.gitlab-ci.yml 4.09 KB
Newer Older
1
2
3
4
5
6
# You can override the included template(s) by including variable overrides
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
Addshore's avatar
Addshore committed
7
8
9
10
image: docker:19.03.12
variables:
  DOCKER_TLS_CERTDIR: "/certs"
stages:
11
12
13
14
15
16
- test
- buildp-the space
- integration
- release-build
- release-upload
- release-publish
Addshore's avatar
Addshore committed
17
cache:
18
19
20
- key: mediawiki
  paths:
  - mediawiki
Addshore's avatar
Addshore committed
21
services:
22
- name: docker:19.03.12-dind
Addshore's avatar
Addshore committed
23
test:
24
25
26
27
28
29
30
31
32
33
34
  stage: test
  needs: []
  cache: {}
  image: docker-registry.wikimedia.org/golang:1.13-3
  artifacts:
    reports:
      cobertura: coverage.xml
  script:
  - make test
  - go get github.com/boumenot/gocover-cobertura
  - gocover-cobertura < coverage.txt > coverage.xml
35
checks:
36
37
38
39
40
41
42
43
44
45
46
47
  stage: test
  needs: []
  cache: {}
  image: docker-registry.wikimedia.org/golang:1.13-3
  parallel:
    matrix:
    - CHECK: lint
    - CHECK: vet
    - CHECK: staticcheck
  script:
  - export XDG_CACHE_HOME=/tmp/mwcli-cache
  - make $CHECK
Addshore's avatar
Addshore committed
48
build:
49
50
51
52
53
54
55
56
57
  stage: build
  needs: []
  cache: {}
  image: docker-registry.wikimedia.org/golang:1.13-3
  artifacts:
    paths:
    - bin/
  script:
  - make
Addshore's avatar
Addshore committed
58
integration-general:
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
  stage: integration
  needs:
  - checks
  - test
  - build
  cache: {}
  dependencies:
  - build
  parallel:
    matrix:
    - TEST: general-commands.sh
  before_script:
  - apk add --no-cache libc6-compat bash
  script:
  - "./tests/$TEST"
Addshore's avatar
Addshore committed
74
integration-docker:
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
  stage: integration
  needs:
  - checks
  - test
  - build
  dependencies:
  - build
  parallel:
    matrix:
    - TEST: docker-mw-extra-commands.sh
    - TEST: docker-mw-install-all-the-dbs.sh
    - TEST: docker-mw-mysql-suspend-resume-destroy.sh
  before_script:
  - apk add --no-cache libc6-compat bash docker-compose curl composer
  - "./tests/cache-mediawiki.sh"
  - "./tests/setup.sh"
  script:
  - "./tests/$TEST"
Addshore's avatar
Addshore committed
93
release-build:
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
  stage: release-build
  needs:
  - build
  cache: {}
  image: addshore/wm-golang-curl:1.13-3
  script:
  - make
  - make release VERSION=${CI_COMMIT_TAG:-$CI_COMMIT_BRANCH}
  - |
    if [ -n "$CI_COMMIT_TAG" ]; then
      for release_path in  $(find ./_release -type f); do
        release_file=$(echo $release_path | sed "s/.*\///")
        curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file ${release_path} "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/mwcli/${CI_COMMIT_TAG}/${release_file}"
      done
    fi
Addshore's avatar
Addshore committed
109
110
release-upload:
  only:
111
  - tags
Addshore's avatar
Addshore committed
112
  stage: release-upload
113
114
115
116
  needs:
  - integration-general
  - integration-docker
  - release-build
Addshore's avatar
Addshore committed
117
  dependencies:
118
  - release-build
Addshore's avatar
Addshore committed
119
120
  image: alpine:latest
  before_script:
121
  - apk add curl
Addshore's avatar
Addshore committed
122
  script:
123
124
  - echo "Placeholder job, as a conditional upload currently happens as part of release-build
    awaiting decision on https://phabricator.wikimedia.org/T292372"
Addshore's avatar
Addshore committed
125
126
release-publish:
  only:
127
  - tags
Addshore's avatar
Addshore committed
128
  stage: release-publish
129
130
131
  needs:
  - release-build
  - release-upload
Addshore's avatar
Addshore committed
132
  dependencies:
133
  - release-build
Addshore's avatar
Addshore committed
134
135
  image: registry.gitlab.com/gitlab-org/release-cli:latest
  script:
136
137
138
139
140
141
142
143
144
145
146
147
148
149
  - (echo "## ${CI_COMMIT_TAG}" && echo "CHANGELOG extracted from https://gitlab.wikimedia.org/releng/cli/-/blob/main/CHANGELOG.md"
    && sed "/^## ${CI_COMMIT_TAG}$/,/^## /"'!d'";//d;/\^$/d" CHANGELOG.md) > .gitlab.description.md
  - assets_links=""
  - |
    for release_path in  $(find ./_release -type f); do
      release_file=$(echo $release_path | sed "s/.*\///")
      assets_links="${assets_links} --assets-link {\"name\":\"${release_file}\",\"url\":\"${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/mwcli/${CI_COMMIT_TAG}/${release_file}\"}"
    done
  - release-cli create --name "Release $CI_COMMIT_TAG" --description ".gitlab.description.md"
    --released-at "${CI_COMMIT_TIMESTAMP}" ${assets_links}
sast:
  stage: test
include:
- template: Security/SAST.gitlab-ci.yml