Merge branch 'introduce-new-ci' into 'main'

Introduce new ci

See merge request domaindrivenarchitecture/c4k-jitsi!1
This commit is contained in:
Michael Jerger 2023-07-22 08:47:39 +00:00
commit c11daa2537
3 changed files with 200 additions and 45 deletions

View file

@ -5,11 +5,17 @@ stages:
- upload
- image
services:
- docker:19.03.12-dind
.img: &img
image: "domaindrivenarchitecture/ddadevops-dind:4.1.0"
services:
- docker:dind
before_script:
- export IMAGE_DOCKERHUB_USER=$DOCKERHUB_USER
- export IMAGE_DOCKERHUB_PASSWORD=$DOCKERHUB_PASSWORD
- export IMAGE_TAG=$CI_COMMIT_TAG
.cljs-job: &cljs
image: domaindrivenarchitecture/shadow-cljs
image: "domaindrivenarchitecture/ddadevops-clj-cljs:4.3.0"
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
@ -20,8 +26,8 @@ services:
- echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc
- npm install
.clj-uploadjob: &clj
image: domaindrivenarchitecture/lein
.clj-job: &clj
image: "domaindrivenarchitecture/ddadevops-clj-cljs:4.3.0"
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
@ -30,25 +36,29 @@ services:
- mkdir -p /root/.lein
- echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_TOKEN_DOMAINDRIVENARCHITECTURE}\" }}}}" > ~/.lein/profiles.clj
test-cljs:
<<: *cljs
stage: build_and_test
script:
- shadow-cljs compile test
- node target/node-tests.js
.tag_only: &tag_only
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
when: never
- if: '$CI_COMMIT_TAG =~ /^[0-9]+\.[0-9]+\.[0-9]+$/'
test-clj:
<<: *clj
stage: build_and_test
script:
- lein test
- pyb test_clj
test-cljs:
<<: *cljs
stage: build_and_test
script:
- pyb test_cljs
test-schema:
<<: *clj
stage: build_and_test
script:
- lein uberjar
- java -jar target/uberjar/c4k-jitsi-standalone.jar src/test/resources/jitsi-test/valid-config.yaml src/test/resources/jitsi-test/valid-auth.yaml | kubeconform --kubernetes-version 1.19.0 --strict --skip Certificate -
- pyb test_schema
artifacts:
paths:
- target/uberjar
@ -57,8 +67,7 @@ report-frontend:
<<: *cljs
stage: package
script:
- mkdir -p target/frontend-build
- shadow-cljs run shadow.cljs.build-report frontend target/frontend-build/build-report.html
- pyb report_frontend
artifacts:
paths:
- target/frontend-build/build-report.html
@ -67,11 +76,7 @@ package-frontend:
<<: *cljs
stage: package
script:
- mkdir -p target/frontend-build
- shadow-cljs release frontend
- cp public/js/main.js target/frontend-build/c4k-jitsi.js
- sha256sum target/frontend-build/c4k-jitsi.js > target/frontend-build/c4k-jitsi.js.sha256
- sha512sum target/frontend-build/c4k-jitsi.js > target/frontend-build/c4k-jitsi.js.sha512
- pyb package_frontend
artifacts:
paths:
- target/frontend-build
@ -80,36 +85,22 @@ package-uberjar:
<<: *clj
stage: package
script:
- sha256sum target/uberjar/c4k-jitsi-standalone.jar > target/uberjar/c4k-jitsi-standalone.jar.sha256
- sha512sum target/uberjar/c4k-jitsi-standalone.jar > target/uberjar/c4k-jitsi-standalone.jar.sha512
- pyb package_uberjar
artifacts:
paths:
- target/uberjar
sast:
variables:
SAST_EXCLUDED_ANALYZERS:
bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit,
pmd-apex, security-code-scan, sobelow, spotbugs
stage: security
before_script:
- mkdir -p builds && cp -r target/ builds/
include:
- template: Security/SAST.gitlab-ci.yml
upload-clj-release:
<<: *clj
<<: *tag_only
stage: upload
rules:
- if: '$CI_COMMIT_TAG != null'
script:
- lein deploy
- pyb upload_clj
release:
image: registry.gitlab.com/gitlab-org/release-cli:latest
stage: upload
rules:
- if: '$CI_COMMIT_TAG != null'
<<: *tag_only
artifacts:
paths:
- target/uberjar
@ -126,9 +117,8 @@ release:
--assets-link "{\"name\":\"c4k-jitsi.js.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-jitsi.js.sha512\"}" \
jitsi-image-test-publish:
image: domaindrivenarchitecture/devops-build:latest
<<: *img
<<: *tag_only
stage: image
rules:
- if: '$CI_COMMIT_TAG != null'
script:
- cd infrastructure/docker-jitsi-web && pyb image test publish

165
build.py Normal file
View file

@ -0,0 +1,165 @@
from os import environ
from subprocess import run
from pybuilder.core import init, task
from ddadevops import *
default_task = "dev"
name = "c4k-jitsi"
MODULE = "not-used"
PROJECT_ROOT_PATH = "."
@init
def initialize(project):
input = {
"name": name,
"module": MODULE,
"stage": "notused",
"project_root_path": PROJECT_ROOT_PATH,
"build_types": [],
"mixin_types": ["RELEASE"],
"release_primary_build_file": "project.clj",
"release_secondary_build_files": [
"package.json",
],
}
build = ReleaseMixin(project, input)
build.initialize_build_dir()
@task
def test_clj(project):
run("lein test", shell=True, check=True)
@task
def test_cljs(project):
run("shadow-cljs compile test", shell=True, check=True)
run("node target/node-tests.js", shell=True, check=True)
@task
def test_schema(project):
run("lein uberjar", shell=True, check=True)
run(
"java -jar target/uberjar/c4k-jitsi-standalone.jar "
+ "src/test/resources/jitsi-test/valid-config.yaml "
+ "src/test/resources/jitsi-test/valid-auth.yaml | "
+ "kubeconform --kubernetes-version 1.23.0 --strict --skip Certificate -",
shell=True,
check=True,
)
@task
def report_frontend(project):
run("mkdir -p target/frontend-build", shell=True, check=True)
run(
"shadow-cljs run shadow.cljs.build-report frontend target/frontend-build/build-report.html",
shell=True,
check=True,
)
@task
def package_frontend(project):
run("mkdir -p target/frontend-build", shell=True, check=True)
run("shadow-cljs release frontend", shell=True, check=True)
run(
"cp public/js/main.js target/frontend-build/c4k-jitsi.js",
shell=True,
check=True,
)
run(
"sha256sum target/frontend-build/c4k-jitsi.js > target/frontend-build/c4k-jitsi.js.sha256",
shell=True,
check=True,
)
run(
"sha512sum target/frontend-build/c4k-jitsi.js > target/frontend-build/c4k-jitsi.js.sha512",
shell=True,
check=True,
)
@task
def package_uberjar(project):
run(
"sha256sum target/uberjar/c4k-jitsi-standalone.jar > target/uberjar/c4k-jitsi-standalone.jar.sha256",
shell=True,
check=True,
)
run(
"sha512sum target/uberjar/c4k-jitsi-standalone.jar > target/uberjar/c4k-jitsi-standalone.jar.sha512",
shell=True,
check=True,
)
@task
def upload_clj(project):
run("lein deploy", shell=True, check=True)
@task
def lint(project):
run(
"lein eastwood",
shell=True,
check=True,
)
run(
"lein ancient check",
shell=True,
check=True,
)
@task
def patch(project):
linttest(project, "PATCH")
release(project)
@task
def minor(project):
linttest(project, "MINOR")
release(project)
@task
def major(project):
linttest(project, "MAJOR")
release(project)
@task
def dev(project):
linttest(project, "NONE")
@task
def prepare(project):
build = get_devops_build(project)
build.prepare_release()
@task
def tag(project):
build = get_devops_build(project)
build.tag_bump_and_push_release()
def release(project):
prepare(project)
tag(project)
def linttest(project, release_type):
build = get_devops_build(project)
build.update_release_type(release_type)
test_clj(project)
test_cljs(project)
lint(project)

View file

@ -19,7 +19,7 @@
:spec
{:containers
[{:name "jicofo",
:image "jitsi/jicofo:stable-7287",
:image "jitsi/jicofo:stable-8615",
:imagePullPolicy "IfNotPresent",
:env
[{:name "XMPP_SERVER", :value "localhost"}
@ -72,7 +72,7 @@
{:name "DISABLE_AUDIO_LEVELS", :value "true"}
{:name "ETHERPAD_PUBLIC_URL", :value "https://etherpad.xy.xy.xy/p/"}]}
{:name "jvb",
:image "jitsi/jvb:stable-7287",
:image "jitsi/jvb:stable-8719",
:imagePullPolicy "IfNotPresent",
:env
[{:name "PUBLIC_URL", :value "xy.xy.xy"}
@ -90,7 +90,7 @@
{:name "JVB_BREWERY_MUC", :value "jvbbrewery"}
{:name "TZ", :value "Europe/Berlin"}]}
{:name "etherpad",
:image "jitsi/etherpad",
:image "etherpad/etherpad:1.9.1",
:env
[{:name "XMPP_SERVER", :value "localhost"}
{:name "XMPP_DOMAIN", :value "meet.meissa-gmbh"}