1 image: git.pleroma.social:5050/pleroma/pleroma/ci-base
3 variables: &global_variables
4 # Only used for the release
6 POSTGRES_DB: pleroma_test
7 POSTGRES_USER: postgres
8 POSTGRES_PASSWORD: postgres
15 - if: $CI_PIPELINE_SOURCE == "merge_request_event"
16 - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS
18 - if: $CI_COMMIT_BRANCH
20 cache: &global_cache_policy
41 - rm -rf _build/*/lib/pleroma
45 - rm -rf _build/*/lib/pleroma
48 stage: check-changelog
51 - if: $CI_MERGE_REQUEST_SOURCE_PROJECT_PATH == 'pleroma/pleroma' && $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == 'weblate-extract'
53 - if: $CI_MERGE_REQUEST_SOURCE_PROJECT_PATH == 'pleroma/pleroma' && $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == 'weblate'
55 - if: $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "develop"
61 - sh ./tools/check-changelog
63 .build_changes_policy:
77 - .build_changes_policy
85 - .build_changes_policy
88 image: git.pleroma.social:5050/pleroma/pleroma/ci-base:elixir-1.15
100 - "lib/pleroma/web/api_spec/**/*.ex"
101 - "lib/pleroma/web/api_spec.ex"
106 - mix pleroma.openapi_spec spec.json
116 - name: postgres:11.22-alpine
118 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
122 - mix pleroma.load_testing
126 - .build_changes_policy
129 cache: &testing_cache_policy
130 <<: *global_cache_policy
132 services: &testing_services
133 - name: postgres:13-alpine
135 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
136 script: &testing_script
139 - mix test --cover --preload-modules
140 coverage: '/^Line total: ([^ ]*%)$/'
144 coverage_format: cobertura
147 unit-testing-1.15.7-otp-25:
149 - .build_changes_policy
152 image: git.pleroma.social:5050/pleroma/pleroma/ci-base:elixir-1.15-otp25
154 cache: *testing_cache_policy
155 services: *testing_services
156 script: *testing_script
158 unit-testing-1.12-erratic:
160 - .build_changes_policy
165 cache: *testing_cache_policy
166 services: *testing_services
170 - mix test --only=erratic
173 extends: .build_changes_policy
174 image: &formatting_elixir elixir:1.13-alpine
176 cache: *testing_cache_policy
177 before_script: ¤t_bfr_script
179 - apk add build-base cmake file-dev git openssl
180 - mix local.hex --force
181 - mix local.rebar --force
184 - mix format --check-formatted
187 extends: .build_changes_policy
188 image: *formatting_elixir
191 before_script: *current_bfr_script
194 - mix xref graph --format cycles --label compile | awk '{print $0} END{exit ($0 != "No cycles found")}'
198 - .build_changes_policy
201 cache: *testing_cache_policy
203 - mix credo --strict --only=warnings,todo,fixme,consistency,readability
207 - .build_changes_policy
212 cache: *testing_cache_policy
220 cache: *testing_cache_policy
223 - stable@pleroma/pleroma
224 - develop@pleroma/pleroma
228 - curl --fail-with-body -X POST -F"token=$CI_JOB_TOKEN" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" https://git.pleroma.social/api/v4/projects/673/trigger/pipeline
233 - apk update && apk add openssh-client git
236 name: review/$CI_COMMIT_REF_NAME
237 url: https://$CI_ENVIRONMENT_SLUG.pleroma.online/
238 on_stop: stop_review_app
245 - echo "$CI_ENVIRONMENT_SLUG"
247 - eval $(ssh-agent -s)
248 - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
249 - ssh-keyscan -H "pleroma.online" >> ~/.ssh/known_hosts
250 - (ssh -t dokku@pleroma.online -- apps:create "$CI_ENVIRONMENT_SLUG") || true
251 - (ssh -t dokku@pleroma.online -- git:set "$CI_ENVIRONMENT_SLUG" keep-git-dir true) || true
252 - ssh -t dokku@pleroma.online -- config:set "$CI_ENVIRONMENT_SLUG" APP_NAME="$CI_ENVIRONMENT_SLUG" APP_HOST="$CI_ENVIRONMENT_SLUG.pleroma.online" MIX_ENV=dokku
253 - (ssh -t dokku@pleroma.online -- postgres:create $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db) || true
254 - (ssh -t dokku@pleroma.online -- postgres:link $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db "$CI_ENVIRONMENT_SLUG") || true
255 - (ssh -t dokku@pleroma.online -- certs:add "$CI_ENVIRONMENT_SLUG" /home/dokku/server.crt /home/dokku/server.key) || true
256 - git push -f dokku@pleroma.online:$CI_ENVIRONMENT_SLUG $CI_COMMIT_SHA:refs/heads/master
264 - develop@pleroma/pleroma
269 - curl --fail-with-body -X POST -F"token=$CI_JOB_TOKEN" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" -F"variables[JOB_REF]=$CI_JOB_ID" https://git.pleroma.social/api/v4/projects/1130/trigger/pipeline
276 - apk update && apk add openssh-client git
279 name: review/$CI_COMMIT_REF_NAME
282 - echo "$CI_ENVIRONMENT_SLUG"
284 - eval $(ssh-agent -s)
285 - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
286 - ssh-keyscan -H "pleroma.online" >> ~/.ssh/known_hosts
287 - ssh -t dokku@pleroma.online -- --force apps:destroy "$CI_ENVIRONMENT_SLUG"
288 - ssh -t dokku@pleroma.online -- --force postgres:destroy $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db
292 image: elixir:$ELIXIR_VER
294 - stable@pleroma/pleroma
295 - develop@pleroma/pleroma
296 - /^maint/.*$/@pleroma/pleroma
297 - /^release/.*$/@pleroma/pleroma
300 artifacts: &release-artifacts
301 name: "pleroma-$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA-$CI_JOB_NAME"
304 # Ideally it would be never for master branch and with the next commit for develop,
305 # but Gitlab does not support neither `only` for artifacts
306 # nor setting it to never from .gitlab-ci.yml
307 # nor expiring with the next commit
310 cache: &release-cache
311 key: $CI_COMMIT_REF_NAME-$CI_JOB_NAME
314 variables: &release-variables
316 VIX_COMPILATION_MODE: PLATFORM_PROVIDED_LIBVIPS
317 before_script: &before-release
318 - apt-get update && apt-get install -y cmake libmagic-dev libvips-dev erlang-dev
319 - echo "import Config" > config/prod.secret.exs
320 - mix local.hex --force
321 - mix local.rebar --force
323 - mix deps.get --only prod
325 - export PLEROMA_BUILD_BRANCH=$CI_COMMIT_REF_NAME
326 - mix release --path release
331 artifacts: *release-artifacts
333 image: elixir:$ELIXIR_VER-alpine
336 cache: *release-cache
337 variables: *release-variables
338 before_script: &before-release-musl
339 - apk add git build-base cmake file-dev openssl vips-dev
340 - echo "import Config" > config/prod.secret.exs
341 - mix local.hex --force
342 - mix local.rebar --force
347 artifacts: *release-artifacts
351 image: arm32v7/elixir:$ELIXIR_VER
352 cache: *release-cache
353 variables: *release-variables
354 before_script: *before-release
359 artifacts: *release-artifacts
363 image: arm32v7/elixir:$ELIXIR_VER-alpine
364 cache: *release-cache
365 variables: *release-variables
366 before_script: *before-release-musl
371 artifacts: *release-artifacts
375 image: arm64v8/elixir:$ELIXIR_VER
376 cache: *release-cache
377 variables: *release-variables
378 before_script: *before-release
383 artifacts: *release-artifacts
387 image: arm64v8/elixir:$ELIXIR_VER-alpine
388 cache: *release-cache
389 variables: *release-variables
390 before_script: *before-release-musl
396 name: gcr.io/kaniko-project/executor:debug
400 before_script: &before-kaniko
401 - export CI_JOB_TIMESTAMP=$(date --utc -Iseconds)
402 - export CI_VCS_REF=$CI_COMMIT_SHORT_SHA
403 - export IMAGE_TAG=$CI_REGISTRY_IMAGE/$BUILD_ARCH_IMG_SUFFIX:$CI_COMMIT_SHORT_SHA
404 - export IMAGE_TAG_SLUG=$CI_REGISTRY_IMAGE/$BUILD_ARCH_IMG_SUFFIX:$CI_COMMIT_REF_SLUG
405 - export IMAGE_TAG_LATEST=$CI_REGISTRY_IMAGE/$BUILD_ARCH_IMG_SUFFIX:latest
406 - export IMAGE_TAG_LATEST_STABLE=$CI_REGISTRY_IMAGE/$BUILD_ARCH_IMG_SUFFIX:latest-stable
407 - mkdir -p /kaniko/.docker
408 - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
413 - develop@pleroma/pleroma
415 - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --custom-platform=$BUILD_ARCH --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP --build-arg ELIXIR_IMG=$ELIXIR_IMG --destination $IMAGE_TAG --destination $IMAGE_TAG_SLUG --destination $IMAGE_TAG_LATEST
420 - stable@pleroma/pleroma
422 - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --custom-platform=$BUILD_ARCH --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP --build-arg ELIXIR_IMG=$ELIXIR_IMG --destination $IMAGE_TAG --destination $IMAGE_TAG_SLUG --destination $IMAGE_TAG_LATEST_STABLE
427 - /^release/.*$/@pleroma/pleroma
429 - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --custom-platform=$BUILD_ARCH --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP --build-arg ELIXIR_IMG=$ELIXIR_IMG --destination $IMAGE_TAG --destination $IMAGE_TAG_SLUG
434 - /^build-docker/.*$/@pleroma/pleroma
436 - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --custom-platform=$BUILD_ARCH --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP --build-arg ELIXIR_IMG=$ELIXIR_IMG --destination $IMAGE_TAG --destination $IMAGE_TAG_SLUG
440 BUILD_ARCH: linux/amd64
441 BUILD_ARCH_IMG_SUFFIX: linux-amd64
442 ELIXIR_IMG: hexpm/elixir
448 BUILD_ARCH: linux/arm64/v8
449 BUILD_ARCH_IMG_SUFFIX: linux-arm64-v8
450 ELIXIR_IMG: hexpm/elixir
456 BUILD_ARCH: linux/arm/v7
457 BUILD_ARCH_IMG_SUFFIX: linux-arm-v7
458 ELIXIR_IMG: git.pleroma.social:5050/pleroma/ci-image/elixir-linux-arm-v7
462 kaniko-latest:linux/amd64:
465 - .kaniko:linux/amd64
467 kaniko-latest:linux/arm64:
470 - .kaniko:linux/arm64
472 kaniko-latest:linux/arm:
477 kaniko-stable:linux/amd64:
480 - .kaniko:linux/amd64
482 kaniko-stable:linux/arm64:
485 - .kaniko:linux/arm64
487 kaniko-stable:linux/arm:
492 kaniko-release:linux/amd64:
495 - .kaniko:linux/amd64
497 kaniko-release:linux/arm64:
500 - .kaniko:linux/arm64
502 kaniko-release:linux/arm:
508 stage: docker-combine
512 - 'BUILD_ARCHES="linux-amd64 linux-arm64-v8 linux-arm-v7"'
513 - export IMAGE_TAG=$CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA
514 - export IMAGE_TAG_SLUG=$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
515 - export IMAGE_TAG_LATEST=$CI_REGISTRY_IMAGE:latest
516 - export IMAGE_TAG_LATEST_STABLE=$CI_REGISTRY_IMAGE:latest-stable
517 - 'IMAGES=; for arch in $BUILD_ARCHES; do IMAGES="$IMAGES $CI_REGISTRY_IMAGE/$arch:$CI_COMMIT_SHORT_SHA"; done'
518 - 'IMAGES_SLUG=; for arch in $BUILD_ARCHES; do IMAGES_SLUG="$IMAGES_SLUG $CI_REGISTRY_IMAGE/$arch:$CI_COMMIT_REF_SLUG"; done'
519 - 'IMAGES_LATEST=; for arch in $BUILD_ARCHES; do IMAGES_LATEST="$IMAGES_LATEST $CI_REGISTRY_IMAGE/$arch:latest"; done'
520 - 'IMAGES_LATEST_STABLE=; for arch in $BUILD_ARCHES; do IMAGES_LATEST_STABLE="$IMAGES_LATEST_STABLE $CI_REGISTRY_IMAGE/$arch:latest"; done'
522 - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > ~/.docker/config.json
524 docker-combine:latest:
525 extends: .docker-combine
527 - develop@pleroma/pleroma
529 - 'docker manifest create $IMAGE_TAG $IMAGES'
530 - 'docker manifest push $IMAGE_TAG'
531 - 'docker manifest create $IMAGE_TAG_SLUG $IMAGES_SLUG'
532 - 'docker manifest push $IMAGE_TAG_SLUG'
533 - 'docker manifest create $IMAGE_TAG_LATEST $IMAGES_LATEST'
534 - 'docker manifest push $IMAGE_TAG_LATEST'
536 docker-combine:stable:
537 extends: .docker-combine
539 - stable@pleroma/pleroma
541 - 'docker manifest create $IMAGE_TAG $IMAGES'
542 - 'docker manifest push $IMAGE_TAG'
543 - 'docker manifest create $IMAGE_TAG_SLUG $IMAGES_SLUG'
544 - 'docker manifest push $IMAGE_TAG_SLUG'
545 - 'docker manifest create $IMAGE_TAG_LATEST_STABLE $IMAGES_LATEST_STABLE'
546 - 'docker manifest push $IMAGE_TAG_LATEST_STABLE'
548 docker-combine:release:
549 extends: .docker-combine
551 - /^release/.*$/@pleroma/pleroma
553 - 'docker manifest create $IMAGE_TAG $IMAGES'
554 - 'docker manifest push $IMAGE_TAG'
555 - 'docker manifest create $IMAGE_TAG_SLUG $IMAGES_SLUG'
556 - 'docker manifest push $IMAGE_TAG_SLUG'