mirror of
https://gitlab.com/crafty-controller/crafty-4.git
synced 2025-01-18 17:15:13 +01:00
Separate Build from main ci yml
This commit is contained in:
parent
b459534a84
commit
f5d7109c6c
194
.gitlab-ci.yml
194
.gitlab-ci.yml
@ -13,198 +13,6 @@ variables:
|
||||
DOCKER_HOST: tcp://docker:2376
|
||||
DOCKER_TLS_CERTDIR: "/certs"
|
||||
|
||||
docker-build-dev:
|
||||
image: docker:latest
|
||||
services:
|
||||
- name: docker:dind
|
||||
stage: dev-deployment
|
||||
tags:
|
||||
- docker_priv
|
||||
rules:
|
||||
- if: $CI_COMMIT_BRANCH == 'dev'
|
||||
environment:
|
||||
name: development
|
||||
before_script:
|
||||
- |
|
||||
apk --no-cache add jq
|
||||
MAJOR=$(cat app/config/version.json | jq '.major' )
|
||||
MINOR=$(cat app/config/version.json | jq '.minor' )
|
||||
SUB=$(cat app/config/version.json | jq '.sub' )
|
||||
META=$(cat app/config/version.json | jq -r '.meta' )
|
||||
- |
|
||||
apk --no-cache add curl
|
||||
latest_tag=$(curl -s https://api.github.com/repos/docker/buildx/releases/latest | sed -Ene '/^ *"tag_name": *"(v.+)",$/s//\1/p')
|
||||
echo "Using buildx version $latest_tag"
|
||||
curl -sSLo docker-buildx "https://github.com/docker/buildx/releases/download/$latest_tag/buildx-$latest_tag.linux-amd64"
|
||||
chmod a+x docker-buildx
|
||||
mkdir -p ~/.docker/cli-plugins
|
||||
mv docker-buildx ~/.docker/cli-plugins/docker-buildx
|
||||
docker version
|
||||
- docker run --rm --privileged aptman/qus -- -r
|
||||
- docker run --rm --privileged aptman/qus -s -- -p aarch64 x86_64
|
||||
- echo $CI_BUILD_TOKEN | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
|
||||
script:
|
||||
- |
|
||||
tag=":$CI_COMMIT_REF_SLUG"
|
||||
VERSION="${MAJOR}.${MINOR}.${SUB}-${META}"
|
||||
- |
|
||||
echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
|
||||
echo "Crafty Version: $VERSION"
|
||||
- docker context create tls-environment
|
||||
- docker buildx create --name zedBuilder --use tls-environment
|
||||
- docker buildx build
|
||||
--cache-from type=registry,ref="$CI_REGISTRY_IMAGE${tag}"
|
||||
--build-arg BUILDKIT_INLINE_CACHE=1
|
||||
--build-arg "BUILD_DATE=$(date +"%Y-%m-%dT%H:%M:%SZ")"
|
||||
--build-arg "BUILD_REF=${CI_COMMIT_SHA}"
|
||||
--build-arg "CRAFTY_VER=${VERSION}"
|
||||
--tag "$CI_REGISTRY_IMAGE${tag}"
|
||||
--platform linux/arm64/v8,linux/amd64
|
||||
--push .
|
||||
after_script:
|
||||
- |
|
||||
docker buildx rm zedBuilder && echo "Successfully Stopped builder instance" || echo "Failed to stop builder instance."
|
||||
docker context rm tls-environment || true
|
||||
echo "Please review multi-arch manifests are present:"
|
||||
docker buildx imagetools inspect "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
|
||||
|
||||
docker-build-prod:
|
||||
image: docker:latest
|
||||
services:
|
||||
- name: docker:dind
|
||||
stage: prod-deployment
|
||||
tags:
|
||||
- docker_priv
|
||||
rules:
|
||||
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
|
||||
environment:
|
||||
name: production
|
||||
before_script:
|
||||
- |
|
||||
apk --no-cache add jq
|
||||
MAJOR=$(cat app/config/version.json | jq '.major' )
|
||||
MINOR=$(cat app/config/version.json | jq '.minor' )
|
||||
SUB=$(cat app/config/version.json | jq '.sub' )
|
||||
META=$(cat app/config/version.json | jq -r '.meta' )
|
||||
- |
|
||||
apk --no-cache add curl
|
||||
latest_tag=$(curl -s https://api.github.com/repos/docker/buildx/releases/latest | sed -Ene '/^ *"tag_name": *"(v.+)",$/s//\1/p')
|
||||
echo "Using buildx version $latest_tag"
|
||||
curl -sSLo docker-buildx "https://github.com/docker/buildx/releases/download/$latest_tag/buildx-$latest_tag.linux-amd64"
|
||||
chmod a+x docker-buildx
|
||||
mkdir -p ~/.docker/cli-plugins
|
||||
mv docker-buildx ~/.docker/cli-plugins/docker-buildx
|
||||
docker version
|
||||
- docker run --rm --privileged aptman/qus -- -r
|
||||
- docker run --rm --privileged aptman/qus -s -- -p aarch64 x86_64
|
||||
- echo $CI_BUILD_TOKEN | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
|
||||
script:
|
||||
- |
|
||||
tag=""
|
||||
VERSION="${MAJOR}.${MINOR}.${SUB}-${META}"
|
||||
- |
|
||||
echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
|
||||
echo "Crafty Version: $VERSION"
|
||||
- docker context create tls-environment
|
||||
- docker buildx create --name zedBuilder --use tls-environment
|
||||
- docker buildx build
|
||||
--cache-from type=registry,ref="$CI_REGISTRY_IMAGE${tag}"
|
||||
--build-arg BUILDKIT_INLINE_CACHE=1
|
||||
--build-arg "BUILD_DATE=$(date +"%Y-%m-%dT%H:%M:%SZ")"
|
||||
--build-arg "BUILD_REF=${CI_COMMIT_SHA}"
|
||||
--build-arg "CRAFTY_VER=${VERSION}"
|
||||
--tag "$CI_REGISTRY_IMAGE${tag}"
|
||||
--platform linux/arm64/v8,linux/amd64
|
||||
--push .
|
||||
after_script:
|
||||
- |
|
||||
docker buildx rm zedBuilder && echo "Successfully Stopped builder instance" || echo "Failed to stop builder instance."
|
||||
docker context rm tls-environment || true
|
||||
echo "Please review multi-arch manifests are present:"
|
||||
docker buildx imagetools inspect "$CI_REGISTRY_IMAGE${tag}"
|
||||
|
||||
win-dev-build:
|
||||
stage: dev-deployment
|
||||
tags:
|
||||
- win64
|
||||
cache:
|
||||
paths:
|
||||
- .venv/
|
||||
rules:
|
||||
- if: "$CI_COMMIT_BRANCH == 'dev'"
|
||||
environment:
|
||||
name: development
|
||||
script:
|
||||
- |
|
||||
$ErrorActionPreference = "Stop"
|
||||
py -m venv .venv
|
||||
.venv\Scripts\activate.ps1
|
||||
pip install pyinstaller
|
||||
pip install -r requirements.txt
|
||||
- pyinstaller -F main.py
|
||||
--distpath .
|
||||
--icon app\frontend\static\assets\images\Crafty_4-0_Logo_square.ico
|
||||
--name "crafty_commander"
|
||||
--paths .venv\Lib\site-packages
|
||||
--hidden-import cryptography
|
||||
--hidden-import cffi
|
||||
--hidden-import apscheduler
|
||||
--collect-all tzlocal
|
||||
--collect-all tzdata
|
||||
--collect-all pytz
|
||||
--collect-all six
|
||||
|
||||
# Download latest:
|
||||
# | https://gitlab.com/crafty-controller/crafty-4/-/jobs/artifacts/dev/download?job=win-dev-build
|
||||
artifacts:
|
||||
name: "crafty-${CI_RUNNER_TAGS}-${CI_COMMIT_BRANCH}_${CI_COMMIT_SHORT_SHA}"
|
||||
paths:
|
||||
- app\
|
||||
- .\crafty_commander.exe
|
||||
exclude:
|
||||
- app\classes\**\*
|
||||
|
||||
win-prod-build:
|
||||
stage: prod-deployment
|
||||
tags:
|
||||
- win64
|
||||
cache:
|
||||
paths:
|
||||
- .venv/
|
||||
rules:
|
||||
- if: "$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH"
|
||||
environment:
|
||||
name: production
|
||||
script:
|
||||
- |
|
||||
$ErrorActionPreference = "Stop"
|
||||
py -m venv .venv
|
||||
.venv\Scripts\activate.ps1
|
||||
pip install pyinstaller
|
||||
pip install -r requirements.txt
|
||||
- pyinstaller -F main.py
|
||||
--distpath .
|
||||
--icon app\frontend\static\assets\images\Crafty_4-0_Logo_square.ico
|
||||
--name "crafty_commander"
|
||||
--paths .venv\Lib\site-packages
|
||||
--hidden-import cryptography
|
||||
--hidden-import cffi
|
||||
--hidden-import apscheduler
|
||||
--collect-all tzlocal
|
||||
--collect-all tzdata
|
||||
--collect-all pytz
|
||||
--collect-all six
|
||||
|
||||
# Download latest:
|
||||
# | https://gitlab.com/crafty-controller/crafty-4/-/jobs/artifacts/master/download?job=win-prod-build
|
||||
artifacts:
|
||||
name: "crafty-${CI_RUNNER_TAGS}-${CI_COMMIT_BRANCH}_${CI_COMMIT_SHORT_SHA}"
|
||||
paths:
|
||||
- app\
|
||||
- .\crafty_commander.exe
|
||||
exclude:
|
||||
- app\classes\**\*
|
||||
|
||||
sast:
|
||||
variables:
|
||||
SAST_EXCLUDED_PATHS: spec, test, tests, tmp, migrations, vendors
|
||||
@ -230,6 +38,8 @@ gemnasium-python-dependency_scanning:
|
||||
|
||||
include:
|
||||
- local: ./.gitlab/lint.yml
|
||||
- local: ./.gitlab/docker-build.yml
|
||||
- local: ./.gitlab/windows-build.yml
|
||||
- template: Security/Dependency-Scanning.gitlab-ci.yml
|
||||
- template: Security/SAST.gitlab-ci.yml
|
||||
- template: Security/Secret-Detection.gitlab-ci.yml
|
||||
|
110
.gitlab/docker-build.yml
Normal file
110
.gitlab/docker-build.yml
Normal file
@ -0,0 +1,110 @@
|
||||
---
|
||||
docker-build-dev:
|
||||
image: docker:latest
|
||||
services:
|
||||
- name: docker:dind
|
||||
stage: dev-deployment
|
||||
tags:
|
||||
- docker_priv
|
||||
rules:
|
||||
- if: $CI_COMMIT_BRANCH == 'dev'
|
||||
environment:
|
||||
name: development
|
||||
before_script:
|
||||
- |
|
||||
apk --no-cache add jq
|
||||
MAJOR=$(cat app/config/version.json | jq '.major' )
|
||||
MINOR=$(cat app/config/version.json | jq '.minor' )
|
||||
SUB=$(cat app/config/version.json | jq '.sub' )
|
||||
META=$(cat app/config/version.json | jq -r '.meta' )
|
||||
- |
|
||||
apk --no-cache add curl
|
||||
latest_tag=$(curl -s https://api.github.com/repos/docker/buildx/releases/latest | sed -Ene '/^ *"tag_name": *"(v.+)",$/s//\1/p')
|
||||
echo "Using buildx version $latest_tag"
|
||||
curl -sSLo docker-buildx "https://github.com/docker/buildx/releases/download/$latest_tag/buildx-$latest_tag.linux-amd64"
|
||||
chmod a+x docker-buildx
|
||||
mkdir -p ~/.docker/cli-plugins
|
||||
mv docker-buildx ~/.docker/cli-plugins/docker-buildx
|
||||
docker version
|
||||
- docker run --rm --privileged aptman/qus -- -r
|
||||
- docker run --rm --privileged aptman/qus -s -- -p aarch64 x86_64
|
||||
- echo $CI_BUILD_TOKEN | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
|
||||
script:
|
||||
- |
|
||||
tag=":$CI_COMMIT_REF_SLUG"
|
||||
VERSION="${MAJOR}.${MINOR}.${SUB}-${META}"
|
||||
- |
|
||||
echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
|
||||
echo "Crafty Version: $VERSION"
|
||||
- docker context create tls-environment
|
||||
- docker buildx create --name zedBuilder --use tls-environment
|
||||
- docker buildx build
|
||||
--cache-from type=registry,ref="$CI_REGISTRY_IMAGE${tag}"
|
||||
--build-arg BUILDKIT_INLINE_CACHE=1
|
||||
--build-arg "BUILD_DATE=$(date +"%Y-%m-%dT%H:%M:%SZ")"
|
||||
--build-arg "BUILD_REF=${CI_COMMIT_SHA}"
|
||||
--build-arg "CRAFTY_VER=${VERSION}"
|
||||
--tag "$CI_REGISTRY_IMAGE${tag}"
|
||||
--platform linux/arm64/v8,linux/amd64
|
||||
--push .
|
||||
after_script:
|
||||
- |
|
||||
docker buildx rm zedBuilder && echo "Successfully Stopped builder instance" || echo "Failed to stop builder instance."
|
||||
docker context rm tls-environment || true
|
||||
echo "Please review multi-arch manifests are present:"
|
||||
docker buildx imagetools inspect "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
|
||||
|
||||
docker-build-prod:
|
||||
image: docker:latest
|
||||
services:
|
||||
- name: docker:dind
|
||||
stage: prod-deployment
|
||||
tags:
|
||||
- docker_priv
|
||||
rules:
|
||||
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
|
||||
environment:
|
||||
name: production
|
||||
before_script:
|
||||
- |
|
||||
apk --no-cache add jq
|
||||
MAJOR=$(cat app/config/version.json | jq '.major' )
|
||||
MINOR=$(cat app/config/version.json | jq '.minor' )
|
||||
SUB=$(cat app/config/version.json | jq '.sub' )
|
||||
META=$(cat app/config/version.json | jq -r '.meta' )
|
||||
- |
|
||||
apk --no-cache add curl
|
||||
latest_tag=$(curl -s https://api.github.com/repos/docker/buildx/releases/latest | sed -Ene '/^ *"tag_name": *"(v.+)",$/s//\1/p')
|
||||
echo "Using buildx version $latest_tag"
|
||||
curl -sSLo docker-buildx "https://github.com/docker/buildx/releases/download/$latest_tag/buildx-$latest_tag.linux-amd64"
|
||||
chmod a+x docker-buildx
|
||||
mkdir -p ~/.docker/cli-plugins
|
||||
mv docker-buildx ~/.docker/cli-plugins/docker-buildx
|
||||
docker version
|
||||
- docker run --rm --privileged aptman/qus -- -r
|
||||
- docker run --rm --privileged aptman/qus -s -- -p aarch64 x86_64
|
||||
- echo $CI_BUILD_TOKEN | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
|
||||
script:
|
||||
- |
|
||||
tag=""
|
||||
VERSION="${MAJOR}.${MINOR}.${SUB}-${META}"
|
||||
- |
|
||||
echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
|
||||
echo "Crafty Version: $VERSION"
|
||||
- docker context create tls-environment
|
||||
- docker buildx create --name zedBuilder --use tls-environment
|
||||
- docker buildx build
|
||||
--cache-from type=registry,ref="$CI_REGISTRY_IMAGE${tag}"
|
||||
--build-arg BUILDKIT_INLINE_CACHE=1
|
||||
--build-arg "BUILD_DATE=$(date +"%Y-%m-%dT%H:%M:%SZ")"
|
||||
--build-arg "BUILD_REF=${CI_COMMIT_SHA}"
|
||||
--build-arg "CRAFTY_VER=${VERSION}"
|
||||
--tag "$CI_REGISTRY_IMAGE${tag}"
|
||||
--platform linux/arm64/v8,linux/amd64
|
||||
--push .
|
||||
after_script:
|
||||
- |
|
||||
docker buildx rm zedBuilder && echo "Successfully Stopped builder instance" || echo "Failed to stop builder instance."
|
||||
docker context rm tls-environment || true
|
||||
echo "Please review multi-arch manifests are present:"
|
||||
docker buildx imagetools inspect "$CI_REGISTRY_IMAGE${tag}"
|
82
.gitlab/windows-build.yml
Normal file
82
.gitlab/windows-build.yml
Normal file
@ -0,0 +1,82 @@
|
||||
---
|
||||
win-dev-build:
|
||||
stage: dev-deployment
|
||||
tags:
|
||||
- win64
|
||||
cache:
|
||||
paths:
|
||||
- .venv/
|
||||
rules:
|
||||
- if: "$CI_COMMIT_BRANCH == 'dev'"
|
||||
environment:
|
||||
name: development
|
||||
script:
|
||||
- |
|
||||
$ErrorActionPreference = "Stop"
|
||||
py -m venv .venv
|
||||
.venv\Scripts\activate.ps1
|
||||
pip install pyinstaller
|
||||
pip install -r requirements.txt
|
||||
- pyinstaller -F main.py
|
||||
--distpath .
|
||||
--icon app\frontend\static\assets\images\Crafty_4-0_Logo_square.ico
|
||||
--name "crafty_commander"
|
||||
--paths .venv\Lib\site-packages
|
||||
--hidden-import cryptography
|
||||
--hidden-import cffi
|
||||
--hidden-import apscheduler
|
||||
--collect-all tzlocal
|
||||
--collect-all tzdata
|
||||
--collect-all pytz
|
||||
--collect-all six
|
||||
|
||||
# Download latest:
|
||||
# | https://gitlab.com/crafty-controller/crafty-4/-/jobs/artifacts/dev/download?job=win-dev-build
|
||||
artifacts:
|
||||
name: "crafty-${CI_RUNNER_TAGS}-${CI_COMMIT_BRANCH}_${CI_COMMIT_SHORT_SHA}"
|
||||
paths:
|
||||
- app\
|
||||
- .\crafty_commander.exe
|
||||
exclude:
|
||||
- app\classes\**\*
|
||||
|
||||
win-prod-build:
|
||||
stage: prod-deployment
|
||||
tags:
|
||||
- win64
|
||||
cache:
|
||||
paths:
|
||||
- .venv/
|
||||
rules:
|
||||
- if: "$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH"
|
||||
environment:
|
||||
name: production
|
||||
script:
|
||||
- |
|
||||
$ErrorActionPreference = "Stop"
|
||||
py -m venv .venv
|
||||
.venv\Scripts\activate.ps1
|
||||
pip install pyinstaller
|
||||
pip install -r requirements.txt
|
||||
- pyinstaller -F main.py
|
||||
--distpath .
|
||||
--icon app\frontend\static\assets\images\Crafty_4-0_Logo_square.ico
|
||||
--name "crafty_commander"
|
||||
--paths .venv\Lib\site-packages
|
||||
--hidden-import cryptography
|
||||
--hidden-import cffi
|
||||
--hidden-import apscheduler
|
||||
--collect-all tzlocal
|
||||
--collect-all tzdata
|
||||
--collect-all pytz
|
||||
--collect-all six
|
||||
|
||||
# Download latest:
|
||||
# | https://gitlab.com/crafty-controller/crafty-4/-/jobs/artifacts/master/download?job=win-prod-build
|
||||
artifacts:
|
||||
name: "crafty-${CI_RUNNER_TAGS}-${CI_COMMIT_BRANCH}_${CI_COMMIT_SHORT_SHA}"
|
||||
paths:
|
||||
- app\
|
||||
- .\crafty_commander.exe
|
||||
exclude:
|
||||
- app\classes\**\*
|
Loading…
x
Reference in New Issue
Block a user