-
Notifications
You must be signed in to change notification settings - Fork 41
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1544 from freedomofpress/remove-support-for-debia…
…n-buster Remove support for Debian Buster
- Loading branch information
Showing
1 changed file
with
13 additions
and
67 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,20 +1,18 @@ | ||
| --- | ||
| common-steps: | ||
| - &install_deps | ||
| - &install_testing_dependencies | ||
| run: | ||
| name: Install base dependencies for Bullseye python | ||
| name: Install testing dependencies | ||
| command: | | ||
| set -e | ||
| pip uninstall virtualenv -y || true | ||
| sudo apt update && sudo apt install -y make git gnupg | ||
| apt update && apt install -y git gnupg libqt5x11extras5 make python3-tk python3-dev gnupg python3-venv sqlite3 xvfb | ||
| - &install_deps_on_buster | ||
| - &install_build_dependencies | ||
| run: | ||
| name: Install base dependencies for Buster python | ||
| name: Install build dependencies | ||
| command: | | ||
| set -e | ||
| pip uninstall virtualenv -y || true | ||
| apt-get update && apt-get install -y sudo make git gnupg python3 python3-venv | ||
| apt update && apt install -y git make sudo | ||
| - &run_tests | ||
| run: | ||
|
|
@@ -26,16 +24,6 @@ common-steps: | |
| export PYTHONPATH=$PYTHONPATH:. # so alembic can get to Base metadata | ||
| make check --keep-going | ||
| - &run_tests_on_buster | ||
| run: | ||
| name: Install requirements and run tests | ||
| command: | | ||
| set -e | ||
| make venv-buster | ||
| source .venv/bin/activate | ||
| export PYTHONPATH=$PYTHONPATH:. # so alembic can get to Base metadata | ||
| make check --keep-going | ||
| - &run_lint | ||
| run: | ||
| name: Run lint, then static analysis on source code to find security issues | ||
|
|
@@ -44,7 +32,7 @@ common-steps: | |
| source .venv/bin/activate | ||
| make check-black check-isort lint bandit check-strings | ||
| - &check_python_dependencies_for_vulns | ||
| - &check_python_dependencies_for_vulnerabilities | ||
| run: | ||
| name: Check Python dependencies for known vulnerabilities | ||
| command: | | ||
|
|
@@ -54,21 +42,7 @@ common-steps: | |
| - &install_packaging_dependencies | ||
| run: | ||
| name: Install Debian packaging dependencies and download wheels | ||
| command: | | ||
| set -x | ||
| mkdir ~/packaging && cd ~/packaging | ||
| # local builds may not have an ssh url, so || true | ||
| git config --global --unset url.ssh://[email protected] || true | ||
| git clone https://github.com/freedomofpress/securedrop-debian-packaging.git | ||
| cd securedrop-debian-packaging | ||
| sudo apt update && sudo apt install -y make | ||
| make install-deps | ||
| PKG_DIR=~/project make requirements | ||
| - &install_packaging_dependencies_buster | ||
| run: | ||
| name: Install Debian packaging dependencies and download wheels | ||
| name: Install Debian packaging dependencies and download Python wheels | ||
| command: | | ||
| set -x | ||
| mkdir ~/packaging && cd ~/packaging | ||
|
|
@@ -104,58 +78,32 @@ version: 2 | |
| jobs: | ||
| build-bullseye: | ||
| docker: | ||
| - image: circleci/python:3.9-bullseye | ||
| - image: debian:bullseye | ||
| steps: | ||
| - *install_deps | ||
| - *install_build_dependencies | ||
| - checkout | ||
| - *install_packaging_dependencies | ||
| - *verify_requirements | ||
| - *build_debian_package | ||
|
|
||
| test-bullseye: | ||
| docker: | ||
| - image: circleci/python:3.9-bullseye | ||
| - image: debian:bullseye | ||
| steps: | ||
| - *install_deps | ||
| - *install_testing_dependencies | ||
| - checkout | ||
| - run: sudo apt update && sudo apt install -y sqlite3 libqt5x11extras5 xvfb python3-tk python3-dev | ||
| - *run_tests | ||
| - store_test_results: | ||
| path: test-results | ||
| - *run_lint | ||
| - *check_python_dependencies_for_vulns | ||
|
|
||
| build-buster: | ||
| docker: | ||
| - image: debian:buster | ||
| steps: | ||
| - *install_deps_on_buster | ||
| - checkout | ||
| - *install_packaging_dependencies_buster | ||
| - *verify_requirements | ||
| - *build_debian_package | ||
|
|
||
| test-buster: | ||
| docker: | ||
| - image: debian:buster | ||
| steps: | ||
| - *install_deps_on_buster | ||
| - checkout | ||
| - run: apt-get update && apt-get install -y sqlite3 libqt5x11extras5 xvfb python3-tk python3-dev | ||
| - *run_tests_on_buster | ||
| - store_test_results: | ||
| path: test-results | ||
| - *run_lint | ||
| - *check_python_dependencies_for_vulns | ||
| - *check_python_dependencies_for_vulnerabilities | ||
|
|
||
| workflows: | ||
| version: 2 | ||
| securedrop_client_ci: | ||
| jobs: | ||
| - test-bullseye | ||
| - build-bullseye | ||
| - test-buster | ||
| - build-buster | ||
|
|
||
| nightly: | ||
| triggers: | ||
|
|
@@ -168,5 +116,3 @@ workflows: | |
| jobs: | ||
| - test-bullseye | ||
| - build-bullseye | ||
| - test-buster | ||
| - build-buster | ||