fraport/fradrive-old
fraport/fradrive-old
Archived
3
1
Fork 0
Code Issues 65 Pull Requests 5 Actions Packages Projects Releases 197 Wiki Activity
This repository has been archived on 2024-10-24. You can view files and clone it, but cannot push or open issues or pull requests.
dae5abd45f
fradrive-old/.gitlab-ci.yml
Sarah Vaupel d5faeaefe3 chore(gitlab-ci): add coreutils for missing touch
2024-01-19 08:47:37 +01:00

359 lines
9.9 KiB
YAML
Raw Blame History

# SPDX-FileCopyrightText: 2022-2024 Sarah Vaupel <sarah.vaupel@uniworx.de>, Gregor Kleen <gregor@kleen.consulting>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
# workflow:
# rules:
# - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
# - if: $CI_MERGE_REQUEST_ID
# - if: $CI_COMMIT_TAG =~ /^v/
# - if: $CI_COMMIT_TAG =~ /^t/
# - if: $CI_COMMIT_TAG =~ /^d/
default:
image:
name: registry.uniworx.de/uniworx/containers/nix-attic:latest
variables:
NIX_PATH: "nixpkgs=http://nixos.org/channels/nixos-23.11/nixexprs.tar.xz"
AWS_SHARED_CREDENTIALS_FILE: "/etc/aws/credentials"
TRANSFER_METER_FREQUENCY: "2s"
NIX_CONFIG: |-
extra-substituters = https://cache.iog.io
extra-trusted-public-keys = hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=
stages:
- setup
- lint
- build
- test
- container
- prepare release
- release
node modules:
stage: setup
cache:
- &npm-cache
key: default-npm
paths:
- .npm
- node_modules
script:
- "nix shell .#gnumake .#gup .#nodejs_21 --command make node_modules"
before_script: &nix-before
- git config --global init.defaultBranch master
- install -v -m 0700 -d ~/.ssh
- install -v -T -m 0644 "${SSH_KNOWN_HOSTS}" ~/.ssh/known_hosts
- install -v -T -m 0400 "${SSH_DEPLOY_KEY}" ~/.ssh/deploy && echo "IdentityFile ~/.ssh/deploy" >> ~/.ssh/config;
- install -v -T -m 0644 "${FONTAWESOME_NPM_AUTH_FILE}" /etc/fontawesome-token
- install -v -T -m 0644 "${NIX_NETRC}" /etc/nix/netrc
artifacts:
paths:
- node_modules/
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
frontend lint:
stage: lint
script:
- "nix shell .#gnumake .#gup .#nodejs_21 --command make frontend-lint"
before_script: *nix-before
needs:
- job: node modules
artifacts: true
retry: 2
interruptible: true
frontend build:
stage: build
cache:
- &frontend-cache
key: default-frontend
paths:
- .well-known-cache
script:
- "nix shell .#gnumake .#gup .#nodejs_21 --command make frontend-build"
before_script: *nix-before
needs:
- job: node modules
artifacts: true
- job: frontend lint # pipeline performance
artifacts: false
artifacts:
paths:
- static/
- well-known/
- config/webpack.yml
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
backend lint:
stage: lint
script:
- "nix shell .#gnumake .#coreutils .#stack --command make CI=1 backend-lint"
before_script: *nix-before
retry: 2
interruptible: true
backend build:
stage: build
cache:
- &stack-cache
key: default-stack
paths:
- .stack/
- .stack-work/
script:
- "nix shell .#gnumake .#coreutils .#stack --command make CI=1 backend-build"
- cp $(stack path --dist-dir)/build/hlint/hlint bin/test-hlint
- cp $(stack path --dist-dir)/build/yesod/yesod bin/test-yesod
before_script: *nix-before
needs:
- job: node modules # transitive
artifacts: false
- job: frontend lint # transitive
artifacts: false
- job: frontend build
artifacts: true
- job: backend lint # pipeline performance
artifacts: false
artifacts:
paths:
- bin/
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
resource_group: ram
uniworx:exe:uniworxdb:
stage: build
script:
- xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
- nix -L build -o result ".#uniworx:exe:uniworxdb"
- nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:exe:uniworxdb.nar.xz
before_script: *nix-before
needs:
- job: node modules # transitive
artifacts: false
- job: frontend build # transitive
artifacts: false
artifacts:
paths:
- uniworx:exe:uniworxdb.nar.xz
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
uniworx:exe:uniworxload:
stage: build
script:
- xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
- nix -L build -o result ".#uniworx:exe:uniworxload"
- nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:exe:uniworxload.nar.xz
before_script: *nix-before
needs:
- job: node modules # transitive
artifacts: false
- job: frontend build # transitive
artifacts: false
artifacts:
paths:
- uniworx:exe:uniworxload.nar.xz
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
check:
stage: test
script:
- xzcat frontend.nar.xz | nix-store --import
- xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
- nix -L flake check .
before_script: *nix-before
needs:
- job: node modules # transitive
artifacts: false
- job: frontend build
artifacts: true
retry: 2
interruptible: true
container:
stage: container
script:
- xzcat uniworx:exe:uniworx.nar.xz | nix-store --import
- cp -pr --reflink=auto -L $(nix build --print-out-paths ".#uniworxDocker") uniworx.tar.gz
before_script: *nix-before
needs:
- job: node modules # transitive
artifacts: false
- job: frontend build # transitive
artifacts: false
- job: check # sanity
artifacts: false
artifacts:
paths:
- uniworx.tar.gz
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
rules: &release-rules
- if: $CI_COMMIT_TAG =~ /^v/
test container:
stage: container
script:
- xzcat uniworx:exe:uniworx.nar.xz | nix-store --import
- cp -pr --reflink=auto -L $(nix build --print-out-paths ".#uniworxTestDocker") uniworx.tar.gz
before_script: *nix-before
needs:
- job: node modules # transitive
artifacts: false
- job: frontend build # transitive
artifacts: false
- job: check # sanity
artifacts: false
artifacts:
paths:
- uniworx.tar.gz
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
rules: &test-release-rules
- if: $CI_COMMIT_TAG =~ /^t/
parse changelog:
stage: prepare release
needs:
- job: node modules
artifacts: true
rules: *release-rules
before_script: *nix-before
script:
- xzcat node-dependencies.nar.xz | nix-store --import
- nix -L run ".#jqChangelogJson" -- -r '.versions[0].version' > .current-version
- nix -L run ".#jqChangelogJson" -- -r '.versions[0].body' > .current-changelog.md
- echo "VERSION=$(cat .current-version)" >> build.env
artifacts:
reports:
dotenv: build.env
paths:
- .current-version
- .current-changelog.md
name: "changelog-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
parse test changelog:
stage: prepare release
needs:
- job: node modules
artifacts: true
rules: *test-release-rules
before_script: *nix-before
script:
- xzcat node-dependencies.nar.xz | nix-store --import
- nix -L run ".#jqChangelogJson" -- -r '.versions[0].version' > .current-version
- nix -L run ".#jqChangelogJson" -- -r '.versions[0].body' > .current-changelog.md
- echo "VERSION=$(cat .current-version)" >> build.env
artifacts:
reports:
dotenv: build.env
paths:
- .current-version
- .current-changelog.md
name: "changelog-${CI_COMMIT_SHORT_SHA}"
expire_in: "1 day"
retry: 2
interruptible: true
upload container:
variables:
GIT_STRATEGY: none
stage: release
image: quay.io/skopeo/stable:latest
script:
- skopeo --insecure-policy copy --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker-archive://$(pwd)/uniworx.tar.gz docker://${CI_REGISTRY_IMAGE}:${VERSION}
- skopeo --insecure-policy copy --src-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker://${CI_REGISTRY_IMAGE}:${VERSION} docker://${CI_REGISTRY_IMAGE}:latest
needs:
- job: node modules # transitive
artifacts: false
- job: frontend build # transitive
artifacts: false
- job: container
artifacts: true
- job: parse changelog
artifacts: true
- job: check # sanity
artifacts: false
rules: *release-rules
retry: 2
upload test container:
variables:
GIT_STRATEGY: none
stage: release
image: quay.io/skopeo/stable:latest
script:
- skopeo --insecure-policy copy --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker-archive://$(pwd)/uniworx.tar.gz docker://${CI_REGISTRY}/fradrive/fradrive/test:${CI_COMMIT_REF_NAME}
- skopeo --insecure-policy copy --src-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker://${CI_REGISTRY}/fradrive/fradrive/test:${CI_COMMIT_REF_NAME} docker://${CI_REGISTRY}/fradrive/fradrive/test:latest
needs:
- job: node modules # transitive
artifacts: false
- job: frontend build # transitive
artifacts: false
- job: test container
artifacts: true
- job: parse test changelog
artifacts: true
- job: check # sanity
artifacts: false
rules: *test-release-rules
retry: 2
release:
variables:
GIT_STRATEGY: none
stage: release
image: registry.gitlab.com/gitlab-org/release-cli:latest
rules: *release-rules
script:
- echo "Will create release ${VERSION}..."
release:
name: '$VERSION'
tag_name: '$CI_COMMIT_TAG'
description: .current-changelog.md
needs:
- job: check # sanity
artifacts: false
- job: parse changelog
artifacts: true
test release:
variables:
GIT_STRATEGY: none
stage: release
image: registry.gitlab.com/gitlab-org/release-cli:latest
rules: *test-release-rules
script:
- echo "Will create test release ${VERSION}-test..."
release:
name: "${VERSION}-test"
tag_name: '$CI_COMMIT_TAG'
description: .current-changelog.md
needs:
- job: check # sanity
artifacts: false
- job: parse test changelog
artifacts: true
Reference in New Issue View Git Blame Copy Permalink