00268b4476
Just grabbing the latest artifact for the branch does not work because gitlab will only change the latest artifact when the whole pipeline finishes
373 lines
11 KiB
YAML
373 lines
11 KiB
YAML
image: elixir:1.9.4
|
|
|
|
variables: &global_variables
|
|
POSTGRES_DB: pleroma_test
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: postgres
|
|
DB_HOST: postgres
|
|
MIX_ENV: test
|
|
|
|
cache: &global_cache_policy
|
|
key: ${CI_COMMIT_REF_SLUG}
|
|
paths:
|
|
- deps
|
|
- _build
|
|
|
|
stages:
|
|
- build
|
|
- test
|
|
- benchmark
|
|
- deploy
|
|
- release
|
|
- docker
|
|
|
|
before_script:
|
|
- apt-get update && apt-get install -y cmake
|
|
- mix local.hex --force
|
|
- mix local.rebar --force
|
|
- apt-get -qq update
|
|
- apt-get install -y libmagic-dev
|
|
|
|
build:
|
|
stage: build
|
|
script:
|
|
- mix deps.get
|
|
- mix compile --force
|
|
|
|
spec-build:
|
|
stage: test
|
|
artifacts:
|
|
paths:
|
|
- spec.json
|
|
script:
|
|
- mix pleroma.openapi_spec spec.json
|
|
|
|
benchmark:
|
|
stage: benchmark
|
|
when: manual
|
|
variables:
|
|
MIX_ENV: benchmark
|
|
services:
|
|
- name: postgres:9.6
|
|
alias: postgres
|
|
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
|
script:
|
|
- mix deps.get
|
|
- mix ecto.create
|
|
- mix ecto.migrate
|
|
- mix pleroma.load_testing
|
|
|
|
unit-testing:
|
|
stage: test
|
|
retry: 2
|
|
cache: &testing_cache_policy
|
|
<<: *global_cache_policy
|
|
policy: pull
|
|
|
|
services:
|
|
- name: postgres:13
|
|
alias: postgres
|
|
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
|
script:
|
|
- apt-get update && apt-get install -y libimage-exiftool-perl ffmpeg
|
|
- mix deps.get
|
|
- mix ecto.create
|
|
- mix ecto.migrate
|
|
- mix coveralls --preload-modules
|
|
|
|
# Removed to fix CI issue. In this early state it wasn't adding much value anyway.
|
|
# TODO Fix and reinstate federated testing
|
|
# federated-testing:
|
|
# stage: test
|
|
# cache: *testing_cache_policy
|
|
# services:
|
|
# - name: minibikini/postgres-with-rum:12
|
|
# alias: postgres
|
|
# command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
|
# script:
|
|
# - mix deps.get
|
|
# - mix ecto.create
|
|
# - mix ecto.migrate
|
|
# - epmd -daemon
|
|
# - mix test --trace --only federated
|
|
|
|
unit-testing-rum:
|
|
stage: test
|
|
retry: 2
|
|
cache: *testing_cache_policy
|
|
services:
|
|
- name: minibikini/postgres-with-rum:12
|
|
alias: postgres
|
|
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
|
variables:
|
|
<<: *global_variables
|
|
RUM_ENABLED: "true"
|
|
script:
|
|
- apt-get update && apt-get install -y libimage-exiftool-perl ffmpeg
|
|
- mix deps.get
|
|
- mix ecto.create
|
|
- mix ecto.migrate
|
|
- "mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/"
|
|
- mix test --preload-modules
|
|
|
|
lint:
|
|
stage: test
|
|
cache: *testing_cache_policy
|
|
script:
|
|
- mix format --check-formatted
|
|
|
|
analysis:
|
|
stage: test
|
|
cache: *testing_cache_policy
|
|
script:
|
|
- mix deps.get
|
|
- mix credo --strict --only=warnings,todo,fixme,consistency,readability
|
|
|
|
docs-deploy:
|
|
stage: deploy
|
|
cache: *testing_cache_policy
|
|
image: alpine:latest
|
|
only:
|
|
- stable@pleroma/pleroma
|
|
- develop@pleroma/pleroma
|
|
before_script:
|
|
- apk add curl
|
|
script:
|
|
- curl -X POST -F"token=$DOCS_PIPELINE_TRIGGER" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" https://git.pleroma.social/api/v4/projects/673/trigger/pipeline
|
|
review_app:
|
|
image: alpine:3.9
|
|
stage: deploy
|
|
before_script:
|
|
- apk update && apk add openssh-client git
|
|
when: manual
|
|
environment:
|
|
name: review/$CI_COMMIT_REF_NAME
|
|
url: https://$CI_ENVIRONMENT_SLUG.pleroma.online/
|
|
on_stop: stop_review_app
|
|
only:
|
|
- branches
|
|
except:
|
|
- master
|
|
- develop
|
|
script:
|
|
- echo "$CI_ENVIRONMENT_SLUG"
|
|
- mkdir -p ~/.ssh
|
|
- eval $(ssh-agent -s)
|
|
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
|
|
- ssh-keyscan -H "pleroma.online" >> ~/.ssh/known_hosts
|
|
- (ssh -t dokku@pleroma.online -- apps:create "$CI_ENVIRONMENT_SLUG") || true
|
|
- (ssh -t dokku@pleroma.online -- git:set "$CI_ENVIRONMENT_SLUG" keep-git-dir true) || true
|
|
- ssh -t dokku@pleroma.online -- config:set "$CI_ENVIRONMENT_SLUG" APP_NAME="$CI_ENVIRONMENT_SLUG" APP_HOST="$CI_ENVIRONMENT_SLUG.pleroma.online" MIX_ENV=dokku
|
|
- (ssh -t dokku@pleroma.online -- postgres:create $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db) || true
|
|
- (ssh -t dokku@pleroma.online -- postgres:link $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db "$CI_ENVIRONMENT_SLUG") || true
|
|
- (ssh -t dokku@pleroma.online -- certs:add "$CI_ENVIRONMENT_SLUG" /home/dokku/server.crt /home/dokku/server.key) || true
|
|
- git push -f dokku@pleroma.online:$CI_ENVIRONMENT_SLUG $CI_COMMIT_SHA:refs/heads/master
|
|
|
|
spec-deploy:
|
|
stage: deploy
|
|
artifacts:
|
|
paths:
|
|
- spec.json
|
|
only:
|
|
- develop@pleroma/pleroma
|
|
image: alpine:latest
|
|
before_script:
|
|
- apk add curl
|
|
script:
|
|
- curl -X POST -F"token=$API_DOCS_PIPELINE_TRIGGER" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" -F"variables[JOB_REF]=CI_JOB_ID" https://git.pleroma.social/api/v4/projects/1130/trigger/pipeline
|
|
|
|
|
|
stop_review_app:
|
|
image: alpine:3.9
|
|
stage: deploy
|
|
before_script:
|
|
- apk update && apk add openssh-client git
|
|
when: manual
|
|
environment:
|
|
name: review/$CI_COMMIT_REF_NAME
|
|
action: stop
|
|
script:
|
|
- echo "$CI_ENVIRONMENT_SLUG"
|
|
- mkdir -p ~/.ssh
|
|
- eval $(ssh-agent -s)
|
|
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
|
|
- ssh-keyscan -H "pleroma.online" >> ~/.ssh/known_hosts
|
|
- ssh -t dokku@pleroma.online -- --force apps:destroy "$CI_ENVIRONMENT_SLUG"
|
|
- ssh -t dokku@pleroma.online -- --force postgres:destroy $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db
|
|
|
|
amd64:
|
|
stage: release
|
|
image: elixir:1.10.3
|
|
only: &release-only
|
|
- stable@pleroma/pleroma
|
|
- develop@pleroma/pleroma
|
|
- /^maint/.*$/@pleroma/pleroma
|
|
- /^release/.*$/@pleroma/pleroma
|
|
artifacts: &release-artifacts
|
|
name: "pleroma-$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA-$CI_JOB_NAME"
|
|
paths:
|
|
- release/*
|
|
# Ideally it would be never for master branch and with the next commit for develop,
|
|
# but Gitlab does not support neither `only` for artifacts
|
|
# nor setting it to never from .gitlab-ci.yml
|
|
# nor expiring with the next commit
|
|
expire_in: 42 yrs
|
|
|
|
cache: &release-cache
|
|
key: $CI_COMMIT_REF_NAME-$CI_JOB_NAME
|
|
paths:
|
|
- deps
|
|
variables: &release-variables
|
|
MIX_ENV: prod
|
|
before_script: &before-release
|
|
- apt-get update && apt-get install -y cmake libmagic-dev
|
|
- echo "import Mix.Config" > config/prod.secret.exs
|
|
- mix local.hex --force
|
|
- mix local.rebar --force
|
|
script: &release
|
|
- mix deps.get --only prod
|
|
- mkdir release
|
|
- export PLEROMA_BUILD_BRANCH=$CI_COMMIT_REF_NAME
|
|
- mix release --path release
|
|
|
|
|
|
amd64-musl:
|
|
stage: release
|
|
artifacts: *release-artifacts
|
|
only: *release-only
|
|
image: elixir:1.10.3-alpine
|
|
cache: *release-cache
|
|
variables: *release-variables
|
|
before_script: &before-release-musl
|
|
- apk add git gcc g++ musl-dev make cmake file-dev
|
|
- echo "import Mix.Config" > config/prod.secret.exs
|
|
- mix local.hex --force
|
|
- mix local.rebar --force
|
|
script: *release
|
|
|
|
arm:
|
|
stage: release
|
|
artifacts: *release-artifacts
|
|
only: *release-only
|
|
tags:
|
|
- arm32-specified
|
|
image: arm32v7/elixir:1.10.3
|
|
cache: *release-cache
|
|
variables: *release-variables
|
|
before_script: *before-release
|
|
script: *release
|
|
|
|
arm-musl:
|
|
stage: release
|
|
artifacts: *release-artifacts
|
|
only: *release-only
|
|
tags:
|
|
- arm32-specified
|
|
image: arm32v7/elixir:1.10.3-alpine
|
|
cache: *release-cache
|
|
variables: *release-variables
|
|
before_script: *before-release-musl
|
|
script: *release
|
|
|
|
arm64:
|
|
stage: release
|
|
artifacts: *release-artifacts
|
|
only: *release-only
|
|
tags:
|
|
- arm
|
|
image: arm64v8/elixir:1.10.3
|
|
cache: *release-cache
|
|
variables: *release-variables
|
|
before_script: *before-release
|
|
script: *release
|
|
|
|
arm64-musl:
|
|
stage: release
|
|
artifacts: *release-artifacts
|
|
only: *release-only
|
|
tags:
|
|
- arm
|
|
image: arm64v8/elixir:1.10.3-alpine
|
|
cache: *release-cache
|
|
variables: *release-variables
|
|
before_script: *before-release-musl
|
|
script: *release
|
|
|
|
docker:
|
|
stage: docker
|
|
image: docker:latest
|
|
cache: {}
|
|
dependencies: []
|
|
variables: &docker-variables
|
|
DOCKER_DRIVER: overlay2
|
|
DOCKER_HOST: unix:///var/run/docker.sock
|
|
IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA
|
|
IMAGE_TAG_SLUG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
|
|
IMAGE_TAG_LATEST: $CI_REGISTRY_IMAGE:latest
|
|
IMAGE_TAG_LATEST_STABLE: $CI_REGISTRY_IMAGE:latest-stable
|
|
DOCKER_BUILDX_URL: https://github.com/docker/buildx/releases/download/v0.4.1/buildx-v0.4.1.linux-amd64
|
|
DOCKER_BUILDX_HASH: 71a7d01439aa8c165a25b59c44d3f016fddbd98b
|
|
before_script: &before-docker
|
|
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
|
- docker pull $IMAGE_TAG_SLUG || true
|
|
- export CI_JOB_TIMESTAMP=$(date --utc -Iseconds)
|
|
- export CI_VCS_REF=$CI_COMMIT_SHORT_SHA
|
|
allow_failure: true
|
|
script:
|
|
- mkdir -p /root/.docker/cli-plugins
|
|
- wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
|
|
- echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
|
|
- chmod +x ~/.docker/cli-plugins/docker-buildx
|
|
- docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
|
- docker buildx create --name mbuilder --driver docker-container --use
|
|
- docker buildx inspect --bootstrap
|
|
- docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG -t $IMAGE_TAG_LATEST .
|
|
tags:
|
|
- dind
|
|
only:
|
|
- develop@pleroma/pleroma
|
|
|
|
docker-stable:
|
|
stage: docker
|
|
image: docker:latest
|
|
cache: {}
|
|
dependencies: []
|
|
variables: *docker-variables
|
|
before_script: *before-docker
|
|
allow_failure: true
|
|
script:
|
|
- mkdir -p /root/.docker/cli-plugins
|
|
- wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
|
|
- echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
|
|
- chmod +x ~/.docker/cli-plugins/docker-buildx
|
|
- docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
|
- docker buildx create --name mbuilder --driver docker-container --use
|
|
- docker buildx inspect --bootstrap
|
|
- docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG -t $IMAGE_TAG_LATEST_STABLE .
|
|
tags:
|
|
- dind
|
|
only:
|
|
- stable@pleroma/pleroma
|
|
|
|
docker-release:
|
|
stage: docker
|
|
image: docker:latest
|
|
cache: {}
|
|
dependencies: []
|
|
variables: *docker-variables
|
|
before_script: *before-docker
|
|
allow_failure: true
|
|
script:
|
|
script:
|
|
- mkdir -p /root/.docker/cli-plugins
|
|
- wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
|
|
- echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
|
|
- chmod +x ~/.docker/cli-plugins/docker-buildx
|
|
- docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
|
- docker buildx create --name mbuilder --driver docker-container --use
|
|
- docker buildx inspect --bootstrap
|
|
- docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG .
|
|
tags:
|
|
- dind
|
|
only:
|
|
- /^release/.*$/@pleroma/pleroma
|