-
Notifications
You must be signed in to change notification settings - Fork 141
/
.gitlab-ci.yml
194 lines (176 loc) · 6.42 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
stages:
- build
- package
- shared-pipeline
- publish
- benchmarks
include:
- remote: https://gitlab-templates.ddbuild.io/libdatadog/include/one-pipeline.yml
variables:
DOTNET_PACKAGE_VERSION:
description: "Used by the package stage when triggered manually"
build:
except:
variables:
- $DEPLOY_TO_REL_ENV == "true"
- $CI_COMMIT_TAG # We don't need to build/publish when building a release tag
stage: build
tags: ["runner:windows-docker", "windowsversion:1809"]
hooks:
pre_get_sources_script:
- git config --system core.longpaths true
script:
- if (Test-Path build-out) { remove-item -recurse -force build-out }
- if (Test-Path artifacts-out) { remove-item -recurse -force artifacts-out }
- docker run --rm -m 8192M -v "$(Get-Location):c:\mnt" -e CI_JOB_ID=${CI_JOB_ID} -e ENABLE_MULTIPROCESSOR_COMPILATION=false -e WINDOWS_BUILDER=true -e AWS_NETWORKING=true -e SIGN_WINDOWS=true -e NUGET_CERT_REVOCATION_MODE=offline registry.ddbuild.io/images/mirror/datadog/dd-trace-dotnet-docker-build:latest
- mkdir artifacts-out
- xcopy /e/s build-out\${CI_JOB_ID}\*.* artifacts-out
- remove-item -recurse -force build-out\${CI_JOB_ID}
- get-childitem build-out
- get-childitem artifacts-out
artifacts:
expire_in: 2 weeks
paths:
- artifacts-out
publish:
only:
- master
- main
- /^hotfix.*$/
- /^release.*$/
except:
variables:
- $DEPLOY_TO_REL_ENV == "true"
- $CI_COMMIT_TAG # We don't need to build/publish when building a release tag
stage: publish
tags: ["runner:windows-docker", "windowsversion:1809"]
dependencies:
- build
hooks:
pre_get_sources_script:
- git config --system core.longpaths true
script:
- $result = aws sts assume-role --role-arn "arn:aws:iam::486234852809:role/ci-datadog-windows-filter" --role-session-name AWSCLI-Session
- $resultjson = $result | convertfrom-json
- $credentials = $($resultjson.Credentials)
- $Env:AWS_ACCESS_KEY_ID="$($credentials.AccessKeyId)"
- $Env:AWS_SECRET_ACCESS_KEY="$($credentials.SecretAccessKey)"
- $Env:AWS_SESSION_TOKEN="$($credentials.SessionToken)"
- |
$i = 0
do {
try {
# The grants option at the end is used to allow public access on the files we upload as the acls only aren't enough.
aws s3 cp artifacts-out/ s3://dd-windowsfilter/builds/tracer/${CI_COMMIT_SHA} --recursive --region us-east-1 --exclude "*" --include "*.zip" --include "*.msi" --grants read=uri=http://acs.amazonaws.com/groups/global/AllUsers full=id=3a6e02b08553fd157ae3fb918945dd1eaae5a1aa818940381ef07a430cf25732
If ($LASTEXITCODE -eq 0) {
return
}
throw "Error uploading artifacts to S3"
} catch {
$msg = $Error[0].Exception.Message
Write-Output "Encountered error during while publishing to S3. Error Message is $msg."
Write-Output "Retrying..."
$i++
Start-Sleep -Milliseconds 100
}
} while ($i -lt 3)
download-single-step-artifacts:
stage: package
image: registry.ddbuild.io/docker:20.10.13-gbi-focal
timeout: 45m
tags: [ "arch:amd64" ]
needs: []
rules:
- if: $DOTNET_PACKAGE_VERSION
when: on_success
- if: '$CI_COMMIT_TAG =~ /^v[0-9]+\.[0-9]+\.[0-9]+(-prerelease)?$/' # Manually triggered as artifacts are from the Github release
when: manual
allow_failure: false
- when: delayed # Artifacts come from Azure pipeline, wait a reasonable time before polling
start_in: 15 minutes
script:
- .gitlab/download-single-step-artifacts.sh
- cp tracer/build/artifacts/requirements.json artifacts/requirements.json
artifacts:
expire_in: 2 weeks
paths:
- artifacts
requirements_json_test:
rules:
- when: on_success
variables:
REQUIREMENTS_BLOCK_JSON_PATH: "tracer/build/artifacts/requirements_block.json"
REQUIREMENTS_ALLOW_JSON_PATH: "tracer/build/artifacts/requirements_allow.json"
package-oci:
needs: [ download-single-step-artifacts ]
generate-lib-init-pinned-tag-values:
variables:
ADDITIONAL_TAG_SUFFIXES: musl #add -musl to all generated image tags
onboarding_tests_installer:
parallel:
matrix:
- ONBOARDING_FILTER_WEBLOG: [test-app-dotnet, test-app-dotnet-container]
SCENARIO: [ SIMPLE_INSTALLER_AUTO_INJECTION, SIMPLE_AUTO_INJECTION_PROFILING ]
onboarding_tests_k8s_injection:
variables:
WEBLOG_VARIANT: dd-lib-dotnet-init-test-app
deploy_to_reliability_env:
rules:
- when: never # dd-trace-dotnet does not use reliability environment
download-serverless-artifacts:
stage: package
image: registry.ddbuild.io/docker:20.10.13-gbi-focal
tags: [ "arch:amd64" ]
needs: []
rules:
- if: $DOTNET_PACKAGE_VERSION
when: on_success
- if: '$CI_COMMIT_TAG =~ /^v[0-9]+\.[0-9]+\.[0-9]+(-prerelease)?$/' # Manually triggered as artifacts are from the Github release
when: manual
allow_failure: false
- when: delayed # Artifacts come from Azure pipeline, wait a reasonable time before polling
start_in: 15 minutes
script:
- .gitlab/download-serverless-artifacts.sh
artifacts:
expire_in: 2 weeks
paths:
- artifacts
aws-lambda-layer:
stage: package
needs: [download-serverless-artifacts]
when: manual
trigger:
project: DataDog/dd-trace-dotnet-aws-lambda-layer
strategy: depend
variables:
UPSTREAM_PIPELINE_ID: $CI_PIPELINE_ID
UPSTREAM_PIPELINE_REF: $CI_COMMIT_REF_NAME
allow_failure: true
benchmark-serverless:
stage: benchmarks
image: registry.ddbuild.io/ci/serverless-tools:1
tags: ["arch:amd64"]
when: on_success
needs:
- benchmark-serverless-trigger
script:
- git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.ddbuild.io/DataDog/serverless-tools.git ./serverless-tools && cd ./serverless-tools
- ./ci/check_trigger_status.sh
benchmark-serverless-trigger:
stage: benchmarks
needs: []
trigger:
project: DataDog/serverless-tools
strategy: depend
allow_failure: true
variables:
UPSTREAM_PIPELINE_ID: $CI_PIPELINE_ID
UPSTREAM_PROJECT_URL: $CI_PROJECT_URL
UPSTREAM_COMMIT_BRANCH: $CI_COMMIT_BRANCH
UPSTREAM_COMMIT_AUTHOR: $CI_COMMIT_AUTHOR
UPSTREAM_COMMIT_TITLE: $CI_COMMIT_TITLE
UPSTREAM_COMMIT_TAG: $CI_COMMIT_TAG
UPSTREAM_PROJECT_NAME: $CI_PROJECT_NAME
UPSTREAM_GITLAB_USER_LOGIN: $GITLAB_USER_LOGIN
UPSTREAM_GITLAB_USER_EMAIL: $GITLAB_USER_EMAIL