This commit is contained in:
Michael Jerger 2023-07-22 10:39:27 +02:00
parent df73740a1e
commit bb3637348b
2 changed files with 197 additions and 42 deletions

View file

@ -5,11 +5,17 @@ stages:
- upload - upload
- image - image
services: .img: &img
- docker:19.03.12-dind image: "domaindrivenarchitecture/ddadevops-dind:4.1.0"
services:
- docker:dind
before_script:
- export IMAGE_DOCKERHUB_USER=$DOCKERHUB_USER
- export IMAGE_DOCKERHUB_PASSWORD=$DOCKERHUB_PASSWORD
- export IMAGE_TAG=$CI_COMMIT_TAG
.cljs-job: &cljs .cljs-job: &cljs
image: domaindrivenarchitecture/shadow-cljs image: "domaindrivenarchitecture/ddadevops-clj-cljs:4.3.0"
cache: cache:
key: ${CI_COMMIT_REF_SLUG} key: ${CI_COMMIT_REF_SLUG}
paths: paths:
@ -20,8 +26,8 @@ services:
- echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc - echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc
- npm install - npm install
.clj-uploadjob: &clj .clj-job: &clj
image: domaindrivenarchitecture/lein image: "domaindrivenarchitecture/ddadevops-clj-cljs:4.3.0"
cache: cache:
key: ${CI_COMMIT_REF_SLUG} key: ${CI_COMMIT_REF_SLUG}
paths: paths:
@ -30,25 +36,29 @@ services:
- mkdir -p /root/.lein - mkdir -p /root/.lein
- echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_TOKEN_DOMAINDRIVENARCHITECTURE}\" }}}}" > ~/.lein/profiles.clj - echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_TOKEN_DOMAINDRIVENARCHITECTURE}\" }}}}" > ~/.lein/profiles.clj
test-cljs: .tag_only: &tag_only
<<: *cljs rules:
stage: build_and_test - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
script: when: never
- shadow-cljs compile test - if: '$CI_COMMIT_TAG =~ /^[0-9]+\.[0-9]+\.[0-9]+$/'
- node target/node-tests.js
test-clj: test-clj:
<<: *clj <<: *clj
stage: build_and_test stage: build_and_test
script: script:
- lein test - pyb test_clj
test-cljs:
<<: *cljs
stage: build_and_test
script:
- pyb test_cljs
test-schema: test-schema:
<<: *clj <<: *clj
stage: build_and_test stage: build_and_test
script: script:
- lein uberjar - pyb test_schema
- java -jar target/uberjar/c4k-jitsi-standalone.jar src/test/resources/jitsi-test/valid-config.yaml src/test/resources/jitsi-test/valid-auth.yaml | kubeconform --kubernetes-version 1.19.0 --strict --skip Certificate -
artifacts: artifacts:
paths: paths:
- target/uberjar - target/uberjar
@ -57,8 +67,7 @@ report-frontend:
<<: *cljs <<: *cljs
stage: package stage: package
script: script:
- mkdir -p target/frontend-build - pyb report_frontend
- shadow-cljs run shadow.cljs.build-report frontend target/frontend-build/build-report.html
artifacts: artifacts:
paths: paths:
- target/frontend-build/build-report.html - target/frontend-build/build-report.html
@ -67,11 +76,7 @@ package-frontend:
<<: *cljs <<: *cljs
stage: package stage: package
script: script:
- mkdir -p target/frontend-build - pyb package_frontend
- shadow-cljs release frontend
- cp public/js/main.js target/frontend-build/c4k-jitsi.js
- sha256sum target/frontend-build/c4k-jitsi.js > target/frontend-build/c4k-jitsi.js.sha256
- sha512sum target/frontend-build/c4k-jitsi.js > target/frontend-build/c4k-jitsi.js.sha512
artifacts: artifacts:
paths: paths:
- target/frontend-build - target/frontend-build
@ -80,36 +85,22 @@ package-uberjar:
<<: *clj <<: *clj
stage: package stage: package
script: script:
- sha256sum target/uberjar/c4k-jitsi-standalone.jar > target/uberjar/c4k-jitsi-standalone.jar.sha256 - pyb package_uberjar
- sha512sum target/uberjar/c4k-jitsi-standalone.jar > target/uberjar/c4k-jitsi-standalone.jar.sha512
artifacts: artifacts:
paths: paths:
- target/uberjar - target/uberjar
sast:
variables:
SAST_EXCLUDED_ANALYZERS:
bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit,
pmd-apex, security-code-scan, sobelow, spotbugs
stage: security
before_script:
- mkdir -p builds && cp -r target/ builds/
include:
- template: Security/SAST.gitlab-ci.yml
upload-clj-release: upload-clj-release:
<<: *clj <<: *clj
<<: *tag_only
stage: upload stage: upload
rules:
- if: '$CI_COMMIT_TAG != null'
script: script:
- lein deploy - pyb upload_clj
release: release:
image: registry.gitlab.com/gitlab-org/release-cli:latest image: registry.gitlab.com/gitlab-org/release-cli:latest
stage: upload stage: upload
rules: <<: *tag_only
- if: '$CI_COMMIT_TAG != null'
artifacts: artifacts:
paths: paths:
- target/uberjar - target/uberjar
@ -126,9 +117,8 @@ release:
--assets-link "{\"name\":\"c4k-jitsi.js.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-jitsi.js.sha512\"}" \ --assets-link "{\"name\":\"c4k-jitsi.js.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-jitsi.js.sha512\"}" \
jitsi-image-test-publish: jitsi-image-test-publish:
image: domaindrivenarchitecture/devops-build:latest <<: *img
<<: *tag_only
stage: image stage: image
rules:
- if: '$CI_COMMIT_TAG != null'
script: script:
- cd infrastructure/docker-jitsi-web && pyb image test publish - cd infrastructure/docker-jitsi-web && pyb image test publish

165
build.py Normal file
View file

@ -0,0 +1,165 @@
from os import environ
from subprocess import run
from pybuilder.core import init, task
from ddadevops import *
default_task = "dev"
name = "c4k-jitsi"
MODULE = "not-used"
PROJECT_ROOT_PATH = "."
@init
def initialize(project):
input = {
"name": name,
"module": MODULE,
"stage": "notused",
"project_root_path": PROJECT_ROOT_PATH,
"build_types": [],
"mixin_types": ["RELEASE"],
"release_primary_build_file": "project.clj",
"release_secondary_build_files": [
"package.json",
],
}
build = ReleaseMixin(project, input)
build.initialize_build_dir()
@task
def test_clj(project):
run("lein test", shell=True, check=True)
@task
def test_cljs(project):
run("shadow-cljs compile test", shell=True, check=True)
run("node target/node-tests.js", shell=True, check=True)
@task
def test_schema(project):
run("lein uberjar", shell=True, check=True)
run(
"java -jar target/uberjar/c4k-jitsi-standalone.jar "
+ "src/test/resources/jitsi-test/valid-config.yaml "
+ "src/test/resources/jitsi-test/valid-auth.yaml | "
+ "kubeconform --kubernetes-version 1.23.0 --strict --skip Certificate -",
shell=True,
check=True,
)
@task
def report_frontend(project):
run("mkdir -p target/frontend-build", shell=True, check=True)
run(
"shadow-cljs run shadow.cljs.build-report frontend target/frontend-build/build-report.html",
shell=True,
check=True,
)
@task
def package_frontend(project):
run("mkdir -p target/frontend-build", shell=True, check=True)
run("shadow-cljs release frontend", shell=True, check=True)
run(
"cp public/js/main.js target/frontend-build/c4k-jitsi.js",
shell=True,
check=True,
)
run(
"sha256sum target/frontend-build/c4k-jitsi.js > target/frontend-build/c4k-jitsi.js.sha256",
shell=True,
check=True,
)
run(
"sha512sum target/frontend-build/c4k-jitsi.js > target/frontend-build/c4k-jitsi.js.sha512",
shell=True,
check=True,
)
@task
def package_uberjar(project):
run(
"sha256sum target/uberjar/c4k-jitsi-standalone.jar > target/uberjar/c4k-jitsi-standalone.jar.sha256",
shell=True,
check=True,
)
run(
"sha512sum target/uberjar/c4k-jitsi-standalone.jar > target/uberjar/c4k-jitsi-standalone.jar.sha512",
shell=True,
check=True,
)
@task
def upload_clj(project):
run("lein deploy", shell=True, check=True)
@task
def lint(project):
run(
"lein eastwood",
shell=True,
check=True,
)
run(
"lein ancient check",
shell=True,
check=True,
)
@task
def patch(project):
linttest(project, "PATCH")
release(project)
@task
def minor(project):
linttest(project, "MINOR")
release(project)
@task
def major(project):
linttest(project, "MAJOR")
release(project)
@task
def dev(project):
linttest(project, "NONE")
@task
def prepare(project):
build = get_devops_build(project)
build.prepare_release()
@task
def tag(project):
build = get_devops_build(project)
build.tag_bump_and_push_release()
def release(project):
prepare(project)
tag(project)
def linttest(project, release_type):
build = get_devops_build(project)
build.update_release_type(release_type)
test_clj(project)
test_cljs(project)
lint(project)