fraport/fradrive-old
fraport/fradrive-old
Archived
3
1
Fork 0
Code Issues 65 Pull Requests 5 Actions Packages Projects Releases 197 Wiki Activity
This repository has been archived on 2024-10-24. You can view files and clone it, but cannot push or open issues or pull requests.
master
fradrive-old/.gitlab-ci.yml

397 lines
12 KiB
YAML
Raw Permalink Blame History

# SPDX-FileCopyrightText: 2022-2023 Sarah Vaupel <sarah.vaupel@uniworx.de>, Gregor Kleen <gregor@kleen.consulting>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
# workflow:
# rules:
# - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
# - if: $CI_MERGE_REQUEST_ID
# - if: $CI_COMMIT_TAG =~ /^v/
# - if: $CI_COMMIT_TAG =~ /^t/
default:
image:
name: registry.uniworx.de/uniworx/containers/nix-attic:latest
variables:
NIX_PATH: "nixpkgs=http://nixos.org/channels/nixos-21.05/nixexprs.tar.xz"
AWS_SHARED_CREDENTIALS_FILE: "/etc/aws/credentials"
TRANSFER_METER_FREQUENCY: "2s"
NIX_CONFIG: |-
extra-substituters = https://cache.iog.io
extra-trusted-public-keys = hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=
stages:
- frontend:build
- backend:build
- test
- container:build
- prepare release
- release
node dependencies:
stage: frontend:build
script:
- nix -L build -o result ".#uniworxNodeDependencies"
- nix-store --export $(nix-store -qR result) | xz -T0 -2 > node-dependencies.nar.xz
before_script: &nix-before
- git config --global init.defaultBranch master
- install -v -m 0700 -d ~/.ssh
- install -v -T -m 0644 "${SSH_KNOWN_HOSTS}" ~/.ssh/known_hosts
- install -v -T -m 0400 "${SSH_DEPLOY_KEY}" ~/.ssh/deploy && echo "IdentityFile ~/.ssh/deploy" >> ~/.ssh/config;
- install -v -T -m 0644 "${FONTAWESOME_NPM_AUTH_FILE}" /etc/fontawesome-token
- install -v -T -m 0644 "${NIX_NETRC}" /etc/nix/netrc
artifacts:
paths:
- node-dependencies.nar.xz
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
well known:
stage: frontend:build
script:
- xzcat node-dependencies.nar.xz | nix-store --import
- nix -L build -o result ".#uniworxWellKnown"
- nix-store --export $(nix-store -qR result) | xz -T0 -2 > well-known.nar.xz
before_script: *nix-before
needs:
- job: node dependencies
artifacts: true
artifacts:
paths:
- well-known.nar.xz
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
frontend:
stage: frontend:build
script:
- xzcat node-dependencies.nar.xz | nix-store --import
- xzcat well-known.nar.xz | nix-store --import
- nix -L build -o result ".#uniworxFrontend"
- nix-store --export $(nix-store -qR result) | xz -T0 -2 > frontend.nar.xz
before_script: *nix-before
needs:
- job: node dependencies
artifacts: true
- job: well known
artifacts: true
artifacts:
paths:
- frontend.nar.xz
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
uniworx:lib:uniworx:
stage: backend:build
script:
- xzcat frontend.nar.xz | nix-store --import
- nix -L build -o result ".#uniworx:lib:uniworx"
- nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:lib:uniworx.nar.xz
before_script: *nix-before
needs:
- job: node dependencies # transitive
artifacts: false
- job: well known # transitive
artifacts: false
- job: frontend
artifacts: true
artifacts:
paths:
- uniworx:lib:uniworx.nar.xz
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
uniworx:exe:uniworx:
stage: backend:build
script:
- xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
- nix -L build -o result ".#uniworx:exe:uniworx"
- nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:exe:uniworx.nar.xz
before_script: *nix-before
needs:
- job: node dependencies # transitive
artifacts: false
- job: well known # transitive
artifacts: false
- job: frontend # tranitive
artifacts: false
- job: uniworx:lib:uniworx
artifacts: true
artifacts:
paths:
- uniworx:exe:uniworx.nar.xz
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
uniworx:exe:uniworxdb:
stage: backend:build
script:
- xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
- nix -L build -o result ".#uniworx:exe:uniworxdb"
- nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:exe:uniworxdb.nar.xz
before_script: *nix-before
needs:
- job: node dependencies # transitive
artifacts: false
- job: well known # transitive
artifacts: false
- job: frontend # tranitive
artifacts: false
- job: uniworx:lib:uniworx
artifacts: true
artifacts:
paths:
- uniworx:exe:uniworxdb.nar.xz
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
uniworx:exe:uniworxload:
stage: backend:build
script:
- xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
- nix -L build -o result ".#uniworx:exe:uniworxload"
- nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:exe:uniworxload.nar.xz
before_script: *nix-before
needs:
- job: node dependencies # transitive
artifacts: false
- job: well known # transitive
artifacts: false
- job: frontend # tranitive
artifacts: false
- job: uniworx:lib:uniworx
artifacts: true
artifacts:
paths:
- uniworx:exe:uniworxload.nar.xz
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
check:
stage: test
script:
- xzcat frontend.nar.xz | nix-store --import
- xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
- nix -L flake check .
before_script: *nix-before
needs:
- job: node dependencies # transitive
artifacts: false
- job: well known # transitive
artifacts: false
- job: frontend
artifacts: true
- job: uniworx:lib:uniworx
artifacts: true
retry: 2
interruptible: true
container:
stage: container:build
script:
- xzcat uniworx:exe:uniworx.nar.xz | nix-store --import
- cp -pr --reflink=auto -L $(nix build --print-out-paths ".#uniworxDocker") uniworx.tar.gz
before_script: *nix-before
needs:
- job: node dependencies # transitive
artifacts: false
- job: well known # transitive
artifacts: false
- job: frontend # tranitive
artifacts: false
- job: uniworx:lib:uniworx # transitive
artifacts: false
- job: uniworx:exe:uniworx
artifacts: true
- job: check # sanity
artifacts: false
artifacts:
paths:
- uniworx.tar.gz
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
rules: &release-rules
- if: $CI_COMMIT_TAG =~ /^v/
test container:
stage: container:build
script:
- xzcat uniworx:exe:uniworx.nar.xz | nix-store --import
- cp -pr --reflink=auto -L $(nix build --print-out-paths ".#uniworxTestDocker") uniworx.tar.gz
before_script: *nix-before
needs:
- job: node dependencies # transitive
artifacts: false
- job: well known # transitive
artifacts: false
- job: frontend # tranitive
artifacts: false
- job: uniworx:lib:uniworx # transitive
artifacts: false
- job: uniworx:exe:uniworx
artifacts: true
- job: check # sanity
artifacts: false
artifacts:
paths:
- uniworx.tar.gz
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
rules: &test-release-rules
- if: $CI_COMMIT_TAG =~ /^t/
parse changelog:
stage: prepare release
needs:
- job: node dependencies
artifacts: true
rules: *release-rules
before_script: *nix-before
script:
- xzcat node-dependencies.nar.xz | nix-store --import
- nix -L run ".#jqChangelogJson" -- -r '.versions[0].version' > .current-version
- nix -L run ".#jqChangelogJson" -- -r '.versions[0].body' > .current-changelog.md
- echo "VERSION=$(cat .current-version)" >> build.env
artifacts:
reports:
dotenv: build.env
paths:
- .current-version
- .current-changelog.md
name: "changelog-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
parse test changelog:
stage: prepare release
needs:
- job: node dependencies
artifacts: true
rules: *test-release-rules
before_script: *nix-before
script:
- xzcat node-dependencies.nar.xz | nix-store --import
- nix -L run ".#jqChangelogJson" -- -r '.versions[0].version' > .current-version
- nix -L run ".#jqChangelogJson" -- -r '.versions[0].body' > .current-changelog.md
- echo "VERSION=$(cat .current-version)" >> build.env
artifacts:
reports:
dotenv: build.env
paths:
- .current-version
- .current-changelog.md
name: "changelog-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
upload container:
variables:
GIT_STRATEGY: none
stage: release
image: quay.io/skopeo/stable:latest
script:
- skopeo --insecure-policy copy --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker-archive://$(pwd)/uniworx.tar.gz docker://${CI_REGISTRY_IMAGE}:${VERSION}
- skopeo --insecure-policy copy --src-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker://${CI_REGISTRY_IMAGE}:${VERSION} docker://${CI_REGISTRY_IMAGE}:latest
needs:
- job: node dependencies # transitive
artifacts: false
- job: well known # transitive
artifacts: false
- job: frontend # tranitive
artifacts: false
- job: uniworx:lib:uniworx # transitive
artifacts: false
- job: uniworx:exe:uniworx # transitive
artifacts: false
- job: container
artifacts: true
- job: parse changelog
artifacts: true
- job: check # sanity
artifacts: false
rules: *release-rules
retry: 2
upload test container:
variables:
GIT_STRATEGY: none
stage: release
image: quay.io/skopeo/stable:latest
script:
- skopeo --insecure-policy copy --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker-archive://$(pwd)/uniworx.tar.gz docker://${CI_REGISTRY}/fradrive/fradrive/test:${CI_COMMIT_REF_NAME}
- skopeo --insecure-policy copy --src-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker://${CI_REGISTRY}/fradrive/fradrive/test:${CI_COMMIT_REF_NAME} docker://${CI_REGISTRY}/fradrive/fradrive/test:latest
needs:
- job: node dependencies # transitive
artifacts: false
- job: well known # transitive
artifacts: false
- job: frontend # tranitive
artifacts: false
- job: uniworx:lib:uniworx # transitive
artifacts: false
- job: uniworx:exe:uniworx # transitive
artifacts: false
- job: test container
artifacts: true
- job: parse test changelog
artifacts: true
- job: check # sanity
artifacts: false
rules: *test-release-rules
retry: 2
release:
variables:
GIT_STRATEGY: none
stage: release
image: registry.gitlab.com/gitlab-org/release-cli:latest
rules: *release-rules
script:
- echo "Will create release ${VERSION}..."
release:
name: '$VERSION'
tag_name: '$CI_COMMIT_TAG'
description: .current-changelog.md
needs:
- job: check # sanity
artifacts: false
- job: parse changelog
artifacts: true
test release:
variables:
GIT_STRATEGY: none
stage: release
image: registry.gitlab.com/gitlab-org/release-cli:latest
rules: *test-release-rules
script:
- echo "Will create test release ${VERSION}-test..."
release:
name: "${VERSION}-test"
tag_name: '$CI_COMMIT_TAG'
description: .current-changelog.md
needs:
- job: check # sanity
artifacts: false
- job: parse test changelog
artifacts: true
Reference in New Issue View Git Blame Copy Permalink