|
|
|
|
stages:
|
|
|
|
|
- build_and_test
|
|
|
|
|
- package
|
|
|
|
|
- security
|
|
|
|
|
- upload
|
|
|
|
|
- image
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- docker:19.03.12-dind
|
|
|
|
|
|
|
|
|
|
.cljs-job: &cljs
|
|
|
|
|
image: domaindrivenarchitecture/shadow-cljs
|
|
|
|
|
cache:
|
|
|
|
|
key: ${CI_COMMIT_REF_SLUG}
|
|
|
|
|
paths:
|
|
|
|
|
- node_modules/
|
|
|
|
|
before_script:
|
|
|
|
|
- npm install
|
|
|
|
|
|
|
|
|
|
.cljs-upload-job: &cljs-upload
|
|
|
|
|
image: domaindrivenarchitecture/shadow-cljs
|
|
|
|
|
cache:
|
|
|
|
|
key: ${CI_COMMIT_REF_SLUG}
|
|
|
|
|
paths:
|
|
|
|
|
- node_modules/
|
|
|
|
|
before_script:
|
|
|
|
|
- echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc
|
|
|
|
|
- mkdir -p target/npm-build
|
|
|
|
|
- cp target/mastodon-bot.js target/npm-build/
|
|
|
|
|
- cp target/mastodon-bot.js.sha256 target/npm-build/
|
|
|
|
|
- cp target/mastodon-bot.js.sha512 target/npm-build/
|
|
|
|
|
- cp README.md target/npm-build/
|
|
|
|
|
|
|
|
|
|
.clj-uploadjob: &clj-upload
|
|
|
|
|
image: clojure:lein-2.7.1-alpine
|
|
|
|
|
before_script:
|
|
|
|
|
- echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_PASSWORD}\" }}}}" > ~/.lein/profiles.clj
|
|
|
|
|
|
|
|
|
|
build_and_test:
|
|
|
|
|
<<: *cljs
|
|
|
|
|
stage: build_and_test
|
|
|
|
|
script:
|
|
|
|
|
- shadow-cljs compile test
|
|
|
|
|
cache:
|
|
|
|
|
key: ${CI_COMMIT_REF_SLUG}
|
|
|
|
|
paths:
|
|
|
|
|
- .m2
|
|
|
|
|
|
|
|
|
|
#activate as soon as https://github.com/thheller/shadow-cljs/issues/843 is implemented
|
|
|
|
|
.report:
|
|
|
|
|
<<: *cljs
|
|
|
|
|
stage: build_and_test
|
|
|
|
|
script:
|
|
|
|
|
- shadow-cljs run shadow.cljs.build-report app target/build-report.html
|
|
|
|
|
artifacts:
|
|
|
|
|
paths:
|
|
|
|
|
- target/build-report.html
|
|
|
|
|
|
|
|
|
|
package:
|
|
|
|
|
<<: *cljs
|
|
|
|
|
stage: package
|
|
|
|
|
script:
|
|
|
|
|
- shadow-cljs release app
|
|
|
|
|
- chmod a+x target/mastodon-bot.js
|
|
|
|
|
- sha256sum target/mastodon-bot.js > target/mastodon-bot.js.sha256
|
|
|
|
|
- sha512sum target/mastodon-bot.js > target/mastodon-bot.js.sha512
|
|
|
|
|
artifacts:
|
|
|
|
|
paths:
|
|
|
|
|
- target/mastodon-bot.js
|
|
|
|
|
- target/mastodon-bot.js.sha256
|
|
|
|
|
- target/mastodon-bot.js.sha512
|
|
|
|
|
|
|
|
|
|
sast:
|
|
|
|
|
variables:
|
|
|
|
|
SAST_EXCLUDED_ANALYZERS:
|
|
|
|
|
bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit,
|
|
|
|
|
pmd-apex, security-code-scan, sobelow, spotbugs
|
|
|
|
|
stage: security
|
|
|
|
|
before_script:
|
|
|
|
|
- mkdir -p builds && cp -r target/ builds/
|
|
|
|
|
include:
|
|
|
|
|
- template: Security/SAST.gitlab-ci.yml
|
|
|
|
|
|
|
|
|
|
upload-cljs-prerelease:
|
|
|
|
|
<<: *cljs-upload
|
|
|
|
|
stage: upload
|
|
|
|
|
rules:
|
|
|
|
|
- if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null'
|
|
|
|
|
script:
|
|
|
|
|
- cp package.json target/npm-build/
|
|
|
|
|
- sed -i 's|SNAPSHOT|'$(date +"%Y%m%d%H%M%S")'|' ./target/npm-build/package.json
|
|
|
|
|
- npm publish ./target/npm-build --access public
|
|
|
|
|
|
|
|
|
|
upload-clj-prerelease:
|
|
|
|
|
<<: *clj-upload
|
|
|
|
|
stage: upload
|
|
|
|
|
rules:
|
|
|
|
|
- if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null'
|
|
|
|
|
script:
|
|
|
|
|
- lein deploy clojars
|
|
|
|
|
|
|
|
|
|
upload-cljs-release:
|
|
|
|
|
<<: *cljs-upload
|
|
|
|
|
stage: upload
|
|
|
|
|
rules:
|
|
|
|
|
- if: '$CI_COMMIT_TAG != null'
|
|
|
|
|
script:
|
|
|
|
|
- cp package.json target/npm-build/
|
|
|
|
|
- npm publish ./target/npm-build --access public
|
|
|
|
|
|
|
|
|
|
upload-clj-release:
|
|
|
|
|
<<: *clj-upload
|
|
|
|
|
stage: upload
|
|
|
|
|
rules:
|
|
|
|
|
- if: '$CI_COMMIT_TAG != null'
|
|
|
|
|
script:
|
|
|
|
|
- lein deploy clojars
|
|
|
|
|
|
|
|
|
|
build:
|
|
|
|
|
image: domaindrivenarchitecture/devops-build:latest
|
|
|
|
|
stage: image
|
|
|
|
|
rules:
|
|
|
|
|
- if: '$CI_COMMIT_TAG != null'
|
|
|
|
|
script:
|
|
|
|
|
- cd infrastructure/docker && pyb image test publish
|
