chore(gitlab-ci): ...

2021-09-18 14:29:39 +02:00 · 2021-09-18 14:29:39 +02:00 · a4fbc0d965
commit a4fbc0d965
parent 74490ce7ac
3 changed files with 189 additions and 20 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -15,7 +15,11 @@ variables:
 stages:
  - frontend:build
  - backend:build
+  - test
  - docker:build
+  - prepare release
+  - upload
+  - release
  
 node dependencies:
  stage: frontend:build
@ -34,6 +38,11 @@ node dependencies:
    - install -v -T -m 0644 "${SSH_KNOWN_HOSTS}" ~/.ssh/known_hosts
    - install -v -T -m 0400 "${SSH_DEPLOY_KEY}" ~/.ssh/deploy && echo "IdentityFile ~/.ssh/deploy" >> ~/.ssh/config; 
    - install -v -T -m 0644 "${FONTAWESOME_NPM_AUTH_FILE}" /etc/fontawesome-token
+    - |
+      if [ -n "${REGISTRY_AUTHFILE}" ]; then
+        mkdir -p ~/.docker
+        install -v -T -m 0400 "${REGISTRY_AUTHFILE}" ~/.docker/config.json
+      fi
  artifacts:
    paths:
      - node-dependencies.nar.xz
@ -81,37 +90,127 @@ frontend:
  retry: 2
  interruptible: true

-backend:
+uniworx:lib:uniworx:
  stage: backend:build
  script:
    - xzcat frontend.nar.xz | nix-store --import
-    - nix -L build -o result .#uniworxBackend
-    - cp -pr --reflink=auto -L result/bin .
-    - nix-store --export $(nix-store -qR result) | xz > backend.nar.xz
+    - nix -L build -o result .#uniworx:lib:uniworx
+    - nix-store --export $(nix-store -qR result) | xz > uniworx:lib:uniworx.nar.xz
  before_script: *nix-before
  needs:
    - job: frontend
      artifacts: true
  artifacts:
    paths:
-      - backend.nar.xz
+      - uniworx:lib:uniworx.nar.xz
    name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
    expire_in: "1 day"
  retry: 2
  interruptible: true

+uniworx:exe:uniworx:
+  stage: backend:build
+  script:
+    - xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
+    - nix -L build -o result .#uniworx:exe:uniworx
+    - nix-store --export $(nix-store -qR result) | xz > uniworx:exe:uniworx.nar.xz
+  before_script: *nix-before
+  needs:
+    - job: uniworx:lib:uniworx
+      artifacts: true
+  artifacts:
+    paths:
+      - uniworx:exe:uniworx.nar.xz
+    name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
+    expire_in: "1 day"
+  retry: 2
+  interruptible: true
+
+uniworx:exe:uniworx-wflint:
+  stage: backend:build
+  script:
+    - xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
+    - nix -L build -o result .#uniworx:exe:uniworx-wflint
+    - nix-store --export $(nix-store -qR result) | xz > uniworx:exe:uniworx-wflint.nar.xz
+  before_script: *nix-before
+  needs:
+    - job: uniworx:lib:uniworx
+      artifacts: true
+  artifacts:
+    paths:
+      - uniworx:exe:uniworx-wflint.nar.xz
+    name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
+    expire_in: "1 day"
+  retry: 2
+  interruptible: true
+
+uniworx:exe:uniworxdb:
+  stage: backend:build
+  script:
+    - xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
+    - nix -L build -o result .#uniworx:exe:uniworxdb
+    - nix-store --export $(nix-store -qR result) | xz > uniworx:exe:uniworxdb.nar.xz
+  before_script: *nix-before
+  needs:
+    - job: uniworx:lib:uniworx
+      artifacts: true
+  artifacts:
+    paths:
+      - uniworx:exe:uniworxdb.nar.xz
+    name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
+    expire_in: "1 day"
+  retry: 2
+  interruptible: true
+
+uniworx:exe:uniworxload:
+  stage: backend:build
+  script:
+    - xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
+    - nix -L build -o result .#uniworx:exe:uniworxload
+    - nix-store --export $(nix-store -qR result) | xz > uniworx:exe:uniworxload.nar.xz
+  before_script: *nix-before
+  needs:
+    - job: uniworx:lib:uniworx
+      artifacts: true
+  artifacts:
+    paths:
+      - uniworx:exe:uniworxload.nar.xz
+    name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
+    expire_in: "1 day"
+  retry: 2
+  interruptible: true
+
+check:
+  stage: test
+  script:
+    - xzcat frontend.nar.xz | nix-store --import
+    - xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
+    - nix -L flake check
+  before_script: *nix-before
+  needs:
+    - job: frontend
+      artifacts: true
+    - job: uniworx:lib:uniworx
+      artifacts: true
+  retry: 2
+  interruptible: true
+
 demo docker:
  stage: docker:build
  script:
-    - xzcat backend.nar.xz | nix-store --import
+    - xzcat uniworx:exe:uniworx.nar.xz | nix-store --import
    - nix -L build -o result .#uniworxDemoDocker
+    - nix-store --export $(nix-store -qR result) > uniworx-demo.nar # image is already compressed, no need for xz
    - cp -pr --reflink=auto -L result uniworx-demo.tar.gz
  before_script: *nix-before
  needs:
-    - job: backend
+    - job: uniworx:exe:uniworx
      artifacts: true
+    - job: check
+      artifacts: false
  artifacts:
    paths:
+      - uniworx-demo.nar
      - uniworx-demo.tar.gz
    name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
    expire_in: "1 day"
@ -121,17 +220,82 @@ demo docker:
 docker:
  stage: docker:build
  script:
-    - xzcat backend.nar.xz | nix-store --import
+    - xzcat uniworx:exe:uniworx.nar.xz | nix-store --import
    - nix -L build -o result .#uniworxDocker
+    - nix-store --export $(nix-store -qR result) > uniworx.nar # image is already compressed, no need for xz
    - cp -pr --reflink=auto -L result uniworx.tar.gz
  before_script: *nix-before
  needs:
-    - job: backend
+    - job: uniworx:exe:uniworx
      artifacts: true
+    - job: check
+      artifacts: false
  artifacts:
    paths:
+      - uniworx.nar
      - uniworx.tar.gz
    name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
    expire_in: "1 day"
  retry: 2
  interruptible: true
+
+parse-changelog:
+  stage: prepare release
+  needs:
+    - job: node dependencies
+      artifacts: true
+  rules:
+    - if: $CI_COMMIT_REF_NAME =~ /^v[0-9].*/
+      when: on_success
+  before_script: *nix-before
+  script:
+    - xzcat node-dependencies.nar.xz | nix-store --import
+    - nix -L run .#jqChangelogJson -- -r '.versions[0].version' > .current-version
+    - nix -L run .#jqChangelogJson -- -r '.versions[0].body' > .current-changelog.md
+  artifacts:
+    paths:
+      - .current-version
+      - .current-changelog.md
+    name: "changelog-${CI_COMMIT_SHORT_SHA}"
+    expire_in: "1 day"
+  retry: 2
+  interruptible: true
+
+upload docker:
+  stage: upload
+  script:
+    - nix-store --import < uniworx.nar
+    - nix -L run .#pushUniworxDocker
+  before_script: *nix-before
+  needs:
+    - job: docker
+      artifacts: true
+  rules:
+    - if: $CI_COMMIT_REF_NAME =~ /^v[0-9].*/
+      when: on_success
+
+upload demo docker:
+  stage: upload
+  script:
+    - nix-store --import < uniworx-demo.nar
+    - nix -L run .#pushUniworxDemoDocker
+  before_script: *nix-before
+  needs:
+    - job: demo docker
+      artifacts: true
+  rules:
+    - if: $CI_COMMIT_REF_NAME =~ /^v[0-9].*/
+      when: on_success
+
+release:
+  variables:
+    GIT_STRATEGY: none
+  stage: release
+  image: registry.gitlab.com/gitlab-org/release-cli:latest
+  rules:
+    - if: $CI_COMMIT_REF_NAME =~ /^v[0-9].*/
+      when: on_success
+  before_script:
+    - export VERSION="$(cat .current-version)"
+  script:
+    - release-cli create --name "${VERSION}" --tag-name $CI_COMMIT_TAG --description .current-changelog.md
--- a/flake.nix
+++ b/flake.nix
@ -106,6 +106,7 @@
            haskell-nix.overlay
            (import ./nix/uniworx { inherit inputs frontendSource backendSource; })
            (import ./nix/docker { inherit self; })
+            (import ./nix/parse-changelog.nix {})
          ];
          haskellFlake = pkgs.uniworx.flake {};

@ -116,25 +117,16 @@
            [[ -n "''${1}" ]] && shift
            ${pkgs.skopeo}/bin/skopeo ''${@} --insecure-policy copy docker-archive://${dockerImage} ''${target}
          '';
-          uniworxBackend = pkgs.symlinkJoin {
-            name = "uniworx";
-            paths = [
-              haskellFlake.packages."uniworx:exe:uniworx"
-              haskellFlake.packages."uniworx:exe:uniworxdb"
-              haskellFlake.packages."uniworx:exe:uniworxload"
-              haskellFlake.packages."uniworx:exe:uniworx-wflint"
-            ];
-          };
      in {
        packages = haskellFlake.packages // {
-          inherit (pkgs) uniworxNodeDependencies uniworxWellKnown uniworxFrontend uniworxDemoDocker uniworxDocker ciDocker;
-          inherit uniworxBackend;
+          inherit (pkgs) uniworxNodeDependencies uniworxWellKnown uniworxFrontend uniworxDemoDocker uniworxDocker ciDocker changelogJson;
        };
        apps = haskellFlake.apps // {
          pushUniworxDemoDocker = flake-utils.lib.mkApp { drv = mkPushDocker "uniworx-demo" pkgs.uniworxDemoDocker; };
          pushUniworxDocker = flake-utils.lib.mkApp { drv = mkPushDocker "uniworx" pkgs.uniworxDocker; };
          pushCIDocker = flake-utils.lib.mkApp { drv = mkPushDocker "nix-unstable" pkgs.ciDocker; };
          calculateMaterializedSha = flake-utils.lib.mkApp { drv = pkgs.uniworx.stack-nix.passthru.calculateMaterializedSha; exePath = ""; };
+          jqChangelogJson = flake-utils.lib.mkApp { drv = pkgs.jqChangelogJson; };
        };
        checks = haskellFlake.checks // {
          uniworxFrontend = pkgs.uniworxFrontend.check;
--- a/nix/parse-changelog.nix
+++ b/nix/parse-changelog.nix
@ -0,0 +1,13 @@
+{}: prev: final: rec {
+  changelogJson = prev.runCommand "changelog.json" {
+  } ''
+    ln -s ${final.uniworxNodeDependencies}/lib/node_modules ./node_modules
+    export PATH="${final.uniworxNodeDependencies}/bin:$PATH"
+
+    changelog-parser ${../CHANGELOG.md} > $out
+  '';
+
+  jqChangelogJson = prev.writeShellScriptBin "jq-changelog" ''
+    exec -- ${final.jq}/bin/jq $@ < ${changelogJson}
+  '';
+}