From ec7e89bd00cce28235f4d19585fc23499b2d397e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20Coutable?= <remy@rymai.me>
Date: Thu, 30 Jun 2022 15:22:16 +0200
Subject: [PATCH 1/2] Add a way to install Helm
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Rémy Coutable <remy@rymai.me>
---
 Dockerfile.custom                            |  9 ++++-
 Dockerfile.gitlab-gcloud-helm3.5-kubectl1.17 | 39 --------------------
 scripts/install-helm                         | 19 ++++++++++
 scripts/lib/custom-docker-build              | 18 ++++++++-
 scripts/lib/custom-docker.sh                 |  2 +-
 5 files changed, 45 insertions(+), 42 deletions(-)
 delete mode 100644 Dockerfile.gitlab-gcloud-helm3.5-kubectl1.17
 create mode 100755 scripts/install-helm

diff --git a/Dockerfile.custom b/Dockerfile.custom
index 510bea4..f962367 100644
--- a/Dockerfile.custom
+++ b/Dockerfile.custom
@@ -99,6 +99,12 @@ ARG KUBECTL_DOWNLOAD_SHA256
 
 RUN if [ -n "$KUBECTL_VERSION" ] ; then /scripts/install-kubectl $KUBECTL_VERSION $KUBECTL_DOWNLOAD_SHA256; fi
 
+# Helm
+ARG HELM_VERSION
+ARG HELM_DOWNLOAD_SHA256
+
+RUN if [ -n "$HELM_VERSION" ] ; then /scripts/install-helm $HELM_VERSION $HELM_DOWNLOAD_SHA256; fi
+
 RUN locale-gen C.UTF-8
 ENV LANG=C.UTF-8 \
   LANGUAGE=C \
@@ -122,4 +128,5 @@ ENV RUBY_VERSION=${RUBY_VERSION} \
   BAZELISK_VERSION=${BAZELISK_VERSION} \
   GCLOUD_VERSION=${GCLOUD_VERSION} \
   KUBECTL_VERSION=${KUBECTL_VERSION} \
-  DEBIAN_VERSION=${DEBIAN_VERSION}
+  CUSTOM_IMAGE_NAME=${CUSTOM_IMAGE_NAME} \
+  CUSTOM_IMAGE_VERSION=${CUSTOM_IMAGE_VERSION}
diff --git a/Dockerfile.gitlab-gcloud-helm3.5-kubectl1.17 b/Dockerfile.gitlab-gcloud-helm3.5-kubectl1.17
deleted file mode 100644
index 495a8a1..0000000
--- a/Dockerfile.gitlab-gcloud-helm3.5-kubectl1.17
+++ /dev/null
@@ -1,39 +0,0 @@
-FROM ruby:3.0.0-alpine
-MAINTAINER GitLab Engineering Productivity Team
-
-ENV GCLOUD_VERSION=354.0.0
-ENV GCLOUD_URL=https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-${GCLOUD_VERSION}-linux-x86_64.tar.gz
-
-ENV KUBECTL_VERSION=1.17.17
-
-ENV HELM_VERSION=3.5.3
-ENV HELM_URL=https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz
-ENV HELM_HOME=/root/.helm
-
-# Install dependencies
-RUN apk --no-cache -U add openssl curl tar gzip bash ca-certificates git \
-  && mkdir -p /opt
-
-# Install Google Cloud SDK
-RUN curl ${GCLOUD_URL} > /tmp/google-cloud-sdk.tar.gz
-RUN mkdir -p /usr/local/gcloud \
-  && tar -C /usr/local/gcloud -xvf /tmp/google-cloud-sdk.tar.gz \
-  && /usr/local/gcloud/google-cloud-sdk/install.sh
-ENV PATH $PATH:/usr/local/gcloud/google-cloud-sdk/bin
-
-RUN gcloud version
-
-# Install kubectl
-RUN wget https://dl.k8s.io/release/v${KUBECTL_VERSION}/bin/linux/amd64/kubectl \
-  && install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl \
-  && rm -f kubectl
-
-# Install Helm
-RUN wget -q -O - ${HELM_URL} | tar zxf - \
-  && mv linux-amd64/helm /usr/bin/ \
-  && chmod +x /usr/bin/helm \
-  && helm version --client
-
-# Install kubeval
-RUN mkdir -p $HELM_HOME/plugins \
-  && helm plugin install https://github.com/instrumenta/helm-kubeval
diff --git a/scripts/install-helm b/scripts/install-helm
new file mode 100755
index 0000000..e0dbec7
--- /dev/null
+++ b/scripts/install-helm
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+set -xeou pipefail
+
+HELM_VERSION=${1}
+HELM_DOWNLOAD_SHA256=${2}
+HELM_DOWNLOAD_URL="https://get.helm.sh/helm-v${HELM_VERSION}-linux-$(dpkg --print-architecture).tar.gz"
+
+curl -fsSL "${HELM_DOWNLOAD_URL}" -o helm.tar.gz
+echo "${HELM_DOWNLOAD_SHA256}  helm.tar.gz" | sha256sum -c -
+
+
+tar -xzf helm.tar.gz --strip-components=1
+rm helm.tar.gz
+
+chmod +x helm
+mv helm /usr/bin/
+
+helm version --client
diff --git a/scripts/lib/custom-docker-build b/scripts/lib/custom-docker-build
index 5557e3f..665251a 100755
--- a/scripts/lib/custom-docker-build
+++ b/scripts/lib/custom-docker-build
@@ -284,6 +284,22 @@ function print_kubectl_args() {
     printf -- "--build-arg KUBECTL_DOWNLOAD_SHA256=%s " "${KUBECTL_DOWNLOAD_SHA256[$CUSTOM_DOCKER_ARCH]}"
 }
 
+function print_helm_args() {
+    declare -A HELM_DOWNLOAD_SHA256
+
+    case "$1" in
+        3.5)
+            HELM_VERSION=3.5.3
+            HELM_DOWNLOAD_SHA256[amd64]=2170a1a644a9e0b863f00c17b761ce33d4323da64fc74562a3a6df2abbf6cd70
+            HELM_DOWNLOAD_SHA256[arm64]=e1348d94ce4caace43689ee2dfa5f8bcd8687c12053d9c13d79875b65d6b72aa
+            ;;
+        *) echo "Unknown helm version $1"; exit 1;
+    esac
+
+    printf -- "--build-arg HELM_VERSION=%s " "$HELM_VERSION"
+    printf -- "--build-arg HELM_DOWNLOAD_SHA256=%s " "${HELM_DOWNLOAD_SHA256[$CUSTOM_DOCKER_ARCH]}"
+}
+
 function parse_arguments() {
     printf -- "-f Dockerfile.custom "
 
@@ -331,6 +347,7 @@ function parse_arguments() {
                 BAZELISK) print_bazelisk_args $version ;;
                 GCLOUD) print_gcloud_args $version ;;
                 KUBECTL) print_kubectl_args $version ;;
+                HELM) print_helm_args $version ;;
                 *) echo "unknown tool $tool"; exit 1;;
             esac
         fi
@@ -340,7 +357,6 @@ function parse_arguments() {
 
     printf -- "--build-arg CUSTOM_IMAGE_NAME=%s " "$CUSTOM_IMAGE_NAME"
     printf -- "--build-arg CUSTOM_IMAGE_VERSION=%s " "$CUSTOM_IMAGE_VERSION"
-    printf -- "--build-arg DEBIAN_VERSION=%s " "$CUSTOM_IMAGE_VERSION"
 }
 
 function generate_command() {
diff --git a/scripts/lib/custom-docker.sh b/scripts/lib/custom-docker.sh
index ac20c5d..4ecffbc 100644
--- a/scripts/lib/custom-docker.sh
+++ b/scripts/lib/custom-docker.sh
@@ -1,5 +1,5 @@
 PATH_TOOLS=(DEBIAN RUBY GOLANG NODE POSTGRESQL)
-TAG_TOOLS=(BUNDLER RUBYGEMS GIT LFS CHROME YARN GRAPHICSMAGICK PGBOUNCER BAZELISK DOCKER BUILDX GCLOUD KUBECTL)
+TAG_TOOLS=(BUNDLER RUBYGEMS GIT LFS CHROME YARN GRAPHICSMAGICK PGBOUNCER BAZELISK DOCKER BUILDX GCLOUD KUBECTL HELM)
 
 function get_image_path() {
     local path

From dfe1c77e563a76dae810d4b543914269a826b3ef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20Coutable?= <remy@rymai.me>
Date: Thu, 30 Jun 2022 15:22:37 +0200
Subject: [PATCH 2/2] Add a job to build Review App related images
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Rémy Coutable <remy@rymai.me>
---
 .gitlab-ci.yml               |  1 +
 .gitlab/ci/gitlab.images.yml | 11 +++++++++++
 2 files changed, 12 insertions(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 044a476..6110812 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -16,6 +16,7 @@ stages:
   - custom
   - gitlab
   - gitlab-assets
+  - gitlab-review-app
   - gitaly
   - automation
 
diff --git a/.gitlab/ci/gitlab.images.yml b/.gitlab/ci/gitlab.images.yml
index 5bd7f41..88a40b2 100644
--- a/.gitlab/ci/gitlab.images.yml
+++ b/.gitlab/ci/gitlab.images.yml
@@ -34,3 +34,14 @@ gitlab-assets:
         RUBY: ['2.7', '3.0']
         GIT: ['2.33']
         NODE: ['16.14']
+
+# Used by GitLab's Review app jobs
+gitlab-review-app:
+  extends:
+    - .build_and_push
+  stage: gitlab-review-app
+  variables:
+    RUBY: '3.0'
+    GCLOUD: '383'
+    KUBECTL: '1.23'
+    HELM: '3.5'