Merge remote-tracking branch 'structure-local/py-ci-cli' into develop

rpatterson · May 10, 2023 · b79b6cf · b79b6cf
2 parents 1347152 + 5f07b7a
commit b79b6cf
Show file tree

Hide file tree

Showing 17 changed files with 211 additions and 173 deletions.
diff --git a/.env.in b/.env.in
@@ -2,36 +2,40 @@
 #
 # SPDX-License-Identifier: MIT
 
-# Make non-default `./docker-compose*.yml` files the default
-# https://pscheit.medium.com/docker-compose-advanced-configuration-541356d121de#9aa6
-COMPOSE_PATH_SEPARATOR=:
-COMPOSE_FILE=./docker-compose.yml:./gitlab-runner/docker-compose.yml:./docker-compose-servarr.yml:./docker-compose.override.yml
-
 # Capture local values specific to this checkout:
 TZ=${TZ}
 PUID=${PUID}
 PGID=${PGID}
-# Absolute path of the git repo checkout, useful where relative paths can't be used:
-CHECKOUT_DIR=${CHECKOUT_DIR}
-# Build host variables:
-DOCKER_GID=${DOCKER_GID}
+TRANSMISSION_PASS=${TRANSMISSION_PASS}
+# The volume on which Transmission's `download-dir` is stored
+DOWNLOAD_VOLUME=${DOWNLOAD_VOLUME}
+# The amount of free disk space below which to stop the container: 1GB
+CRITICAL_AVAIL=${CRITICAL_AVAIL}
+SONARR_API_KEY=
+RADARR_API_KEY=
 
-# Release variables:
-DOCKER_USER=${DOCKER_USER}
+# Release Secrets:
 # Best to create and use a token.  Note that the token must have the `admin`/"Read,
 # Write, Delete" scope, aka "ACCESS PERMISSIONS":
 # https://hub.docker.com/settings/security?generateToken=true
 DOCKER_PASS=${DOCKER_PASS}
-
 # Project host credentials used here and in CI/CD to support local testing/debugging:
 CI_REGISTRY_PASSWORD=${CI_REGISTRY_PASSWORD}
 PROJECT_GITHUB_PAT=${PROJECT_GITHUB_PAT}
 
-TRANSMISSION_PASS=${TRANSMISSION_PASS}
-# The volume on which Transmission's `download-dir` is stored
-DOWNLOAD_VOLUME=${DOWNLOAD_VOLUME}
-# The amount of free disk space below which to stop the container: 1GB
-CRITICAL_AVAIL=${CRITICAL_AVAIL}
-
-SONARR_API_KEY=
-RADARR_API_KEY=
+# Constants specific to this project and/or checkout used in variable substitutions in
+# `./docker-compose*.yml`.  Should not be modified during the normal course of
+# development:
+# Project specific values:
+PROJECT_NAMESPACE=${PROJECT_NAMESPACE}
+PROJECT_NAME=${PROJECT_NAME}
+# Absolute path of the git repo checkout, useful where relative paths can't be used:
+CHECKOUT_DIR=${CHECKOUT_DIR}
+# The Docker Hub user or organization:
+DOCKER_USER=${DOCKER_USER}
+# Make non-default `./docker-compose*.yml` files the default:
+# https://pscheit.medium.com/docker-compose-advanced-configuration-541356d121de#9aa6
+COMPOSE_PATH_SEPARATOR=:
+COMPOSE_FILE=./docker-compose.yml:./gitlab-runner/docker-compose.yml:./docker-compose-servarr.yml:./docker-compose.override.yml
+# Build host variables, used only for reproducing CI/CD locally:
+DOCKER_GID=${DOCKER_GID}
diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml
@@ -4,6 +4,31 @@
 
 name: "Build and Test"
 
+env:
+  PUID: "1001"
+  PGID: "123"
+  # Project specific values:
+  PROJECT_NAMESPACE: "rpatterson"
+  PROJECT_NAME: "prunerr"
+  # Requires the secrets to be added to GitHub either through the web UI or the
+  # GitHub CLI tool:
+  # https://docs.github.com/en/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-a-repository
+  GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}"
+  GPG_SIGNING_PRIVATE_KEY: "${{ secrets.GPG_SIGNING_PRIVATE_KEY }}"
+  DOCKER_PASS: "${{ secrets.DOCKER_PASS }}"
+  # Enable the GitHub CLI
+  PROJECT_GITHUB_PAT: "${{ secrets.PROJECT_GITHUB_PAT }}"
+  # Tell the `./Makefile` about GitHub specific environment details:
+  CI_IS_FORK: >-
+    ${{
+      (
+        (
+          (github.repository_owner != '${PROJECT_NAMESPACE}')
+          || (github.event.pull_request.head.repo.owner.login != '${PROJECT_NAMESPACE}')
+        ) && 'true'
+      ) || 'false'
+    }}
+
 on:
   # Only run on branches, not tags:
   # https://github.com/orgs/community/discussions/25615#discussioncomment-3397691
@@ -22,27 +47,7 @@ jobs:
     container:
       image: "ghcr.io/rpatterson/prunerr:build-host"
       env:
-        PUID: "1001"
-        PGID: "123"
         CHECKOUT_DIR: "${{ github.workspace }}"
-        # Requires the secrets to be added to GitHub either through the web UI or the
-        # GitHub CLI tool:
-        # https://docs.github.com/en/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-a-repository
-        GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}"
-        GPG_SIGNING_PRIVATE_KEY: "${{ secrets.GPG_SIGNING_PRIVATE_KEY }}"
-        DOCKER_PASS: "${{ secrets.DOCKER_PASS }}"
-        # Enable the GitHub CLI
-        PROJECT_GITHUB_PAT: "${{ secrets.PROJECT_GITHUB_PAT }}"
-        # Tell the `./Makefile` about GitHub specific environment details:
-        CI_IS_FORK: >-
-          ${{
-            (
-              (
-                (github.repository_owner != 'rpatterson')
-                || (github.event.pull_request.head.repo.owner.login != 'rpatterson')
-              ) && 'true'
-            ) || 'false'
-          }}
     permissions:
       packages: "write"
       checks: "write"
@@ -92,8 +97,11 @@ jobs:
           && (
             (! github.event.pull_request)
             || ! (
-              (github.repository_owner == 'rpatterson')
-              && (github.event.pull_request.head.repo.owner.login != 'rpatterson')
+              (github.repository_owner == '${PROJECT_NAMESPACE}')
+              && (
+                github.event.pull_request.head.repo.owner.login
+                != '${PROJECT_NAMESPACE}'
+              )
             )
           )
         with:

diff --git a/.gitignore b/.gitignore
@@ -5,8 +5,6 @@
 # Backup files
 *~
 **/*~
-*.rej
-**/*.rej
 
 # Byte-compiled / optimized / DLL files
 __pycache__
@@ -20,14 +18,6 @@ __pycache__
 *.so
 **/.so
 
-# Byte-compiled / optimized / DLL files
-__pycache__/
-*.py[cod]
-*$py.class
-
-# C extensions
-*.so
-
 # Distribution / packaging
 .Python
 env/

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -4,9 +4,18 @@
 
 # https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Docker.gitlab-ci.yml
 
+variables:
+  # Variables controlling behavior:
+  PUID: "1001"
+  PGID: "1001"
+  # Project specific values:
+  PROJECT_NAMESPACE: "rpatterson"
+  # Uncomment to get more debugging output:
+  # DEBUG: "true"
+
 default:
   image:
-    name: "$CI_TEMPLATE_REGISTRY_HOST/rpatterson/$CI_PROJECT_NAME:build-host"
+    name: "$CI_TEMPLATE_REGISTRY_HOST/$PROJECT_NAMESPACE/$CI_PROJECT_NAME:build-host"
     entrypoint:
       - "docker-entrypoint.sh"
   services:
@@ -15,13 +24,6 @@ default:
     - "chown -R $PUID:$PGID ./"
   # TODO: Debug stale venv issues and restore cache once fixed
 
-variables:
-  # Variables controlling behavior:
-  PUID: "1001"
-  PGID: "1001"
-  # Uncomment to get more debugging output:
-  # DEBUG: "true"
-
 stages:
   - "build-test"
   - "release"
@@ -104,7 +106,7 @@ release:
         /^build\(release\): Version [0-9]+\.[0-9]+\.[0-9]+.* → [0-9]+\.[0-9]+\.[0-9]+$/
           )
         )
-        && $CI_PROJECT_NAMESPACE == "rpatterson"
+        && $CI_PROJECT_NAMESPACE == $PROJECT_NAMESPACE
   script:
     - >-
       entrypoint make -e release-pkgs test-clean

diff --git a/Dockerfile b/Dockerfile
@@ -11,11 +11,15 @@ FROM python:${PYTHON_MINOR} AS base
 # Defensive shell options:
 SHELL ["/bin/bash", "-eu", "-o", "pipefail", "-c"]
 
+# Project contstants:
+ARG PROJECT_NAMESPACE=rpatterson
+ARG PROJECT_NAME=prunerr
+
 # Least volatile layers first:
 # https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys
-LABEL org.opencontainers.image.url="https://gitlab.com/rpatterson/prunerr"
-LABEL org.opencontainers.image.documentation="https://gitlab.com/rpatterson/prunerr"
-LABEL org.opencontainers.image.source="https://gitlab.com/rpatterson/prunerr"
+LABEL org.opencontainers.image.url="https://gitlab.com/${PROJECT_NAMESPACE}/${PROJECT_NAME}"
+LABEL org.opencontainers.image.documentation="https://gitlab.com/${PROJECT_NAMESPACE}/${PROJECpT_NAME}"
+LABEL org.opencontainers.image.source="https://gitlab.com/${PROJECT_NAMESPACE}/${PROJECT_NAME}"
 LABEL org.opencontainers.image.title="Prunerr"
 LABEL org.opencontainers.image.description="Remove Servarr download client items to preserve disk space according to rules."
 LABEL org.opencontainers.image.licenses="MIT"
@@ -24,9 +28,9 @@ LABEL org.opencontainers.image.vendor="rpatterson.net"
 LABEL org.opencontainers.image.base.name="docker.io/library/python:${PYTHON_MINOR}"
 
 # Find the same home directory even when run as another user, e.g. `root`.
-ENV HOME="/home/prunerr"
+ENV HOME="/home/${PROJECT_NAME}"
 ENTRYPOINT [ "entrypoint" ]
-CMD [ "prunerr", "daemon" ]
+CMD [ "${PROJECT_NAME}", "daemon" ]
 
 # Put the `ENTRYPOINT` on the `$PATH`
 COPY [ "./bin/entrypoint", "/usr/local/bin/entrypoint" ]
@@ -41,7 +45,7 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
     apt-get update && \
     apt-get install --no-install-recommends -y "gosu=1.12-1+b6"
 
-WORKDIR "/usr/local/src/prunerr/"
+WORKDIR "/usr/local/src/${PROJECT_NAME}/"
 # Install dependencies with fixed versions in a separate layer to optimize build times
 # because this step takes the most time and changes the least frequently.
 ARG PYTHON_ENV=py310
@@ -63,7 +67,7 @@ FROM base AS user
 SHELL ["/bin/bash", "-eu", "-o", "pipefail", "-c"]
 
 # Least volatile layers first:
-WORKDIR "/home/prunerr/"
+WORKDIR "/home/${PROJECT_NAME}/"
 
 # Install this package in the most common/standard Python way while still being able to
 # build the image locally.
@@ -87,11 +91,11 @@ LABEL org.opencontainers.image.title="Prunerr Development"
 LABEL org.opencontainers.image.description="Remove Servarr download client items to preserve disk space according to rules."
 
 # Activate the Python virtual environment
-ENV VIRTUAL_ENV="/usr/local/src/prunerr/.tox/${PYTHON_ENV}"
+ENV VIRTUAL_ENV="/usr/local/src/${PROJECT_NAME}/.tox/${PYTHON_ENV}"
 ENV PATH="${VIRTUAL_ENV}/bin:${PATH}"
 # Remain in the checkout `WORKDIR` and make the build tools the default
 # command to run.
-WORKDIR "/usr/local/src/prunerr/"
+WORKDIR "/usr/local/src/${PROJECT_NAME}/"
 # Have to use the shell form of `CMD` because we need variable substitution:
 # hadolint ignore=DL3025
 CMD tox -e "${PYTHON_ENV}"
@@ -105,7 +109,7 @@ COPY [ "./build-host/requirements.txt.in", "./build-host/" ]
 RUN --mount=type=cache,target=/root/.cache,sharing=locked \
     mkdir -pv "${HOME}/.local/var/log/" && \
     pip3 install -r "./build-host/requirements.txt.in" | \
-        tee -a "${HOME}/.local/var/log/prunerr-host-install.log"
+        tee -a "${HOME}/.local/var/log/${PROJECT_NAME}-host-install.log"
 
 # Match local development tool chain and avoid time consuming redundant package
 # installs.  Initialize the `$ tox -e py3##` Python virtual environment to install this