SAP
diff --git a/‎.circleci/config.yml‎
Lines changed: 83 additions & 32 deletions b/‎.circleci/config.yml‎
Lines changed: 83 additions & 32 deletions
diff --git a/‎Dockerfile_mbtci_java11‎
Lines changed: 99 additions & 0 deletions b/‎Dockerfile_mbtci_java11‎
Lines changed: 99 additions & 0 deletions
@@ -1,7 +1,6 @@
 # Golang CircleCI 2.0 configuration
 version: 2.1
 jobs:
-
   build-node:
     docker:
       - image: cimg/node:lts
@@ -13,8 +12,7 @@ jobs:
 
   build:
     docker:
-      - image: cimg/go:1.16
-
+      - image: cimg/go:1.17
     environment:
     working_directory: ~/go/src/github.com/SAP/cloud-mta-build-tool
     steps:
@@ -67,10 +65,22 @@ jobs:
           command: |
             pip3 install --user reuse
             ~/.local/bin/reuse lint
-            
-  release:
+
+  ghpages:
+    docker:
+      - image: squidfunk/mkdocs-material:4.3.1
+    working_directory: ~/go/src/github.com/SAP/cloud-mta-build-tool
+    steps:
+      - checkout
+      - run:
+          name: release to GitHub Pages
+          command: |
+            cd docs
+            mkdocs gh-deploy --config-file ../docs/mkdocs.yml --remote-branch gh-pages
+
+  release-to-github:
     docker:
-      - image: cimg/go:1.16
+      - image: cimg/go:1.17
     working_directory: ~/go/src/github.com/SAP/cloud-mta-build-tool
     steps:
       - add_ssh_keys:
@@ -107,11 +117,15 @@ jobs:
             sed  -i "/\"version\":/s/${CURR_MBT_VERSION}/${MBT_VERSION}/" ./package.json
             sed  -i "/cli_version:/s/${CURR_MBT_VERSION}/${MBT_VERSION}/" ./configs/version.yaml
             sed  -i "s/${CURR_MBT_VERSION}/${MBT_VERSION}/" ./VERSION
+            sed  -i "/ARG MBT_VERSION=/ s/${CURR_MBT_VERSION}/${MBT_VERSION}/" ./Dockerfile_mbtci_java8
+            sed  -i "/ARG MBT_VERSION=/ s/${CURR_MBT_VERSION}/${MBT_VERSION}/" ./Dockerfile_mbtci_java11
+            sed  -i "/ARG MBT_VERSION=/ s/${CURR_MBT_VERSION}/${MBT_VERSION}/" ./Dockerfile_mbtci_java17
+            sed  -i "s/- ${CURR_MBT_VERSION}/- ${MBT_VERSION}/" ./test/goss/goss_template.yaml
             sed  -i "/- Cloud MTA Build Tool -/s/${CURR_MBT_VERSION}/${MBT_VERSION}/" ./README.md
             #Generate version file
             go generate -run "go run ./internal/buildtools/embed.go ./internal/buildtools/buildtools_msg.go -source=./configs/version.yaml -target=./internal/version/version_cfg.go -name=VersionConfig -package=version"
             #Add all updated files to commit
-            git add ./package.json ./configs/version.yaml ./VERSION ./internal/version/version_cfg.go ./README.md 
+            git add ./package.json ./configs/version.yaml ./VERSION ./internal/version/version_cfg.go ./Dockerfile_mbtci_java8 ./Dockerfile_mbtci_java11 ./Dockerfile_mbtci_java17 ./test/goss/goss_template.yaml ./README.md 
             git config user.email "${CLOUD_MTA_BOT_EMAIL}"
             git config user.name "${CLOUD_MTA_BOT_USER}"
             git commit --allow-empty -m "[skip ci] Bump version ${MBT_VERSION}"
@@ -127,8 +141,45 @@ jobs:
             git checkout master
             export GITHUB_TOKEN=${CLOUD_MTA_BOT_GITHUB_TOKEN}
             curl -sL https://git.io/goreleaser | bash
-            
-  publish:
+
+  publish-to-dockerhub:
+    docker:
+      - image: cimg/go:1.17
+    working_directory: ~/go/src/github.com/SAP/cloud-mta-build-tool
+    steps:
+      - checkout
+      - setup_remote_docker:
+          version: 20.10.6
+      - run:
+          name: build image pre-setup
+          command: |
+            #Make sure HEAD points to master
+            git checkout master
+            git fetch
+            git rebase
+      - run:
+          name: "build Java 17 & Node 16 image"
+          command: |
+              MBT_VERSION=$(cat ./VERSION)
+              sh $PWD/scripts/build_image 17 16.18.0 ${MBT_VERSION}
+      - run:
+          name: publish image
+          command: |
+            #Make sure HEAD points to master
+            git checkout master
+            git fetch
+            git rebase
+            MBT_VERSION=$(cat ./VERSION)
+            echo "Image release: ${MBT_VERSION}"
+            #Push to Docker Hub
+            echo "$DOCKER_HUB_TOKEN" | docker login --username $DOCKER_HUB_USER --password-stdin
+            sh $PWD/scripts/publish_image 17  16.18.0  ${MBT_VERSION} "devxci"
+
+            #Push to GitHub Container Registry
+            echo "$CLOUD_MTA_BOT_GITHUB_TOKEN" | docker login "ghcr.io" --username $CLOUD_MTA_BOT_USER --password-stdin
+            sh $PWD/scripts/publish_image 17  16.18.0  ${MBT_VERSION} "ghcr.io/sap"
+
+  publish-to-npm:
     docker:
       - image: cimg/node:lts
     working_directory: ~/repo
@@ -145,6 +196,7 @@ jobs:
             git fetch
             git rebase
       - run:
+          # mbt is an unscoped package, do not need to add "--access public" option in npm publish cmd 
           name: publish to npm
           command: |
             echo "//registry.npmjs.org/:_authToken=$CLOUD_MTA_BOT_NPM_TOKEN" > .npmrc
@@ -156,21 +208,10 @@ jobs:
           name: remove dummy release tag
           command: |
             git push https://github.com/SAP/cloud-mta-build-tool.git --delete release
-            
-  ghpages:
-    docker:
-      - image: squidfunk/mkdocs-material:4.3.1
-    working_directory: ~/go/src/github.com/SAP/cloud-mta-build-tool
-    steps:
-      - checkout
-      - run:
-          name: release to GitHub Pages
-          command: |
-            cd docs
-            mkdocs gh-deploy --config-file ../docs/mkdocs.yml --remote-branch gh-pages
 
 workflows:
   version: 2
+  # when sub-branch's code is commited, this workflow will be execed
   on_pr_build:
     jobs:
       - build:
@@ -192,6 +233,7 @@ workflows:
             branches:
               ignore: master
 
+  # when master's code is commited or merged from sub-branch, this workflow will be execed
   on_merge_build_test:
     jobs:
       - build:
@@ -201,7 +243,7 @@ workflows:
       - build-node:
           filters:
             branches:
-              ignore: master
+              only: master
       - compliance:
           filters:
             branches:
@@ -213,42 +255,51 @@ workflows:
             branches:
               only: master
 
-  on_tag_build_test_deploy:
+  # when a branch is taged by "release", this workflow will be execed
+  on_tag_build_release_publish:
     jobs:
       - build:
-          filters:  # required since `release` has tag filters AND requires `build`
+          filters:
             tags:
               only: /release/
             branches:
               ignore: /.*/
       - test:
           requires:
             - build
-          filters:  # required since `release` has tag filters AND requires `test`
+          filters:
             tags:
               only: /release/
             branches:
               ignore: /.*/
-      - release:
+      - ghpages:
           requires:
             - test
-          filters:  # job runs on tag 'release' for no branches
+          filters:
             tags:
               only: /release/
             branches:
               ignore: /.*/
-      - ghpages:
+      - release-to-github:
           requires:
             - test
-          filters:  # job runs on tag 'release' for no branches
+          filters:
             tags:
               only: /release/
             branches:
               ignore: /.*/
-      - publish:
+      - publish-to-dockerhub:
           requires:
-            - release
-          filters:  # job runs on tag 'release' for no branches
+            - release-to-github
+          filters:
+            tags:
+              only: /release/
+            branches:
+              ignore: /.*/
+      - publish-to-npm:
+          requires:
+            - publish-to-dockerhub
+          filters:
             tags:
               only: /release/
             branches:
 
@@ -0,0 +1,99 @@
+FROM sapmachine:11
+
+# Build time arguments
+ARG MTA_USER_HOME=/home/mta
+ARG MBT_VERSION=1.2.18
+ARG GO_VERSION=1.15.6
+# node version as found in https://nodejs.org/dist/ e.g: "v16.15.0"
+ARG NODE_VERSION=NODE_VERSION_TEMPLATE
+ARG MAVEN_VERSION=3.6.3
+
+# Environment variables
+ENV PYTHON /usr/bin/python3
+ENV M2_HOME=/opt/maven/apache-maven-${MAVEN_VERSION}
+ENV GOPATH /go
+ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH
+ENV CGO_ENABLED=0
+ENV GOOS=linux
+ENV DEBIAN_FRONTEND=noninteractive
+
+ADD http://aia.pki.co.sap.com/aia/SAP%20Global%20Root%20CA.crt \
+    /etc/ssl/certs/SAP_Global_Root_CA.crt
+
+# Download required env tools
+RUN apt-get update && \
+    apt-get install --yes --no-install-recommends \
+		ca-certificates \
+		git \
+		curl && \
+
+    # Change security level as the SAP npm repo doesnt support buster new security upgrade
+    # the default configuration for OpenSSL in Buster explicitly requires using more secure ciphers and protocols,
+    # and the server running at http://npm.sap.com/ is running software configured to only provide insecure, older ciphers.
+    # This causes SSL connections using OpenSSL from a Buster based installation to fail
+    # Should be remove once SAP npm repo will patch the security level
+    # see - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912759
+    sed -i -E 's/(CipherString\s*=\s*DEFAULT@SECLEVEL=)2/\11/' /etc/ssl/openssl.cnf && \
+
+# install node
+	NODE_HOME=/opt/nodejs; mkdir -p ${NODE_HOME} && \
+    curl --fail --silent --output - "https://nodejs.org/dist/${NODE_VERSION}/node-${NODE_VERSION}-linux-x64.tar.gz" \
+     | tar -xzv -f - -C "${NODE_HOME}" && \
+    ln -s "${NODE_HOME}/node-${NODE_VERSION}-linux-x64/bin/node" /usr/local/bin/node && \
+    ln -s "${NODE_HOME}/node-${NODE_VERSION}-linux-x64/bin/npm" /usr/local/bin/npm && \
+    ln -s "${NODE_HOME}/node-${NODE_VERSION}-linux-x64/bin/npx" /usr/local/bin/ && \
+    npm install --prefix /usr/local/ -g grunt-cli && \
+	
+# install ui5-cli temporay solution
+	npm install --prefix /usr/local/ -g @ui5/cli && \
+
+# installing Golang
+	curl -O https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz && tar -xvf go${GO_VERSION}.linux-amd64.tar.gz && \
+    mv go /usr/local && \
+    mkdir -p "$GOPATH/src" "$GOPATH/bin" && chmod -R 777 "$GOPATH" && \
+    mkdir -p ${GOPATH}/src ${GOPATH}/bin && \
+
+# update maven home
+	M2_BASE="$(dirname ${M2_HOME})" && \
+    mkdir -p "${M2_BASE}" && \
+    curl --fail --silent --output - "https://apache.osuosl.org/maven/maven-3/${MAVEN_VERSION}/binaries/apache-maven-${MAVEN_VERSION}-bin.tar.gz" \
+    | tar -xzvf - -C "${M2_BASE}" && \
+    ln -s "${M2_HOME}/bin/mvn" /usr/local/bin/mvn && \
+    chmod --recursive a+w "${M2_HOME}"/conf/* && \
+
+# Download MBT
+	curl -L "https://github.com/SAP/cloud-mta-build-tool/releases/download/v${MBT_VERSION}/cloud-mta-build-tool_${MBT_VERSION}_Linux_amd64.tar.gz" | tar -zx -C /usr/local/bin && \
+    chown root:root /usr/local/bin/mbt && \ 
+
+# handle users permission
+	useradd --home-dir "${MTA_USER_HOME}" \
+            --create-home \
+            --shell /bin/bash \
+            --user-group \
+            --uid 1000 \
+            --comment 'Cloud MTA Build Tool' \
+            --password "$(echo weUseMta |openssl passwd -1 -stdin)" mta && \
+# allow anybody to write into the images HOME
+    chmod a+w "${MTA_USER_HOME}" && \
+
+# Install essential build tools and python, required for building db modules
+    apt-get install --yes --no-install-recommends \
+		build-essential \
+		python2.7 \
+        python3 && \
+
+# Install python 3.10
+    #apt-get install software-properties-common && \
+    #apt-get update && \
+    #add-apt-repository ppa:deadsnakes/ppa && \
+    #apt-get install python3.10 && \
+
+# remove build env tools
+    apt-get remove --purge --autoremove --yes \
+		curl && \
+
+    rm -rf /var/lib/apt/lists/*
+
+ENV PATH=$PATH:./node_modules/.bin HOME=${MTA_USER_HOME}
+WORKDIR /project
+USER mta