forked from NSO-developer/nso-docker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
161 lines (147 loc) · 6.19 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
image: registry.gitlab.com/nso-developer/ci-runner-image:latest
# Stages for our CI jobs
# Gitlab only allows the specification of one progression of stages. We use two
# different "modes" for running our jobs, which are essentially mutually
# exclusive. In the special CI_MODE=mirror, there is only a single mirror job
# that runs in the mirror stage. For a normal CI run, the other stages are used.
stages:
- mirror
- build
- multiver-test
- push
default:
retry:
max: 2
when:
- api_failure
- data_integrity_failure
- job_execution_timeout
- runner_system_failure
- runner_unsupported
- scheduler_failure
- stale_schedule
- stuck_or_timeout_failure
- unknown_failure
- unmet_prerequisites
# The before script makes sure that our prerequisites are installed . If the
# jobs are run with a standard debian or Ubuntu image, most prerequisites are
# not installed. To speed up the build, this install step can be skipped by
# running an image that already has the prerequisites installed, for example
# registry.gitlab.com/nso-developer/ci-runner-image:latest
#
# We also define the helper functions mark_section_start/end that help us mark
# out the start and end of a "section" in a CI job. Each section can be folded
# and gets a duration timestamp in the CI job view making it easy to see how
# long it took to run.
before_script:
- |
function mark_section_start() {
echo -e "section_start:0:$1\r\e[0K$2"
SECONDS=0
}
function mark_section_end() {
echo -e "section_end:${SECONDS}:$1\r\e[0K"
}
- mark_section_start initialize Initializing
- which curl docker expect gpg2 sshpass xmlstarlet >/dev/null || (echo "Installing prerequisites..." && apt-get -y update && DEBIAN_FRONTEND=noninteractive apt-get install -qy apt-transport-https ca-certificates curl expect gnupg2 software-properties-common sshpass xmlstarlet; which docker || (echo "Installing docker..." && curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add - && apt-key fingerprint 0EBFCD88 && add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable" && apt-get -y update && apt-get -qy install -qy docker-ce docker-ce-cli containerd.io))
- mark_section_end initialize
# Template for the standard build job
.build:
stage: build
except:
variables:
- $CI_MODE == "mirror"
script:
- docker login -u gitlab-ci-token -p ${CI_BUILD_TOKEN} ${CI_REGISTRY}
- mark_section_start build "Building base and dev image"
- make build
- mark_section_end build
- mark_section_start test "Testing images"
- make test
- mark_section_end test
- mark_section_start test-skel "Testing skeletons"
- make test-skeletons
- mark_section_end test-skel
- mark_section_start image-push "Pushing images"
- if [ "${DOCKER_PUSH}" != "false" ]; then make push; fi
- mark_section_end image-push
after_script:
- make -C test clean
# Template for the standard multi-version testing job
.multiver_test:
stage: multiver-test
except:
variables:
- $CI_MODE == "mirror"
script:
- mark_section_start image-pull "Pulling images"
- docker login -u gitlab-ci-token -p ${CI_BUILD_TOKEN} ${CI_REGISTRY}
- if [ "${DOCKER_PUSH}" != "false" ]; then make pull; fi
- mark_section_end image-pull
- mark_section_start test "Testing images"
- make test-multiver
- mark_section_end test
after_script:
- make -C test clean
# Template for the standard push job
.push:
stage: push
except:
variables:
- $CI_MODE == "mirror"
script:
- mark_section_start image-pull "Pulling images"
- docker login -u gitlab-ci-token -p ${CI_BUILD_TOKEN} ${CI_REGISTRY}
- if [ "${DOCKER_PUSH}" != "false" ]; then make pull; fi
- mark_section_end image-pull
- mark_section_start image-push "Pushing images"
- if [ "${CI_COMMIT_REF_NAME}" = "${CI_DEFAULT_BRANCH}" ]; then make tag-release; fi
- if [ "${CI_COMMIT_REF_NAME}" = "${CI_DEFAULT_BRANCH}" ] && [ "${DOCKER_PUSH}" != "false" ]; then make push-release; fi
- mark_section_end image-push
# Special CI job for running a mirroring job that pulls in the latest changes
# from upstream. Unlike normal GitLab mirroring, which fails whenever the local
# repository has diverged (has changes), this job uses a normal 'git pull' which
# means merge commits are used when necessary. It essentially allows local
# modifications.
mirror:
stage: mirror
only:
variables:
- $CI_MODE == "mirror"
before_script:
- 'which ssh-agent || ( apt-get update -y && apt-get install -y openssh-client )'
- 'which git || ( apt-get update -y && apt-get install -y git )'
- eval $(ssh-agent -s)
- ssh-add <(echo "${GIT_SSH_PRIV_KEY}")
- mkdir -p ~/.ssh
- echo "${GITLAB_HOSTKEY}" >> ~/.ssh/known_hosts
- git config --global user.email "${GITLAB_USER_EMAIL}"
- git config --global user.name "${GITLAB_USER_NAME}"
script:
- "git clone git@${CI_SERVER_HOST}:${CI_PROJECT_PATH}.git"
- cd "${CI_PROJECT_NAME}"
- git remote add upstream "${MIRROR_REMOTE}"
- if [ "${MIRROR_PULL_MODE}" = "rebase" ]; then git pull --rebase upstream ${CI_DEFAULT_BRANCH}; else git pull upstream ${CI_DEFAULT_BRANCH}; fi
- if [ "${MIRROR_PULL_MODE}" = "rebase" ]; then git push --force origin ${CI_DEFAULT_BRANCH}; else git push origin ${CI_DEFAULT_BRANCH}; fi
# Make sure the computed version set files are up to date with the source by
# regenerating and checking if we get a diff.
.test-version-set:
stage: build
except:
variables:
- $CI_MODE == "mirror"
script:
- apt-get update && apt-get install -qy git python3
- cd version-sets/${VERSION_SET}
- make --always-make generate
- git add -N .
- git status
- git diff
- git diff --exit-code
# Version set to include. This file contains the actual jobs that instantiate
# the job templates above for a list of NSO versions. It is assumed you have
# created a version set with the same name as the Gitlab project namespace. That
# is, if this repo lives in gitlab.example.com/acme/nso-docker/, the version-set
# is assumed to be in /version-sets/acme/.
include:
- 'version-sets/${CI_PROJECT_NAMESPACE}/nso-docker.yaml'