mobilizon/.gitlab-ci.yml

345 lines
9.1 KiB
YAML
Raw Normal View History

image: tcitworld/mobilizon-ci
2018-01-13 23:35:11 +01:00
stages:
2020-12-23 00:01:25 +01:00
- install
- check
- build-js
- test
- docker
2020-12-23 00:01:25 +01:00
- package
- upload
- deploy
2018-01-13 23:35:11 +01:00
variables:
MIX_ENV: "test"
2020-12-23 00:01:25 +01:00
YARN_CACHE_FOLDER: "js/.yarn"
# DB Variables for Postgres / Postgis
POSTGRES_DB: mobilizon_test
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_HOST: postgres
# DB Variables for Mobilizon
MOBILIZON_DATABASE_USERNAME: $POSTGRES_USER
MOBILIZON_DATABASE_PASSWORD: $POSTGRES_PASSWORD
MOBILIZON_DATABASE_DBNAME: $POSTGRES_DB
MOBILIZON_DATABASE_HOST: $POSTGRES_HOST
GEOLITE_CITIES_PATH: "/usr/share/GeoIP/GeoLite2-City.mmdb"
MOBILIZON_INSTANCE_REGISTRATIONS_OPEN: "true"
# Release elements
2020-12-23 00:01:25 +01:00
PACKAGE_REGISTRY_URL: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/${CI_PROJECT_NAME}"
ARCH: "amd64"
EXPORT_FORMATS: "csv,ods,pdf"
APP_VERSION: "${CI_COMMIT_REF_NAME}"
APP_ASSET: "${CI_PROJECT_NAME}_${CI_COMMIT_REF_NAME}_${ARCH}.tar.gz"
CYPRESS_INSTALL_BINARY: 0
cache:
key: "${CI_COMMIT_REF_SLUG}-${CI_COMMIT_SHORT_SHA}"
paths:
- ~/.cache/Cypress
2020-12-23 00:01:25 +01:00
- cache/Cypress
- deps/
2020-12-23 00:01:25 +01:00
- _build/
- js/node_modules
2020-12-23 00:01:25 +01:00
- js/.yarn
# Installed dependencies are cached across the pipeline
# So there is no need to reinstall them all the time
# It saves minutes during a pipeline build time
install:
stage: install
script:
- yarn --cwd "js" install --frozen-lockfile
- mix deps.get
- mix compile
lint-elixir:
stage: check
before_script:
- mix deps.get
script:
- export EXITVALUE=0
- mix format --check-formatted --dry-run || export EXITVALUE=1
- mix credo --strict -a || export EXITVALUE=1
- mix sobelow --config || export EXITVALUE=1
- exit $EXITVALUE
lint-front:
image: node:16
stage: check
before_script:
- export EXITVALUE=0
- yarn --cwd "js" install --frozen-lockfile
script:
- yarn --cwd "js" run lint || export EXITVALUE=1
- yarn --cwd "js" run prettier -c . || export EXITVALUE=1
- exit $EXITVALUE
2020-12-23 00:01:25 +01:00
build-frontend:
stage: build-js
image: node:16
2020-12-23 00:01:25 +01:00
before_script:
- apt update
- apt install -y --no-install-recommends python build-essential webp imagemagick gifsicle jpegoptim optipng pngquant
2020-12-23 00:01:25 +01:00
script:
- yarn --cwd "js" install --frozen-lockfile
- yarn --cwd "js" run build
artifacts:
2020-12-23 00:01:25 +01:00
expire_in: 5 days
paths:
- priv/static
2020-12-23 00:01:25 +01:00
needs:
- lint-front
deps:
stage: check
before_script:
- mix deps.get
script:
- export EXITVALUE=0
- mix hex.outdated || export EXITVALUE=1
2020-12-23 00:01:25 +01:00
- yarn --cwd "js" outdated || export EXITVALUE=1
- exit $EXITVALUE
allow_failure: true
2020-12-23 00:01:25 +01:00
needs:
- install
2018-01-13 23:35:11 +01:00
exunit:
stage: test
services:
- name: postgis/postgis:13-3.1
alias: postgres
variables:
MIX_ENV: test
before_script:
- mix deps.get && mix tz_world.update
- mix ecto.create
2020-12-23 00:01:25 +01:00
- mix ecto.migrate
2018-01-13 23:35:11 +01:00
script:
- mix coveralls
artifacts:
when: always
reports:
junit:
- test-junit-report.xml
expire_in: 30 days
jest:
stage: test
2020-12-23 00:01:25 +01:00
needs:
- lint-front
before_script:
- yarn --cwd "js" install --frozen-lockfile
script:
2020-12-23 00:01:25 +01:00
- yarn --cwd "js" run test:unit --no-color --ci --reporters=default --reporters=jest-junit
artifacts:
when: always
paths:
- js/coverage
2020-12-23 00:01:25 +01:00
reports:
junit:
- js/junit.xml
expire_in: 30 days
2020-12-23 00:01:25 +01:00
# cypress:
# stage: test
# services:
# - name: postgis/postgis:13.3
# alias: postgres
2020-12-23 00:01:25 +01:00
# variables:
# MIX_ENV=e2e
# script:
2020-12-23 00:01:25 +01:00
# - mix ecto.create
# - mix ecto.migrate
# - mix run priv/repo/e2e.seed.exs
# - mix phx.server &
# - cd js
# - npx wait-on http://localhost:4000
# - if [ -z "$CYPRESS_KEY" ]; then npx cypress run; else npx cypress run --record --parallel --key $CYPRESS_KEY; fi
# artifacts:
# expire_in: 2 day
# paths:
# - js/tests/e2e/screenshots/**/*.png
# - js/tests/e2e/videos/**/*.mp4
pages:
stage: deploy
script:
- mkdir public
- mix deps.get
- mix docs
- mv doc public/backend
# #- yarn run --cwd "js" styleguide:build
# #- mv js/styleguide public/frontend
rules:
- if: '$CI_COMMIT_BRANCH == "main"'
artifacts:
expire_in: 1 hour
paths:
- public
.docker: &docker
stage: docker
image: docker:stable
variables:
DOCKER_TLS_CERTDIR: "/certs"
DOCKER_HOST: tcp://docker:2376
DOCKER_TLS_VERIFY: 1
DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client"
DOCKER_DRIVER: overlay2
services:
- docker:stable-dind
cache: {}
before_script:
# Install buildx
- wget https://github.com/docker/buildx/releases/download/v0.6.3/buildx-v0.6.3.linux-amd64
- mkdir -p ~/.docker/cli-plugins/
- mv buildx-v0.6.3.linux-amd64 ~/.docker/cli-plugins/docker-buildx
- chmod a+x ~/.docker/cli-plugins/docker-buildx
# Create env
- docker context create tls-environment
- docker buildx create --use tls-environment
# Install qemu/binfmt
- docker pull tonistiigi/binfmt:latest
- docker run --rm --privileged tonistiigi/binfmt:latest --install all
# Login to DockerHub
- mkdir -p ~/.docker
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$CI_REGISTRY_AUTH\",\"email\":\"$CI_REGISTRY_EMAIL\"}}}" > ~/.docker/config.json
script:
- >
docker buildx build
--push
--platform linux/amd64,linux/arm64,linux/arm
-t $DOCKER_IMAGE_NAME
-f docker/production/Dockerfile .
tags:
- "privileged"
timeout: 3 hours
build-docker-main:
<<: *docker
rules:
- if: '$CI_PROJECT_NAMESPACE != "framasoft"'
when: never
- if: '$CI_PIPELINE_SOURCE == "schedule"'
variables:
DOCKER_IMAGE_NAME: framasoft/mobilizon:main
build-docker-tag:
<<: *docker
rules: &tag-rules
- if: '$CI_PROJECT_NAMESPACE != "framasoft"'
when: never
- if: $CI_COMMIT_TAG
variables:
DOCKER_IMAGE_NAME: framasoft/mobilizon:$CI_COMMIT_TAG
# Packaging app for amd64
2020-12-23 00:01:25 +01:00
package-app:
stage: package
variables: &release-variables
MIX_ENV: "prod"
script: &release-script
- mix local.hex --force
- mix local.rebar --force
- mix deps.get
- mix phx.digest
- mix release --path release/mobilizon
- cd release/mobilizon && ln -s lib/mobilizon-*/priv priv && cd ../../
- du -sh release/
- 'echo "Artifact: ${APP_ASSET}"'
- tar czf ${APP_ASSET} -C release mobilizon
- du -sh ${APP_ASSET}
only:
- tags@framasoft/mobilizon
artifacts:
expire_in: 30 days
paths:
- ${APP_ASSET}
package-app-dev:
stage: package
variables: *release-variables
script: *release-script
except:
- tags@framasoft/mobilizon
artifacts:
2020-12-23 00:01:25 +01:00
expire_in: 2 days
paths:
- ${APP_ASSET}
# Packaging app for multi-arch
multi-arch-release:
stage: package
image: docker:stable
variables:
DOCKER_TLS_CERTDIR: "/certs"
DOCKER_HOST: tcp://docker:2376
DOCKER_TLS_VERIFY: 1
DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client"
DOCKER_DRIVER: overlay2
APP_ASSET: "${CI_PROJECT_NAME}_${CI_COMMIT_REF_NAME}_${ARCH}.tar.gz"
services:
- docker:stable-dind
cache: {}
before_script:
# Install buildx
- wget https://github.com/docker/buildx/releases/download/v0.6.3/buildx-v0.6.3.linux-amd64
- mkdir -p ~/.docker/cli-plugins/
- mv buildx-v0.6.3.linux-amd64 ~/.docker/cli-plugins/docker-buildx
- chmod a+x ~/.docker/cli-plugins/docker-buildx
# Create env
- docker context create tls-environment
- docker buildx create --use tls-environment
# Install qemu/binfmt
- docker pull tonistiigi/binfmt:latest
- docker run --rm --privileged tonistiigi/binfmt:latest --install all
script:
- docker buildx build --platform linux/${ARCH} --output type=local,dest=releases --build-arg APP_ASSET=${APP_ASSET} -f docker/multiarch/Dockerfile .
- ls -alh releases/mobilizon/
- du -sh releases/mobilizon/${APP_ASSET}
tags:
- "privileged"
artifacts:
expire_in: 30 days
paths:
- releases/mobilizon/${APP_ASSET}
parallel:
matrix:
- ARCH: ["arm", "arm64"]
rules:
- if: '$CI_PROJECT_NAMESPACE != "framasoft"'
when: never
- if: '$CI_PIPELINE_SOURCE == "schedule"'
- if: $CI_COMMIT_TAG
# Release
2020-12-23 00:01:25 +01:00
release-upload:
stage: upload
image: framasoft/yakforms-assets-deploy:latest
rules: *tag-rules
script:
- eval `ssh-agent -s`
- ssh-add <(echo "${DEPLOYEMENT_KEY}" | base64 --decode -i)
- echo "put -r mobilizon_*.tar.gz" | sftp -o "VerifyHostKeyDNS yes" ${DEPLOYEMENT_USER}@${DEPLOYEMENT_HOST}:public/
artifacts:
expire_in: 1 day
when: on_success
paths:
- mobilizon_*.tar.gz
release-create:
stage: deploy
image: registry.gitlab.com/gitlab-org/release-cli:latest
rules: *tag-rules
before_script:
- apk --no-cache add gawk sed grep
script: |
CHANGELOG=$(awk -v version="$APP_VERSION" '/^## / { printit = $2 == version }; printit' CHANGELOG.md | grep -v "## $APP_VERSION" | sed '1{/^$/d}')
ENDPOINT="https://packages.joinmobilizon.org"
release-cli create --name "$CI_COMMIT_TAG" \
--description "$CHANGELOG" \
--tag-name "$CI_COMMIT_TAG" \
--assets-link "{\"name\":\"${APP_ASSET}\",\"url\":\"${ENDPOINT}/${APP_ASSET}\"}"