174 lines
No EOL
6 KiB
YAML
174 lines
No EOL
6 KiB
YAML
stages:
|
|
- build_and_test
|
|
- package
|
|
- security
|
|
- upload
|
|
- image
|
|
- integrationtest
|
|
|
|
services:
|
|
- docker:19.03.12-dind
|
|
|
|
.only-master: &only-master
|
|
rules:
|
|
- if: '$CI_COMMIT_REF_NAME == "master"'
|
|
when: always
|
|
- when: never
|
|
|
|
.cljs-job: &cljs
|
|
image: domaindrivenarchitecture/shadow-cljs
|
|
cache:
|
|
key: ${CI_COMMIT_REF_SLUG}
|
|
paths:
|
|
- node_modules/
|
|
- .shadow-cljs/
|
|
- .m2
|
|
before_script:
|
|
- echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc
|
|
- npm install
|
|
|
|
.clj-uploadjob: &clj
|
|
image: domaindrivenarchitecture/lein
|
|
cache:
|
|
key: ${CI_COMMIT_REF_SLUG}
|
|
paths:
|
|
- .m2
|
|
before_script:
|
|
- mkdir -p /root/.lein
|
|
- echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_TOKEN_DOMAINDRIVENARCHITECTURE}\" }}}}" > ~/.lein/profiles.clj
|
|
|
|
test-cljs:
|
|
<<: *cljs
|
|
<<: *only-master
|
|
stage: build_and_test
|
|
script:
|
|
- shadow-cljs compile test
|
|
|
|
test-clj:
|
|
<<: *clj
|
|
<<: *only-master
|
|
stage: build_and_test
|
|
script:
|
|
- lein test
|
|
|
|
test-schema:
|
|
<<: *clj
|
|
<<: *only-master
|
|
stage: build_and_test
|
|
script:
|
|
- lein uberjar
|
|
- java -jar target/uberjar/c4k-nextcloud-standalone.jar valid-config.edn valid-auth.edn | kubeconform --kubernetes-version 1.19.0 --strict --skip "Certificate,CronJob" -
|
|
artifacts:
|
|
paths:
|
|
- target/uberjar
|
|
|
|
.report-frontend:
|
|
<<: *cljs
|
|
stage: package
|
|
script:
|
|
- mkdir -p target/frontend-build
|
|
- shadow-cljs run shadow.cljs.build-report frontend target/frontend-build/build-report.html
|
|
artifacts:
|
|
paths:
|
|
- target/frontend-build/build-report.html
|
|
|
|
.package-frontend:
|
|
<<: *cljs
|
|
stage: package
|
|
script:
|
|
- mkdir -p target/frontend-build
|
|
- shadow-cljs release frontend
|
|
- cp public/js/main.js target/frontend-build/c4k-nextcloud.js
|
|
- sha256sum target/frontend-build/c4k-nextcloud.js > target/frontend-build/c4k-nextcloud.js.sha256
|
|
- sha512sum target/frontend-build/c4k-nextcloud.js > target/frontend-build/c4k-nextcloud.js.sha512
|
|
artifacts:
|
|
paths:
|
|
- target/frontend-build
|
|
|
|
package-uberjar:
|
|
<<: *clj
|
|
<<: *only-master
|
|
stage: package
|
|
script:
|
|
- sha256sum target/uberjar/c4k-nextcloud-standalone.jar > target/uberjar/c4k-nextcloud-standalone.jar.sha256
|
|
- sha512sum target/uberjar/c4k-nextcloud-standalone.jar > target/uberjar/c4k-nextcloud-standalone.jar.sha512
|
|
artifacts:
|
|
paths:
|
|
- target/uberjar
|
|
|
|
sast:
|
|
<<: *only-master
|
|
variables:
|
|
SAST_EXCLUDED_ANALYZERS:
|
|
bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit,
|
|
pmd-apex, security-code-scan, sobelow, spotbugs
|
|
stage: security
|
|
before_script:
|
|
- mkdir -p builds && cp -r target/ builds/
|
|
include:
|
|
- template: Security/SAST.gitlab-ci.yml
|
|
|
|
upload-clj-prerelease:
|
|
<<: *clj
|
|
stage: upload
|
|
rules:
|
|
- if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null'
|
|
script:
|
|
- lein deploy clojars
|
|
|
|
release:
|
|
image: registry.gitlab.com/gitlab-org/release-cli:latest
|
|
stage: upload
|
|
rules:
|
|
- if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null'
|
|
artifacts:
|
|
paths:
|
|
- target/uberjar
|
|
- target/frontend-build
|
|
script:
|
|
- apk --no-cache add curl
|
|
- |
|
|
release-cli create --name "Release $CI_COMMIT_TAG" --tag-name $CI_COMMIT_TAG \
|
|
--assets-link "{\"name\":\"c4k-nextcloud-standalone.jar\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-nextcloud/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-nextcloud-standalone.jar\"}" \
|
|
--assets-link "{\"name\":\"c4k-nextcloud-standalone.jar.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-nextcloud/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-nextcloud-standalone.jar.sha256\"}" \
|
|
--assets-link "{\"name\":\"c4k-nextcloud-standalone.jar.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-nextcloud/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-nextcloud-standalone.jar.sha512\"}" \
|
|
--assets-link "{\"name\":\"c4k-nextcloud.js\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-nextcloud/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-nextcloud.js\"}" \
|
|
--assets-link "{\"name\":\"c4k-nextcloud.js.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-nextcloud/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-nextcloud.js.sha256\"}" \
|
|
--assets-link "{\"name\":\"c4k-nextcloud.js.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-nextcloud/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-nextcloud.js.sha512\"}" \
|
|
|
|
nextcloud-image-test-publish:
|
|
image: domaindrivenarchitecture/devops-build:latest
|
|
stage: image
|
|
rules:
|
|
- if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG != null'
|
|
script:
|
|
- cd infrastructure/docker-nextcloud && pyb image test publish
|
|
|
|
backup-image-test-publish:
|
|
image: domaindrivenarchitecture/devops-build:latest
|
|
stage: image
|
|
rules:
|
|
- if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG != null'
|
|
script:
|
|
- cd infrastructure/docker-backup && pyb image test publish
|
|
|
|
nextcloud-integrationtest:
|
|
stage: integrationtest
|
|
image: docker:latest
|
|
rules:
|
|
- if: '$CI_COMMIT_BRANCH == "integration-test-w-o-db-backup"'
|
|
services:
|
|
- docker:dind
|
|
before_script:
|
|
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
|
|
- apk add bash
|
|
#- docker build --pull -t "$CI_REGISTRY_IMAGE" .
|
|
#- docker run --name "$name" -d --privileged --tmpfs /run --tmpfs /var/run --restart always -e K3S_TOKEN=12345678901234 -e K3S_KUBECONFIG_OUTPUT=./kubeconfig.yaml -e K3S_KUBECONFIG_MODE=666 -v k3s-server:/var/lib/rancher/k3s:z -v $(pwd):/output:z -p 6443:6443 -p 80:80 -p 443:443 rancher/k3s server --cluster-init --tls-san k3stesthost --tls-san cloudhost
|
|
#- docker run --privileged -dit --name c4k_test -v /var/run/docker.sock:/var/run/docker.sock $CI_REGISTRY_IMAGE
|
|
- docker inspect -f '{{.State.Running}}' c4k_test
|
|
script:
|
|
- echo "---------- Integration test -------------"
|
|
- ls -l
|
|
- pwd
|
|
- bash ./src/test/resources/local-integration-test/setup-docker.sh
|
|
|