reduce ci duplications
This commit is contained in:
parent
2b2def54b7
commit
2516c03058
1 changed files with 39 additions and 41 deletions
|
@ -1,41 +1,46 @@
|
|||
image: node:lts-buster
|
||||
|
||||
stages:
|
||||
- test
|
||||
- package
|
||||
- security
|
||||
- upload
|
||||
|
||||
cache:
|
||||
key: ${CI_COMMIT_REF_SLUG}
|
||||
paths:
|
||||
- node_modules/
|
||||
|
||||
default:
|
||||
.cljs-job: &cljs
|
||||
image: node:lts-buster
|
||||
cache:
|
||||
key: ${CI_COMMIT_REF_SLUG}
|
||||
paths:
|
||||
- node_modules/
|
||||
before_script:
|
||||
- apt update && apt -qqy install openjdk-11-jre-headless
|
||||
- npm install
|
||||
- npm install -g --save-dev shadow-cljs
|
||||
|
||||
.js-job: &js-upload
|
||||
image: node:lts-buster
|
||||
cache:
|
||||
key: ${CI_COMMIT_REF_SLUG}
|
||||
paths:
|
||||
- node_modules/
|
||||
before_script:
|
||||
- echo _auth=$NPM_PUBLSH_KEY >> .npmrc
|
||||
- echo email=$NPM_PUBLSH_MAIL >> .npmrc
|
||||
- echo always-auth=true >> .npmrc
|
||||
- mkdir -p target/npm-build/mastodon_bot
|
||||
- cp target/mastodon-bot.js target/npm-build/mastodon_bot/
|
||||
- cp target/mastodon-bot.js.sha256 target/npm-build/mastodon_bot/
|
||||
- cp target/mastodon-bot.js.sha512 target/npm-build/mastodon_bot/
|
||||
- cp package.json target/npm-build/mastodon_bot/
|
||||
- cp README.md target/npm-build/mastodon_bot/
|
||||
|
||||
build:
|
||||
<<: *cljs
|
||||
stage: test
|
||||
script:
|
||||
- shadow-cljs compile test
|
||||
|
||||
sast:
|
||||
variables:
|
||||
SAST_EXCLUDED_ANALYZERS:
|
||||
bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit,
|
||||
pmd-apex, security-code-scan, sobelow, spotbugs
|
||||
stage: test
|
||||
before_script:
|
||||
- echo "scan security"
|
||||
include:
|
||||
- template: Security/SAST.gitlab-ci.yml
|
||||
|
||||
package:
|
||||
<<: *cljs
|
||||
stage: package
|
||||
rules:
|
||||
- if: '$CI_COMMIT_BRANCH == "master"'
|
||||
artifacts:
|
||||
paths:
|
||||
- target/
|
||||
|
@ -45,38 +50,31 @@ package:
|
|||
- sha256sum target/mastodon-bot.js > target/mastodon-bot.js.sha256
|
||||
- sha512sum target/mastodon-bot.js > target/mastodon-bot.js.sha512
|
||||
|
||||
sast:
|
||||
variables:
|
||||
SAST_EXCLUDED_ANALYZERS:
|
||||
bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit,
|
||||
pmd-apex, security-code-scan, sobelow, spotbugs
|
||||
stage: security
|
||||
before_script:
|
||||
- mkdir -p builds && cp -r target/ builds/
|
||||
include:
|
||||
- template: Security/SAST.gitlab-ci.yml
|
||||
|
||||
upload-prerelease:
|
||||
<<: *js-upload
|
||||
stage: upload
|
||||
rules:
|
||||
- if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null'
|
||||
before_script:
|
||||
- echo _auth=$NPM_PUBLSH_KEY >> .npmrc
|
||||
- echo email=$NPM_PUBLSH_MAIL >> .npmrc
|
||||
- echo always-auth=true >> .npmrc
|
||||
script:
|
||||
- mkdir -p target/npm-build/mastodon_bot
|
||||
- cp target/mastodon-bot.js target/npm-build/mastodon_bot/
|
||||
- cp target/mastodon-bot.js.sha256 target/npm-build/mastodon_bot/
|
||||
- cp target/mastodon-bot.js.sha512 target/npm-build/mastodon_bot/
|
||||
- cp package.json target/npm-build/mastodon_bot/
|
||||
- cp README.md target/npm-build/mastodon_bot/
|
||||
- npm version --no-git-tag-version prerelease
|
||||
- npm publish ./target/npm-build/mastodon_bot --access public
|
||||
|
||||
upload-release:
|
||||
<<: *js-upload
|
||||
stage: upload
|
||||
rules:
|
||||
- if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG != null'
|
||||
before_script:
|
||||
- echo _auth=$NPM_PUBLSH_KEY >> .npmrc
|
||||
- echo email=$NPM_PUBLSH_MAIL >> .npmrc
|
||||
- echo always-auth=true >> .npmrc
|
||||
script:
|
||||
- mkdir -p target/npm-build/mastodon_bot
|
||||
- cp target/mastodon-bot.js target/npm-build/mastodon_bot/
|
||||
- cp target/mastodon-bot.js.sha256 target/npm-build/mastodon_bot/
|
||||
- cp target/mastodon-bot.js.sha512 target/npm-build/mastodon_bot/
|
||||
- cp package.json target/npm-build/mastodon_bot/
|
||||
- cp README.md target/npm-build/mastodon_bot/
|
||||
- npm version --no-git-tag-version $CI_COMMIT_TAG
|
||||
- npm publish ./target/npm-build/mastodon_bot --access public
|
||||
|
|
Reference in a new issue