.gitlab-ci.yml 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453
  1. image: git.pleroma.social:5050/pleroma/pleroma/ci-base
  2. variables: &global_variables
  3. POSTGRES_DB: pleroma_test
  4. POSTGRES_USER: postgres
  5. POSTGRES_PASSWORD: postgres
  6. DB_HOST: postgres
  7. DB_PORT: 5432
  8. MIX_ENV: test
  9. cache: &global_cache_policy
  10. key:
  11. files:
  12. - mix.lock
  13. paths:
  14. - deps
  15. - _build
  16. stages:
  17. - build
  18. - test
  19. - benchmark
  20. - deploy
  21. - release
  22. - docker
  23. before_script:
  24. - echo $MIX_ENV
  25. - rm -rf _build/*/lib/pleroma
  26. - mix deps.get
  27. after_script:
  28. - rm -rf _build/*/lib/pleroma
  29. build:
  30. stage: build
  31. only:
  32. changes: &build_changes_policy
  33. - ".gitlab-ci.yml"
  34. - "**/*.ex"
  35. - "**/*.exs"
  36. - "mix.lock"
  37. script:
  38. - mix compile --force
  39. spec-build:
  40. stage: test
  41. only:
  42. changes:
  43. - ".gitlab-ci.yml"
  44. - "lib/pleroma/web/api_spec/**/*.ex"
  45. - "lib/pleroma/web/api_spec.ex"
  46. artifacts:
  47. paths:
  48. - spec.json
  49. script:
  50. - mix pleroma.openapi_spec spec.json
  51. benchmark:
  52. stage: benchmark
  53. when: manual
  54. variables:
  55. MIX_ENV: benchmark
  56. services:
  57. - name: postgres:9.6-alpine
  58. alias: postgres
  59. command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
  60. script:
  61. - mix ecto.create
  62. - mix ecto.migrate
  63. - mix pleroma.load_testing
  64. unit-testing:
  65. stage: test
  66. only:
  67. changes: *build_changes_policy
  68. cache: &testing_cache_policy
  69. <<: *global_cache_policy
  70. policy: pull
  71. services:
  72. - name: postgres:13-alpine
  73. alias: postgres
  74. command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
  75. script:
  76. - mix ecto.create
  77. - mix ecto.migrate
  78. - mix test --cover --preload-modules
  79. coverage: '/^Line total: ([^ ]*%)$/'
  80. artifacts:
  81. reports:
  82. coverage_report:
  83. coverage_format: cobertura
  84. path: coverage.xml
  85. unit-testing-erratic:
  86. stage: test
  87. retry: 2
  88. allow_failure: true
  89. only:
  90. changes: *build_changes_policy
  91. cache: &testing_cache_policy
  92. <<: *global_cache_policy
  93. policy: pull
  94. services:
  95. - name: postgres:13-alpine
  96. alias: postgres
  97. command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
  98. script:
  99. - mix ecto.create
  100. - mix ecto.migrate
  101. - mix test --only=erratic
  102. # Removed to fix CI issue. In this early state it wasn't adding much value anyway.
  103. # TODO Fix and reinstate federated testing
  104. # federated-testing:
  105. # stage: test
  106. # cache: *testing_cache_policy
  107. # services:
  108. # - name: minibikini/postgres-with-rum:12
  109. # alias: postgres
  110. # command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
  111. # script:
  112. # - mix deps.get
  113. # - mix ecto.create
  114. # - mix ecto.migrate
  115. # - epmd -daemon
  116. # - mix test --trace --only federated
  117. unit-testing-rum:
  118. stage: test
  119. only:
  120. changes: *build_changes_policy
  121. cache: *testing_cache_policy
  122. services:
  123. - name: minibikini/postgres-with-rum:12
  124. alias: postgres
  125. command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
  126. variables:
  127. <<: *global_variables
  128. RUM_ENABLED: "true"
  129. script:
  130. - mix ecto.create
  131. - mix ecto.migrate
  132. - "mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/"
  133. - mix test --preload-modules
  134. lint:
  135. image: &current_elixir elixir:1.12-alpine
  136. stage: test
  137. only:
  138. changes: *build_changes_policy
  139. cache: *testing_cache_policy
  140. before_script: &current_bfr_script
  141. - apk update
  142. - apk add build-base cmake file-dev git openssl
  143. - mix local.hex --force
  144. - mix local.rebar --force
  145. - mix deps.get
  146. script:
  147. - mix format --check-formatted
  148. analysis:
  149. stage: test
  150. only:
  151. changes: *build_changes_policy
  152. cache: *testing_cache_policy
  153. script:
  154. - mix credo --strict --only=warnings,todo,fixme,consistency,readability
  155. cycles:
  156. image: *current_elixir
  157. stage: test
  158. only:
  159. changes: *build_changes_policy
  160. cache: {}
  161. before_script: *current_bfr_script
  162. script:
  163. - mix compile
  164. - mix xref graph --format cycles --label compile | awk '{print $0} END{exit ($0 != "No cycles found")}'
  165. docs-deploy:
  166. stage: deploy
  167. cache: *testing_cache_policy
  168. image: alpine:latest
  169. only:
  170. - stable@pleroma/pleroma
  171. - develop@pleroma/pleroma
  172. before_script:
  173. - apk add curl
  174. script:
  175. - curl -X POST -F"token=$DOCS_PIPELINE_TRIGGER" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" https://git.pleroma.social/api/v4/projects/673/trigger/pipeline
  176. review_app:
  177. image: alpine:3.9
  178. stage: deploy
  179. before_script:
  180. - apk update && apk add openssh-client git
  181. when: manual
  182. environment:
  183. name: review/$CI_COMMIT_REF_NAME
  184. url: https://$CI_ENVIRONMENT_SLUG.pleroma.online/
  185. on_stop: stop_review_app
  186. only:
  187. - branches
  188. except:
  189. - master
  190. - develop
  191. script:
  192. - echo "$CI_ENVIRONMENT_SLUG"
  193. - mkdir -p ~/.ssh
  194. - eval $(ssh-agent -s)
  195. - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
  196. - ssh-keyscan -H "pleroma.online" >> ~/.ssh/known_hosts
  197. - (ssh -t dokku@pleroma.online -- apps:create "$CI_ENVIRONMENT_SLUG") || true
  198. - (ssh -t dokku@pleroma.online -- git:set "$CI_ENVIRONMENT_SLUG" keep-git-dir true) || true
  199. - ssh -t dokku@pleroma.online -- config:set "$CI_ENVIRONMENT_SLUG" APP_NAME="$CI_ENVIRONMENT_SLUG" APP_HOST="$CI_ENVIRONMENT_SLUG.pleroma.online" MIX_ENV=dokku
  200. - (ssh -t dokku@pleroma.online -- postgres:create $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db) || true
  201. - (ssh -t dokku@pleroma.online -- postgres:link $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db "$CI_ENVIRONMENT_SLUG") || true
  202. - (ssh -t dokku@pleroma.online -- certs:add "$CI_ENVIRONMENT_SLUG" /home/dokku/server.crt /home/dokku/server.key) || true
  203. - git push -f dokku@pleroma.online:$CI_ENVIRONMENT_SLUG $CI_COMMIT_SHA:refs/heads/master
  204. spec-deploy:
  205. stage: deploy
  206. artifacts:
  207. paths:
  208. - spec.json
  209. only:
  210. - develop@pleroma/pleroma
  211. image: alpine:latest
  212. before_script:
  213. - apk add curl
  214. script:
  215. - curl -X POST -F"token=$API_DOCS_PIPELINE_TRIGGER" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" -F"variables[JOB_REF]=$CI_JOB_ID" https://git.pleroma.social/api/v4/projects/1130/trigger/pipeline
  216. stop_review_app:
  217. image: alpine:3.9
  218. stage: deploy
  219. before_script:
  220. - apk update && apk add openssh-client git
  221. when: manual
  222. environment:
  223. name: review/$CI_COMMIT_REF_NAME
  224. action: stop
  225. script:
  226. - echo "$CI_ENVIRONMENT_SLUG"
  227. - mkdir -p ~/.ssh
  228. - eval $(ssh-agent -s)
  229. - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
  230. - ssh-keyscan -H "pleroma.online" >> ~/.ssh/known_hosts
  231. - ssh -t dokku@pleroma.online -- --force apps:destroy "$CI_ENVIRONMENT_SLUG"
  232. - ssh -t dokku@pleroma.online -- --force postgres:destroy $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db
  233. amd64:
  234. stage: release
  235. image: elixir:1.10.4
  236. only: &release-only
  237. - stable@pleroma/pleroma
  238. - develop@pleroma/pleroma
  239. - /^maint/.*$/@pleroma/pleroma
  240. - /^release/.*$/@pleroma/pleroma
  241. artifacts: &release-artifacts
  242. name: "pleroma-$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA-$CI_JOB_NAME"
  243. paths:
  244. - release/*
  245. # Ideally it would be never for master branch and with the next commit for develop,
  246. # but Gitlab does not support neither `only` for artifacts
  247. # nor setting it to never from .gitlab-ci.yml
  248. # nor expiring with the next commit
  249. expire_in: 42 yrs
  250. cache: &release-cache
  251. key: $CI_COMMIT_REF_NAME-$CI_JOB_NAME
  252. paths:
  253. - deps
  254. variables: &release-variables
  255. MIX_ENV: prod
  256. before_script: &before-release
  257. - apt-get update && apt-get install -y cmake libmagic-dev
  258. - echo "import Config" > config/prod.secret.exs
  259. - mix local.hex --force
  260. - mix local.rebar --force
  261. script: &release
  262. - mix deps.get --only prod
  263. - mkdir release
  264. - export PLEROMA_BUILD_BRANCH=$CI_COMMIT_REF_NAME
  265. - mix release --path release
  266. amd64-musl:
  267. stage: release
  268. artifacts: *release-artifacts
  269. only: *release-only
  270. image: elixir:1.10.4-alpine
  271. cache: *release-cache
  272. variables: *release-variables
  273. before_script: &before-release-musl
  274. - apk add git build-base cmake file-dev openssl
  275. - echo "import Config" > config/prod.secret.exs
  276. - mix local.hex --force
  277. - mix local.rebar --force
  278. script: *release
  279. arm:
  280. stage: release
  281. artifacts: *release-artifacts
  282. only: *release-only
  283. tags:
  284. - arm32-specified
  285. image: arm32v7/elixir:1.10.4
  286. cache: *release-cache
  287. variables: *release-variables
  288. before_script: *before-release
  289. script: *release
  290. arm-musl:
  291. stage: release
  292. artifacts: *release-artifacts
  293. only: *release-only
  294. tags:
  295. - arm32-specified
  296. image: arm32v7/elixir:1.10.4-alpine
  297. cache: *release-cache
  298. variables: *release-variables
  299. before_script: *before-release-musl
  300. script: *release
  301. arm64:
  302. stage: release
  303. artifacts: *release-artifacts
  304. only: *release-only
  305. tags:
  306. - arm
  307. image: arm64v8/elixir:1.10.4
  308. cache: *release-cache
  309. variables: *release-variables
  310. before_script: *before-release
  311. script: *release
  312. arm64-musl:
  313. stage: release
  314. artifacts: *release-artifacts
  315. only: *release-only
  316. tags:
  317. - arm
  318. image: arm64v8/elixir:1.10.4-alpine
  319. cache: *release-cache
  320. variables: *release-variables
  321. before_script: *before-release-musl
  322. script: *release
  323. docker:
  324. stage: docker
  325. image: docker:latest
  326. cache: {}
  327. dependencies: []
  328. variables: &docker-variables
  329. DOCKER_DRIVER: overlay2
  330. DOCKER_HOST: unix:///var/run/docker.sock
  331. IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA
  332. IMAGE_TAG_SLUG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
  333. IMAGE_TAG_LATEST: $CI_REGISTRY_IMAGE:latest
  334. IMAGE_TAG_LATEST_STABLE: $CI_REGISTRY_IMAGE:latest-stable
  335. DOCKER_BUILDX_URL: https://github.com/docker/buildx/releases/download/v0.6.3/buildx-v0.6.3.linux-amd64
  336. DOCKER_BUILDX_HASH: 980e6b9655f971991fbbb5fd6cd19f1672386195
  337. before_script: &before-docker
  338. - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
  339. - docker pull $IMAGE_TAG_SLUG || true
  340. - export CI_JOB_TIMESTAMP=$(date --utc -Iseconds)
  341. - export CI_VCS_REF=$CI_COMMIT_SHORT_SHA
  342. allow_failure: true
  343. script:
  344. - mkdir -p /root/.docker/cli-plugins
  345. - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
  346. - echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
  347. - chmod +x ~/.docker/cli-plugins/docker-buildx
  348. - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
  349. - docker buildx create --name mbuilder --driver docker-container --use
  350. - docker buildx inspect --bootstrap
  351. - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG -t $IMAGE_TAG_LATEST .
  352. tags:
  353. - dind
  354. only:
  355. - develop@pleroma/pleroma
  356. docker-stable:
  357. stage: docker
  358. image: docker:latest
  359. cache: {}
  360. dependencies: []
  361. variables: *docker-variables
  362. before_script: *before-docker
  363. allow_failure: true
  364. script:
  365. - mkdir -p /root/.docker/cli-plugins
  366. - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
  367. - echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
  368. - chmod +x ~/.docker/cli-plugins/docker-buildx
  369. - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
  370. - docker buildx create --name mbuilder --driver docker-container --use
  371. - docker buildx inspect --bootstrap
  372. - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG -t $IMAGE_TAG_LATEST_STABLE .
  373. tags:
  374. - dind
  375. only:
  376. - stable@pleroma/pleroma
  377. docker-release:
  378. stage: docker
  379. image: docker:latest
  380. cache: {}
  381. dependencies: []
  382. variables: *docker-variables
  383. before_script: *before-docker
  384. allow_failure: true
  385. script:
  386. script:
  387. - mkdir -p /root/.docker/cli-plugins
  388. - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
  389. - echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
  390. - chmod +x ~/.docker/cli-plugins/docker-buildx
  391. - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
  392. - docker buildx create --name mbuilder --driver docker-container --use
  393. - docker buildx inspect --bootstrap
  394. - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG .
  395. tags:
  396. - dind
  397. only:
  398. - /^release/.*$/@pleroma/pleroma
  399. docker-adhoc:
  400. stage: docker
  401. image: docker:latest
  402. cache: {}
  403. dependencies: []
  404. variables: *docker-variables
  405. before_script: *before-docker
  406. allow_failure: true
  407. script:
  408. script:
  409. - mkdir -p /root/.docker/cli-plugins
  410. - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
  411. - echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
  412. - chmod +x ~/.docker/cli-plugins/docker-buildx
  413. - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
  414. - docker buildx create --name mbuilder --driver docker-container --use
  415. - docker buildx inspect --bootstrap
  416. - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG .
  417. tags:
  418. - dind
  419. only:
  420. - /^build-docker/.*$/@pleroma/pleroma