196 lines
6.8 KiB
YAML
196 lines
6.8 KiB
YAML
stages:
|
|
- prepare-assets
|
|
- update-cache
|
|
- check
|
|
- prepare
|
|
- tests
|
|
- post-test
|
|
- gitlab_com:package
|
|
- gitlab_com:upload_deploy
|
|
- package-and-image
|
|
- scan-dependencies
|
|
- staging_upload
|
|
- package-and-image-release
|
|
- validate
|
|
- metrics
|
|
- slow_jobs
|
|
- raspbian-release
|
|
- aws-marketplace-release
|
|
- notification_fail
|
|
- trigger-package
|
|
- trigger-docker
|
|
- trigger-ha-validate
|
|
- trigger-qa
|
|
|
|
workflow:
|
|
rules:
|
|
# Do not create a pipeline on branch push to QA mirror
|
|
- if: '$CI_PROJECT_NAME == "omnibus-gitlab-mirror" && $CI_PIPELINE_SOURCE == "push"'
|
|
when: never
|
|
# No pipeline on auto-deploy branches as a tag will definitely follow
|
|
- if: '$CI_COMMIT_BRANCH =~ /^[0-9]+-[0-9]+-auto-deploy-[0-9]+$/'
|
|
when: never
|
|
# For all other branches, create a pipeline. We are explicitly specifying
|
|
# this so that this rule gets matched earlier before MR pipelines gets
|
|
# triggered, thus causing two pipelines for a branch push - a regular one
|
|
# and a detached one. If we ever decide not to run pipelines on branch
|
|
# pushes that doesn't cause an MR, we can change the following to
|
|
# $CI_MERGE_REQUEST_IID
|
|
- if: '$CI_COMMIT_BRANCH'
|
|
# For tags, always create a pipeline.
|
|
- if: '$CI_COMMIT_TAG'
|
|
|
|
default:
|
|
tags:
|
|
- gitlab-org
|
|
|
|
variables:
|
|
# BUILDER_IMAGE_REGISTRY is set to
|
|
# `dev.gitlab.org:5005/cookbooks/gitlab-omnibus-builder` in the project
|
|
# settings of omnibus-gitlab mirror in dev.gitlab.org so that builds there
|
|
# will use images from that registry and not depend on GitLab.com
|
|
BUILDER_IMAGE_REGISTRY: "registry.gitlab.com/gitlab-org/gitlab-omnibus-builder"
|
|
PUBLIC_BUILDER_IMAGE_REGISTRY: "registry.gitlab.com/gitlab-org/gitlab-omnibus-builder"
|
|
BUILDER_IMAGE_REVISION: "1.2.0"
|
|
# The registry to pull the assets image from
|
|
ASSET_REGISTRY: "${CI_REGISTRY}"
|
|
ASSET_SYNC_EXISTING_REMOTE_FILES: "keep"
|
|
ASSET_SYNC_GZIP_COMPRESSION: "true"
|
|
ASSET_PATH: "assets-${CI_COMMIT_REF_SLUG}"
|
|
COMPILE_ASSETS: "false"
|
|
RUBY_IMAGE: "ruby:2.7"
|
|
BUNDLE_PATH__SYSTEM: "false"
|
|
# Format of the auto-deploy tag for auto-deploy builds.
|
|
# https://gitlab.com/gitlab-org/release/docs/blob/master/general/deploy/auto-deploy.md#auto-deploy-tagging
|
|
AUTO_DEPLOY_TAG_REGEX: '^\d+\.\d+\.\d+\+[^ ]{7,}\.[^ ]{7,}$'
|
|
# Default environment for auto-deploy
|
|
AUTO_DEPLOY_ENVIRONMENT: 'pre'
|
|
MAX_PACKAGE_SIZE_MB: "975"
|
|
OMNIBUS_GITLAB_MIRROR_ID: "14588374"
|
|
DOCS_GITLAB_REPO_SUFFIX: "omnibus"
|
|
|
|
### For services that need a docker daemon
|
|
.docker_job: &docker_job
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ruby_docker:${BUILDER_IMAGE_REVISION}"
|
|
variables:
|
|
DOCKER_DRIVER: overlay2
|
|
DOCKER_HOST: tcp://docker:2375
|
|
services:
|
|
- name: docker:20.10.2-dind
|
|
alias: localhost
|
|
tags:
|
|
- gitlab-org-docker
|
|
|
|
before_script:
|
|
- export CE_ONLY=(Raspberry)
|
|
- export EE_ONLY=(SLES HA-Validate)
|
|
- for job in "${CE_ONLY[@]}"; do
|
|
if [[ "${CI_JOB_NAME}" =~ ${job} ]]; then
|
|
if ./support/is_gitlab_ee.sh; then
|
|
echo "EE build found. ${CI_JOB_NAME} is run only on CE builds";
|
|
exit 0 ;
|
|
fi;
|
|
fi;
|
|
done
|
|
- for job in "${EE_ONLY[@]}"; do
|
|
if [[ "${CI_JOB_NAME}" =~ ${job} ]]; then
|
|
if ! ./support/is_gitlab_ee.sh; then
|
|
echo "CE build found. ${CI_JOB_NAME} is run only on EE builds";
|
|
exit 0 ;
|
|
fi;
|
|
fi;
|
|
done
|
|
- echo $NIGHTLY
|
|
- mkdir -p ~/.ssh
|
|
- mkdir -p ~/.aws
|
|
- mkdir -p cache
|
|
- if [ -n "$DEV_GITLAB_SSH_KEY" ]; then
|
|
echo "$DEV_GITLAB_SSH_KEY" > ~/.ssh/id_rsa;
|
|
cp support/known_hosts ~/.ssh/known_hosts;
|
|
chmod -R 0600 ~/.ssh/;
|
|
fi
|
|
- bundle config set --local path 'gems'
|
|
- bundle config set --local without 'rubocop'
|
|
- if [ "$INCLUDE_PACKAGECLOUD" = "true" ]; then
|
|
bundle config set --local with 'packagecloud';
|
|
fi
|
|
- echo -e "section_start:`date +%s`:bundle_install[collapsed=true]\r\e[0Kbundle install -j $(nproc)"
|
|
- bundle install -j $(nproc)
|
|
- echo -e "section_end:`date +%s`:bundle_install\r\e[0K"
|
|
- bundle binstubs --all
|
|
# If ALTERNATIVE_SOURCES are used, the public mirror for omnibus will be used.
|
|
# This will alter Gemfile.lock file. As part of the build pipeline, we are
|
|
# checking whether the state of the repository is unchanged during the build
|
|
# process, by comparing it with the last commit (So that no unexpected monsters
|
|
# show up). So, an altered Gemfile.lock file will fail on this
|
|
# check. Hence we do a git commit as part of the pipeline if
|
|
# ALTERNATIVE_SOURCES is used.
|
|
- if [ -n "$ALTERNATIVE_SOURCES" ]; then
|
|
git config --global user.email "packages@gitlab.com"
|
|
&& git config --global user.name "GitLab Inc.";
|
|
git add Gemfile.lock || true ;
|
|
git commit -m "Updating Gemfile.lock" || true;
|
|
fi
|
|
- if [ -n "$NIGHTLY" ]; then export STAGING_REPO=nightly-builds; fi
|
|
|
|
fetch-assets:
|
|
extends: .docker_job
|
|
stage: prepare-assets
|
|
timeout: 1 hour
|
|
before_script: []
|
|
script:
|
|
- export VERSION=${GITLAB_REF_SLUG-$(ruby -I. -e 'require "lib/gitlab/version"; puts Gitlab::Version.new("gitlab-rails").print')}
|
|
- support/fetch_assets "${VERSION}"
|
|
artifacts:
|
|
paths:
|
|
- ${ASSET_PATH}
|
|
rules:
|
|
- if: '$COMPILE_ASSETS == "true"'
|
|
when: never
|
|
- if: '$DEPS_PIPELINE'
|
|
when: never
|
|
# NOTE (rspeicher): Checking `$AUTO_DEPLOY_COMPILE_ASSETS` as a feature flag
|
|
# See https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/5805
|
|
- if: '$AUTO_DEPLOY_COMPILE_ASSETS && $CI_COMMIT_TAG =~ /^\d+\.\d+\.\d+\+[^ ]{7,}\.[^ ]{7,}$/'
|
|
when: never
|
|
# Run on dev.gitlab.org (except auto-deploy tag covered above) and
|
|
# multi-project pipelines on omnibus-gitlab-mirror
|
|
- if: '$CI_PROJECT_PATH == "gitlab/omnibus-gitlab"'
|
|
- if: '$CI_PIPELINE_SOURCE == "pipeline" && $CI_PROJECT_PATH == "gitlab-org/build/omnibus-gitlab-mirror"'
|
|
- if: '$CI_PIPELINE_SOURCE == "schedule" && $CI_PROJECT_PATH == "gitlab-org/build/omnibus-gitlab-mirror"'
|
|
|
|
include:
|
|
- '/gitlab-ci-config/gitlab-com.yml'
|
|
- '/gitlab-ci-config/dev-gitlab-org.yml'
|
|
|
|
.notify:
|
|
before_script:
|
|
- apk add --no-cache curl
|
|
image: "alpine"
|
|
stage: notification_fail
|
|
|
|
notify:slack-fail:
|
|
extends:
|
|
- .notify
|
|
script:
|
|
- ./support/notify_slack.sh "#g_distribution" "Build on \`$CI_COMMIT_REF_NAME\` failed! See <https://dev.gitlab.org/gitlab/omnibus-gitlab/pipelines/"$CI_PIPELINE_ID">"
|
|
when: on_failure
|
|
only:
|
|
- master@gitlab-org/omnibus-gitlab
|
|
- /.*-stable(-ee)?$/@gitlab-org/omnibus-gitlab
|
|
except:
|
|
- triggers@gitlab-org/omnibus-gitlab
|
|
dependencies: []
|
|
|
|
notify:slack-fail:scheduled-master:
|
|
extends:
|
|
- .notify
|
|
script:
|
|
- ./support/notify_slack.sh "#qa-master" "☠️ Scheduled omnibus-build against master failed! ☠️ See $CI_PIPELINE_URL (triggered from $TOP_UPSTREAM_SOURCE_JOB)"
|
|
only:
|
|
refs:
|
|
- pipelines@gitlab-org/build/omnibus-gitlab-mirror
|
|
variables:
|
|
- $TOP_UPSTREAM_SOURCE_JOB && $TOP_UPSTREAM_SOURCE_REF == 'master'
|
|
when: on_failure
|