stages: - build_and_test - package - security - upload - image services: - docker:19.03.12-dind .cljs-job: &cljs image: domaindrivenarchitecture/shadow-cljs cache: key: ${CI_COMMIT_REF_SLUG} paths: - node_modules/ - .shadow-cljs/ - .m2 before_script: - npm install .cljs-upload-job: &cljs-upload image: domaindrivenarchitecture/shadow-cljs cache: key: ${CI_COMMIT_REF_SLUG} paths: - node_modules/ before_script: - echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc - mkdir -p target/npm-build - cp target/mastodon-bot.js target/npm-build/ - cp target/mastodon-bot.js.sha256 target/npm-build/ - cp target/mastodon-bot.js.sha512 target/npm-build/ - cp README.md target/npm-build/ .clj-uploadjob: &clj-upload image: clojure:lein-2.7.1-alpine cache: key: ${CI_COMMIT_REF_SLUG} paths: - .m2 before_script: - echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_PASSWORD}\" }}}}" > ~/.lein/profiles.clj build-and-test-cljs: <<: *cljs stage: build_and_test script: - shadow-cljs compile test build-and-test-clj: <<: *clj-upload stage: build_and_test script: - lein test #activate as soon as https://github.com/thheller/shadow-cljs/issues/843 is implemented .report: <<: *cljs stage: build_and_test script: - shadow-cljs run shadow.cljs.build-report app target/build-report.html artifacts: paths: - target/build-report.html package: <<: *cljs stage: package script: - shadow-cljs release app - chmod a+x target/mastodon-bot.js - sha256sum target/mastodon-bot.js > target/mastodon-bot.js.sha256 - sha512sum target/mastodon-bot.js > target/mastodon-bot.js.sha512 artifacts: paths: - target/mastodon-bot.js - target/mastodon-bot.js.sha256 - target/mastodon-bot.js.sha512 sast: variables: SAST_EXCLUDED_ANALYZERS: bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit, pmd-apex, security-code-scan, sobelow, spotbugs stage: security before_script: - mkdir -p builds && cp -r target/ builds/ include: - template: Security/SAST.gitlab-ci.yml upload-cljs-prerelease: <<: *cljs-upload stage: upload rules: - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' script: - cp package.json target/npm-build/ - sed -i 's|SNAPSHOT|'$(date +"%Y%m%d%H%M%S")'|' ./target/npm-build/package.json - npm publish ./target/npm-build --access public upload-clj-prerelease: <<: *clj-upload stage: upload rules: - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' script: - lein deploy clojars upload-cljs-release: <<: *cljs-upload stage: upload rules: - if: '$CI_COMMIT_TAG != null' script: - cp package.json target/npm-build/ - npm publish ./target/npm-build --access public image-test-publish: image: domaindrivenarchitecture/devops-build:latest stage: image rules: - if: '$CI_COMMIT_TAG != null' script: - cd infrastructure/docker && pyb image test publish