140 lines
3.3 KiB
YAML
140 lines
3.3 KiB
YAML
image: gitlab.protontech.ch:4567/go/bridge/ci
|
|
|
|
before_script:
|
|
- eval $(ssh-agent -s)
|
|
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
|
|
|
|
- mkdir -p .cache/bin
|
|
- export PATH=$(pwd)/.cache/bin:$PATH
|
|
- export GOPATH="$CI_PROJECT_DIR/.cache"
|
|
|
|
- make install-dev-dependencies
|
|
|
|
cache:
|
|
key: go-mod
|
|
paths:
|
|
- .cache
|
|
policy: pull
|
|
|
|
stages:
|
|
- image
|
|
- cache
|
|
- test
|
|
- build
|
|
- mirror
|
|
|
|
# Stage: IMAGE
|
|
|
|
build-ci-image:
|
|
stage: image
|
|
image: docker:stable
|
|
before_script: []
|
|
cache: {}
|
|
tags:
|
|
- heavy
|
|
only:
|
|
changes:
|
|
- ci/*
|
|
services:
|
|
- docker:dind
|
|
script:
|
|
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
|
- docker info
|
|
- docker build -t gitlab.protontech.ch:4567/go/bridge/ci:latest ci
|
|
- docker push gitlab.protontech.ch:4567/go/bridge/ci:latest
|
|
|
|
# Stage: CACHE
|
|
|
|
# This will ensure latest dependency versions and updates the cache for
|
|
# all other following jobs which only pull the cache.
|
|
cache-push:
|
|
stage: cache
|
|
only:
|
|
- branches
|
|
script:
|
|
- echo ""
|
|
cache:
|
|
key: go-mod
|
|
paths:
|
|
- .cache
|
|
|
|
# Stage: TEST
|
|
|
|
lint:
|
|
stage: test
|
|
only:
|
|
- branches
|
|
script:
|
|
- make lint
|
|
|
|
test:
|
|
stage: test
|
|
only:
|
|
- branches
|
|
script:
|
|
- apt-get -y install pass gnupg rng-tools
|
|
# First have enough of entropy (cat /proc/sys/kernel/random/entropy_avail).
|
|
- rngd -r /dev/urandom
|
|
# Generate GPG key without password for the password manager.
|
|
- gpg --batch --yes --passphrase '' --quick-generate-key 'tester@example.com'
|
|
# Use the last created GPG ID for the password manager.
|
|
- pass init `gpg --list-keys | grep "^ " | tail -1 | tr -d '[:space:]'`
|
|
# Then finally run the tests
|
|
- make test
|
|
|
|
test-integration:
|
|
stage: test
|
|
only:
|
|
- branches
|
|
script:
|
|
- VERBOSITY=debug make -C test test
|
|
|
|
dependency-updates:
|
|
stage: test
|
|
script:
|
|
- make updates
|
|
|
|
# Stage: BUILD
|
|
|
|
build-linux:
|
|
stage: build
|
|
# Test build every time (= we want to know build is possible).
|
|
only:
|
|
- branches
|
|
script:
|
|
- make build
|
|
artifacts:
|
|
name: "bridge-linux-$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA"
|
|
paths:
|
|
- bridge_*.tgz
|
|
expire_in: 2 week
|
|
|
|
mirror-repo:
|
|
stage: mirror
|
|
only:
|
|
refs:
|
|
- master
|
|
script:
|
|
- |
|
|
cat <<EOF > ~/.ssh/config
|
|
Host github.com
|
|
Hostname ssh.github.com
|
|
User git
|
|
Port 443
|
|
ProxyCommand connect-proxy -H $http_proxy %h %p
|
|
EOF
|
|
- ssh-keyscan -t rsa ${CI_SERVER_HOST} > ~/.ssh/known_hosts
|
|
- |
|
|
cat <<EOF >> ~/.ssh/known_hosts
|
|
# ssh.github.com:443 SSH-2.0-babeld-2e9d163d
|
|
[ssh.github.com]:443 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
|
|
EOF
|
|
- echo "$mirror_key" | tr -d '\r' | ssh-add - > /dev/null
|
|
- ssh-add -l
|
|
- git clone "$CI_REPOSITORY_URL" --branch master _REPO_CLONE;
|
|
- cd _REPO_CLONE
|
|
- git remote add public $mirror_url
|
|
- git push public master
|
|
# Pushing the latest tag from master history
|
|
- git push public "$(git describe --tags --abbrev=0 || echo master)"
|