projects / anni / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Nothing much just a build up of things
[anni] / .gitlab-ci.yml
1 image: git.pleroma.social:5050/pleroma/pleroma/ci-base
2
3 variables: &global_variables
4   POSTGRES_DB: pleroma_test
5   POSTGRES_USER: postgres
6   POSTGRES_PASSWORD: postgres
7   DB_HOST: postgres
8   DB_PORT: 5432
9   MIX_ENV: test
10
11 cache: &global_cache_policy
12   key:
13     files:
14       - mix.lock
15   paths:
16     - deps
17     - _build
18
19 stages:
20   - build
21   - test
22   - benchmark
23   - deploy
24   - release
25   - docker
26
27 before_script:
28   - echo $MIX_ENV
29   - rm -rf _build/*/lib/pleroma
30   - mix deps.get
31
32 after_script:
33   - rm -rf _build/*/lib/pleroma
34
35 .using-ci-base:
36   tags:
37     - amd64
38
39 build:
40   extends:
41   - .using-ci-base
42   stage: build
43   only:
44     changes: &build_changes_policy
45       - ".gitlab-ci.yml"
46       - "**/*.ex"
47       - "**/*.exs"
48       - "mix.lock"
49   script:
50   - mix compile --force
51
52 spec-build:
53   extends:
54   - .using-ci-base
55   stage: test
56   only:
57     changes:
58       - ".gitlab-ci.yml"
59       - "lib/pleroma/web/api_spec/**/*.ex"
60       - "lib/pleroma/web/api_spec.ex"
61   artifacts:
62     paths:
63     - spec.json
64   script:
65   - mix pleroma.openapi_spec spec.json
66
67 benchmark:
68   extends:
69   - .using-ci-base
70   stage: benchmark
71   when: manual
72   variables:
73     MIX_ENV: benchmark
74   services:
75   - name: postgres:9.6-alpine
76     alias: postgres
77     command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
78   script:
79     - mix ecto.create
80     - mix ecto.migrate
81     - mix pleroma.load_testing
82
83 unit-testing:
84   extends:
85   - .using-ci-base
86   stage: test
87   only:
88     changes: *build_changes_policy
89   cache: &testing_cache_policy
90     <<: *global_cache_policy
91     policy: pull
92
93   services:
94   - name: postgres:13-alpine
95     alias: postgres
96     command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
97   script:
98     - mix ecto.create
99     - mix ecto.migrate
100     - mix test --cover --preload-modules
101   coverage: '/^Line total: ([^ ]*%)$/'
102   artifacts:
103     reports:
104       coverage_report:
105         coverage_format: cobertura
106         path: coverage.xml
107
108 unit-testing-erratic:
109   extends:
110   - .using-ci-base
111   stage: test
112   retry: 2
113   allow_failure: true
114   only:
115     changes: *build_changes_policy
116   cache: &testing_cache_policy
117     <<: *global_cache_policy
118     policy: pull
119
120   services:
121   - name: postgres:13-alpine
122     alias: postgres
123     command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
124   script:
125     - mix ecto.create
126     - mix ecto.migrate
127     - mix test --only=erratic
128
129 # Removed to fix CI issue. In this early state it wasn't adding much value anyway.
130 # TODO Fix and reinstate federated testing
131 # federated-testing:
132 #   stage: test
133 #   cache: *testing_cache_policy
134 #   services:
135 #   - name: minibikini/postgres-with-rum:12
136 #     alias: postgres
137 #     command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
138 #   script:
139 #     - mix deps.get
140 #     - mix ecto.create
141 #     - mix ecto.migrate
142 #     - epmd -daemon
143 #     - mix test --trace --only federated
144
145 unit-testing-rum:
146   extends:
147   - .using-ci-base
148   stage: test
149   only:
150     changes: *build_changes_policy
151   cache: *testing_cache_policy
152   services:
153   - name: minibikini/postgres-with-rum:12
154     alias: postgres
155     command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
156   variables:
157     <<: *global_variables
158     RUM_ENABLED: "true"
159   script:
160     - mix ecto.create
161     - mix ecto.migrate
162     - "mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/"
163     - mix test --preload-modules
164
165 lint:
166   image: &current_elixir elixir:1.12-alpine
167   stage: test
168   only:
169     changes: *build_changes_policy
170   cache: *testing_cache_policy
171   before_script: &current_bfr_script
172     - apk update
173     - apk add build-base cmake file-dev git openssl
174     - mix local.hex --force
175     - mix local.rebar --force
176     - mix deps.get
177   script:
178     - mix format --check-formatted
179
180 analysis:
181   extends:
182   - .using-ci-base
183   stage: test
184   only:
185     changes: *build_changes_policy
186   cache: *testing_cache_policy
187   script:
188     - mix credo --strict --only=warnings,todo,fixme,consistency,readability
189
190 cycles:
191   image: *current_elixir
192   stage: test
193   only:
194     changes: *build_changes_policy
195   cache: {}
196   before_script: *current_bfr_script
197   script:
198     - mix compile
199     - mix xref graph --format cycles --label compile | awk '{print $0} END{exit ($0 != "No cycles found")}'
200
201 docs-deploy:
202   stage: deploy
203   cache: *testing_cache_policy
204   image: alpine:latest
205   only:
206   - stable@pleroma/pleroma
207   - develop@pleroma/pleroma
208   before_script:
209   - apk add curl
210   script:
211   - curl -X POST -F"token=$DOCS_PIPELINE_TRIGGER" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" https://git.pleroma.social/api/v4/projects/673/trigger/pipeline
212 review_app:
213   image: alpine:3.9
214   stage: deploy
215   before_script:
216     - apk update && apk add openssh-client git
217   when: manual
218   environment:
219     name: review/$CI_COMMIT_REF_NAME
220     url: https://$CI_ENVIRONMENT_SLUG.pleroma.online/
221     on_stop: stop_review_app
222   only:
223     - branches
224   except:
225     - master
226     - develop
227   script:
228     - echo "$CI_ENVIRONMENT_SLUG"
229     - mkdir -p ~/.ssh
230     - eval $(ssh-agent -s)
231     - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
232     - ssh-keyscan -H "pleroma.online" >> ~/.ssh/known_hosts
233     - (ssh -t dokku@pleroma.online -- apps:create "$CI_ENVIRONMENT_SLUG") || true
234     - (ssh -t dokku@pleroma.online -- git:set "$CI_ENVIRONMENT_SLUG" keep-git-dir true) || true
235     - ssh -t dokku@pleroma.online -- config:set "$CI_ENVIRONMENT_SLUG" APP_NAME="$CI_ENVIRONMENT_SLUG" APP_HOST="$CI_ENVIRONMENT_SLUG.pleroma.online" MIX_ENV=dokku
236     - (ssh -t dokku@pleroma.online -- postgres:create $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db) || true
237     - (ssh -t dokku@pleroma.online -- postgres:link $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db "$CI_ENVIRONMENT_SLUG") || true
238     - (ssh -t dokku@pleroma.online -- certs:add "$CI_ENVIRONMENT_SLUG" /home/dokku/server.crt /home/dokku/server.key) || true
239     - git push -f dokku@pleroma.online:$CI_ENVIRONMENT_SLUG $CI_COMMIT_SHA:refs/heads/master
240
241 spec-deploy:
242   stage: deploy
243   artifacts:
244     paths:
245     - spec.json
246   only:
247     - develop@pleroma/pleroma
248   image: alpine:latest
249   before_script:
250     - apk add curl
251   script:
252     - curl -X POST -F"token=$API_DOCS_PIPELINE_TRIGGER" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" -F"variables[JOB_REF]=$CI_JOB_ID" https://git.pleroma.social/api/v4/projects/1130/trigger/pipeline
253
254
255 stop_review_app:
256   image: alpine:3.9
257   stage: deploy
258   before_script:
259     - apk update && apk add openssh-client git
260   when: manual
261   environment:
262     name: review/$CI_COMMIT_REF_NAME
263     action: stop
264   script:
265     - echo "$CI_ENVIRONMENT_SLUG"
266     - mkdir -p ~/.ssh
267     - eval $(ssh-agent -s)
268     - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
269     - ssh-keyscan -H "pleroma.online" >> ~/.ssh/known_hosts
270     - ssh -t dokku@pleroma.online -- --force apps:destroy "$CI_ENVIRONMENT_SLUG"
271     - ssh -t dokku@pleroma.online -- --force postgres:destroy $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db
272
273 amd64:
274   stage: release
275   image: elixir:1.11.4
276   only: &release-only
277   - stable@pleroma/pleroma
278   - develop@pleroma/pleroma
279   - /^maint/.*$/@pleroma/pleroma
280   - /^release/.*$/@pleroma/pleroma
281   tags:
282     - amd64
283   artifacts: &release-artifacts
284     name: "pleroma-$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA-$CI_JOB_NAME"
285     paths:
286       - release/*
287     # Ideally it would be never for master branch and with the next commit for develop,
288     # but Gitlab does not support neither `only` for artifacts
289     # nor setting it to never from .gitlab-ci.yml
290     # nor expiring with the next commit
291     expire_in: 42 yrs
292
293   cache: &release-cache
294     key: $CI_COMMIT_REF_NAME-$CI_JOB_NAME
295     paths:
296           - deps
297   variables: &release-variables
298     MIX_ENV: prod
299   before_script: &before-release
300   - apt-get update && apt-get install -y cmake libmagic-dev
301   - echo "import Config" > config/prod.secret.exs
302   - mix local.hex --force
303   - mix local.rebar --force
304   script: &release
305     - mix deps.get --only prod
306     - mkdir release
307     - export PLEROMA_BUILD_BRANCH=$CI_COMMIT_REF_NAME
308     - mix release --path release
309
310
311 amd64-musl:
312   stage: release
313   artifacts: *release-artifacts
314   only: *release-only
315   image: elixir:1.11.4-alpine
316   tags:
317     - amd64
318   cache: *release-cache
319   variables: *release-variables
320   before_script: &before-release-musl
321   - apk add git build-base cmake file-dev openssl
322   - echo "import Config" > config/prod.secret.exs
323   - mix local.hex --force
324   - mix local.rebar --force
325   script: *release
326
327 arm:
328   stage: release
329   artifacts: *release-artifacts
330   only: *release-only
331   tags:
332     - arm32-specified
333   image: arm32v7/elixir:1.11.4
334   cache: *release-cache
335   variables: *release-variables
336   before_script: *before-release
337   script: *release
338
339 arm-musl:
340   stage: release
341   artifacts: *release-artifacts
342   only: *release-only
343   tags:
344     - arm32-specified
345   image: arm32v7/elixir:1.11.4-alpine
346   cache: *release-cache
347   variables: *release-variables
348   before_script: *before-release-musl
349   script: *release
350
351 arm64:
352   stage: release
353   artifacts: *release-artifacts
354   only: *release-only
355   tags:
356     - arm
357   image: arm64v8/elixir:1.11.4
358   cache: *release-cache
359   variables: *release-variables
360   before_script: *before-release
361   script: *release
362
363 arm64-musl:
364   stage: release
365   artifacts: *release-artifacts
366   only: *release-only
367   tags:
368     - arm
369   image: arm64v8/elixir:1.11.4-alpine
370   cache: *release-cache
371   variables: *release-variables
372   before_script: *before-release-musl
373   script: *release
374
375 docker:
376   stage: docker
377   image: docker:latest
378   cache: {}
379   dependencies: []
380   variables: &docker-variables
381     DOCKER_DRIVER: overlay2
382     DOCKER_HOST: unix:///var/run/docker.sock
383     IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA
384     IMAGE_TAG_SLUG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
385     IMAGE_TAG_LATEST: $CI_REGISTRY_IMAGE:latest
386     IMAGE_TAG_LATEST_STABLE: $CI_REGISTRY_IMAGE:latest-stable
387     DOCKER_BUILDX_URL: https://github.com/docker/buildx/releases/download/v0.6.3/buildx-v0.6.3.linux-amd64
388     DOCKER_BUILDX_HASH: 980e6b9655f971991fbbb5fd6cd19f1672386195
389   before_script: &before-docker
390     - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
391     - docker pull $IMAGE_TAG_SLUG || true
392     - export CI_JOB_TIMESTAMP=$(date --utc -Iseconds)
393     - export CI_VCS_REF=$CI_COMMIT_SHORT_SHA
394   allow_failure: true
395   script:
396     - mkdir -p /root/.docker/cli-plugins
397     - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
398     - echo "${DOCKER_BUILDX_HASH}  /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
399     - chmod +x ~/.docker/cli-plugins/docker-buildx
400     - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
401     - docker buildx create --name mbuilder --driver docker-container --use
402     - docker buildx inspect --bootstrap
403     - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG -t $IMAGE_TAG_LATEST .
404   tags:
405     - dind
406   only:
407     - develop@pleroma/pleroma
408
409 docker-stable:
410   stage: docker
411   image: docker:latest
412   cache: {}
413   dependencies: []
414   variables: *docker-variables
415   before_script: *before-docker
416   allow_failure: true
417   script:
418     - mkdir -p /root/.docker/cli-plugins
419     - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
420     - echo "${DOCKER_BUILDX_HASH}  /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
421     - chmod +x ~/.docker/cli-plugins/docker-buildx
422     - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
423     - docker buildx create --name mbuilder --driver docker-container --use
424     - docker buildx inspect --bootstrap
425     - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG -t $IMAGE_TAG_LATEST_STABLE .
426   tags:
427     - dind
428   only:
429     - stable@pleroma/pleroma
430
431 docker-release:
432   stage: docker
433   image: docker:latest
434   cache: {}
435   dependencies: []
436   variables: *docker-variables
437   before_script: *before-docker
438   allow_failure: true
439   script:
440   script:
441     - mkdir -p /root/.docker/cli-plugins
442     - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
443     - echo "${DOCKER_BUILDX_HASH}  /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
444     - chmod +x ~/.docker/cli-plugins/docker-buildx
445     - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
446     - docker buildx create --name mbuilder --driver docker-container --use
447     - docker buildx inspect --bootstrap
448     - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG .
449   tags:
450     - dind
451   only:
452     - /^release/.*$/@pleroma/pleroma
453
454 docker-adhoc:
455   stage: docker
456   image: docker:latest
457   cache: {}
458   dependencies: []
459   variables: *docker-variables
460   before_script: *before-docker
461   allow_failure: true
462   script:
463   script:
464     - mkdir -p /root/.docker/cli-plugins
465     - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
466     - echo "${DOCKER_BUILDX_HASH}  /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
467     - chmod +x ~/.docker/cli-plugins/docker-buildx
468     - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
469     - docker buildx create --name mbuilder --driver docker-container --use
470     - docker buildx inspect --bootstrap
471     - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG .
472   tags:
473     - dind
474   only:
475     - /^build-docker/.*$/@pleroma/pleroma
The code running on annihilation.social