Revert "Merge branch 'use-https-in-dockerfile' into 'develop'"
[akkoma] / .gitlab-ci.yml
1 image: elixir:1.9.4
2
3 variables: &global_variables
4 POSTGRES_DB: pleroma_test
5 POSTGRES_USER: postgres
6 POSTGRES_PASSWORD: postgres
7 DB_HOST: postgres
8 MIX_ENV: test
9
10 cache: &global_cache_policy
11 key: ${CI_COMMIT_REF_SLUG}
12 paths:
13 - deps
14 - _build
15
16 stages:
17 - build
18 - test
19 - benchmark
20 - deploy
21 - release
22 - docker
23
24 before_script:
25 - apt-get update && apt-get install -y cmake
26 - mix local.hex --force
27 - mix local.rebar --force
28 - apt-get -qq update
29 - apt-get install -y libmagic-dev
30
31 build:
32 stage: build
33 script:
34 - mix deps.get
35 - mix compile --force
36
37 benchmark:
38 stage: benchmark
39 when: manual
40 variables:
41 MIX_ENV: benchmark
42 services:
43 - name: postgres:9.6
44 alias: postgres
45 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
46 script:
47 - mix deps.get
48 - mix ecto.create
49 - mix ecto.migrate
50 - mix pleroma.load_testing
51
52 unit-testing:
53 stage: test
54 retry: 2
55 cache: &testing_cache_policy
56 <<: *global_cache_policy
57 policy: pull
58
59 services:
60 - name: postgres:9.6
61 alias: postgres
62 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
63 script:
64 - apt-get update && apt-get install -y libimage-exiftool-perl ffmpeg
65 - mix deps.get
66 - mix ecto.create
67 - mix ecto.migrate
68 - mix coveralls --preload-modules
69
70 # Removed to fix CI issue. In this early state it wasn't adding much value anyway.
71 # TODO Fix and reinstate federated testing
72 # federated-testing:
73 # stage: test
74 # cache: *testing_cache_policy
75 # services:
76 # - name: minibikini/postgres-with-rum:12
77 # alias: postgres
78 # command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
79 # script:
80 # - mix deps.get
81 # - mix ecto.create
82 # - mix ecto.migrate
83 # - epmd -daemon
84 # - mix test --trace --only federated
85
86 unit-testing-rum:
87 stage: test
88 retry: 2
89 cache: *testing_cache_policy
90 services:
91 - name: minibikini/postgres-with-rum:12
92 alias: postgres
93 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
94 variables:
95 <<: *global_variables
96 RUM_ENABLED: "true"
97 script:
98 - apt-get update && apt-get install -y libimage-exiftool-perl ffmpeg
99 - mix deps.get
100 - mix ecto.create
101 - mix ecto.migrate
102 - "mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/"
103 - mix test --preload-modules
104
105 lint:
106 stage: test
107 cache: *testing_cache_policy
108 script:
109 - mix format --check-formatted
110
111 analysis:
112 stage: test
113 cache: *testing_cache_policy
114 script:
115 - mix deps.get
116 - mix credo --strict --only=warnings,todo,fixme,consistency,readability
117
118 docs-deploy:
119 stage: deploy
120 cache: *testing_cache_policy
121 image: alpine:latest
122 only:
123 - stable@pleroma/pleroma
124 - develop@pleroma/pleroma
125 before_script:
126 - apk add curl
127 script:
128 - curl -X POST -F"token=$DOCS_PIPELINE_TRIGGER" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" https://git.pleroma.social/api/v4/projects/673/trigger/pipeline
129 review_app:
130 image: alpine:3.9
131 stage: deploy
132 before_script:
133 - apk update && apk add openssh-client git
134 when: manual
135 environment:
136 name: review/$CI_COMMIT_REF_NAME
137 url: https://$CI_ENVIRONMENT_SLUG.pleroma.online/
138 on_stop: stop_review_app
139 only:
140 - branches
141 except:
142 - master
143 - develop
144 script:
145 - echo "$CI_ENVIRONMENT_SLUG"
146 - mkdir -p ~/.ssh
147 - eval $(ssh-agent -s)
148 - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
149 - ssh-keyscan -H "pleroma.online" >> ~/.ssh/known_hosts
150 - (ssh -t dokku@pleroma.online -- apps:create "$CI_ENVIRONMENT_SLUG") || true
151 - (ssh -t dokku@pleroma.online -- git:set "$CI_ENVIRONMENT_SLUG" keep-git-dir true) || true
152 - ssh -t dokku@pleroma.online -- config:set "$CI_ENVIRONMENT_SLUG" APP_NAME="$CI_ENVIRONMENT_SLUG" APP_HOST="$CI_ENVIRONMENT_SLUG.pleroma.online" MIX_ENV=dokku
153 - (ssh -t dokku@pleroma.online -- postgres:create $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db) || true
154 - (ssh -t dokku@pleroma.online -- postgres:link $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db "$CI_ENVIRONMENT_SLUG") || true
155 - (ssh -t dokku@pleroma.online -- certs:add "$CI_ENVIRONMENT_SLUG" /home/dokku/server.crt /home/dokku/server.key) || true
156 - git push -f dokku@pleroma.online:$CI_ENVIRONMENT_SLUG $CI_COMMIT_SHA:refs/heads/master
157
158 stop_review_app:
159 image: alpine:3.9
160 stage: deploy
161 before_script:
162 - apk update && apk add openssh-client git
163 when: manual
164 environment:
165 name: review/$CI_COMMIT_REF_NAME
166 action: stop
167 script:
168 - echo "$CI_ENVIRONMENT_SLUG"
169 - mkdir -p ~/.ssh
170 - eval $(ssh-agent -s)
171 - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
172 - ssh-keyscan -H "pleroma.online" >> ~/.ssh/known_hosts
173 - ssh -t dokku@pleroma.online -- --force apps:destroy "$CI_ENVIRONMENT_SLUG"
174 - ssh -t dokku@pleroma.online -- --force postgres:destroy $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db
175
176 amd64:
177 stage: release
178 image: elixir:1.10.3
179 only: &release-only
180 - stable@pleroma/pleroma
181 - develop@pleroma/pleroma
182 - /^maint/.*$/@pleroma/pleroma
183 - /^release/.*$/@pleroma/pleroma
184 artifacts: &release-artifacts
185 name: "pleroma-$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA-$CI_JOB_NAME"
186 paths:
187 - release/*
188 # Ideally it would be never for master branch and with the next commit for develop,
189 # but Gitlab does not support neither `only` for artifacts
190 # nor setting it to never from .gitlab-ci.yml
191 # nor expiring with the next commit
192 expire_in: 42 yrs
193
194 cache: &release-cache
195 key: $CI_COMMIT_REF_NAME-$CI_JOB_NAME
196 paths:
197 - deps
198 variables: &release-variables
199 MIX_ENV: prod
200 before_script: &before-release
201 - apt-get update && apt-get install -y cmake libmagic-dev
202 - echo "import Mix.Config" > config/prod.secret.exs
203 - mix local.hex --force
204 - mix local.rebar --force
205 script: &release
206 - mix deps.get --only prod
207 - mkdir release
208 - export PLEROMA_BUILD_BRANCH=$CI_COMMIT_REF_NAME
209 - mix release --path release
210
211
212 amd64-musl:
213 stage: release
214 artifacts: *release-artifacts
215 only: *release-only
216 image: elixir:1.10.3-alpine
217 cache: *release-cache
218 variables: *release-variables
219 before_script: &before-release-musl
220 - apk add git gcc g++ musl-dev make cmake file-dev
221 - echo "import Mix.Config" > config/prod.secret.exs
222 - mix local.hex --force
223 - mix local.rebar --force
224 script: *release
225
226 arm:
227 stage: release
228 artifacts: *release-artifacts
229 only: *release-only
230 tags:
231 - arm32
232 image: arm32v7/elixir:1.10.3
233 cache: *release-cache
234 variables: *release-variables
235 before_script: *before-release
236 script: *release
237
238 arm-musl:
239 stage: release
240 artifacts: *release-artifacts
241 only: *release-only
242 tags:
243 - arm32
244 image: arm32v7/elixir:1.10.3-alpine
245 cache: *release-cache
246 variables: *release-variables
247 before_script: *before-release-musl
248 script: *release
249
250 arm64:
251 stage: release
252 artifacts: *release-artifacts
253 only: *release-only
254 tags:
255 - arm
256 image: arm64v8/elixir:1.10.3
257 cache: *release-cache
258 variables: *release-variables
259 before_script: *before-release
260 script: *release
261
262 arm64-musl:
263 stage: release
264 artifacts: *release-artifacts
265 only: *release-only
266 tags:
267 - arm
268 image: arm64v8/elixir:1.10.3-alpine
269 cache: *release-cache
270 variables: *release-variables
271 before_script: *before-release-musl
272 script: *release
273
274 docker:
275 stage: docker
276 image: docker:latest
277 cache: {}
278 dependencies: []
279 variables: &docker-variables
280 DOCKER_DRIVER: overlay2
281 DOCKER_HOST: unix:///var/run/docker.sock
282 IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA
283 IMAGE_TAG_SLUG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
284 IMAGE_TAG_LATEST: $CI_REGISTRY_IMAGE:latest
285 IMAGE_TAG_LATEST_STABLE: $CI_REGISTRY_IMAGE:latest-stable
286 DOCKER_BUILDX_URL: https://github.com/docker/buildx/releases/download/v0.4.1/buildx-v0.4.1.linux-amd64
287 DOCKER_BUILDX_HASH: 71a7d01439aa8c165a25b59c44d3f016fddbd98b
288 before_script: &before-docker
289 - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
290 - docker pull $IMAGE_TAG_SLUG || true
291 - export CI_JOB_TIMESTAMP=$(date --utc -Iseconds)
292 - export CI_VCS_REF=$CI_COMMIT_SHORT_SHA
293 allow_failure: true
294 script:
295 - mkdir -p /root/.docker/cli-plugins
296 - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
297 - echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
298 - chmod +x ~/.docker/cli-plugins/docker-buildx
299 - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
300 - docker buildx create --name mbuilder --driver docker-container --use
301 - docker buildx inspect --bootstrap
302 - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG -t $IMAGE_TAG_LATEST .
303 tags:
304 - dind
305 only:
306 - develop@pleroma/pleroma
307
308 docker-stable:
309 stage: docker
310 image: docker:latest
311 cache: {}
312 dependencies: []
313 variables: *docker-variables
314 before_script: *before-docker
315 allow_failure: true
316 script:
317 - mkdir -p /root/.docker/cli-plugins
318 - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
319 - echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
320 - chmod +x ~/.docker/cli-plugins/docker-buildx
321 - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
322 - docker buildx create --name mbuilder --driver docker-container --use
323 - docker buildx inspect --bootstrap
324 - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG -t $IMAGE_TAG_LATEST_STABLE .
325 tags:
326 - dind
327 only:
328 - stable@pleroma/pleroma
329
330 docker-release:
331 stage: docker
332 image: docker:latest
333 cache: {}
334 dependencies: []
335 variables: *docker-variables
336 before_script: *before-docker
337 allow_failure: true
338 script:
339 script:
340 - mkdir -p /root/.docker/cli-plugins
341 - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
342 - echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
343 - chmod +x ~/.docker/cli-plugins/docker-buildx
344 - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
345 - docker buildx create --name mbuilder --driver docker-container --use
346 - docker buildx inspect --bootstrap
347 - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG .
348 tags:
349 - dind
350 only:
351 - /^release/.*$/@pleroma/pleroma