-
Notifications
You must be signed in to change notification settings - Fork 45
/
.gitlab-ci.yml
150 lines (140 loc) · 6.5 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
stages:
- prepare
- testing
- compiling
- assembling
- releasing
- publishing
- hooks
image: passwords-builder
Prepare:
stage: prepare
script:
- PACKAGE_NAME=passwords
- APP_VERSION=$(node -p "require('./package.json').version")
- if [ "${CI_COMMIT_REF_NAME}" != "stable" ] ; then APP_VERSION="${APP_VERSION}-build${CI_PIPELINE_ID}"; PACKAGE_NAME=passwords-nightly ; fi
- PACKAGE_REGISTRY_URL="${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/${PACKAGE_NAME}/${APP_VERSION}"
- CHANGELOG=$(node --no-warnings scripts/extract-changelog.mjs)
- echo "APP_VERSION=${APP_VERSION}" >> variables.env
- echo "PACKAGE_REGISTRY_URL=${PACKAGE_REGISTRY_URL}" >> variables.env
- echo "CHANGELOG=${CHANGELOG}" >> variables.env
artifacts:
expire_in: 1 week
reports:
dotenv: variables.env
only:
- testing
- stable
PHPUnit:
stage: testing
script:
- npm run phpunit
Compile:
stage: compiling
script:
- npm ci
- if [ "${CI_COMMIT_REF_NAME}" == "stable" ] ; then npm run build:stable ; fi
- if [ "${CI_COMMIT_REF_NAME}" != "stable" ] ; then npm run build:testing ; fi
artifacts:
expire_in: 1 week
paths:
- ./src/js/Static/*
- ./src/l10n/*
- ./src/css/*
only:
- testing
- stable
Assemble:
stage: assembling
script:
- mkdir passwords
- if [ "${CI_COMMIT_REF_NAME}" == "stable" ] ; then php scripts/set-version.php ; fi
- if [ "${CI_COMMIT_REF_NAME}" != "stable" ] ; then php scripts/set-version.php --nightly --build "${CI_PIPELINE_ID}" ; fi
- rsync -r --exclude="vue" --exclude="js" --exclude="scss" src/* passwords
- rsync -r src/js/Static passwords/js/
- cp CHANGELOG.md passwords/
- /usr/src/nextcloud/occ integrity:sign-app --path=$(pwd)/passwords --privateKey=${SIGN_KEY} --certificate=${SIGN_CRT}
- tar -zcf passwords.tar.gz passwords
- SIGNATURE=$(openssl dgst -sha512 -sign ${SIGN_KEY} ./passwords.tar.gz | openssl base64 | tr -d "\n")
- echo "SIGNATURE=${SIGNATURE}" >> variables.env
- if [ "${CI_COMMIT_REF_NAME}" == "stable" ] ; then UPLOAD_URL="${PACKAGE_REGISTRY_URL}/passwords.tar.gz" ; fi
- if [ "${CI_COMMIT_REF_NAME}" != "stable" ] ; then UPLOAD_URL="${PACKAGE_REGISTRY_URL}/passwords-nightly.tar.gz" ; fi
- 'curl --retry 5 --retry-all-errors --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file ./passwords.tar.gz "${UPLOAD_URL}"'
- echo "Package available at ${UPLOAD_URL}"
artifacts:
expire_in: 1 week
reports:
dotenv: variables.env
only:
- testing
- stable
Assemble Legacy PHP 8.0 Support Release:
stage: assembling
script:
- mkdir passwords-lsr-80
- rsync -r .patches/lsr-8.0/* src
- npm run rector
- if [ "${CI_COMMIT_REF_NAME}" == "stable" ] ; then php scripts/set-version.php --lsr 1; fi
- if [ "${CI_COMMIT_REF_NAME}" != "stable" ] ; then php scripts/set-version.php --lsr 1 --nightly --build "${CI_PIPELINE_ID}" ; fi
- rsync -r --exclude="vue" --exclude="js" --exclude="scss" src/* passwords-lsr-80
- rsync -r src/js/Static passwords-lsr-80/js/
- cp CHANGELOG.md passwords-lsr-80/
- /usr/src/nextcloud/occ integrity:sign-app --path=$(pwd)/passwords-lsr-80 --privateKey=${SIGN_KEY} --certificate=${SIGN_CRT}
- tar -zcf passwords-lsr-80.tar.gz passwords-lsr-80 --transform s/passwords-lsr-80/passwords/
- LSR_SIGNATURE=$(openssl dgst -sha512 -sign ${SIGN_KEY} ./passwords-lsr-80.tar.gz | openssl base64 | tr -d "\n")
- echo "LSR_SIGNATURE=${LSR_SIGNATURE}" >> variables.env
- 'curl --retry 5 --retry-all-errors --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file ./passwords-lsr-80.tar.gz "${PACKAGE_REGISTRY_URL}/passwords-lsr-80.tar.gz"'
- echo "Package available at ${PACKAGE_REGISTRY_URL}/passwords-lsr-80.tar.gz"
artifacts:
expire_in: 1 week
reports:
dotenv: variables.env
only:
- stable
Publish Package:
stage: publishing
image: registry.gitlab.com/gitlab-org/release-cli:latest
script:
- echo -e "## New in Passwords ${APP_VERSION}\\n${CHANGELOG}" > description.txt
- |
release-cli create --name "Passwords ${APP_VERSION}" --tag-name ${APP_VERSION} \
--description "description.txt" \
--assets-link "{\"name\":\"Passwords Handbook ${APP_VERSION}\",\"url\":\"https://git.mdns.eu/nextcloud/passwords-handbook/-/releases/${APP_VERSION}\",\"link_type\":\"other\"}" \
--assets-link "{\"name\":\"Passwords ${APP_VERSION} LSR for PHP 8.0 (tar.gz)\",\"url\":\"${PACKAGE_REGISTRY_URL}/passwords-lsr-80.tar.gz\",\"link_type\":\"package\"}" \
--assets-link "{\"name\":\"Passwords ${APP_VERSION} (tar.gz)\",\"url\":\"${PACKAGE_REGISTRY_URL}/passwords.tar.gz\",\"link_type\":\"package\"}"
only:
- stable
Publish Nightly:
stage: publishing
script:
- 'curl --retry 3 --retry-all-errors -m 900 --connect-timeout 900 -f -X POST ${API_URL} -H "Authorization: Token ${API_TOKEN}" -H "Content-Type: application/json" -d "{\"download\":\"${PACKAGE_REGISTRY_URL}/passwords-nightly.tar.gz\",\"signature\":\"${SIGNATURE}\",\"nightly\":true}"'
environment:
name: Testing
only:
- testing
Publish Stable:
stage: publishing
script:
- 'curl --retry 3 --retry-all-errors -m 900 --connect-timeout 900 -f -X POST ${API_URL} -H "Authorization: Token ${API_TOKEN}" -H "Content-Type: application/json" -d "{\"download\":\"${PACKAGE_REGISTRY_URL}/passwords-lsr-80.tar.gz\",\"signature\":\"${LSR_SIGNATURE}\",\"nightly\":false}"'
- 'curl --retry 3 --retry-all-errors -m 900 --connect-timeout 900 -f -X POST ${API_URL} -H "Authorization: Token ${API_TOKEN}" -H "Content-Type: application/json" -d "{\"download\":\"${PACKAGE_REGISTRY_URL}/passwords.tar.gz\",\"signature\":\"${SIGNATURE}\",\"nightly\":false}"'
environment:
name: Stable
only:
- stable
Update Handbook:
stage: hooks
script:
- mkdir -p ~/.ssh/ && cp ${HANDBOOK_PUBLISH_KEY} ~/.ssh/id_ed25519 && chmod 600 ~/.ssh/id_ed25519
- export GIT_SSH_COMMAND="ssh -o StrictHostKeyChecking=no"
- git clone --branch ${CI_COMMIT_REF_NAME} ${HANDBOOK_REPOSITORY} passwords-handbook
- cd passwords-handbook
- CURRENT_VERSION=$(node -p "require('./package.json').version")
- if [ "${CURRENT_VERSION}" == "${APP_VERSION}" ] ; then exit 0 ; fi
- 'sed -i -e "s|${CURRENT_VERSION}|${APP_VERSION}|g" ./package.json'
- git config --global user.name "Gitlab CI"
- git config --global user.email "gitlab@git.mdns.eu"
- git commit -am "Raise version to ${APP_VERSION}"
- git push origin
- echo "Raised version from ${CURRENT_VERSION} to ${APP_VERSION}"
only:
- stable