diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 65c060e..9bf3651 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -5,11 +5,17 @@ stages: - upload - image -services: - - docker:19.03.12-dind +.img: &img + image: "domaindrivenarchitecture/ddadevops-dind:4.1.0" + services: + - docker:dind + before_script: + - export IMAGE_DOCKERHUB_USER=$DOCKERHUB_USER + - export IMAGE_DOCKERHUB_PASSWORD=$DOCKERHUB_PASSWORD + - export IMAGE_TAG=$CI_COMMIT_TAG .cljs-job: &cljs - image: domaindrivenarchitecture/shadow-cljs + image: "domaindrivenarchitecture/ddadevops-clj-cljs:4.3.0" cache: key: ${CI_COMMIT_REF_SLUG} paths: @@ -20,8 +26,8 @@ services: - echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc - npm install -.clj-uploadjob: &clj - image: domaindrivenarchitecture/lein +.clj-job: &clj + image: "domaindrivenarchitecture/ddadevops-clj-cljs:4.3.0" cache: key: ${CI_COMMIT_REF_SLUG} paths: @@ -30,25 +36,29 @@ services: - mkdir -p /root/.lein - echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_TOKEN_DOMAINDRIVENARCHITECTURE}\" }}}}" > ~/.lein/profiles.clj -test-cljs: - <<: *cljs - stage: build_and_test - script: - - shadow-cljs compile test - - node target/node-tests.js +.tag_only: &tag_only + rules: + - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' + when: never + - if: '$CI_COMMIT_TAG =~ /^[0-9]+\.[0-9]+\.[0-9]+$/' test-clj: <<: *clj stage: build_and_test script: - - lein test + - pyb test_clj + +test-cljs: + <<: *cljs + stage: build_and_test + script: + - pyb test_cljs test-schema: <<: *clj stage: build_and_test script: - - lein uberjar - - java -jar target/uberjar/c4k-jitsi-standalone.jar src/test/resources/jitsi-test/valid-config.yaml src/test/resources/jitsi-test/valid-auth.yaml | kubeconform --kubernetes-version 1.19.0 --strict --skip Certificate - + - pyb test_schema artifacts: paths: - target/uberjar @@ -57,8 +67,7 @@ report-frontend: <<: *cljs stage: package script: - - mkdir -p target/frontend-build - - shadow-cljs run shadow.cljs.build-report frontend target/frontend-build/build-report.html + - pyb report_frontend artifacts: paths: - target/frontend-build/build-report.html @@ -67,11 +76,7 @@ package-frontend: <<: *cljs stage: package script: - - mkdir -p target/frontend-build - - shadow-cljs release frontend - - cp public/js/main.js target/frontend-build/c4k-jitsi.js - - sha256sum target/frontend-build/c4k-jitsi.js > target/frontend-build/c4k-jitsi.js.sha256 - - sha512sum target/frontend-build/c4k-jitsi.js > target/frontend-build/c4k-jitsi.js.sha512 + - pyb package_frontend artifacts: paths: - target/frontend-build @@ -80,36 +85,22 @@ package-uberjar: <<: *clj stage: package script: - - sha256sum target/uberjar/c4k-jitsi-standalone.jar > target/uberjar/c4k-jitsi-standalone.jar.sha256 - - sha512sum target/uberjar/c4k-jitsi-standalone.jar > target/uberjar/c4k-jitsi-standalone.jar.sha512 + - pyb package_uberjar artifacts: paths: - target/uberjar -sast: - variables: - SAST_EXCLUDED_ANALYZERS: - bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit, - pmd-apex, security-code-scan, sobelow, spotbugs - stage: security - before_script: - - mkdir -p builds && cp -r target/ builds/ -include: - - template: Security/SAST.gitlab-ci.yml - upload-clj-release: <<: *clj + <<: *tag_only stage: upload - rules: - - if: '$CI_COMMIT_TAG != null' script: - - lein deploy + - pyb upload_clj release: image: registry.gitlab.com/gitlab-org/release-cli:latest stage: upload - rules: - - if: '$CI_COMMIT_TAG != null' + <<: *tag_only artifacts: paths: - target/uberjar @@ -126,9 +117,8 @@ release: --assets-link "{\"name\":\"c4k-jitsi.js.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-jitsi.js.sha512\"}" \ jitsi-image-test-publish: - image: domaindrivenarchitecture/devops-build:latest + <<: *img + <<: *tag_only stage: image - rules: - - if: '$CI_COMMIT_TAG != null' script: - cd infrastructure/docker-jitsi-web && pyb image test publish \ No newline at end of file diff --git a/build.py b/build.py new file mode 100644 index 0000000..afeb4a7 --- /dev/null +++ b/build.py @@ -0,0 +1,165 @@ +from os import environ +from subprocess import run +from pybuilder.core import init, task +from ddadevops import * + +default_task = "dev" + +name = "c4k-jitsi" +MODULE = "not-used" +PROJECT_ROOT_PATH = "." + + +@init +def initialize(project): + input = { + "name": name, + "module": MODULE, + "stage": "notused", + "project_root_path": PROJECT_ROOT_PATH, + "build_types": [], + "mixin_types": ["RELEASE"], + "release_primary_build_file": "project.clj", + "release_secondary_build_files": [ + "package.json", + ], + } + + build = ReleaseMixin(project, input) + build.initialize_build_dir() + + +@task +def test_clj(project): + run("lein test", shell=True, check=True) + + +@task +def test_cljs(project): + run("shadow-cljs compile test", shell=True, check=True) + run("node target/node-tests.js", shell=True, check=True) + + +@task +def test_schema(project): + run("lein uberjar", shell=True, check=True) + run( + "java -jar target/uberjar/c4k-jitsi-standalone.jar " + + "src/test/resources/jitsi-test/valid-config.yaml " + + "src/test/resources/jitsi-test/valid-auth.yaml | " + + "kubeconform --kubernetes-version 1.23.0 --strict --skip Certificate -", + shell=True, + check=True, + ) + + +@task +def report_frontend(project): + run("mkdir -p target/frontend-build", shell=True, check=True) + run( + "shadow-cljs run shadow.cljs.build-report frontend target/frontend-build/build-report.html", + shell=True, + check=True, + ) + + +@task +def package_frontend(project): + run("mkdir -p target/frontend-build", shell=True, check=True) + run("shadow-cljs release frontend", shell=True, check=True) + run( + "cp public/js/main.js target/frontend-build/c4k-jitsi.js", + shell=True, + check=True, + ) + run( + "sha256sum target/frontend-build/c4k-jitsi.js > target/frontend-build/c4k-jitsi.js.sha256", + shell=True, + check=True, + ) + run( + "sha512sum target/frontend-build/c4k-jitsi.js > target/frontend-build/c4k-jitsi.js.sha512", + shell=True, + check=True, + ) + + +@task +def package_uberjar(project): + run( + "sha256sum target/uberjar/c4k-jitsi-standalone.jar > target/uberjar/c4k-jitsi-standalone.jar.sha256", + shell=True, + check=True, + ) + run( + "sha512sum target/uberjar/c4k-jitsi-standalone.jar > target/uberjar/c4k-jitsi-standalone.jar.sha512", + shell=True, + check=True, + ) + + +@task +def upload_clj(project): + run("lein deploy", shell=True, check=True) + + +@task +def lint(project): + run( + "lein eastwood", + shell=True, + check=True, + ) + run( + "lein ancient check", + shell=True, + check=True, + ) + + +@task +def patch(project): + linttest(project, "PATCH") + release(project) + + +@task +def minor(project): + linttest(project, "MINOR") + release(project) + + +@task +def major(project): + linttest(project, "MAJOR") + release(project) + + +@task +def dev(project): + linttest(project, "NONE") + + +@task +def prepare(project): + build = get_devops_build(project) + build.prepare_release() + + +@task +def tag(project): + build = get_devops_build(project) + build.tag_bump_and_push_release() + + +def release(project): + prepare(project) + tag(project) + + +def linttest(project, release_type): + build = get_devops_build(project) + build.update_release_type(release_type) + test_clj(project) + test_cljs(project) + lint(project)