108 lines
2.8 KiB
YAML
108 lines
2.8 KiB
YAML
stages:
|
|
- build_and_test
|
|
- package
|
|
- security
|
|
- upload
|
|
|
|
.cljs-job: &cljs
|
|
image: node:lts-buster
|
|
cache:
|
|
key: ${CI_COMMIT_REF_SLUG}
|
|
paths:
|
|
- node_modules/
|
|
before_script:
|
|
- apt update && apt -qqy install openjdk-11-jre-headless
|
|
- npm install -g --save-dev shadow-cljs
|
|
- npm install
|
|
|
|
.js-job: &js-upload
|
|
image: node:lts-buster
|
|
cache:
|
|
key: ${CI_COMMIT_REF_SLUG}
|
|
paths:
|
|
- node_modules/
|
|
before_script:
|
|
- echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc
|
|
- mkdir -p target/npm-build
|
|
- cp target/mastodon-bot.js target/npm-build/
|
|
- cp target/mastodon-bot.js.sha256 target/npm-build/
|
|
- cp target/mastodon-bot.js.sha512 target/npm-build/
|
|
- cp README.md target/npm-build/
|
|
|
|
.clj-job: &clj
|
|
image: clojure:lein-2.7.1-alpine
|
|
|
|
build_and_test:
|
|
<<: *cljs
|
|
stage: build_and_test
|
|
script:
|
|
- shadow-cljs compile test
|
|
cache:
|
|
key: ${CI_COMMIT_REF_SLUG}
|
|
paths:
|
|
- .m2
|
|
|
|
#activate as soon as https://github.com/thheller/shadow-cljs/issues/843 is implemented
|
|
.report:
|
|
<<: *cljs
|
|
stage: build_and_test
|
|
script:
|
|
- shadow-cljs run shadow.cljs.build-report app target/build-report.html
|
|
artifacts:
|
|
paths:
|
|
- target/build-report.html
|
|
|
|
package:
|
|
<<: *cljs
|
|
stage: package
|
|
script:
|
|
- shadow-cljs compile app
|
|
- chmod a+x target/mastodon-bot.js
|
|
- sha256sum target/mastodon-bot.js > target/mastodon-bot.js.sha256
|
|
- sha512sum target/mastodon-bot.js > target/mastodon-bot.js.sha512
|
|
artifacts:
|
|
paths:
|
|
- target/mastodon-bot.js
|
|
- target/mastodon-bot.js.sha256
|
|
- target/mastodon-bot.js.sha512
|
|
|
|
sast:
|
|
variables:
|
|
SAST_EXCLUDED_ANALYZERS:
|
|
bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit,
|
|
pmd-apex, security-code-scan, sobelow, spotbugs
|
|
stage: security
|
|
before_script:
|
|
- mkdir -p builds && cp -r target/ builds/
|
|
include:
|
|
- template: Security/SAST.gitlab-ci.yml
|
|
|
|
upload-cljs-prerelease:
|
|
<<: *js-upload
|
|
stage: upload
|
|
rules:
|
|
- if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null'
|
|
script:
|
|
- cp package.json target/npm-build/
|
|
- npm publish ./target/npm-build --access public
|
|
# unsure wether that's a good idea to bump versions from ci.
|
|
#- npm version prerelease -m "[skip-ci] version bump prerelease version"
|
|
#- git push
|
|
|
|
upload-clj-prerelease:
|
|
<<: *clj
|
|
stage: upload
|
|
rules:
|
|
- if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null'
|
|
script:
|
|
- echo "{:user {:auth {#\"clojars\" {:username :env/CLOJARS_USER :password :env/CLOJARS_PASSWORD}}}}" > ~/.lein/profiles.clj
|
|
- lein deploy
|
|
|
|
upload-js-release:
|
|
<<: *js-upload
|
|
stage: upload
|
|
rules:
|
|
- if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG != null'
|
|
script:
|
|
- cp package.json target/npm-build/
|
|
- npm publish ./target/npm-build --access public
|