stages: - build_and_test - package #- security - upload - image - integrationtest services: - docker:19.03.12-dind .only-master: &only-master rules: - if: '$CI_COMMIT_REF_NAME == "master"' when: always - when: never .cljs-job: &cljs image: domaindrivenarchitecture/shadow-cljs cache: key: ${CI_COMMIT_REF_SLUG} paths: - node_modules/ - .shadow-cljs/ - .m2 before_script: - echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc - npm install .clj-uploadjob: &clj image: domaindrivenarchitecture/lein cache: key: ${CI_COMMIT_REF_SLUG} paths: - .m2 before_script: - mkdir -p /root/.lein - echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_TOKEN_DOMAINDRIVENARCHITECTURE}\" }}}}" > ~/.lein/profiles.clj test-cljs: <<: *cljs <<: *only-master stage: build_and_test script: - shadow-cljs compile test test-clj: <<: *clj <<: *only-master stage: build_and_test script: - lein test test-schema: <<: *clj <<: *only-master stage: build_and_test script: - lein uberjar - java -jar target/uberjar/c4k-nextcloud-standalone.jar valid-config.edn valid-auth.edn | kubeconform --kubernetes-version 1.19.0 --strict --skip "Certificate,CronJob" - artifacts: paths: - target/uberjar .report-frontend: <<: *cljs stage: package script: - mkdir -p target/frontend-build - shadow-cljs run shadow.cljs.build-report frontend target/frontend-build/build-report.html artifacts: paths: - target/frontend-build/build-report.html .package-frontend: <<: *cljs stage: package script: - mkdir -p target/frontend-build - shadow-cljs release frontend - cp public/js/main.js target/frontend-build/c4k-nextcloud.js - sha256sum target/frontend-build/c4k-nextcloud.js > target/frontend-build/c4k-nextcloud.js.sha256 - sha512sum target/frontend-build/c4k-nextcloud.js > target/frontend-build/c4k-nextcloud.js.sha512 artifacts: paths: - target/frontend-build package-uberjar: <<: *clj <<: *only-master stage: package script: - sha256sum target/uberjar/c4k-nextcloud-standalone.jar > target/uberjar/c4k-nextcloud-standalone.jar.sha256 - sha512sum target/uberjar/c4k-nextcloud-standalone.jar > target/uberjar/c4k-nextcloud-standalone.jar.sha512 artifacts: paths: - target/uberjar #.sast: # <<: *only-master # variables: # SAST_EXCLUDED_ANALYZERS: # bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit, # pmd-apex, security-code-scan, sobelow, spotbugs # stage: security # before_script: # - mkdir -p builds && cp -r target/ builds/ #include: # - template: Security/SAST.gitlab-ci.yml upload-clj-prerelease: <<: *clj stage: upload rules: - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' script: - lein deploy clojars release: image: registry.gitlab.com/gitlab-org/release-cli:latest stage: upload rules: - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' artifacts: paths: - target/uberjar - target/frontend-build script: - apk --no-cache add curl - | release-cli create --name "Release $CI_COMMIT_TAG" --tag-name $CI_COMMIT_TAG \ --assets-link "{\"name\":\"c4k-nextcloud-standalone.jar\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-nextcloud/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-nextcloud-standalone.jar\"}" \ --assets-link "{\"name\":\"c4k-nextcloud-standalone.jar.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-nextcloud/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-nextcloud-standalone.jar.sha256\"}" \ --assets-link "{\"name\":\"c4k-nextcloud-standalone.jar.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-nextcloud/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-nextcloud-standalone.jar.sha512\"}" \ --assets-link "{\"name\":\"c4k-nextcloud.js\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-nextcloud/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-nextcloud.js\"}" \ --assets-link "{\"name\":\"c4k-nextcloud.js.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-nextcloud/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-nextcloud.js.sha256\"}" \ --assets-link "{\"name\":\"c4k-nextcloud.js.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-nextcloud/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-nextcloud.js.sha512\"}" \ nextcloud-image-test-publish: image: domaindrivenarchitecture/devops-build:latest stage: image rules: - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG != null' script: - cd infrastructure/docker-nextcloud && pyb image test publish backup-image-test-publish: image: domaindrivenarchitecture/devops-build:latest stage: image rules: - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG != null' script: - cd infrastructure/docker-backup && pyb image test publish nextcloud-integrationtest: stage: integrationtest rules: - if: '$CI_COMMIT_BRANCH == "integration-test-w-o-db-backup"' image: registry.gitlab.com/gitlab-org/cluster-integration/helm-install-image/releases/3.7.1-kube-1.20.11-alpine-3.14 services: - name: registry.gitlab.com/gitlab-org/cluster-integration/test-utils/k3s-gitlab-ci/releases/v1.22.2-k3s2 alias: k3s script: - apk add curl sudo bash - apk add wget curl bash sudo openjdk8 - wget -P /etc/apk/keys/ https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub - apk add --no-cache --repository=https://apkproxy.herokuapp.com/sgerrand/alpine-pkg-leiningen leiningen - mkdir -p ${HOME}/.kube/ - curl -f k3s:8081 > ${HOME}/.kube/config - kubectl version - kubectl cluster-info - echo "---------- Integration test -------------" - pwd - cd ./src/test/resources/local-integration-test/ && ./setup-local-s3-on-k3d.sh