+
+docs-deploy:
+ stage: deploy
+ cache: *testing_cache_policy
+ image: alpine:latest
+ only:
+ - stable@pleroma/pleroma
+ - develop@pleroma/pleroma
+ before_script:
+ - apk add curl
+ script:
+ - curl -X POST -F"token=$DOCS_PIPELINE_TRIGGER" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" https://git.pleroma.social/api/v4/projects/673/trigger/pipeline
+review_app:
+ image: alpine:3.9
+ stage: deploy
+ before_script:
+ - apk update && apk add openssh-client git
+ when: manual
+ environment:
+ name: review/$CI_COMMIT_REF_NAME
+ url: https://$CI_ENVIRONMENT_SLUG.pleroma.online/
+ on_stop: stop_review_app
+ only:
+ - branches
+ except:
+ - master
+ - develop
+ script:
+ - echo "$CI_ENVIRONMENT_SLUG"
+ - mkdir -p ~/.ssh
+ - eval $(ssh-agent -s)
+ - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
+ - ssh-keyscan -H "pleroma.online" >> ~/.ssh/known_hosts
+ - (ssh -t dokku@pleroma.online -- apps:create "$CI_ENVIRONMENT_SLUG") || true
+ - (ssh -t dokku@pleroma.online -- git:set "$CI_ENVIRONMENT_SLUG" keep-git-dir true) || true
+ - ssh -t dokku@pleroma.online -- config:set "$CI_ENVIRONMENT_SLUG" APP_NAME="$CI_ENVIRONMENT_SLUG" APP_HOST="$CI_ENVIRONMENT_SLUG.pleroma.online" MIX_ENV=dokku
+ - (ssh -t dokku@pleroma.online -- postgres:create $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db) || true
+ - (ssh -t dokku@pleroma.online -- postgres:link $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db "$CI_ENVIRONMENT_SLUG") || true
+ - (ssh -t dokku@pleroma.online -- certs:add "$CI_ENVIRONMENT_SLUG" /home/dokku/server.crt /home/dokku/server.key) || true
+ - git push -f dokku@pleroma.online:$CI_ENVIRONMENT_SLUG $CI_COMMIT_SHA:refs/heads/master
+
+stop_review_app:
+ image: alpine:3.9
+ stage: deploy
+ before_script:
+ - apk update && apk add openssh-client git
+ when: manual
+ environment:
+ name: review/$CI_COMMIT_REF_NAME
+ action: stop
+ script:
+ - echo "$CI_ENVIRONMENT_SLUG"
+ - mkdir -p ~/.ssh
+ - eval $(ssh-agent -s)
+ - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
+ - ssh-keyscan -H "pleroma.online" >> ~/.ssh/known_hosts
+ - ssh -t dokku@pleroma.online -- --force apps:destroy "$CI_ENVIRONMENT_SLUG"
+ - ssh -t dokku@pleroma.online -- --force postgres:destroy $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db
+
+amd64:
+ stage: release
+ image: elixir:1.10.3
+ only: &release-only
+ - stable@pleroma/pleroma
+ - develop@pleroma/pleroma
+ - /^maint/.*$/@pleroma/pleroma
+ - /^release/.*$/@pleroma/pleroma
+ - /^build-release/.*$/@pleroma/pleroma
+ artifacts: &release-artifacts
+ name: "pleroma-$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA-$CI_JOB_NAME"
+ paths:
+ - release/*
+ # Ideally it would be never for master branch and with the next commit for develop,
+ # but Gitlab does not support neither `only` for artifacts
+ # nor setting it to never from .gitlab-ci.yml
+ # nor expiring with the next commit
+ expire_in: 42 yrs
+
+ cache: &release-cache
+ key: $CI_COMMIT_REF_NAME-$CI_JOB_NAME
+ paths:
+ - deps
+ variables: &release-variables
+ MIX_ENV: prod
+ before_script: &before-release
+ - apt-get update && apt-get install -y cmake libmagic-dev
+ - echo "import Mix.Config" > config/prod.secret.exs
+ - mix local.hex --force
+ - mix local.rebar --force
+ script: &release
+ - mix deps.get --only prod
+ - mkdir release
+ - export PLEROMA_BUILD_BRANCH=$CI_COMMIT_REF_NAME
+ - mix release --path release
+
+
+amd64-musl:
+ stage: release
+ artifacts: *release-artifacts
+ only: *release-only
+ image: elixir:1.10.3-alpine
+ cache: *release-cache
+ variables: *release-variables
+ before_script: &before-release-musl
+ - apk add git gcc g++ musl-dev make cmake file-dev
+ - echo "import Mix.Config" > config/prod.secret.exs
+ - mix local.hex --force
+ - mix local.rebar --force
+ script: *release
+
+arm:
+ stage: release
+ artifacts: *release-artifacts
+ only: *release-only
+ tags:
+ - arm32
+ image: elixir:1.10.3
+ cache: *release-cache
+ variables: *release-variables
+ before_script: *before-release
+ script: *release
+
+arm-musl:
+ stage: release
+ artifacts: *release-artifacts
+ only: *release-only
+ tags:
+ - arm32
+ image: elixir:1.10.3-alpine
+ cache: *release-cache
+ variables: *release-variables
+ before_script: *before-release-musl
+ script: *release
+
+arm64:
+ stage: release
+ artifacts: *release-artifacts
+ only: *release-only
+ tags:
+ - arm
+ image: elixir:1.10.3
+ cache: *release-cache
+ variables: *release-variables
+ before_script: *before-release
+ script: *release
+
+arm64-musl:
+ stage: release
+ artifacts: *release-artifacts
+ only: *release-only
+ tags:
+ - arm
+ # TODO: Replace with upstream image when 1.9.0 comes out
+ image: elixir:1.10.3-alpine
+ cache: *release-cache
+ variables: *release-variables
+ before_script: *before-release-musl
+ script: *release
+
+docker:
+ stage: docker
+ image: docker:latest
+ cache: {}
+ dependencies: []
+ variables: &docker-variables
+ DOCKER_DRIVER: overlay2
+ DOCKER_HOST: unix:///var/run/docker.sock
+ IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA
+ IMAGE_TAG_SLUG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
+ IMAGE_TAG_LATEST: $CI_REGISTRY_IMAGE:latest
+ IMAGE_TAG_LATEST_STABLE: $CI_REGISTRY_IMAGE:latest-stable
+ DOCKER_BUILDX_URL: https://github.com/docker/buildx/releases/download/v0.4.1/buildx-v0.4.1.linux-amd64
+ DOCKER_BUILDX_HASH: 71a7d01439aa8c165a25b59c44d3f016fddbd98b
+ before_script: &before-docker
+ - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+ - docker pull $IMAGE_TAG_SLUG || true
+ - export CI_JOB_TIMESTAMP=$(date --utc -Iseconds)
+ - export CI_VCS_REF=$CI_COMMIT_SHORT_SHA
+ allow_failure: true
+ script:
+ - mkdir -p /root/.docker/cli-plugins
+ - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
+ - echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
+ - chmod +x ~/.docker/cli-plugins/docker-buildx
+ - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+ - docker buildx create --name mbuilder --driver docker-container --use
+ - docker buildx inspect --bootstrap
+ - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG -t $IMAGE_TAG_LATEST .
+ tags:
+ - dind
+ only:
+ - develop@pleroma/pleroma
+
+docker-stable:
+ stage: docker
+ image: docker:latest
+ cache: {}
+ dependencies: []
+ variables: *docker-variables
+ before_script: *before-docker
+ allow_failure: true
+ script:
+ - mkdir -p /root/.docker/cli-plugins
+ - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
+ - echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
+ - chmod +x ~/.docker/cli-plugins/docker-buildx
+ - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+ - docker buildx create --name mbuilder --driver docker-container --use
+ - docker buildx inspect --bootstrap
+ - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG -t $IMAGE_TAG_LATEST_STABLE .
+ tags:
+ - dind
+ only:
+ - stable@pleroma/pleroma
+
+docker-release:
+ stage: docker
+ image: docker:latest
+ cache: {}
+ dependencies: []
+ variables: *docker-variables
+ before_script: *before-docker
+ allow_failure: true
+ script:
+ script:
+ - mkdir -p /root/.docker/cli-plugins
+ - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
+ - echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
+ - chmod +x ~/.docker/cli-plugins/docker-buildx
+ - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+ - docker buildx create --name mbuilder --driver docker-container --use
+ - docker buildx inspect --bootstrap
+ - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG .
+ tags:
+ - dind
+ only:
+ - /^release/.*$/@pleroma/pleroma