Merge pull request #22 from oracle-devrel/imagescan

build spec param

Author: RahulMR42

oci-build-examples/README.md

@@ -1,22 +1,30 @@
 All about OCI devops build samples ..
 =======
+<details>
+  <summary>Build Caching - click to expand</summary>
+
+* [Speed up builds with caching](./oci-build-caching/)
+
+</details>
 
 <details>
-  <summary>Security & Quality - click to expand</summary>
+  <summary>Build Paramters - click to expand</summary>
 
-* [Integrate sonarqube with OCI devops build runner.](./oci_buildrunner_with_sonarqube/)
-* [Container image scanning  before deploy.](./oci_imagescan_before_deploy/)
+* [All about predefined system variables](./oci_build_parameters/)
 
 </details>
 
+
 <details>
-  <summary>Build Caching - click to expand</summary>
+  <summary>Security & Quality - click to expand</summary>
 
-* [Speed up builds with caching](./oci-build-caching/)
+* [Integrate sonarqube with OCI devops build runner.](./oci_buildrunner_with_sonarqube/)
+* [Container image scanning  before deploy.](./oci_imagescan_before_deploy/)
 
 </details>
 
 
+
 ### Back to examples.
 ----
 

oci-build-examples/oci_build_parameters/README.md

@@ -0,0 +1,92 @@
+
+## Sample illustration to user OCI DevOps Build pipeline's predefined system variables.
+
+
+## Predefined System Variables (of OCI Build pipeline stage)
+
+DevOps provides a set of predefined system variables with default values that you can use like environment variables in the build specification. These values are available within DevOps managed build stages and can expose to other stages via an explicit export of the variables.
+You need to export these values with another variable name which is following below patters.
+
+```markdown
+Parameter name can only consist of ASCII letter, digit or '_' (underscore) characters and not start with an oci (case-insensitive) prefix
+```
+
+System Variables | Description | 
+--- | --- | 
+OCI_STAGE_ID | The OCID of the current stage. | 
+OCI_PIPELINE_ID|The OCID of the current build pipeline.|
+OCI_BUILD_RUN_ID|The OCID of the current build run.|
+OCI_TRIGGER_COMMIT_HASH|Commit hash of the current trigger.|
+OCI_TRIGGER_SOURCE_BRANCH_NAME|Branch that triggers the build.|
+OCI_TRIGGER_SOURCE_URL|Repository URL that triggered the build|
+OCI_TRIGGER_EVENT_TYPE|Trigger that started the event.|
+OCI_PRIMARY_SOURCE_DIR|Default working directory of the build (primary source working directory).|
+OCI_WORKSPACE_DIR|Working directory value. Contains /workspace as the default value.|
+${OCI_WORKSPACE_DIR}/ "source-name"|Build source directory path."source-name" is the name of the build source given by the user while creating the Build stage.|
+OCI_BUILD_STAGE_NAME|Build stage name.|
+OCI_PRIMARY_SOURCE_NAME|Primary build source name.|
+OCI_PRIMARY_SOURCE_COMMIT_HASH|Primary build source commit hash used in the current build run.|
+OCI_PRIMARY_SOURCE_SOURCE_URL|Primary build source URL.|
+OCI_PRIMARY_SOURCE_SOURCE_BRANCH_NAME| Primary build source branch used in the current build run.|
+
+Reference - https://docs.oracle.com/en-us/iaas/Content/devops/using/build_specs.htm
+
+### Procedure to use the sample.
+
+- Clone the sample illustrations.
+ ```
+   $ git init oci_build_parameters
+   $ cd oci_imagescan_before_deploy
+   $ git remote add origin <url to this git repo>
+   $ git config core. sparsecheckout true
+   $ echo "oci-build-examples/oci_build_parameters/*">>.git/info/sparse-checkout
+   $ git pull --depth=1 origin main
+
+   ```
+- Create a DevOps project - https://docs.oracle.com/en-us/iaas/Content/devops/using/create_project.htm
+- Create an OCI Code repo - https://docs.oracle.com/en-us/iaas/Content/devops/using/create_repo.htm
+- Create a build pipeline - https://docs.oracle.com/en-us/iaas/Content/devops/using/create_buildpipeline.htm
+- Push these samples to the OCI Code repo.
+- Add a `Managed Build stage` to the build pipeline - https://docs.oracle.com/en-us/iaas/Content/devops/using/add_buildstage.htm
+- Run the build pipeline and verify the values.
+- You may use these values by defining an external repo (Github/Gitlab or Bitbucket) and validate the executions too - https://docs.oracle.com/en-us/iaas/Content/devops/using/create_connection.htm
+
+Sample output
+
+ ----
+
+
+
+#### Build Stage View (With a combination of OCI Code repo and Github.com repo)
+
+![](images/buildview.png)
+
+
+#### Build logs for manual execution of build stage with OCI Code repo.
+
+
+![](images/logs_manual.png)
+
+#### Build logs for an automated execution with a `Trigger`.
+
+- using Github Repo
+
+![](images/trigger_with_github.png)
+
+- using OCI Code Repo
+
+![](images/trigger_with_ocirepo.png)
+
+Contributors
+===========
+
+- Author: Rahul M R.
+- Collaborators: NA
+- Last release: June 2022
+
+### Back to examples.
+----
+
+- 🍿 [Back to OCI DevOps Build sample](./../README.md)
+- 🏝️ [Back to OCI Devops sample](./../../README.md)
+

oci-build-examples/oci_build_parameters/build_spec.yaml

@@ -0,0 +1,46 @@
+version: 0.1
+component: build
+timeoutInSeconds: 6000
+runAs: root
+shell: bash
+env:
+  # these are local variables to the build config
+  variables:
+    code_repo_name: "whatever"
+
+  # the value of a vaultVariable is the secret-id (in OCI ID format) stored in the OCI Vault service
+  # you can then access the value of that secret in your build_spec.yaml commands
+  vaultVariables:
+  #  EXAMPLE_SECRET: "YOUR-SECRET-OCID"
+  # exportedVariables are made available to use as parameters in sucessor Build Pipeline stages
+  # For this Build to run, the Build Pipeline needs to have a BUILDRUN_HASH parameter set
+  exportedVariables:
+    - BUILDRUN_HASH
+
+steps:
+  - type: Command
+    name: "Fetch Values"
+    timeoutInSeconds: 240
+    command: |
+      echo "OCI_BUILD_RUN_ID => ${OCI_BUILD_RUN_ID}"
+      echo "OCI_TRIGGER_COMMIT_HASH => ${OCI_TRIGGER_COMMIT_HASH}"
+      echo "OCI_STAGE_ID =>${OCI_STAGE_ID}" 
+      echo "OCI_BUILD_RUN_ID=>${OCI_BUILD_RUN_ID}"
+      echo "OCI_TRIGGER_SOURCE_BRANCH_NAME =>${OCI_TRIGGER_SOURCE_BRANCH_NAME} "
+      echo "OCI_TRIGGER_SOURCE_URL =>${OCI_TRIGGER_SOURCE_URL} "
+      echo "OCI_TRIGGER_EVENT_TYPE =>${OCI_TRIGGER_EVENT_TYPE} "
+      echo "OCI_PRIMARY_SOURCE_DIR =>${OCI_PRIMARY_SOURCE_DIR} "
+      echo "OCI_WORKSPACE_DIR	=> ${OCI_WORKSPACE_DIR} "
+      echo "OCI_PRIMARY_SOURCE_NAME => ${OCI_PRIMARY_SOURCE_NAME} "
+      echo "OCI_BUILD_STAGE_NAME => ${OCI_BUILD_STAGE_NAME}"
+      echo "Use a custom value from predefined system variable to expose outside of the current build stage.."
+      export BUILDRUN_HASH =`echo ${OCI_BUILD_RUN_ID} | rev | cut -c 1-7`
+      if [ -z ${OCI_TRIGGER_COMMIT_HASH} ] 
+      then 
+          cd ${OCI_PRIMARY_SOURCE_DIR}
+          export OCI_TRIGGER_COMMIT_HASH=`git log --format="%H" -n 1|cut -c 1-7`
+      fi
+      echo "OCI_TRIGGER_COMMIT_HASH	=>${OCI_TRIGGER_COMMIT_HASH}"
+
+  # Last command is used to get the commit hash using GIT ID ,its a hack while there wont be any default commit hash by manual Run.
+  # Until its fixed we can fetch the same via GIT Command.