initializeImage 
1
public initializeImage(image: string | Image): JobCollection

Calling gcix.Job.assignImage() to all jobs within this JobCollection.

imageRequired
  • Type: string | @gcix/gcix.Image
initializeNeeds 
1
public initializeNeeds(needs: Job | JobCollection | Need[]): JobCollection

Calling gcix.Job.assignNeeds() to all jobs within the first stage of this JobCollection that haven't been added needs before.

An empty parameter list means that jobs will get an empty dependency list and thus does not depend on other jobs by default.

needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
initializeRules 
1
public initializeRules(rules: Rule[]): JobCollection

Calling gcix.Job.append_rules() to all jobs within this JobCollection that haven't been added rules before.

rulesRequired
  • Type: @gcix/gcix.Rule[]
initializeTags 
1
public initializeTags(tags: string[]): JobCollection

Calling gcix.Job.addTags([...]) to all jobs within this JobCollection that haven't been added tags before.

tagsRequired
  • Type: string[]
initializeVariables 
1
public initializeVariables(variables: {[ key: string ]: string}): JobCollection

Calling gcix.Job.addVariables({...}) to all jobs within this JobCollection that haven't been added variables before.

variablesRequired
  • Type: {[ key: string ]: string}
isEqual 
1
public isEqual(comparable: IBase): boolean

isEqual checks if this object is equal to given object.

comparableRequired
  • Type: @gcix/gcix.IBase
overrideAllowFailure 
1
public overrideAllowFailure(allowFailure: boolean | number[]): JobCollection

Calling gcix.Job.assignAllowFailure() to all jobs within this JobCollection overriding any previous set value.

allowFailureRequired
  • Type: boolean | number[]
overrideDependencies 
1
public overrideDependencies(dependencies: Job | JobCollection | Need[]): JobCollection

Calling gcix.Job.assignDependencies() to all jobs within the first stage of this JobCollection and overriding any previously added dependencies to that jobs.

An empty parameter list means that jobs will get an empty dependency list and thus does not download artifacts.

dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
overrideImage 
1
public overrideImage(image: string | Image): JobCollection

Calling gcix.Job.assignImage() to all jobs within this JobCollection overriding any previous set value.

imageRequired
  • Type: string | @gcix/gcix.Image
overrideNeeds 
1
public overrideNeeds(needs: Job | JobCollection | Need[]): JobCollection

Calling gcix.Job.assignNeeds() to all jobs within the first stage of this JobCollection and overriding any previously added needs to that jobs.

An empty parameter list means that jobs will get an empty dependency list and thus does not depend on other jobs.

needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
overrideRules 
1
public overrideRules(rules: Rule[]): JobCollection

Calling gcix.Job.overrideRules() to all jobs within this JobCollection and overriding any previously added rules to that jobs.

rulesRequired
  • Type: @gcix/gcix.Rule[]
overrideTags 
1
public overrideTags(tags: string[]): JobCollection

Calling gcix.Job.addTags([...]) to all jobs within this JobCollection and overriding any previously added tags to that jobs.

tagsRequired
  • Type: string[]
overrideVariables 
1
public overrideVariables(variables: {[ key: string ]: string}): JobCollection

Calling gcix.Job.addVariables({...}) to all jobs within this JobCollection and overriding any previously added variables to that jobs.

variablesRequired
  • Type: {[ key: string ]: string}
prependRules 
1
public prependRules(rules: Rule[]): JobCollection
rulesRequired
  • Type: @gcix/gcix.Rule[]
prependScripts 
1
public prependScripts(scripts: string[]): JobCollection
scriptsRequired
  • Type: string[]
render 
1
public render(): any

Returns a representation of any object which implements IBase.

The rendered representation is used by the gcix to dump it in YAML format as part of the .gitlab-ci.yml pipeline.

Properties

Name Type Description
lastJobsExecuted @gcix/gcix.Job[] This property returns all Jobs from the last stage of this JobCollection.
nestedJobs @gcix/gcix.Job[] No description.
populatedJobs @gcix/gcix.Job[] Returns a list with populated copies of all nested jobs of this JobCollection.
children @gcix/gcix.ChildDict[] No description.
orderedTags @gcix/gcix.OrderedStringSet No description.
orderedTagsForInitialization @gcix/gcix.OrderedStringSet No description.
orderedTagsForReplacement @gcix/gcix.OrderedStringSet No description.
parents @gcix/gcix.Job | @gcix/gcix.JobCollection[] No description.
allowFailureForInitialization string | boolean | number[] No description.
allowFailureForReplacement string | boolean | number[] No description.
artifacts @gcix/gcix.Artifacts No description.
artifactsForInitialization @gcix/gcix.Artifacts No description.
artifactsForReplacement @gcix/gcix.Artifacts No description.
cache @gcix/gcix.Cache No description.
cacheForInitialization @gcix/gcix.Cache No description.
dependencies @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
dependenciesForInitialization @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
dependenciesForReplacement @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
imageForInitialization string | @gcix/gcix.Image No description.
imageForReplacement string | @gcix/gcix.Image No description.
needs @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
needsForInitialization @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
needsForReplacement @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
rulesForInitialization @gcix/gcix.Rule[] No description.
rulesForReplacement @gcix/gcix.Rule[] No description.
rulesToAppend @gcix/gcix.Rule[] No description.
rulesToPrepend @gcix/gcix.Rule[] No description.
scriptsToAppend string[] No description.
scriptsToPrepend string[] No description.
variables {[ key: string ]: string} No description.
variablesForInitialization {[ key: string ]: string} No description.
variablesForReplacement {[ key: string ]: string} No description.
cranePullJob CranePull CranPull job.
cranePushJob CranePush No description.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
doDiveScan boolean Set to false to skip the Dive scan job.
doTrivyignoreCheck boolean Set to false to skip the existance check of the .trivyignore file.
doTrivyScan boolean Set to false to skip the Trivy scan job.
dstRegistry string | Registry Container registry to push the image to.
imageName string Image name with stage in the registry.
imageTag string Container image tag to pull from srcRegistry and push to dstRegistry.
srcRegistry string | Registry Container registry to pull the image from.
diveScanJob DiveScan Dive scan job.
trivyIgnoreFileCheckJob TrivyIgnoreFileCheck Trivy ignore file check job.
trivyScanLocalImageJob TrivyScanLocalImage Trivy scan local image job.
lastJobsExecutedRequired 
1
public readonly lastJobsExecuted: Job[];
  • Type: @gcix/gcix.Job[]

This property returns all Jobs from the last stage of this JobCollection.

This is typically be requested from a job which has setup this JobCollection as need, to determine all actual jobs of this JobCollection as need.

nestedJobsRequired 
1
public readonly nestedJobs: Job[];
  • Type: @gcix/gcix.Job[]
populatedJobsRequired 
1
public readonly populatedJobs: Job[];
  • Type: @gcix/gcix.Job[]

Returns a list with populated copies of all nested jobs of this JobCollection.

Populated means, that all attributes of a Job which depends on its context are resolved to their final values. The context is primarily the JobCollection within the jobs resides but also dependencies to other jobs and JobCollection's. Thus this JobCollection will apply its own configuration, like variables to add, tags to set, etc., to all its jobs and JobCollection's.

Copies means what it says, that the returned job are not the same job objects, originally added to this JobCollection, but copies of them.

Nested means, that also jobs from JobCollection's within this JobCollection, are returned, as well as jobs from JobCollection's within JobCollection's within this JobCollection and so on.

childrenRequired 
1
public readonly children: ChildDict[];
  • Type: @gcix/gcix.ChildDict[]
orderedTagsRequired 
1
public readonly orderedTags: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
orderedTagsForInitializationRequired 
1
public readonly orderedTagsForInitialization: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
orderedTagsForReplacementRequired 
1
public readonly orderedTagsForReplacement: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
parentsRequired 
1
public readonly parents: Job | JobCollection[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection[]
allowFailureForInitializationOptional 
1
public readonly allowFailureForInitialization: string | boolean | number[];
  • Type: string | boolean | number[]
allowFailureForReplacementOptional 
1
public readonly allowFailureForReplacement: string | boolean | number[];
  • Type: string | boolean | number[]
artifactsOptional 
1
public readonly artifacts: Artifacts;
  • Type: @gcix/gcix.Artifacts
artifactsForInitializationOptional 
1
public readonly artifactsForInitialization: Artifacts;
  • Type: @gcix/gcix.Artifacts
artifactsForReplacementOptional 
1
public readonly artifactsForReplacement: Artifacts;
  • Type: @gcix/gcix.Artifacts
cacheOptional 
1
public readonly cache: Cache;
  • Type: @gcix/gcix.Cache
cacheForInitializationOptional 
1
public readonly cacheForInitialization: Cache;
  • Type: @gcix/gcix.Cache
dependenciesOptional 
1
public readonly dependencies: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
dependenciesForInitializationOptional 
1
public readonly dependenciesForInitialization: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
dependenciesForReplacementOptional 
1
public readonly dependenciesForReplacement: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
imageForInitializationOptional 
1
public readonly imageForInitialization: string | Image;
  • Type: string | @gcix/gcix.Image
imageForReplacementOptional 
1
public readonly imageForReplacement: string | Image;
  • Type: string | @gcix/gcix.Image
needsOptional 
1
public readonly needs: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
needsForInitializationOptional 
1
public readonly needsForInitialization: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
needsForReplacementOptional 
1
public readonly needsForReplacement: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
rulesForInitializationOptional 
1
public readonly rulesForInitialization: Rule[];
  • Type: @gcix/gcix.Rule[]
rulesForReplacementOptional 
1
public readonly rulesForReplacement: Rule[];
  • Type: @gcix/gcix.Rule[]
rulesToAppendOptional 
1
public readonly rulesToAppend: Rule[];
  • Type: @gcix/gcix.Rule[]
rulesToPrependOptional 
1
public readonly rulesToPrepend: Rule[];
  • Type: @gcix/gcix.Rule[]
scriptsToAppendOptional 
1
public readonly scriptsToAppend: string[];
  • Type: string[]
scriptsToPrependOptional 
1
public readonly scriptsToPrepend: string[];
  • Type: string[]
variablesOptional 
1
public readonly variables: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
variablesForInitializationOptional 
1
public readonly variablesForInitialization: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
variablesForReplacementOptional 
1
public readonly variablesForReplacement: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
cranePullJobRequired 
1
public readonly cranePullJob: CranePull;

CranPull job.

cranePushJobRequired 
1
public readonly cranePushJob: CranePush;
dockerClientConfigRequired 
1
public readonly dockerClientConfig: DockerClientConfig;

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

doDiveScanRequired 
1
public readonly doDiveScan: boolean;
  • Type: boolean

Set to false to skip the Dive scan job.

doTrivyignoreCheckRequired 
1
public readonly doTrivyignoreCheck: boolean;
  • Type: boolean

Set to false to skip the existance check of the .trivyignore file.

doTrivyScanRequired 
1
public readonly doTrivyScan: boolean;
  • Type: boolean

Set to false to skip the Trivy scan job.

dstRegistryRequired 
1
public readonly dstRegistry: string | Registry;

Container registry to push the image to.

If the container registry needs authentication, you have to provide a DockerClientConfig object with credentials.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string

Image name with stage in the registry.

e.g. username/image_name.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string

Container image tag to pull from srcRegistry and push to dstRegistry.

srcRegistryRequired 
1
public readonly srcRegistry: string | Registry;

Container registry to pull the image from.

If the container registry needs authentication, you have to provide a DockerClientConfig object with credentials.

diveScanJobOptional 
1
public readonly diveScanJob: DiveScan;

Dive scan job.

trivyIgnoreFileCheckJobOptional 
1
public readonly trivyIgnoreFileCheckJob: TrivyIgnoreFileCheck;

Trivy ignore file check job.

trivyScanLocalImageJobOptional 
1
public readonly trivyScanLocalImageJob: TrivyScanLocalImage;

Trivy scan local image job.

CraneCopy

Creates a job to copy container images with crane. See crane.

Copying an image is useful, if you want to have container images as close as possible to your cluster or servers.

This subclass of Job will configure following defaults for the superclass:

  • name: crane-copy
  • stage: deploy
  • image: PredefinedImages.CRANE

Initializers 

1
2
3
import { container } from '@gcix/gcix'

new container.CraneCopy(props: CraneCopyProps)
Name Type Description
props CraneCopyProps No description.
propsRequired

Methods

Name Description
addDependencies No description.
addNeeds No description.
addParent This method is called by gcix.JobCollections when the job is added to that JobCollection.
addTags No description.
addVariables No description.
appendRules No description.
appendScripts No description.
assignAllowFailure No description.
assignArtifacts No description.
assignCache No description.
assignDependencies No description.
assignImage Sets the image of this job.
assignNeeds No description.
assignTags No description.
copy Returns an independent, deep copy object of this job.
extendName This method is used by gcix.JobCollections to populate the jobs name.
extendStage This method is used by gcix.JobCollections to populate the jobs name and stage.
extendStageValue This method is used by gcix.JobCollections to populate the jobs stage.
getAllInstanceNames Return all instance names from the given child.
isEqual isEqual checks if this object is equal to given object.
prependRules No description.
prependScripts No description.
render Returns a representation of any object which implements IBase.
addDependencies 
1
public addDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addNeeds 
1
public addNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addParent 
1
public addParent(parent: Job | JobCollection): void

This method is called by gcix.JobCollections when the job is added to that JobCollection.

The job needs to know its parents when getAllInstanceNames() is called.

parentRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
addTags 
1
public addTags(tags: string[]): Job
tagsRequired
  • Type: string[]
addVariables 
1
public addVariables(variables: {[ key: string ]: string}): Job
variablesRequired
  • Type: {[ key: string ]: string}
appendRules 
1
public appendRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
appendScripts 
1
public appendScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
assignAllowFailure 
1
public assignAllowFailure(allowFailure: boolean | number[]): Job
allowFailureRequired
  • Type: boolean | number[]
assignArtifacts 
1
public assignArtifacts(artifacts: Artifacts): Job
artifactsRequired
  • Type: @gcix/gcix.Artifacts
assignCache 
1
public assignCache(cache: Cache): Job
cacheRequired
  • Type: @gcix/gcix.Cache
assignDependencies 
1
public assignDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignImage 
1
public assignImage(image: string | Image): Job

Sets the image of this job.

For a simple container image you can provide the origin of the image. If you want to set the entrypoint, you have to provide an Image object instead.

!! Any previous values will be overwritten.

imageRequired
  • Type: string | @gcix/gcix.Image
assignNeeds 
1
public assignNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignTags 
1
public assignTags(tags: string[]): Job
tagsRequired
  • Type: string[]
copy 
1
public copy(): Job

Returns an independent, deep copy object of this job.

extendName 
1
public extendName(name: string): void

This method is used by gcix.JobCollections to populate the jobs name.

nameRequired
  • Type: string
extendStage 
1
public extendStage(stage: string): void

This method is used by gcix.JobCollections to populate the jobs name and stage.

stageRequired
  • Type: string
extendStageValue 
1
public extendStageValue(stage: string): void

This method is used by gcix.JobCollections to populate the jobs stage.

stageRequired
  • Type: string
getAllInstanceNames 
1
public getAllInstanceNames(child?: Job | JobCollection): OrderedStringSet

Return all instance names from the given child.

That means all combinations of the childs name and stage within this sequence and all parent sequences.

childOptional
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
isEqual 
1
public isEqual(comparable: IBase): boolean

isEqual checks if this object is equal to given object.

comparableRequired
  • Type: @gcix/gcix.IBase
prependRules 
1
public prependRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
prependScripts 
1
public prependScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
render 
1
public render(): any

Returns a representation of any object which implements IBase.

The rendered representation is used by the gcix to dump it in YAML format as part of the .gitlab-ci.yml pipeline.

Properties

Name Type Description
tags string[] Getter method to receive added tags.
allowFailure string | boolean | number[] No description.
name string No description.
orderedTags @gcix/gcix.OrderedStringSet No description.
parents @gcix/gcix.Job | @gcix/gcix.JobCollection[] No description.
scripts string[] No description.
stage string No description.
artifacts @gcix/gcix.Artifacts No description.
cache @gcix/gcix.Cache No description.
dependencies @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
image @gcix/gcix.Image No description.
needs @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
original @gcix/gcix.Job No description.
rules @gcix/gcix.Rule[] No description.
variables {[ key: string ]: string} No description.
dstRegistry string | Registry Registry URL to copy container image to.
srcRegistry string | Registry Registry URL to copy container image from.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, used by crane to authenticate against given registries.
tagsRequired 
1
public readonly tags: string[];
  • Type: string[]

Getter method to receive added tags.

allowFailureRequired 
1
public readonly allowFailure: string | boolean | number[];
  • Type: string | boolean | number[]
nameRequired 
1
public readonly name: string;
  • Type: string
orderedTagsRequired 
1
public readonly orderedTags: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
parentsRequired 
1
public readonly parents: Job | JobCollection[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection[]
scriptsRequired 
1
public readonly scripts: string[];
  • Type: string[]
stageRequired 
1
public readonly stage: string;
  • Type: string
artifactsOptional 
1
public readonly artifacts: Artifacts;
  • Type: @gcix/gcix.Artifacts
cacheOptional 
1
public readonly cache: Cache;
  • Type: @gcix/gcix.Cache
dependenciesOptional 
1
public readonly dependencies: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
imageOptional 
1
public readonly image: Image;
  • Type: @gcix/gcix.Image
needsOptional 
1
public readonly needs: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
originalOptional 
1
public readonly original: Job;
  • Type: @gcix/gcix.Job
rulesOptional 
1
public readonly rules: Rule[];
  • Type: @gcix/gcix.Rule[]
variablesOptional 
1
public readonly variables: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
dstRegistryRequired 
1
public readonly dstRegistry: string | Registry;

Registry URL to copy container image to.

srcRegistryRequired 
1
public readonly srcRegistry: string | Registry;

Registry URL to copy container image from.

dockerClientConfigOptional 
1
public readonly dockerClientConfig: DockerClientConfig;

Creates the Docker configuration file base on objects settings, used by crane to authenticate against given registries.

CranePull

Creates a job to pull container image from remote container registry with crane.

This subclass of Job will configure following defaults for the superclass:

  • name: crane
  • stage: pull
  • image: PredefinedImages.CRANE

Initializers 

1
2
3
import { container } from '@gcix/gcix'

new container.CranePull(props: CranePullProps)
Name Type Description
props CranePullProps No description.
propsRequired

Methods

Name Description
addDependencies No description.
addNeeds No description.
addParent This method is called by gcix.JobCollections when the job is added to that JobCollection.
addTags No description.
addVariables No description.
appendRules No description.
appendScripts No description.
assignAllowFailure No description.
assignArtifacts No description.
assignCache No description.
assignDependencies No description.
assignImage Sets the image of this job.
assignNeeds No description.
assignTags No description.
copy Returns an independent, deep copy object of this job.
extendName This method is used by gcix.JobCollections to populate the jobs name.
extendStage This method is used by gcix.JobCollections to populate the jobs name and stage.
extendStageValue This method is used by gcix.JobCollections to populate the jobs stage.
getAllInstanceNames Return all instance names from the given child.
isEqual isEqual checks if this object is equal to given object.
prependRules No description.
prependScripts No description.
render Returns a representation of any object which implements IBase.
addDependencies 
1
public addDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addNeeds 
1
public addNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addParent 
1
public addParent(parent: Job | JobCollection): void

This method is called by gcix.JobCollections when the job is added to that JobCollection.

The job needs to know its parents when getAllInstanceNames() is called.

parentRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
addTags 
1
public addTags(tags: string[]): Job
tagsRequired
  • Type: string[]
addVariables 
1
public addVariables(variables: {[ key: string ]: string}): Job
variablesRequired
  • Type: {[ key: string ]: string}
appendRules 
1
public appendRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
appendScripts 
1
public appendScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
assignAllowFailure 
1
public assignAllowFailure(allowFailure: boolean | number[]): Job
allowFailureRequired
  • Type: boolean | number[]
assignArtifacts 
1
public assignArtifacts(artifacts: Artifacts): Job
artifactsRequired
  • Type: @gcix/gcix.Artifacts
assignCache 
1
public assignCache(cache: Cache): Job
cacheRequired
  • Type: @gcix/gcix.Cache
assignDependencies 
1
public assignDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignImage 
1
public assignImage(image: string | Image): Job

Sets the image of this job.

For a simple container image you can provide the origin of the image. If you want to set the entrypoint, you have to provide an Image object instead.

!! Any previous values will be overwritten.

imageRequired
  • Type: string | @gcix/gcix.Image
assignNeeds 
1
public assignNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignTags 
1
public assignTags(tags: string[]): Job
tagsRequired
  • Type: string[]
copy 
1
public copy(): Job

Returns an independent, deep copy object of this job.

extendName 
1
public extendName(name: string): void

This method is used by gcix.JobCollections to populate the jobs name.

nameRequired
  • Type: string
extendStage 
1
public extendStage(stage: string): void

This method is used by gcix.JobCollections to populate the jobs name and stage.

stageRequired
  • Type: string
extendStageValue 
1
public extendStageValue(stage: string): void

This method is used by gcix.JobCollections to populate the jobs stage.

stageRequired
  • Type: string
getAllInstanceNames 
1
public getAllInstanceNames(child?: Job | JobCollection): OrderedStringSet

Return all instance names from the given child.

That means all combinations of the childs name and stage within this sequence and all parent sequences.

childOptional
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
isEqual 
1
public isEqual(comparable: IBase): boolean

isEqual checks if this object is equal to given object.

comparableRequired
  • Type: @gcix/gcix.IBase
prependRules 
1
public prependRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
prependScripts 
1
public prependScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
render 
1
public render(): any

Returns a representation of any object which implements IBase.

The rendered representation is used by the gcix to dump it in YAML format as part of the .gitlab-ci.yml pipeline.

Properties

Name Type Description
tags string[] Getter method to receive added tags.
allowFailure string | boolean | number[] No description.
name string No description.
orderedTags @gcix/gcix.OrderedStringSet No description.
parents @gcix/gcix.Job | @gcix/gcix.JobCollection[] No description.
scripts string[] No description.
stage string No description.
artifacts @gcix/gcix.Artifacts No description.
cache @gcix/gcix.Cache No description.
dependencies @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
image @gcix/gcix.Image No description.
needs @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
original @gcix/gcix.Job No description.
rules @gcix/gcix.Rule[] No description.
variables {[ key: string ]: string} No description.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
imageName string Container image with namespace to pull from srcRegistry.
imageTag string Tag of the image which will be pulled.
srcRegistry string | Registry Registry URL to pull container image from.
tarPath string Path where to save the container image tarball.
tagsRequired 
1
public readonly tags: string[];
  • Type: string[]

Getter method to receive added tags.

allowFailureRequired 
1
public readonly allowFailure: string | boolean | number[];
  • Type: string | boolean | number[]
nameRequired 
1
public readonly name: string;
  • Type: string
orderedTagsRequired 
1
public readonly orderedTags: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
parentsRequired 
1
public readonly parents: Job | JobCollection[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection[]
scriptsRequired 
1
public readonly scripts: string[];
  • Type: string[]
stageRequired 
1
public readonly stage: string;
  • Type: string
artifactsOptional 
1
public readonly artifacts: Artifacts;
  • Type: @gcix/gcix.Artifacts
cacheOptional 
1
public readonly cache: Cache;
  • Type: @gcix/gcix.Cache
dependenciesOptional 
1
public readonly dependencies: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
imageOptional 
1
public readonly image: Image;
  • Type: @gcix/gcix.Image
needsOptional 
1
public readonly needs: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
originalOptional 
1
public readonly original: Job;
  • Type: @gcix/gcix.Job
rulesOptional 
1
public readonly rules: Rule[];
  • Type: @gcix/gcix.Rule[]
variablesOptional 
1
public readonly variables: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
dockerClientConfigRequired 
1
public readonly dockerClientConfig: DockerClientConfig;

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string

Container image with namespace to pull from srcRegistry.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string

Tag of the image which will be pulled.

srcRegistryRequired 
1
public readonly srcRegistry: string | Registry;

Registry URL to pull container image from.

tarPathRequired 
1
public readonly tarPath: string;
  • Type: string

Path where to save the container image tarball.

CranePush

Creates a job to push container image to remote container registry with crane.

The image to copy must be in a tarball format. It gets validated with crane and is pushed to dst_registry destination registry.

This subclass of Job will configure following defaults for the superclass:

  • name: crane-push
  • stage: deploy
  • image: PredefinedImages.CRANE

Initializers 

1
2
3
import { container } from '@gcix/gcix'

new container.CranePush(props: CranePushProps)
Name Type Description
props CranePushProps No description.
propsRequired

Methods

Name Description
addDependencies No description.
addNeeds No description.
addParent This method is called by gcix.JobCollections when the job is added to that JobCollection.
addTags No description.
addVariables No description.
appendRules No description.
appendScripts No description.
assignAllowFailure No description.
assignArtifacts No description.
assignCache No description.
assignDependencies No description.
assignImage Sets the image of this job.
assignNeeds No description.
assignTags No description.
copy Returns an independent, deep copy object of this job.
extendName This method is used by gcix.JobCollections to populate the jobs name.
extendStage This method is used by gcix.JobCollections to populate the jobs name and stage.
extendStageValue This method is used by gcix.JobCollections to populate the jobs stage.
getAllInstanceNames Return all instance names from the given child.
isEqual isEqual checks if this object is equal to given object.
prependRules No description.
prependScripts No description.
render Returns a representation of any object which implements IBase.
addDependencies 
1
public addDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addNeeds 
1
public addNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addParent 
1
public addParent(parent: Job | JobCollection): void

This method is called by gcix.JobCollections when the job is added to that JobCollection.

The job needs to know its parents when getAllInstanceNames() is called.

parentRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
addTags 
1
public addTags(tags: string[]): Job
tagsRequired
  • Type: string[]
addVariables 
1
public addVariables(variables: {[ key: string ]: string}): Job
variablesRequired
  • Type: {[ key: string ]: string}
appendRules 
1
public appendRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
appendScripts 
1
public appendScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
assignAllowFailure 
1
public assignAllowFailure(allowFailure: boolean | number[]): Job
allowFailureRequired
  • Type: boolean | number[]
assignArtifacts 
1
public assignArtifacts(artifacts: Artifacts): Job
artifactsRequired
  • Type: @gcix/gcix.Artifacts
assignCache 
1
public assignCache(cache: Cache): Job
cacheRequired
  • Type: @gcix/gcix.Cache
assignDependencies 
1
public assignDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignImage 
1
public assignImage(image: string | Image): Job

Sets the image of this job.

For a simple container image you can provide the origin of the image. If you want to set the entrypoint, you have to provide an Image object instead.

!! Any previous values will be overwritten.

imageRequired
  • Type: string | @gcix/gcix.Image
assignNeeds 
1
public assignNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignTags 
1
public assignTags(tags: string[]): Job
tagsRequired
  • Type: string[]
copy 
1
public copy(): Job

Returns an independent, deep copy object of this job.

extendName 
1
public extendName(name: string): void

This method is used by gcix.JobCollections to populate the jobs name.

nameRequired
  • Type: string
extendStage 
1
public extendStage(stage: string): void

This method is used by gcix.JobCollections to populate the jobs name and stage.

stageRequired
  • Type: string
extendStageValue 
1
public extendStageValue(stage: string): void

This method is used by gcix.JobCollections to populate the jobs stage.

stageRequired
  • Type: string
getAllInstanceNames 
1
public getAllInstanceNames(child?: Job | JobCollection): OrderedStringSet

Return all instance names from the given child.

That means all combinations of the childs name and stage within this sequence and all parent sequences.

childOptional
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
isEqual 
1
public isEqual(comparable: IBase): boolean

isEqual checks if this object is equal to given object.

comparableRequired
  • Type: @gcix/gcix.IBase
prependRules 
1
public prependRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
prependScripts 
1
public prependScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
render 
1
public render(): any

Returns a representation of any object which implements IBase.

The rendered representation is used by the gcix to dump it in YAML format as part of the .gitlab-ci.yml pipeline.

Properties

Name Type Description
tags string[] Getter method to receive added tags.
allowFailure string | boolean | number[] No description.
name string No description.
orderedTags @gcix/gcix.OrderedStringSet No description.
parents @gcix/gcix.Job | @gcix/gcix.JobCollection[] No description.
scripts string[] No description.
stage string No description.
artifacts @gcix/gcix.Artifacts No description.
cache @gcix/gcix.Cache No description.
dependencies @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
image @gcix/gcix.Image No description.
needs @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
original @gcix/gcix.Job No description.
rules @gcix/gcix.Rule[] No description.
variables {[ key: string ]: string} No description.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
dstRegistry string | Registry Registry URL to copy container image to.
imageName string Container image name, searched for in imagePath and gets .tar appended.
imageTag string The tag the image will be tagged with.
tarPath string Path where to find the container image tarball.
tagsRequired 
1
public readonly tags: string[];
  • Type: string[]

Getter method to receive added tags.

allowFailureRequired 
1
public readonly allowFailure: string | boolean | number[];
  • Type: string | boolean | number[]
nameRequired 
1
public readonly name: string;
  • Type: string
orderedTagsRequired 
1
public readonly orderedTags: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
parentsRequired 
1
public readonly parents: Job | JobCollection[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection[]
scriptsRequired 
1
public readonly scripts: string[];
  • Type: string[]
stageRequired 
1
public readonly stage: string;
  • Type: string
artifactsOptional 
1
public readonly artifacts: Artifacts;
  • Type: @gcix/gcix.Artifacts
cacheOptional 
1
public readonly cache: Cache;
  • Type: @gcix/gcix.Cache
dependenciesOptional 
1
public readonly dependencies: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
imageOptional 
1
public readonly image: Image;
  • Type: @gcix/gcix.Image
needsOptional 
1
public readonly needs: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
originalOptional 
1
public readonly original: Job;
  • Type: @gcix/gcix.Job
rulesOptional 
1
public readonly rules: Rule[];
  • Type: @gcix/gcix.Rule[]
variablesOptional 
1
public readonly variables: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
dockerClientConfigRequired 
1
public readonly dockerClientConfig: DockerClientConfig;

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

Defaults to a DockerClientConfig with login to the official Docker Hub and expecting credentials given as environment variables REGISTRY_USER and REGISTRY_LOGIN.

dstRegistryRequired 
1
public readonly dstRegistry: string | Registry;

Registry URL to copy container image to.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string

Container image name, searched for in imagePath and gets .tar appended.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string

The tag the image will be tagged with.

tarPathRequired 
1
public readonly tarPath: string;
  • Type: string

Path where to find the container image tarball.

DiveScan

Scan your images with wagoodman/dive.

dive will scan your container image layers and will output the efficency of each layer. You can see which layer and which file is consuming the most storage and optimize the layers if possible. It prevents container images and its layers beeing polluted with files like apt or yum cache's. The output produced by dive is uploaded as an artifact to the GitLab instance.

This subclass of Job will configure following defaults for the superclass:

  • name: dive
  • stage: check
  • image: PredefinedImages.DIVE
  • artifacts: Path 'dive.txt'

Initializers 

1
2
3
import { container } from '@gcix/gcix'

new container.DiveScan(props: DiveScanProps)
Name Type Description
props DiveScanProps No description.
propsRequired

Methods

Name Description
addDependencies No description.
addNeeds No description.
addParent This method is called by gcix.JobCollections when the job is added to that JobCollection.
addTags No description.
addVariables No description.
appendRules No description.
appendScripts No description.
assignAllowFailure No description.
assignArtifacts No description.
assignCache No description.
assignDependencies No description.
assignImage Sets the image of this job.
assignNeeds No description.
assignTags No description.
copy Returns an independent, deep copy object of this job.
extendName This method is used by gcix.JobCollections to populate the jobs name.
extendStage This method is used by gcix.JobCollections to populate the jobs name and stage.
extendStageValue This method is used by gcix.JobCollections to populate the jobs stage.
getAllInstanceNames Return all instance names from the given child.
isEqual isEqual checks if this object is equal to given object.
prependRules No description.
prependScripts No description.
render Returns a representation of any object which implements IBase.
addDependencies 
1
public addDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addNeeds 
1
public addNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addParent 
1
public addParent(parent: Job | JobCollection): void

This method is called by gcix.JobCollections when the job is added to that JobCollection.

The job needs to know its parents when getAllInstanceNames() is called.

parentRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
addTags 
1
public addTags(tags: string[]): Job
tagsRequired
  • Type: string[]
addVariables 
1
public addVariables(variables: {[ key: string ]: string}): Job
variablesRequired
  • Type: {[ key: string ]: string}
appendRules 
1
public appendRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
appendScripts 
1
public appendScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
assignAllowFailure 
1
public assignAllowFailure(allowFailure: boolean | number[]): Job
allowFailureRequired
  • Type: boolean | number[]
assignArtifacts 
1
public assignArtifacts(artifacts: Artifacts): Job
artifactsRequired
  • Type: @gcix/gcix.Artifacts
assignCache 
1
public assignCache(cache: Cache): Job
cacheRequired
  • Type: @gcix/gcix.Cache
assignDependencies 
1
public assignDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignImage 
1
public assignImage(image: string | Image): Job

Sets the image of this job.

For a simple container image you can provide the origin of the image. If you want to set the entrypoint, you have to provide an Image object instead.

!! Any previous values will be overwritten.

imageRequired
  • Type: string | @gcix/gcix.Image
assignNeeds 
1
public assignNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignTags 
1
public assignTags(tags: string[]): Job
tagsRequired
  • Type: string[]
copy 
1
public copy(): Job

Returns an independent, deep copy object of this job.

extendName 
1
public extendName(name: string): void

This method is used by gcix.JobCollections to populate the jobs name.

nameRequired
  • Type: string
extendStage 
1
public extendStage(stage: string): void

This method is used by gcix.JobCollections to populate the jobs name and stage.

stageRequired
  • Type: string
extendStageValue 
1
public extendStageValue(stage: string): void

This method is used by gcix.JobCollections to populate the jobs stage.

stageRequired
  • Type: string
getAllInstanceNames 
1
public getAllInstanceNames(child?: Job | JobCollection): OrderedStringSet

Return all instance names from the given child.

That means all combinations of the childs name and stage within this sequence and all parent sequences.

childOptional
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
isEqual 
1
public isEqual(comparable: IBase): boolean

isEqual checks if this object is equal to given object.

comparableRequired
  • Type: @gcix/gcix.IBase
prependRules 
1
public prependRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
prependScripts 
1
public prependScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
render 
1
public render(): any

Returns a representation of any object which implements IBase.

The rendered representation is used by the gcix to dump it in YAML format as part of the .gitlab-ci.yml pipeline.

Properties

Name Type Description
tags string[] Getter method to receive added tags.
allowFailure string | boolean | number[] No description.
name string No description.
orderedTags @gcix/gcix.OrderedStringSet No description.
parents @gcix/gcix.Job | @gcix/gcix.JobCollection[] No description.
scripts string[] No description.
stage string No description.
artifacts @gcix/gcix.Artifacts No description.
cache @gcix/gcix.Cache No description.
dependencies @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
image @gcix/gcix.Image No description.
needs @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
original @gcix/gcix.Job No description.
rules @gcix/gcix.Rule[] No description.
variables {[ key: string ]: string} No description.
highestUserWastedPercent number Highest allowable percentage of bytes wasted (as a ratio between 0-1), otherwise CI validation will fail.
ignoreErrors boolean Ignore image parsing errors and run the analysis anyway.
imageName string Name of the container image to scan, if source is docker-archive argument gets prefix .tar.
imagePath string Path to the image can be either a remote container registry, as well as a local path to an image.
imageTag string The tag the image will be tagged with.
lowestEfficiency number Lowest allowable image efficiency (as a ratio between 0-1), otherwise CI validation will fail.
source string The container engine to fetch the image from.
highestWastedBytes number Highest allowable bytes wasted, otherwise CI validation will fail.
tagsRequired 
1
public readonly tags: string[];
  • Type: string[]

Getter method to receive added tags.

allowFailureRequired 
1
public readonly allowFailure: string | boolean | number[];
  • Type: string | boolean | number[]
nameRequired 
1
public readonly name: string;
  • Type: string
orderedTagsRequired 
1
public readonly orderedTags: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
parentsRequired 
1
public readonly parents: Job | JobCollection[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection[]
scriptsRequired 
1
public readonly scripts: string[];
  • Type: string[]
stageRequired 
1
public readonly stage: string;
  • Type: string
artifactsOptional 
1
public readonly artifacts: Artifacts;
  • Type: @gcix/gcix.Artifacts
cacheOptional 
1
public readonly cache: Cache;
  • Type: @gcix/gcix.Cache
dependenciesOptional 
1
public readonly dependencies: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
imageOptional 
1
public readonly image: Image;
  • Type: @gcix/gcix.Image
needsOptional 
1
public readonly needs: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
originalOptional 
1
public readonly original: Job;
  • Type: @gcix/gcix.Job
rulesOptional 
1
public readonly rules: Rule[];
  • Type: @gcix/gcix.Rule[]
variablesOptional 
1
public readonly variables: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
highestUserWastedPercentRequired 
1
public readonly highestUserWastedPercent: number;
  • Type: number

Highest allowable percentage of bytes wasted (as a ratio between 0-1), otherwise CI validation will fail.

ignoreErrorsRequired 
1
public readonly ignoreErrors: boolean;
  • Type: boolean

Ignore image parsing errors and run the analysis anyway.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string

Name of the container image to scan, if source is docker-archive argument gets prefix .tar.

imagePathRequired 
1
public readonly imagePath: string;
  • Type: string

Path to the image can be either a remote container registry, as well as a local path to an image.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string

The tag the image will be tagged with.

lowestEfficiencyRequired 
1
public readonly lowestEfficiency: number;
  • Type: number

Lowest allowable image efficiency (as a ratio between 0-1), otherwise CI validation will fail.

sourceRequired 
1
public readonly source: string;
  • Type: string

The container engine to fetch the image from.

Allowed values: docker, podman, docker-archive

highestWastedBytesOptional 
1
public readonly highestWastedBytes: number;
  • Type: number

Highest allowable bytes wasted, otherwise CI validation will fail.

DockerBuild

Runs docker build.

Example:

1
2
import { Build } from "@gcix/gcix"
const buildJob = Build({repository: "myrepo/myimage", tag: "v0.1.0"})

This subclass of Job will configure following defaults for the superclass:

  • name: docker
  • stage: build

Initializers 

1
2
3
import { container } from '@gcix/gcix'

new container.DockerBuild(props: DockerBuildProps)
Name Type Description
props DockerBuildProps No description.
propsRequired

Methods

Name Description
addDependencies No description.
addNeeds No description.
addParent This method is called by gcix.JobCollections when the job is added to that JobCollection.
addTags No description.
addVariables No description.
appendRules No description.
appendScripts No description.
assignAllowFailure No description.
assignArtifacts No description.
assignCache No description.
assignDependencies No description.
assignImage Sets the image of this job.
assignNeeds No description.
assignTags No description.
copy Returns an independent, deep copy object of this job.
extendName This method is used by gcix.JobCollections to populate the jobs name.
extendStage This method is used by gcix.JobCollections to populate the jobs name and stage.
extendStageValue This method is used by gcix.JobCollections to populate the jobs stage.
getAllInstanceNames Return all instance names from the given child.
isEqual isEqual checks if this object is equal to given object.
prependRules No description.
prependScripts No description.
render Returns a representation of any object which implements IBase.
addDependencies 
1
public addDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addNeeds 
1
public addNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addParent 
1
public addParent(parent: Job | JobCollection): void

This method is called by gcix.JobCollections when the job is added to that JobCollection.

The job needs to know its parents when getAllInstanceNames() is called.

parentRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
addTags 
1
public addTags(tags: string[]): Job
tagsRequired
  • Type: string[]
addVariables 
1
public addVariables(variables: {[ key: string ]: string}): Job
variablesRequired
  • Type: {[ key: string ]: string}
appendRules 
1
public appendRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
appendScripts 
1
public appendScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
assignAllowFailure 
1
public assignAllowFailure(allowFailure: boolean | number[]): Job
allowFailureRequired
  • Type: boolean | number[]
assignArtifacts 
1
public assignArtifacts(artifacts: Artifacts): Job
artifactsRequired
  • Type: @gcix/gcix.Artifacts
assignCache 
1
public assignCache(cache: Cache): Job
cacheRequired
  • Type: @gcix/gcix.Cache
assignDependencies 
1
public assignDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignImage 
1
public assignImage(image: string | Image): Job

Sets the image of this job.

For a simple container image you can provide the origin of the image. If you want to set the entrypoint, you have to provide an Image object instead.

!! Any previous values will be overwritten.

imageRequired
  • Type: string | @gcix/gcix.Image
assignNeeds 
1
public assignNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignTags 
1
public assignTags(tags: string[]): Job
tagsRequired
  • Type: string[]
copy 
1
public copy(): Job

Returns an independent, deep copy object of this job.

extendName 
1
public extendName(name: string): void

This method is used by gcix.JobCollections to populate the jobs name.

nameRequired
  • Type: string
extendStage 
1
public extendStage(stage: string): void

This method is used by gcix.JobCollections to populate the jobs name and stage.

stageRequired
  • Type: string
extendStageValue 
1
public extendStageValue(stage: string): void

This method is used by gcix.JobCollections to populate the jobs stage.

stageRequired
  • Type: string
getAllInstanceNames 
1
public getAllInstanceNames(child?: Job | JobCollection): OrderedStringSet

Return all instance names from the given child.

That means all combinations of the childs name and stage within this sequence and all parent sequences.

childOptional
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
isEqual 
1
public isEqual(comparable: IBase): boolean

isEqual checks if this object is equal to given object.

comparableRequired
  • Type: @gcix/gcix.IBase
prependRules 
1
public prependRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
prependScripts 
1
public prependScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
render 
1
public render(): any

Returns a representation of any object which implements IBase.

The rendered representation is used by the gcix to dump it in YAML format as part of the .gitlab-ci.yml pipeline.

Properties

Name Type Description
tags string[] Getter method to receive added tags.
allowFailure string | boolean | number[] No description.
name string No description.
orderedTags @gcix/gcix.OrderedStringSet No description.
parents @gcix/gcix.Job | @gcix/gcix.JobCollection[] No description.
scripts string[] No description.
stage string No description.
artifacts @gcix/gcix.Artifacts No description.
cache @gcix/gcix.Cache No description.
dependencies @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
image @gcix/gcix.Image No description.
needs @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
original @gcix/gcix.Job No description.
rules @gcix/gcix.Rule[] No description.
variables {[ key: string ]: string} No description.
context string The Docker build context (the directory containing the Dockerfile).
repository string The Docker repository name ([<registry>/]<image>).
tag string A Docker image tag applied to the image.
tagsRequired 
1
public readonly tags: string[];
  • Type: string[]

Getter method to receive added tags.

allowFailureRequired 
1
public readonly allowFailure: string | boolean | number[];
  • Type: string | boolean | number[]
nameRequired 
1
public readonly name: string;
  • Type: string
orderedTagsRequired 
1
public readonly orderedTags: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
parentsRequired 
1
public readonly parents: Job | JobCollection[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection[]
scriptsRequired 
1
public readonly scripts: string[];
  • Type: string[]
stageRequired 
1
public readonly stage: string;
  • Type: string
artifactsOptional 
1
public readonly artifacts: Artifacts;
  • Type: @gcix/gcix.Artifacts
cacheOptional 
1
public readonly cache: Cache;
  • Type: @gcix/gcix.Cache
dependenciesOptional 
1
public readonly dependencies: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
imageOptional 
1
public readonly image: Image;
  • Type: @gcix/gcix.Image
needsOptional 
1
public readonly needs: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
originalOptional 
1
public readonly original: Job;
  • Type: @gcix/gcix.Job
rulesOptional 
1
public readonly rules: Rule[];
  • Type: @gcix/gcix.Rule[]
variablesOptional 
1
public readonly variables: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
contextRequired 
1
public readonly context: string;
  • Type: string

The Docker build context (the directory containing the Dockerfile).

repositoryRequired 
1
public readonly repository: string;
  • Type: string

The Docker repository name ([<registry>/]<image>).

tagRequired 
1
public readonly tag: string;
  • Type: string

A Docker image tag applied to the image.

DockerClientConfig

Class which represents a docker client configuration.

After creating an instance of this class you can add new credential helper, basic authentication settings or default credential store.

Initializers 

1
2
3
import { container } from '@gcix/gcix'

new container.DockerClientConfig(props?: DockerClientConfigProps)
Name Type Description
props DockerClientConfigProps No description.
propsOptional

Methods

Name Description
addAuth Adds basic authentication auths setting to the configuration.
addCredHelper Adds a Credentials helper credHelpers for a registry.
addRaw Adds arbitrary settings to configuration.
assignCredsStore Sets the credsStore setting for clients. See docker login#credentials-store.
shellCommand Renders the shell command for creating the docker client config.
addAuth 
1
public addAuth(registry: string, usernameEnvVar?: string, passwordEnvVar?: string): DockerClientConfig

Adds basic authentication auths setting to the configuration.

This method acts a little special, because of some security aspects. The method, takse three arguments, registry, username_env_var and password_env_var. Arguments ending wit *_env_var, are ment to be available as a gcip.Job variable.

registryRequired
  • Type: string

Name of the container registry to set creds_helper for.

usernameEnvVarOptional
  • Type: string

Name of the environment variable which as the registry username stored.

passwordEnvVarOptional
  • Type: string

Name of the environment variable which as the registry password stored.

addCredHelper 
1
public addCredHelper(registry: string, credHelper: string): DockerClientConfig

Adds a Credentials helper credHelpers for a registry.

See docker login#credential-helpers

registryRequired
  • Type: string

Name of the container registry to set creds_helper for.

credHelperRequired
  • Type: string

Name of the credential helper to use together with the registry.

addRaw 
1
public addRaw(rawInput: {[ key: string ]: any}): DockerClientConfig

Adds arbitrary settings to configuration.

Be aware and warned! You can overwrite any predefined settings with this method. This method is intendet to be used, if non suitable method is available and you have to set a configuration setting.

rawInputRequired
  • Type: {[ key: string ]: any}

Dictionary of non-available settings to be set.

assignCredsStore 
1
public assignCredsStore(credsStore: string): DockerClientConfig

Sets the credsStore setting for clients. See docker login#credentials-store.

Be aware, that if you set the credsStore and add creds_helper or username and password authentication, those authentication methods are not used.

Clients which can authenticate against a registry can handle the credential store itself, mostly you do not want to set the credsStore. Use credsHelpers instead.

credsStoreRequired
  • Type: string

Should be the suffix of the program to use (i.e. everything after docker-credential-). osxkeychain, to use docker-credential-osxkeychain or ecr-login, to use docker-crendential-ecr-login.

shellCommand 
1
public shellCommand(): string[]

Renders the shell command for creating the docker client config.

The render method uses json.dumps() to dump the configuration as a json string and escapes it for the shell. In Jobs which needed the configuration the rendered output should be redirected to the appropriate destination e.g. ~/.docker/config.json. This ensures, that environment variables are substituted.

Properties

Name Type Description
config IDockerClientConfigType Docker client configuration.
configFilePath string Docker client config path.
configRequired 
1
public readonly config: IDockerClientConfigType;

Docker client configuration.

configFilePathRequired 
1
public readonly configFilePath: string;
  • Type: string

Docker client config path.

DockerPush

Runs docker push and optionally docker login before.

Example:

1
2
3
4
5
6
7
8
9
import { Push } from "@gcix/gcix"

const pushJob = new Push({
                registry: "index.docker.io/v1/gcix/gcix",
                image: "gcip",
                tag: "v0.1.0",
                userEnvVar: "DOCKER_USER",
                loginEnvVar: "DOCKER_TOKEN"
            })

The userEnvVar and loginEnvVar should be created as protected and masked custom environment variable configured in the UI.

This subclass of Job will configure following defaults for the superclass:

  • name: docker
  • stage: deploy

Initializers 

1
2
3
import { container } from '@gcix/gcix'

new container.DockerPush(props: DockerPushProps)
Name Type Description
props DockerPushProps No description.
propsRequired

Methods

Name Description
addDependencies No description.
addNeeds No description.
addParent This method is called by gcix.JobCollections when the job is added to that JobCollection.
addTags No description.
addVariables No description.
appendRules No description.
appendScripts No description.
assignAllowFailure No description.
assignArtifacts No description.
assignCache No description.
assignDependencies No description.
assignImage Sets the image of this job.
assignNeeds No description.
assignTags No description.
copy Returns an independent, deep copy object of this job.
extendName This method is used by gcix.JobCollections to populate the jobs name.
extendStage This method is used by gcix.JobCollections to populate the jobs name and stage.
extendStageValue This method is used by gcix.JobCollections to populate the jobs stage.
getAllInstanceNames Return all instance names from the given child.
isEqual isEqual checks if this object is equal to given object.
prependRules No description.
prependScripts No description.
render Returns a representation of any object which implements IBase.
addDependencies 
1
public addDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addNeeds 
1
public addNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addParent 
1
public addParent(parent: Job | JobCollection): void

This method is called by gcix.JobCollections when the job is added to that JobCollection.

The job needs to know its parents when getAllInstanceNames() is called.

parentRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
addTags 
1
public addTags(tags: string[]): Job
tagsRequired
  • Type: string[]
addVariables 
1
public addVariables(variables: {[ key: string ]: string}): Job
variablesRequired
  • Type: {[ key: string ]: string}
appendRules 
1
public appendRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
appendScripts 
1
public appendScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
assignAllowFailure 
1
public assignAllowFailure(allowFailure: boolean | number[]): Job
allowFailureRequired
  • Type: boolean | number[]
assignArtifacts 
1
public assignArtifacts(artifacts: Artifacts): Job
artifactsRequired
  • Type: @gcix/gcix.Artifacts
assignCache 
1
public assignCache(cache: Cache): Job
cacheRequired
  • Type: @gcix/gcix.Cache
assignDependencies 
1
public assignDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignImage 
1
public assignImage(image: string | Image): Job

Sets the image of this job.

For a simple container image you can provide the origin of the image. If you want to set the entrypoint, you have to provide an Image object instead.

!! Any previous values will be overwritten.

imageRequired
  • Type: string | @gcix/gcix.Image
assignNeeds 
1
public assignNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignTags 
1
public assignTags(tags: string[]): Job
tagsRequired
  • Type: string[]
copy 
1
public copy(): Job

Returns an independent, deep copy object of this job.

extendName 
1
public extendName(name: string): void

This method is used by gcix.JobCollections to populate the jobs name.

nameRequired
  • Type: string
extendStage 
1
public extendStage(stage: string): void

This method is used by gcix.JobCollections to populate the jobs name and stage.

stageRequired
  • Type: string
extendStageValue 
1
public extendStageValue(stage: string): void

This method is used by gcix.JobCollections to populate the jobs stage.

stageRequired
  • Type: string
getAllInstanceNames 
1
public getAllInstanceNames(child?: Job | JobCollection): OrderedStringSet

Return all instance names from the given child.

That means all combinations of the childs name and stage within this sequence and all parent sequences.

childOptional
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
isEqual 
1
public isEqual(comparable: IBase): boolean

isEqual checks if this object is equal to given object.

comparableRequired
  • Type: @gcix/gcix.IBase
prependRules 
1
public prependRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
prependScripts 
1
public prependScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
render 
1
public render(): any

Returns a representation of any object which implements IBase.

The rendered representation is used by the gcix to dump it in YAML format as part of the .gitlab-ci.yml pipeline.

Properties

Name Type Description
tags string[] Getter method to receive added tags.
allowFailure string | boolean | number[] No description.
name string No description.
orderedTags @gcix/gcix.OrderedStringSet No description.
parents @gcix/gcix.Job | @gcix/gcix.JobCollection[] No description.
scripts string[] No description.
stage string No description.
artifacts @gcix/gcix.Artifacts No description.
cache @gcix/gcix.Cache No description.
dependencies @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
image @gcix/gcix.Image No description.
needs @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
original @gcix/gcix.Job No description.
rules @gcix/gcix.Rule[] No description.
variables {[ key: string ]: string} No description.
containerImage string The name of the Docker image to push to the registry.
registry string The Docker registry the image should be pushed to.
tag string The Docker image tag that should be pushed to the registry.
loginEnvVar string If you have to login to the registry before the push, you have to provide the name of the environment variable, which contains the password or token, here.
userEnvVar string If you have to login to the registry before the push, you have to provide the name of the environment variable, which contains the username value, here.
tagsRequired 
1
public readonly tags: string[];
  • Type: string[]

Getter method to receive added tags.

allowFailureRequired 
1
public readonly allowFailure: string | boolean | number[];
  • Type: string | boolean | number[]
nameRequired 
1
public readonly name: string;
  • Type: string
orderedTagsRequired 
1
public readonly orderedTags: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
parentsRequired 
1
public readonly parents: Job | JobCollection[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection[]
scriptsRequired 
1
public readonly scripts: string[];
  • Type: string[]
stageRequired 
1
public readonly stage: string;
  • Type: string
artifactsOptional 
1
public readonly artifacts: Artifacts;
  • Type: @gcix/gcix.Artifacts
cacheOptional 
1
public readonly cache: Cache;
  • Type: @gcix/gcix.Cache
dependenciesOptional 
1
public readonly dependencies: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
imageOptional 
1
public readonly image: Image;
  • Type: @gcix/gcix.Image
needsOptional 
1
public readonly needs: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
originalOptional 
1
public readonly original: Job;
  • Type: @gcix/gcix.Job
rulesOptional 
1
public readonly rules: Rule[];
  • Type: @gcix/gcix.Rule[]
variablesOptional 
1
public readonly variables: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
containerImageRequired 
1
public readonly containerImage: string;
  • Type: string

The name of the Docker image to push to the registry.

registryRequired 
1
public readonly registry: string;
  • Type: string

The Docker registry the image should be pushed to.

tagRequired 
1
public readonly tag: string;
  • Type: string

The Docker image tag that should be pushed to the registry.

loginEnvVarOptional 
1
public readonly loginEnvVar: string;
  • Type: string

If you have to login to the registry before the push, you have to provide the name of the environment variable, which contains the password or token, here.

DO NOT PROVIDE THE LOGIN VALUE ITSELF! This would be a security issue!

userEnvVarOptional 
1
public readonly userEnvVar: string;
  • Type: string

If you have to login to the registry before the push, you have to provide the name of the environment variable, which contains the username value, here.

DO NOT PROVIDE THE USERNAME VALUE ITSELF! This would be a security issue!

KanikoExecute

Creates a job which builds container images.

This job creates images depending on git branches. e.g If the branch which gets pushed to the remote is named my_awsome_feature the image will be tagged with my-awsome-feature.

This subclass of Job will configure following defaults for the superclass:

  • name: kaniko
  • stage: build
  • image: PredefinedImages.KANIKO

Initializers 

1
2
3
import { container } from '@gcix/gcix'

new container.KanikoExecute(props: KanikoExecuteProps)
Name Type Description
props KanikoExecuteProps No description.
propsRequired

Methods

Name Description
addDependencies No description.
addNeeds No description.
addParent This method is called by gcix.JobCollections when the job is added to that JobCollection.
addTags No description.
addVariables No description.
appendRules No description.
appendScripts No description.
assignAllowFailure No description.
assignArtifacts No description.
assignCache No description.
assignDependencies No description.
assignImage Sets the image of this job.
assignNeeds No description.
assignTags No description.
copy Returns an independent, deep copy object of this job.
extendName This method is used by gcix.JobCollections to populate the jobs name.
extendStage This method is used by gcix.JobCollections to populate the jobs name and stage.
extendStageValue This method is used by gcix.JobCollections to populate the jobs stage.
getAllInstanceNames Return all instance names from the given child.
isEqual isEqual checks if this object is equal to given object.
prependRules No description.
prependScripts No description.
render Returns a representation of any object which implements IBase.
addDependencies 
1
public addDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addNeeds 
1
public addNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addParent 
1
public addParent(parent: Job | JobCollection): void

This method is called by gcix.JobCollections when the job is added to that JobCollection.

The job needs to know its parents when getAllInstanceNames() is called.

parentRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
addTags 
1
public addTags(tags: string[]): Job
tagsRequired
  • Type: string[]
addVariables 
1
public addVariables(variables: {[ key: string ]: string}): Job
variablesRequired
  • Type: {[ key: string ]: string}
appendRules 
1
public appendRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
appendScripts 
1
public appendScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
assignAllowFailure 
1
public assignAllowFailure(allowFailure: boolean | number[]): Job
allowFailureRequired
  • Type: boolean | number[]
assignArtifacts 
1
public assignArtifacts(artifacts: Artifacts): Job
artifactsRequired
  • Type: @gcix/gcix.Artifacts
assignCache 
1
public assignCache(cache: Cache): Job
cacheRequired
  • Type: @gcix/gcix.Cache
assignDependencies 
1
public assignDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignImage 
1
public assignImage(image: string | Image): Job

Sets the image of this job.

For a simple container image you can provide the origin of the image. If you want to set the entrypoint, you have to provide an Image object instead.

!! Any previous values will be overwritten.

imageRequired
  • Type: string | @gcix/gcix.Image
assignNeeds 
1
public assignNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignTags 
1
public assignTags(tags: string[]): Job
tagsRequired
  • Type: string[]
copy 
1
public copy(): Job

Returns an independent, deep copy object of this job.

extendName 
1
public extendName(name: string): void

This method is used by gcix.JobCollections to populate the jobs name.

nameRequired
  • Type: string
extendStage 
1
public extendStage(stage: string): void

This method is used by gcix.JobCollections to populate the jobs name and stage.

stageRequired
  • Type: string
extendStageValue 
1
public extendStageValue(stage: string): void

This method is used by gcix.JobCollections to populate the jobs stage.

stageRequired
  • Type: string
getAllInstanceNames 
1
public getAllInstanceNames(child?: Job | JobCollection): OrderedStringSet

Return all instance names from the given child.

That means all combinations of the childs name and stage within this sequence and all parent sequences.

childOptional
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
isEqual 
1
public isEqual(comparable: IBase): boolean

isEqual checks if this object is equal to given object.

comparableRequired
  • Type: @gcix/gcix.IBase
prependRules 
1
public prependRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
prependScripts 
1
public prependScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
render 
1
public render(): any

Returns a representation of any object which implements IBase.

The rendered representation is used by the gcix to dump it in YAML format as part of the .gitlab-ci.yml pipeline.

Properties

Name Type Description
tags string[] Getter method to receive added tags.
allowFailure string | boolean | number[] No description.
name string No description.
orderedTags @gcix/gcix.OrderedStringSet No description.
parents @gcix/gcix.Job | @gcix/gcix.JobCollection[] No description.
scripts string[] No description.
stage string No description.
artifacts @gcix/gcix.Artifacts No description.
cache @gcix/gcix.Cache No description.
dependencies @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
image @gcix/gcix.Image No description.
needs @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
original @gcix/gcix.Job No description.
rules @gcix/gcix.Rule[] No description.
variables {[ key: string ]: string} No description.
context string Context which will be send to kaniko.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
dockerfile string Name of the dockerfile to use.
enablePush boolean Enable push to container registry, disabled to allow subsequent jobs to act on container tarball.
imageName string Image name which will be created.
imageTag string The tag the image will be tagged with.
verbosity string Verbosity of kaniko logging.
buildArgs {[ key: string ]: any} Container build arguments, used to instrument the container image build.
buildTarget string For container multistage builds name of the build stage you want to create.
registries string[] | Registry[] List of container registries to push created image to.
tarPath string Container images created by kaniko are tarball files.
tagsRequired 
1
public readonly tags: string[];
  • Type: string[]

Getter method to receive added tags.

allowFailureRequired 
1
public readonly allowFailure: string | boolean | number[];
  • Type: string | boolean | number[]
nameRequired 
1
public readonly name: string;
  • Type: string
orderedTagsRequired 
1
public readonly orderedTags: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
parentsRequired 
1
public readonly parents: Job | JobCollection[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection[]
scriptsRequired 
1
public readonly scripts: string[];
  • Type: string[]
stageRequired 
1
public readonly stage: string;
  • Type: string
artifactsOptional 
1
public readonly artifacts: Artifacts;
  • Type: @gcix/gcix.Artifacts
cacheOptional 
1
public readonly cache: Cache;
  • Type: @gcix/gcix.Cache
dependenciesOptional 
1
public readonly dependencies: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
imageOptional 
1
public readonly image: Image;
  • Type: @gcix/gcix.Image
needsOptional 
1
public readonly needs: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
originalOptional 
1
public readonly original: Job;
  • Type: @gcix/gcix.Job
rulesOptional 
1
public readonly rules: Rule[];
  • Type: @gcix/gcix.Rule[]
variablesOptional 
1
public readonly variables: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
contextRequired 
1
public readonly context: string;
  • Type: string

Context which will be send to kaniko.

dockerClientConfigRequired 
1
public readonly dockerClientConfig: DockerClientConfig;

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

Defaults to a DockerClientConfig with login to the official Docker Hub and expecting credentials given as environment variables REGISTRY_USER and REGISTRY_LOGIN.

dockerfileRequired 
1
public readonly dockerfile: string;
  • Type: string

Name of the dockerfile to use.

File is relative to context.

enablePushRequired 
1
public readonly enablePush: boolean;
  • Type: boolean

Enable push to container registry, disabled to allow subsequent jobs to act on container tarball.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string

Image name which will be created.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string

The tag the image will be tagged with.

verbosityRequired 
1
public readonly verbosity: string;
  • Type: string

Verbosity of kaniko logging.

buildArgsOptional 
1
public readonly buildArgs: {[ key: string ]: any};
  • Type: {[ key: string ]: any}

Container build arguments, used to instrument the container image build.

buildTargetOptional 
1
public readonly buildTarget: string;
  • Type: string

For container multistage builds name of the build stage you want to create.

Image tag will be appended with the build_target. e.g. latest-buildtarget.

registriesOptional 
1
public readonly registries: string[] | Registry[];

List of container registries to push created image to.

tarPathOptional 
1
public readonly tarPath: string;
  • Type: string

Container images created by kaniko are tarball files.

This is the path where to store the image, will be named with suffix .tar. This path will be created if not present.

PredefinedImages

The PredefinedImages collection supplies commonly utilized container image objects within the gcix framework.

Constants

Name Type Description
ALPINE_GIT @gcix/gcix.Image A predefined Alpine Git container image object.
BUSYBOX @gcix/gcix.Image A predefined Busybox container image object.
CRANE @gcix/gcix.Image A predefined Crane container image object.
DIVE @gcix/gcix.Image A predefined Dive container image object.
GCIP @gcix/gcix.Image A predefined GCIP container image object.
GCIX @gcix/gcix.Image A predefined GCIX container image object.
KANIKO @gcix/gcix.Image A predefined Kaniko container image object.
TRIVY @gcix/gcix.Image A predefined Trivy container image object.
ALPINE_GITRequired 
1
public readonly ALPINE_GIT: Image;
  • Type: @gcix/gcix.Image

A predefined Alpine Git container image object.

This image is useful for Git operations within containers.

BUSYBOXRequired 
1
public readonly BUSYBOX: Image;
  • Type: @gcix/gcix.Image

A predefined Busybox container image object.

CRANERequired 
1
public readonly CRANE: Image;
  • Type: @gcix/gcix.Image

A predefined Crane container image object.

DIVERequired 
1
public readonly DIVE: Image;
  • Type: @gcix/gcix.Image

A predefined Dive container image object.

GCIPRequired 
1
public readonly GCIP: Image;
  • Type: @gcix/gcix.Image

A predefined GCIP container image object.

GCIXRequired 
1
public readonly GCIX: Image;
  • Type: @gcix/gcix.Image

A predefined GCIX container image object.

KANIKORequired 
1
public readonly KANIKO: Image;
  • Type: @gcix/gcix.Image

A predefined Kaniko container image object.

TRIVYRequired 
1
public readonly TRIVY: Image;
  • Type: @gcix/gcix.Image

A predefined Trivy container image object.

Registry

Container registry urls constants.

Static Functions

Name Description
aws Amazon Elastic Container Registry (ECR).
aws 
1
2
3
import { container } from '@gcix/gcix'

container.Registry.aws(props?: AWSRegistryProps)

Amazon Elastic Container Registry (ECR).

If neither accountId nor region is given, the method attempts to evaluate accountId and region using helper functions from aws.AWSAccount. If either of the helper functions does provide a valid value, a ValueError or KeyError exception will be raised.

propsOptional

Constants

Name Type Description
DOCKER string No description.
GCR string No description.
QUAY string No description.
DOCKERRequired 
1
public readonly DOCKER: string;
  • Type: string
GCRRequired 
1
public readonly GCR: string;
  • Type: string
QUAYRequired 
1
public readonly QUAY: string;
  • Type: string

TrivyIgnoreFileCheck

This job checks if a .trivyignore file exists and is not empty and fails if so.

If a .trivyignore file is found and not empty, by default the job fails with exit 1, the job is configured to allow failures so that the pipeline keeps running. This ensures the visibility of acknowledged CVE's in the .trivyignore file inside the pipeline.

This subclass of Job will configure following defaults for the superclass:

  • name: trivyignore
  • stage: check
  • image: PredefinedImages.BUSYBOX
  • allow_failure: 1

Initializers 

1
2
3
import { container } from '@gcix/gcix'

new container.TrivyIgnoreFileCheck(props: TrivyIgnoreFileCheckProps)
Name Type Description
props TrivyIgnoreFileCheckProps No description.
propsRequired

Methods

Name Description
addDependencies No description.
addNeeds No description.
addParent This method is called by gcix.JobCollections when the job is added to that JobCollection.
addTags No description.
addVariables No description.
appendRules No description.
appendScripts No description.
assignAllowFailure No description.
assignArtifacts No description.
assignCache No description.
assignDependencies No description.
assignImage Sets the image of this job.
assignNeeds No description.
assignTags No description.
copy Returns an independent, deep copy object of this job.
extendName This method is used by gcix.JobCollections to populate the jobs name.
extendStage This method is used by gcix.JobCollections to populate the jobs name and stage.
extendStageValue This method is used by gcix.JobCollections to populate the jobs stage.
getAllInstanceNames Return all instance names from the given child.
isEqual isEqual checks if this object is equal to given object.
prependRules No description.
prependScripts No description.
render Returns a representation of any object which implements IBase.
addDependencies 
1
public addDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addNeeds 
1
public addNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addParent 
1
public addParent(parent: Job | JobCollection): void

This method is called by gcix.JobCollections when the job is added to that JobCollection.

The job needs to know its parents when getAllInstanceNames() is called.

parentRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
addTags 
1
public addTags(tags: string[]): Job
tagsRequired
  • Type: string[]
addVariables 
1
public addVariables(variables: {[ key: string ]: string}): Job
variablesRequired
  • Type: {[ key: string ]: string}
appendRules 
1
public appendRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
appendScripts 
1
public appendScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
assignAllowFailure 
1
public assignAllowFailure(allowFailure: boolean | number[]): Job
allowFailureRequired
  • Type: boolean | number[]
assignArtifacts 
1
public assignArtifacts(artifacts: Artifacts): Job
artifactsRequired
  • Type: @gcix/gcix.Artifacts
assignCache 
1
public assignCache(cache: Cache): Job
cacheRequired
  • Type: @gcix/gcix.Cache
assignDependencies 
1
public assignDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignImage 
1
public assignImage(image: string | Image): Job

Sets the image of this job.

For a simple container image you can provide the origin of the image. If you want to set the entrypoint, you have to provide an Image object instead.

!! Any previous values will be overwritten.

imageRequired
  • Type: string | @gcix/gcix.Image
assignNeeds 
1
public assignNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignTags 
1
public assignTags(tags: string[]): Job
tagsRequired
  • Type: string[]
copy 
1
public copy(): Job

Returns an independent, deep copy object of this job.

extendName 
1
public extendName(name: string): void

This method is used by gcix.JobCollections to populate the jobs name.

nameRequired
  • Type: string
extendStage 
1
public extendStage(stage: string): void

This method is used by gcix.JobCollections to populate the jobs name and stage.

stageRequired
  • Type: string
extendStageValue 
1
public extendStageValue(stage: string): void

This method is used by gcix.JobCollections to populate the jobs stage.

stageRequired
  • Type: string
getAllInstanceNames 
1
public getAllInstanceNames(child?: Job | JobCollection): OrderedStringSet

Return all instance names from the given child.

That means all combinations of the childs name and stage within this sequence and all parent sequences.

childOptional
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
isEqual 
1
public isEqual(comparable: IBase): boolean

isEqual checks if this object is equal to given object.

comparableRequired
  • Type: @gcix/gcix.IBase
prependRules 
1
public prependRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
prependScripts 
1
public prependScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
render 
1
public render(): any

Returns a representation of any object which implements IBase.

The rendered representation is used by the gcix to dump it in YAML format as part of the .gitlab-ci.yml pipeline.

Properties

Name Type Description
tags string[] Getter method to receive added tags.
allowFailure string | boolean | number[] No description.
name string No description.
orderedTags @gcix/gcix.OrderedStringSet No description.
parents @gcix/gcix.Job | @gcix/gcix.JobCollection[] No description.
scripts string[] No description.
stage string No description.
artifacts @gcix/gcix.Artifacts No description.
cache @gcix/gcix.Cache No description.
dependencies @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
image @gcix/gcix.Image No description.
needs @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
original @gcix/gcix.Job No description.
rules @gcix/gcix.Rule[] No description.
variables {[ key: string ]: string} No description.
trivyignorePath string Path to the .trivyignore file.
tagsRequired 
1
public readonly tags: string[];
  • Type: string[]

Getter method to receive added tags.

allowFailureRequired 
1
public readonly allowFailure: string | boolean | number[];
  • Type: string | boolean | number[]
nameRequired 
1
public readonly name: string;
  • Type: string
orderedTagsRequired 
1
public readonly orderedTags: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
parentsRequired 
1
public readonly parents: Job | JobCollection[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection[]
scriptsRequired 
1
public readonly scripts: string[];
  • Type: string[]
stageRequired 
1
public readonly stage: string;
  • Type: string
artifactsOptional 
1
public readonly artifacts: Artifacts;
  • Type: @gcix/gcix.Artifacts
cacheOptional 
1
public readonly cache: Cache;
  • Type: @gcix/gcix.Cache
dependenciesOptional 
1
public readonly dependencies: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
imageOptional 
1
public readonly image: Image;
  • Type: @gcix/gcix.Image
needsOptional 
1
public readonly needs: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
originalOptional 
1
public readonly original: Job;
  • Type: @gcix/gcix.Job
rulesOptional 
1
public readonly rules: Rule[];
  • Type: @gcix/gcix.Rule[]
variablesOptional 
1
public readonly variables: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
trivyignorePathRequired 
1
public readonly trivyignorePath: string;
  • Type: string

Path to the .trivyignore file.

TrivyScanLocalImage

This job scanns container images to find vulnerabilities.

This job fails with exit code 1 if severities are found. The scan output is printed to stdout and uploaded to the artifacts of GitLab.

This subclass of Job will configure following defaults for the superclass:

  • name: trivy
  • stage: check
  • image: PredefinedImages.TRIVY
  • artifacts: Path 'trivy.txt'

Initializers 

1
2
3
import { container } from '@gcix/gcix'

new container.TrivyScanLocalImage(props: TrivyScanLocalImageProps)
Name Type Description
props TrivyScanLocalImageProps No description.
propsRequired

Methods

Name Description
addDependencies No description.
addNeeds No description.
addParent This method is called by gcix.JobCollections when the job is added to that JobCollection.
addTags No description.
addVariables No description.
appendRules No description.
appendScripts No description.
assignAllowFailure No description.
assignArtifacts No description.
assignCache No description.
assignDependencies No description.
assignImage Sets the image of this job.
assignNeeds No description.
assignTags No description.
copy Returns an independent, deep copy object of this job.
extendName This method is used by gcix.JobCollections to populate the jobs name.
extendStage This method is used by gcix.JobCollections to populate the jobs name and stage.
extendStageValue This method is used by gcix.JobCollections to populate the jobs stage.
getAllInstanceNames Return all instance names from the given child.
isEqual isEqual checks if this object is equal to given object.
prependRules No description.
prependScripts No description.
render Returns a representation of any object which implements IBase.
addDependencies 
1
public addDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addNeeds 
1
public addNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
addParent 
1
public addParent(parent: Job | JobCollection): void

This method is called by gcix.JobCollections when the job is added to that JobCollection.

The job needs to know its parents when getAllInstanceNames() is called.

parentRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
addTags 
1
public addTags(tags: string[]): Job
tagsRequired
  • Type: string[]
addVariables 
1
public addVariables(variables: {[ key: string ]: string}): Job
variablesRequired
  • Type: {[ key: string ]: string}
appendRules 
1
public appendRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
appendScripts 
1
public appendScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
assignAllowFailure 
1
public assignAllowFailure(allowFailure: boolean | number[]): Job
allowFailureRequired
  • Type: boolean | number[]
assignArtifacts 
1
public assignArtifacts(artifacts: Artifacts): Job
artifactsRequired
  • Type: @gcix/gcix.Artifacts
assignCache 
1
public assignCache(cache: Cache): Job
cacheRequired
  • Type: @gcix/gcix.Cache
assignDependencies 
1
public assignDependencies(dependencies: Job | JobCollection | Need[]): Job
dependenciesRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignImage 
1
public assignImage(image: string | Image): Job

Sets the image of this job.

For a simple container image you can provide the origin of the image. If you want to set the entrypoint, you have to provide an Image object instead.

!! Any previous values will be overwritten.

imageRequired
  • Type: string | @gcix/gcix.Image
assignNeeds 
1
public assignNeeds(needs: Job | JobCollection | Need[]): Job
needsRequired
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
assignTags 
1
public assignTags(tags: string[]): Job
tagsRequired
  • Type: string[]
copy 
1
public copy(): Job

Returns an independent, deep copy object of this job.

extendName 
1
public extendName(name: string): void

This method is used by gcix.JobCollections to populate the jobs name.

nameRequired
  • Type: string
extendStage 
1
public extendStage(stage: string): void

This method is used by gcix.JobCollections to populate the jobs name and stage.

stageRequired
  • Type: string
extendStageValue 
1
public extendStageValue(stage: string): void

This method is used by gcix.JobCollections to populate the jobs stage.

stageRequired
  • Type: string
getAllInstanceNames 
1
public getAllInstanceNames(child?: Job | JobCollection): OrderedStringSet

Return all instance names from the given child.

That means all combinations of the childs name and stage within this sequence and all parent sequences.

childOptional
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection
isEqual 
1
public isEqual(comparable: IBase): boolean

isEqual checks if this object is equal to given object.

comparableRequired
  • Type: @gcix/gcix.IBase
prependRules 
1
public prependRules(rules: Rule[]): Job
rulesRequired
  • Type: @gcix/gcix.Rule[]
prependScripts 
1
public prependScripts(scripts: string[]): Job
scriptsRequired
  • Type: string[]
render 
1
public render(): any

Returns a representation of any object which implements IBase.

The rendered representation is used by the gcix to dump it in YAML format as part of the .gitlab-ci.yml pipeline.

Properties

Name Type Description
tags string[] Getter method to receive added tags.
allowFailure string | boolean | number[] No description.
name string No description.
orderedTags @gcix/gcix.OrderedStringSet No description.
parents @gcix/gcix.Job | @gcix/gcix.JobCollection[] No description.
scripts string[] No description.
stage string No description.
artifacts @gcix/gcix.Artifacts No description.
cache @gcix/gcix.Cache No description.
dependencies @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
image @gcix/gcix.Image No description.
needs @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[] No description.
original @gcix/gcix.Job No description.
rules @gcix/gcix.Rule[] No description.
variables {[ key: string ]: string} No description.
debug boolean If trivy should run in debug mode.
exitIfVulnerable boolean Exit code when vulnerabilities were found.
imageName string Container image name, searched for in imagePath and gets .tar appended.
imagePath string Path where to find the container image.
imageTag string The tag the image will be tagged with.
outputFormat string Scan output format, possible values (table, json).
severity string Severities of vulnerabilities to be displayed (comma separated).
vulnerabilityTypes string List of vulnerability types (comma separated).
trivyConfig string Additional options to pass to trivy binary.
tagsRequired 
1
public readonly tags: string[];
  • Type: string[]

Getter method to receive added tags.

allowFailureRequired 
1
public readonly allowFailure: string | boolean | number[];
  • Type: string | boolean | number[]
nameRequired 
1
public readonly name: string;
  • Type: string
orderedTagsRequired 
1
public readonly orderedTags: OrderedStringSet;
  • Type: @gcix/gcix.OrderedStringSet
parentsRequired 
1
public readonly parents: Job | JobCollection[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection[]
scriptsRequired 
1
public readonly scripts: string[];
  • Type: string[]
stageRequired 
1
public readonly stage: string;
  • Type: string
artifactsOptional 
1
public readonly artifacts: Artifacts;
  • Type: @gcix/gcix.Artifacts
cacheOptional 
1
public readonly cache: Cache;
  • Type: @gcix/gcix.Cache
dependenciesOptional 
1
public readonly dependencies: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
imageOptional 
1
public readonly image: Image;
  • Type: @gcix/gcix.Image
needsOptional 
1
public readonly needs: Job | JobCollection | Need[];
  • Type: @gcix/gcix.Job | @gcix/gcix.JobCollection | @gcix/gcix.Need[]
originalOptional 
1
public readonly original: Job;
  • Type: @gcix/gcix.Job
rulesOptional 
1
public readonly rules: Rule[];
  • Type: @gcix/gcix.Rule[]
variablesOptional 
1
public readonly variables: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
debugRequired 
1
public readonly debug: boolean;
  • Type: boolean

If trivy should run in debug mode.

exitIfVulnerableRequired 
1
public readonly exitIfVulnerable: boolean;
  • Type: boolean

Exit code when vulnerabilities were found.

If true exit code is 1 else 0.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string

Container image name, searched for in imagePath and gets .tar appended.

imagePathRequired 
1
public readonly imagePath: string;
  • Type: string

Path where to find the container image.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string

The tag the image will be tagged with.

outputFormatRequired 
1
public readonly outputFormat: string;
  • Type: string

Scan output format, possible values (table, json).

severityRequired 
1
public readonly severity: string;
  • Type: string

Severities of vulnerabilities to be displayed (comma separated).

vulnerabilityTypesRequired 
1
public readonly vulnerabilityTypes: string;
  • Type: string

List of vulnerability types (comma separated).

trivyConfigOptional 
1
public readonly trivyConfig: string;
  • Type: string

Additional options to pass to trivy binary.

Protocols

IBuildContainerCollection

Properties

Name Type Description
cranePushJob CranePush Crane push job.
diveScanJob DiveScan Dive scan job.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
doCranePush boolean Set to false to skip the Crane push job.
doDiveScan boolean Set to false to skip the Dive scan job.
doTrivyignoreCheck boolean Set to false to skip the existance check of the .trivyignore file.
doTrivyScan boolean Set to false to skip the Trivy scan job.
imageName string Image name with stage in the registry.
imageTag string Image tag.
kanikoExecuteJob KanikoExecute Kaniko execute job.
registry string | Registry Container registry to push the image to.
trivyIgnoreFileCheckJob TrivyIgnoreFileCheck Trivy ignore file check job.
trivyScanLocalImageJob TrivyScanLocalImage Trivy scan local image job.
cranePushJobRequired 
1
public readonly cranePushJob: CranePush;

Crane push job.

diveScanJobRequired 
1
public readonly diveScanJob: DiveScan;

Dive scan job.

dockerClientConfigRequired 
1
public readonly dockerClientConfig: DockerClientConfig;
  • Type: DockerClientConfig
  • Default: DockerClientConfig with login to the official Docker Hub and expecting credentials given as environment variables REGISTRY_USER and REGISTRY_LOGIN.

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

doCranePushRequired 
1
public readonly doCranePush: boolean;
  • Type: boolean
  • Default: true

Set to false to skip the Crane push job.

doDiveScanRequired 
1
public readonly doDiveScan: boolean;
  • Type: boolean
  • Default: true

Set to false to skip the Dive scan job.

doTrivyignoreCheckRequired 
1
public readonly doTrivyignoreCheck: boolean;
  • Type: boolean
  • Default: true

Set to false to skip the existance check of the .trivyignore file.

doTrivyScanRequired 
1
public readonly doTrivyScan: boolean;
  • Type: boolean
  • Default: true

Set to false to skip the Trivy scan job.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectDir

Image name with stage in the registry.

e.g. username/imageName.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string
  • Default: PredefinedVariables.ciCommitRefName

Image tag.

Depending of the build it defaults either to the git tag or to the actual branch name.

kanikoExecuteJobRequired 
1
public readonly kanikoExecuteJob: KanikoExecute;

Kaniko execute job.

registryRequired 
1
public readonly registry: string | Registry;
  • Type: string | Registry
  • Default: Registry.DOCKER

Container registry to push the image to.

If the container registry needs authentication, you have to provide a DockerClientConfig object with credentials.

trivyIgnoreFileCheckJobRequired 
1
public readonly trivyIgnoreFileCheckJob: TrivyIgnoreFileCheck;

Trivy ignore file check job.

trivyScanLocalImageJobRequired 
1
public readonly trivyScanLocalImageJob: TrivyScanLocalImage;

Trivy scan local image job.

ICopyContainerCollection

Properties

Name Type Description
cranePullJob CranePull CranPull job.
cranePushJob CranePush No description.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
doDiveScan boolean Set to false to skip the Dive scan job.
doTrivyignoreCheck boolean Set to false to skip the existance check of the .trivyignore file.
doTrivyScan boolean Set to false to skip the Trivy scan job.
dstRegistry string | Registry Container registry to push the image to.
imageName string Image name with stage in the registry.
imageTag string Container image tag to pull from srcRegistry and push to dstRegistry.
srcRegistry string | Registry Container registry to pull the image from.
diveScanJob DiveScan Dive scan job.
trivyIgnoreFileCheckJob TrivyIgnoreFileCheck Trivy ignore file check job.
trivyScanLocalImageJob TrivyScanLocalImage Trivy scan local image job.
cranePullJobRequired 
1
public readonly cranePullJob: CranePull;

CranPull job.

cranePushJobRequired 
1
public readonly cranePushJob: CranePush;
dockerClientConfigRequired 
1
public readonly dockerClientConfig: DockerClientConfig;
  • Type: DockerClientConfig
  • Default: DockerClientConfig with login to the official Docker Hub and expecting credentials given as environment variables REGISTRY_USER and REGISTRY_LOGIN.

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

doDiveScanRequired 
1
public readonly doDiveScan: boolean;
  • Type: boolean
  • Default: true

Set to false to skip the Dive scan job.

doTrivyignoreCheckRequired 
1
public readonly doTrivyignoreCheck: boolean;
  • Type: boolean
  • Default: true

Set to false to skip the existance check of the .trivyignore file.

doTrivyScanRequired 
1
public readonly doTrivyScan: boolean;
  • Type: boolean
  • Default: true

Set to false to skip the Trivy scan job.

dstRegistryRequired 
1
public readonly dstRegistry: string | Registry;
  • Type: string | Registry
  • Default: Registry.DOCKER

Container registry to push the image to.

If the container registry needs authentication, you have to provide a DockerClientConfig object with credentials.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string

Image name with stage in the registry.

e.g. username/image_name.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string

Container image tag to pull from srcRegistry and push to dstRegistry.

srcRegistryRequired 
1
public readonly srcRegistry: string | Registry;
  • Type: string | Registry
  • Default: Registry.DOCKER

Container registry to pull the image from.

If the container registry needs authentication, you have to provide a DockerClientConfig object with credentials.

diveScanJobOptional 
1
public readonly diveScanJob: DiveScan;

Dive scan job.

trivyIgnoreFileCheckJobOptional 
1
public readonly trivyIgnoreFileCheckJob: TrivyIgnoreFileCheck;

Trivy ignore file check job.

trivyScanLocalImageJobOptional 
1
public readonly trivyScanLocalImageJob: TrivyScanLocalImage;

Trivy scan local image job.

ICraneCopy

Properties

Name Type Description
dstRegistry string | Registry Registry URL to copy container image to.
srcRegistry string | Registry Registry URL to copy container image from.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, used by crane to authenticate against given registries.
dstRegistryRequired 
1
public readonly dstRegistry: string | Registry;

Registry URL to copy container image to.

srcRegistryRequired 
1
public readonly srcRegistry: string | Registry;

Registry URL to copy container image from.

dockerClientConfigOptional 
1
public readonly dockerClientConfig: DockerClientConfig;

Creates the Docker configuration file base on objects settings, used by crane to authenticate against given registries.

ICranePull

Properties

Name Type Description
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
imageName string Container image with namespace to pull from srcRegistry.
imageTag string Tag of the image which will be pulled.
srcRegistry string | Registry Registry URL to pull container image from.
tarPath string Path where to save the container image tarball.
dockerClientConfigRequired 
1
public readonly dockerClientConfig: DockerClientConfig;
  • Type: DockerClientConfig
  • Default: DockerClientConfig with login to the official Docker Hub and expecting credentials given as environment variables REGISTRY_USER and REGISTRY_LOGIN.

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectName

Container image with namespace to pull from srcRegistry.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string
  • Default: latest

Tag of the image which will be pulled.

srcRegistryRequired 
1
public readonly srcRegistry: string | Registry;

Registry URL to pull container image from.

tarPathRequired 
1
public readonly tarPath: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectDir

Path where to save the container image tarball.

ICranePush

Properties

Name Type Description
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
dstRegistry string | Registry Registry URL to copy container image to.
imageName string Container image name, searched for in imagePath and gets .tar appended.
imageTag string The tag the image will be tagged with.
tarPath string Path where to find the container image tarball.
dockerClientConfigRequired 
1
public readonly dockerClientConfig: DockerClientConfig;

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

Defaults to a DockerClientConfig with login to the official Docker Hub and expecting credentials given as environment variables REGISTRY_USER and REGISTRY_LOGIN.

dstRegistryRequired 
1
public readonly dstRegistry: string | Registry;

Registry URL to copy container image to.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectName

Container image name, searched for in imagePath and gets .tar appended.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string
  • Default: PredefinedVariables.ciCommitTag

The tag the image will be tagged with.

tarPathRequired 
1
public readonly tarPath: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectDir

Path where to find the container image tarball.

IDiveScan

Properties

Name Type Description
highestUserWastedPercent number Highest allowable percentage of bytes wasted (as a ratio between 0-1), otherwise CI validation will fail.
ignoreErrors boolean Ignore image parsing errors and run the analysis anyway.
imageName string Name of the container image to scan, if source is docker-archive argument gets prefix .tar.
imagePath string Path to the image can be either a remote container registry, as well as a local path to an image.
imageTag string The tag the image will be tagged with.
lowestEfficiency number Lowest allowable image efficiency (as a ratio between 0-1), otherwise CI validation will fail.
source string The container engine to fetch the image from.
highestWastedBytes number Highest allowable bytes wasted, otherwise CI validation will fail.
highestUserWastedPercentRequired 
1
public readonly highestUserWastedPercent: number;
  • Type: number
  • Default: 0.1

Highest allowable percentage of bytes wasted (as a ratio between 0-1), otherwise CI validation will fail.

ignoreErrorsRequired 
1
public readonly ignoreErrors: boolean;
  • Type: boolean
  • Default: false

Ignore image parsing errors and run the analysis anyway.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectName

Name of the container image to scan, if source is docker-archive argument gets prefix .tar.

imagePathRequired 
1
public readonly imagePath: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectPath

Path to the image can be either a remote container registry, as well as a local path to an image.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string
  • Default: PredefinedVariables.ciCommitTag

The tag the image will be tagged with.

lowestEfficiencyRequired 
1
public readonly lowestEfficiency: number;
  • Type: number
  • Default: 0.9

Lowest allowable image efficiency (as a ratio between 0-1), otherwise CI validation will fail.

sourceRequired 
1
public readonly source: string;
  • Type: string
  • Default: docker-archive

The container engine to fetch the image from.

Allowed values: docker, podman, docker-archive

highestWastedBytesOptional 
1
public readonly highestWastedBytes: number;
  • Type: number

Highest allowable bytes wasted, otherwise CI validation will fail.

IDockerBuild

Properties

Name Type Description
context string The Docker build context (the directory containing the Dockerfile).
repository string The Docker repository name ([<registry>/]<image>).
tag string A Docker image tag applied to the image.
contextRequired 
1
public readonly context: string;
  • Type: string
  • Default: .

The Docker build context (the directory containing the Dockerfile).

repositoryRequired 
1
public readonly repository: string;
  • Type: string

The Docker repository name ([<registry>/]<image>).

tagRequired 
1
public readonly tag: string;
  • Type: string
  • Default: "latest"

A Docker image tag applied to the image.

IDockerClientConfig

Properties

Name Type Description
config IDockerClientConfigType Docker client configuration.
configFilePath string Docker client config path.
configRequired 
1
public readonly config: IDockerClientConfigType;

Docker client configuration.

configFilePathRequired 
1
public readonly configFilePath: string;
  • Type: string
  • Default: $HOME/.docker/config.json

Docker client config path.

IDockerClientConfigType

Properties

Name Type Description
auths {[ key: string ]: any} No description.
credHelpers {[ key: string ]: string} No description.
credsStore string No description.
rawInput {[ key: string ]: string} No description.
authsOptional 
1
public readonly auths: {[ key: string ]: any};
  • Type: {[ key: string ]: any}
credHelpersOptional 
1
public readonly credHelpers: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
credsStoreOptional 
1
public readonly credsStore: string;
  • Type: string
rawInputOptional 
1
public readonly rawInput: {[ key: string ]: string};
  • Type: {[ key: string ]: string}

IDockerPush

Properties

Name Type Description
containerImage string The name of the Docker image to push to the registry.
registry string The Docker registry the image should be pushed to.
tag string The Docker image tag that should be pushed to the registry.
loginEnvVar string If you have to login to the registry before the push, you have to provide the name of the environment variable, which contains the password or token, here.
userEnvVar string If you have to login to the registry before the push, you have to provide the name of the environment variable, which contains the username value, here.
containerImageRequired 
1
public readonly containerImage: string;
  • Type: string

The name of the Docker image to push to the registry.

registryRequired 
1
public readonly registry: string;
  • Type: string
  • Default: index.docker.io/v1

The Docker registry the image should be pushed to.

tagRequired 
1
public readonly tag: string;
  • Type: string
  • Default: latest

The Docker image tag that should be pushed to the registry.

loginEnvVarOptional 
1
public readonly loginEnvVar: string;
  • Type: string

If you have to login to the registry before the push, you have to provide the name of the environment variable, which contains the password or token, here.

DO NOT PROVIDE THE LOGIN VALUE ITSELF! This would be a security issue!

userEnvVarOptional 
1
public readonly userEnvVar: string;
  • Type: string

If you have to login to the registry before the push, you have to provide the name of the environment variable, which contains the username value, here.

DO NOT PROVIDE THE USERNAME VALUE ITSELF! This would be a security issue!

IKanikoExecute

Properties

Name Type Description
context string Context which will be send to kaniko.
dockerClientConfig DockerClientConfig Creates the Docker configuration file base on objects settings, to authenticate against given registries.
dockerfile string Name of the dockerfile to use.
enablePush boolean Enable push to container registry, disabled to allow subsequent jobs to act on container tarball.
imageName string Image name which will be created.
imageTag string The tag the image will be tagged with.
verbosity string Verbosity of kaniko logging.
buildArgs {[ key: string ]: any} Container build arguments, used to instrument the container image build.
buildTarget string For container multistage builds name of the build stage you want to create.
registries string[] | Registry[] List of container registries to push created image to.
tarPath string Container images created by kaniko are tarball files.
contextRequired 
1
public readonly context: string;
  • Type: string
  • Default: PredefinedVariables.CI_PROJECT_DIR

Context which will be send to kaniko.

dockerClientConfigRequired 
1
public readonly dockerClientConfig: DockerClientConfig;

Creates the Docker configuration file base on objects settings, to authenticate against given registries.

Defaults to a DockerClientConfig with login to the official Docker Hub and expecting credentials given as environment variables REGISTRY_USER and REGISTRY_LOGIN.

dockerfileRequired 
1
public readonly dockerfile: string;
  • Type: string
  • Default: "Dockerfile"

Name of the dockerfile to use.

File is relative to context.

enablePushRequired 
1
public readonly enablePush: boolean;
  • Type: boolean
  • Default: false

Enable push to container registry, disabled to allow subsequent jobs to act on container tarball.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string
  • Default: PredefinedVariables.CI_PROJECT_NAME.

Image name which will be created.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string
  • Default: PredefinedVariables.CI_COMMIT_TAG

The tag the image will be tagged with.

verbosityRequired 
1
public readonly verbosity: string;
  • Type: string
  • Default: "info"

Verbosity of kaniko logging.

buildArgsOptional 
1
public readonly buildArgs: {[ key: string ]: any};
  • Type: {[ key: string ]: any}

Container build arguments, used to instrument the container image build.

buildTargetOptional 
1
public readonly buildTarget: string;
  • Type: string

For container multistage builds name of the build stage you want to create.

Image tag will be appended with the build_target. e.g. latest-buildtarget.

registriesOptional 
1
public readonly registries: string[] | Registry[];

List of container registries to push created image to.

tarPathOptional 
1
public readonly tarPath: string;
  • Type: string

Container images created by kaniko are tarball files.

This is the path where to store the image, will be named with suffix .tar. This path will be created if not present.

ITrivyIgnoreFileCheck

Properties

Name Type Description
trivyignorePath string Path to the .trivyignore file.
trivyignorePathRequired 
1
public readonly trivyignorePath: string;
  • Type: string
  • Default: PredefinedVariables.ciProjectDir/.trivyignore

Path to the .trivyignore file.

ITrivyScanLocalImage

Properties

Name Type Description
debug boolean If trivy should run in debug mode.
exitIfVulnerable boolean Exit code when vulnerabilities were found.
imageName string Container image name, searched for in imagePath and gets .tar appended.
imagePath string Path where to find the container image.
imageTag string The tag the image will be tagged with.
outputFormat string Scan output format, possible values (table, json).
severity string Severities of vulnerabilities to be displayed (comma separated).
vulnerabilityTypes string List of vulnerability types (comma separated).
trivyConfig string Additional options to pass to trivy binary.
debugRequired 
1
public readonly debug: boolean;
  • Type: boolean
  • Default: false

If trivy should run in debug mode.

exitIfVulnerableRequired 
1
public readonly exitIfVulnerable: boolean;
  • Type: boolean
  • Default: true

Exit code when vulnerabilities were found.

If true exit code is 1 else 0.

imageNameRequired 
1
public readonly imageName: string;
  • Type: string
  • Default: PredefinedVariables.CI_PROJECT_NAME

Container image name, searched for in imagePath and gets .tar appended.

imagePathRequired 
1
public readonly imagePath: string;
  • Type: string
  • Default: PredefinedVariables.CI_PROJECT_DIR

Path where to find the container image.

imageTagRequired 
1
public readonly imageTag: string;
  • Type: string
  • Default: PredefinedVariables.CI_COMMIT_TAG

The tag the image will be tagged with.

outputFormatRequired 
1
public readonly outputFormat: string;
  • Type: string
  • Default: "table"

Scan output format, possible values (table, json).

severityRequired 
1
public readonly severity: string;
  • Type: string
  • Default: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"

Severities of vulnerabilities to be displayed (comma separated).

vulnerabilityTypesRequired 
1
public readonly vulnerabilityTypes: string;
  • Type: string
  • Default: "os,library"

List of vulnerability types (comma separated).

trivyConfigOptional 
1
public readonly trivyConfig: string;
  • Type: string

Additional options to pass to trivy binary.