c4k-mastodon-bot/.gitlab-ci.yml

stages:
  - first
  - build_and_test
  - package
  - security
  - upload

.cljs-job: &cljs
  image: domaindrivenarchitecture/shadow-cljs
  cache:
    key: ${CI_COMMIT_REF_SLUG}
    paths:
      - node_modules/
      - .shadow-cljs/
      - .m2
  before_script:
    - echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc
    - npm install

.clj-uploadjob: &clj
  image: clojure:lein-2.7.1-alpine
  cache:
    key: ${CI_COMMIT_REF_SLUG}
    paths:
      - .m2
  before_script:
    - echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_PASSWORD}\" }}}}" > ~/.lein/profiles.clj

test-cljs:
  <<: *cljs
  stage: build_and_test
  script:
    - shadow-cljs compile test

test-clj:
  <<: *clj
  stage: build_and_test
  script:
    - lein test

report-frontend:
  <<: *cljs
  stage: package
  script:
    - mkdir -p target
    - shadow-cljs run shadow.cljs.build-report frontend target/build-report.html
  artifacts:
    paths:
      - target/build-report.html

package-frontend:
  <<: *cljs
  stage: package
  script:
    - mkdir -p target/frontend-build
    - shadow-cljs release frontend
    - cp public/js/main.js target/frontend-build/k8s-mastodon-bot.js
    - sha256sum target/frontend-build/k8s-mastodon-bot.js > target/frontend-build/k8s-mastodon-bot.js.sha256
    - sha512sum target/frontend-build/k8s-mastodon-bot.js > target/frontend-build/k8s-mastodon-bot.js.sha512
  artifacts:
    paths:
      - target/frontend-build

package-uberjar:
  <<: *clj
  stage: package
  script:
    - lein uberjar
    - sha256sum target/uberjar/k8s-mastodon-bot-standalone.jar > target/uberjar/k8s-mastodon-bot-standalone.jar.sha256
    - sha512sum target/uberjar/k8s-mastodon-bot-standalone.jar > target/uberjar/k8s-mastodon-bot-standalone.jar.sha512
  artifacts:
    paths:
      - target/uberjar

sast:
  variables:
    SAST_EXCLUDED_ANALYZERS:
      bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit,
      pmd-apex, security-code-scan, sobelow, spotbugs
  stage: security
  before_script:
    - mkdir -p builds && cp -r target/ builds/
include:
  - template: Security/SAST.gitlab-ci.yml

upload-clj-prerelease:
  <<: *clj
  stage: upload
  rules:
    - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null'
  script:
    - lein deploy clojars

release:
  # Caution, as of 2021-02-02 these assets links require a login, see:
  # https://gitlab.com/gitlab-org/gitlab/-/issues/299384
  image: registry.gitlab.com/gitlab-org/release-cli:latest
  stage: upload
  rules:
    - if: '$CI_COMMIT_TAG != null'
  variables:
    PACKAGE_REGISTRY_URL: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic"
    UBERJAR_URL: "${PACKAGE_REGISTRY_URL}/k8s-mastodon-bot-standalone/${$CI_COMMIT_TAG}/k8s-mastodon-bot-standalone.jar"
    FRONTEND_URL: "${PACKAGE_REGISTRY_URL}/k8s-mastodon-bot/${$CI_COMMIT_TAG}/k8s-mastodon-bot.js"
  script:
    - apk --no-cache add curl
    - |
      curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file target/uberjar/k8s-mastodon-bot-standalone.jar ${UBERJAR_URL}
    - |
      curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file target/frontend-build/k8s-mastodon-bot.js ${FRONTEND_URL}
    - |
      release-cli create --name "Release $CI_COMMIT_TAG" --tag-name $CI_COMMIT_TAG \
        --assets-link "{\"name\":\"k8s-mastodon-bot-standalone.jar\",\"url\":\"${UBERJAR_URL}\"}" \
        --assets-link "{\"name\":\"k8s-mastodon-bot.js\",\"url\":\"${FRONTEND_URL}\"}"
add ci 2021-02-23 17:32:00 +00:00			`stages:`
test release 2021-03-17 14:35:55 +00:00			`- first`
add ci 2021-02-23 17:32:00 +00:00			`- build_and_test`
			`- package`
			`- security`
			`- upload`

			`.cljs-job: &cljs`
release process should work 2021-03-12 18:01:48 +00:00			`image: domaindrivenarchitecture/shadow-cljs`
add ci 2021-02-23 17:32:00 +00:00			`cache:`
			`key: ${CI_COMMIT_REF_SLUG}`
			`paths:`
			`- node_modules/`
			`- .shadow-cljs/`
release process should work 2021-03-12 18:01:48 +00:00			`- .m2`
add ci 2021-02-23 17:32:00 +00:00			`before_script:`
			`- echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc`
simplify build 2021-03-17 07:24:18 +00:00			`- npm install`
add ci 2021-02-23 17:32:00 +00:00
simplify build 2021-03-17 07:24:18 +00:00			`.clj-uploadjob: &clj`
release process should work 2021-03-12 18:01:48 +00:00			`image: clojure:lein-2.7.1-alpine`
			`cache:`
			`key: ${CI_COMMIT_REF_SLUG}`
			`paths:`
			`- .m2`
			`before_script:`
			`- echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_PASSWORD}\" }}}}" > ~/.lein/profiles.clj`

first try for release uploads 2021-03-17 07:59:58 +00:00			`test-cljs:`
add ci 2021-02-23 17:32:00 +00:00			`<<: *cljs`
			`stage: build_and_test`
			`script:`
			`- shadow-cljs compile test`

first try for release uploads 2021-03-17 07:59:58 +00:00			`test-clj:`
			`<<: *clj`
			`stage: build_and_test`
			`script:`
			`- lein test`

no cljs prerelease 2021-03-17 08:17:08 +00:00			`report-frontend:`
add ci 2021-02-23 17:32:00 +00:00			`<<: *cljs`
no cljs prerelease 2021-03-17 08:17:08 +00:00			`stage: package`
add ci 2021-02-23 17:32:00 +00:00			`script:`
simplify build 2021-03-17 07:24:18 +00:00			`- mkdir -p target`
release process should work 2021-03-12 18:01:48 +00:00			`- shadow-cljs run shadow.cljs.build-report frontend target/build-report.html`
add ci 2021-02-23 17:32:00 +00:00			`artifacts:`
			`paths:`
			`- target/build-report.html`

first try for release uploads 2021-03-17 07:59:58 +00:00			`package-frontend:`
add ci 2021-02-23 17:32:00 +00:00			`<<: *cljs`
			`stage: package`
			`script:`
first try for release uploads 2021-03-17 07:59:58 +00:00			`- mkdir -p target/frontend-build`
			`- shadow-cljs release frontend`
			`- cp public/js/main.js target/frontend-build/k8s-mastodon-bot.js`
			`- sha256sum target/frontend-build/k8s-mastodon-bot.js > target/frontend-build/k8s-mastodon-bot.js.sha256`
			`- sha512sum target/frontend-build/k8s-mastodon-bot.js > target/frontend-build/k8s-mastodon-bot.js.sha512`
add ci 2021-02-23 17:32:00 +00:00			`artifacts:`
			`paths:`
first try for release uploads 2021-03-17 07:59:58 +00:00			`- target/frontend-build`

			`package-uberjar:`
			`<<: *clj`
			`stage: package`
			`script:`
			`- lein uberjar`
			`- sha256sum target/uberjar/k8s-mastodon-bot-standalone.jar > target/uberjar/k8s-mastodon-bot-standalone.jar.sha256`
			`- sha512sum target/uberjar/k8s-mastodon-bot-standalone.jar > target/uberjar/k8s-mastodon-bot-standalone.jar.sha512`
			`artifacts:`
			`paths:`
			`- target/uberjar`
add ci 2021-02-23 17:32:00 +00:00
			`sast:`
			`variables:`
			`SAST_EXCLUDED_ANALYZERS:`
			`bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit,`
			`pmd-apex, security-code-scan, sobelow, spotbugs`
			`stage: security`
			`before_script:`
			`- mkdir -p builds && cp -r target/ builds/`
			`include:`
			`- template: Security/SAST.gitlab-ci.yml`

release process should work 2021-03-12 18:01:48 +00:00			`upload-clj-prerelease:`
simplify build 2021-03-17 07:24:18 +00:00			`<<: *clj`
release process should work 2021-03-12 18:01:48 +00:00			`stage: upload`
			`rules:`
			`- if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null'`
			`script:`
			`- lein deploy clojars`

first try for release uploads 2021-03-17 07:59:58 +00:00			`release:`
			`# Caution, as of 2021-02-02 these assets links require a login, see:`
			`# https://gitlab.com/gitlab-org/gitlab/-/issues/299384`
			`image: registry.gitlab.com/gitlab-org/release-cli:latest`
Version 0.1.2 2021-03-17 14:45:15 +00:00			`stage: upload`
			`rules:`
			`- if: '$CI_COMMIT_TAG != null'`
first try for release uploads 2021-03-17 07:59:58 +00:00			`variables:`
			`PACKAGE_REGISTRY_URL: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic"`
			`UBERJAR_URL: "${PACKAGE_REGISTRY_URL}/k8s-mastodon-bot-standalone/${$CI_COMMIT_TAG}/k8s-mastodon-bot-standalone.jar"`
			`FRONTEND_URL: "${PACKAGE_REGISTRY_URL}/k8s-mastodon-bot/${$CI_COMMIT_TAG}/k8s-mastodon-bot.js"`
add ci 2021-02-23 17:32:00 +00:00			`script:`
test release 2021-03-17 14:35:55 +00:00			`- apk --no-cache add curl`
first try for release uploads 2021-03-17 07:59:58 +00:00			`- \|`
			`curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file target/uberjar/k8s-mastodon-bot-standalone.jar ${UBERJAR_URL}`
			`- \|`
			`curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file target/frontend-build/k8s-mastodon-bot.js ${FRONTEND_URL}`
			`- \|`
			`release-cli create --name "Release $CI_COMMIT_TAG" --tag-name $CI_COMMIT_TAG \`
			`--assets-link "{\"name\":\"k8s-mastodon-bot-standalone.jar\",\"url\":\"${UBERJAR_URL}\"}" \`
			`--assets-link "{\"name\":\"k8s-mastodon-bot.js\",\"url\":\"${FRONTEND_URL}\"}"`