1098 lines
30 KiB
YAML
1098 lines
30 KiB
YAML
# This config lists the jobs that will be run on omnibus-gitlab project in
|
|
# dev.gitlab.org.
|
|
|
|
#############
|
|
# Templates #
|
|
#############
|
|
|
|
.default_rules:
|
|
rules:
|
|
- if: '$SKIP_JOB_REGEX && $CI_JOB_NAME =~ $SKIP_JOB_REGEX'
|
|
when: never
|
|
|
|
.skip_release_jobs:
|
|
rules:
|
|
- if: '$SKIP_RELEASE == "true"'
|
|
when: never
|
|
|
|
.package-artifacts: &package-artifacts
|
|
when: always
|
|
expire_in: 1 day
|
|
paths:
|
|
- pkg/
|
|
|
|
.package-artifacts-release: &package-artifacts-release
|
|
<<: *package-artifacts
|
|
expire_in: 7 days
|
|
|
|
.cache-paths:
|
|
- cache
|
|
- gems
|
|
- assets_cache
|
|
- node_modules
|
|
|
|
.branch-cache: &branch-cache
|
|
key: "${CI_JOB_NAME}-${BUILDER_IMAGE_REVISION}-${CACHE_EDITION}${CACHE_KEY_SUFFIX}"
|
|
paths: !reference [.cache-paths]
|
|
|
|
.tag-cache: &tag-cache
|
|
# Use the same cache key as branch builds, by manually appending `-branch` substring.
|
|
key: "${CI_JOB_NAME}-branch-${BUILDER_IMAGE_REVISION}-${CACHE_EDITION}${CACHE_KEY_SUFFIX}"
|
|
paths: !reference [.cache-paths]
|
|
|
|
.branch_template: &branch_build
|
|
stage: package
|
|
script:
|
|
- support/import_gpg_secrets.sh
|
|
- bundle exec rake cache:populate
|
|
- bundle exec rake cache:restore
|
|
- bundle exec rake build:project build:package:sync
|
|
- bundle exec rake cache:bundle
|
|
- bundle exec rake build:component_shas
|
|
# Run package size checks on nightlies. The job will create alerts, so we
|
|
# don't need it to fail and block the pipeline. Hence the `|| true`.
|
|
- if [ -n "$NIGHTLY" ]; then
|
|
bundle exec rake check:package_size || true;
|
|
fi
|
|
tags:
|
|
- docker-builder
|
|
artifacts: !reference [.package-artifacts]
|
|
needs:
|
|
- job: fetch-assets
|
|
optional: true
|
|
- job: generate-facts
|
|
optional: true
|
|
artifacts: true
|
|
cache: !reference [.branch-cache]
|
|
retry: 1
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /_(NIGHTLY|BRANCH)_BUILD_PIPELINE$/'
|
|
|
|
.fips_branch_template: &fips_branch_build
|
|
extends: .branch_template
|
|
variables:
|
|
USE_SYSTEM_SSL: "true"
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE == "EE_NIGHTLY_BUILD_PIPELINE"'
|
|
- if: '$PIPELINE_TYPE == "EE_BRANCH_BUILD_PIPELINE"'
|
|
when: manual
|
|
allow_failure: true
|
|
|
|
.rpi_branch_template: &rpi_branch_build
|
|
extends: .branch_template
|
|
stage: slow_jobs
|
|
variables:
|
|
NO_SOURCEMAPS: "true"
|
|
tags:
|
|
- docker-arm-builder
|
|
retry: 1
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE == "CE_BRANCH_BUILD_PIPELINE"'
|
|
|
|
.tag_template: &tag_build
|
|
stage: package
|
|
script:
|
|
# Always compile assets for auto-deploy builds,
|
|
# this is done for auto-deploy builds
|
|
# so that we do not have to wait for the compile assets job
|
|
# in the gitlab-ee pipeline.
|
|
#
|
|
# NOTE (rspeicher): Checking `$AUTO_DEPLOY_COMPILE_ASSETS` as a feature flag
|
|
# See https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/5805
|
|
- |
|
|
if [ -n "$AUTO_DEPLOY_COMPILE_ASSETS" ] && echo $CI_COMMIT_TAG | grep -P -q "$AUTO_DEPLOY_TAG_REGEX"; then
|
|
echo "Setting COMPILE_ASSETS env variable for auto-deploy"
|
|
export COMPILE_ASSETS='true';
|
|
fi
|
|
- support/import_gpg_secrets.sh
|
|
- bundle exec rake cache:populate
|
|
- bundle exec rake cache:restore
|
|
- bundle exec rake release:package
|
|
- bundle exec rake cache:bundle
|
|
- bundle exec rake build:component_shas
|
|
tags:
|
|
- docker-builder
|
|
artifacts: !reference [.package-artifacts-release]
|
|
needs:
|
|
- job: fetch-assets
|
|
optional: true
|
|
- job: generate-facts
|
|
optional: true
|
|
artifacts: true
|
|
cache: !reference [.tag-cache]
|
|
retry: 1
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /_(RC|TAG)_BUILD_PIPELINE$/'
|
|
|
|
.fips_tag_template: &fips_tag_build
|
|
extends: .tag_template
|
|
variables:
|
|
USE_SYSTEM_SSL: "true"
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/'
|
|
|
|
.rpi_tag_template: &rpi_tag_build
|
|
extends: .tag_template
|
|
stage: slow_jobs
|
|
variables:
|
|
NO_SOURCEMAPS: "true"
|
|
tags:
|
|
- docker-arm-builder
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /^CE_(RC|TAG)_BUILD_PIPELINE$/'
|
|
|
|
### This stage is used for uploading packages
|
|
### 1. To a staging package repository
|
|
### 2. Always ran on dev.gitlab.org
|
|
.staging_upload_template: &staging_upload
|
|
stage: staging_upload
|
|
image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:omnibus-gitlab-xenial"
|
|
variables:
|
|
INCLUDE_PACKAGECLOUD: "true"
|
|
script:
|
|
- if [[ "${USE_SYSTEM_SSL}" == "true" ]]; then export STAGING_REPO=${FIPS_STAGING_REPO}; fi
|
|
- bundle exec rake repository:upload:staging[$STAGING_REPO]
|
|
cache: !reference [.tag-cache]
|
|
retry: 2
|
|
tags:
|
|
- promotion
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- !reference [.skip_release_jobs, rules]
|
|
- if: '$PIPELINE_TYPE =~ /_(RC|TAG)_BUILD_PIPELINE$/'
|
|
|
|
.fips_staging_upload_template: &fips_staging_upload
|
|
extends: .staging_upload_template
|
|
variables:
|
|
USE_SYSTEM_SSL: "true"
|
|
INCLUDE_PACKAGECLOUD: "true"
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/'
|
|
- if: '$PIPELINE_TYPE == "EE_NIGHTLY_BUILD_PIPELINE"'
|
|
|
|
.staging_upload_with_deployment_template: &staging_upload_with_deployment
|
|
extends: .staging_upload_template
|
|
script:
|
|
- bundle exec rake repository:upload:staging[$STAGING_REPO]
|
|
- if [ -n "$DEPLOYER_TRIGGER_TOKEN" ]; then bundle exec rake gitlab_com:deployer; fi
|
|
|
|
### This stage is ran only on tag:
|
|
### 1. It is a manual action
|
|
### 2. It will upload the package to public, user facing repositories
|
|
### 3. Only ran on dev.gitlab.org
|
|
.production_release_template: &production_release
|
|
stage: package-and-image-release
|
|
image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:omnibus-gitlab-xenial"
|
|
variables:
|
|
INCLUDE_PACKAGECLOUD: "true"
|
|
script:
|
|
- bundle exec rake repository:upload:production
|
|
retry: 2
|
|
cache: !reference [.tag-cache]
|
|
tags:
|
|
- promotion
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- !reference [.skip_release_jobs, rules]
|
|
- if: '$PIPELINE_TYPE =~ /_(RC|TAG)_BUILD_PIPELINE$/'
|
|
when: manual
|
|
|
|
.fips_release_template: &fips_release
|
|
extends: .production_release_template
|
|
variables:
|
|
USE_SYSTEM_SSL: "true"
|
|
INCLUDE_PACKAGECLOUD: "true"
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- !reference [.skip_release_jobs, rules]
|
|
- if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/'
|
|
when: manual
|
|
|
|
.raspbian_release_template: &raspbian_release
|
|
extends: .production_release_template
|
|
variables:
|
|
RASPBERRY_REPO: "raspberry-pi2"
|
|
INCLUDE_PACKAGECLOUD: "true"
|
|
stage: raspbian-release
|
|
retry: 2
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- !reference [.skip_release_jobs, rules]
|
|
- if: '$PIPELINE_TYPE =~ /^CE_(RC|TAG)_BUILD_PIPELINE$/'
|
|
when: manual
|
|
|
|
.aws_ami_build: &aws_ami_build
|
|
stage: package-and-image-release
|
|
image: "${BUILDER_IMAGE_REGISTRY}/debian_packer:${BUILDER_IMAGE_REVISION}"
|
|
script:
|
|
# aws-sdk gem gives priority to environment variables over config file. So, using correct values for those variables.
|
|
- export AWS_ACCESS_KEY_ID=$AWS_AMI_ACCESS_KEY_ID
|
|
- export AWS_SECRET_ACCESS_KEY=$AWS_AMI_SECRET_ACCESS_KEY
|
|
- bundle exec rake aws:ami:create
|
|
tags:
|
|
- docker-builder
|
|
cache: !reference [.tag-cache]
|
|
artifacts:
|
|
paths:
|
|
- support/packer/manifests
|
|
needs:
|
|
- Ubuntu-20.04
|
|
retry: 1
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- !reference [.skip_release_jobs, rules]
|
|
- if: '$PIPELINE_TYPE =~ /_TAG_BUILD_PIPELINE$/'
|
|
when: manual
|
|
|
|
.aws_marketplace_release: &aws_marketplace_release
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ruby_docker:${BUILDER_IMAGE_REVISION}"
|
|
stage: aws-marketplace-release
|
|
script:
|
|
- export AWS_ACCESS_KEY_ID=$AWS_AMI_ACCESS_KEY_ID
|
|
- export AWS_SECRET_ACCESS_KEY=$AWS_AMI_SECRET_ACCESS_KEY
|
|
- bundle exec rake aws:marketplace:release
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- !reference [.skip_release_jobs, rules]
|
|
- if: '$PIPELINE_TYPE == "EE_TAG_BUILD_PIPELINE"'
|
|
|
|
###########################
|
|
# Branch pipeline #
|
|
###########################
|
|
|
|
# fetch-assets job from .gitlab-ci.yml file runs here
|
|
# generate-assets job from .gitlab-ci.yml file runs here
|
|
|
|
# We build package for deploying to GitLab.com first
|
|
Ubuntu-16.04-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_16.04:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
|
|
Ubuntu-18.04-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_18.04:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
|
|
Ubuntu-20.04-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_20.04:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
|
|
Ubuntu-22.04-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_22.04:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
|
|
Debian-10-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/debian_10:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
Debian-10-arm-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/debian_10_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
tags:
|
|
- docker-arm-builder
|
|
Debian-11-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/debian_11:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
Debian-11-arm-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/debian_11_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
tags:
|
|
- docker-arm-builder
|
|
Ubuntu-20.04-arm-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_20.04_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
tags:
|
|
- docker-arm-builder
|
|
Ubuntu-22.04-arm-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_22.04_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
tags:
|
|
- docker-arm-builder
|
|
CentOS-7-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/centos_7:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
CentOS-8-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/centos_8:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
CentOS-8-arm64-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/centos_8_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
tags:
|
|
- docker-arm-builder
|
|
OpenSUSE-15.3-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/opensuse_15.3:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
OpenSUSE-15.3-arm64-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/opensuse_15.3_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
tags:
|
|
- docker-arm-builder
|
|
OpenSUSE-15.4-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/opensuse_15.4:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
OpenSUSE-15.4-arm64-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/opensuse_15.4_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
tags:
|
|
- docker-arm-builder
|
|
AmazonLinux-2-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
AmazonLinux-2-arm64-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
tags:
|
|
- docker-arm-builder
|
|
SLES-12.5-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/sles_12sp5:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /EE_(NIGHTLY|BRANCH)_BUILD_PIPELINE$/'
|
|
SLES-15.2-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/sles_15sp2:${BUILDER_IMAGE_REVISION}"
|
|
extends: .branch_template
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /EE_(NIGHTLY|BRANCH)_BUILD_PIPELINE$/'
|
|
AmazonLinux-2-fips-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2_fips:${BUILDER_IMAGE_REVISION}"
|
|
extends: .fips_branch_template
|
|
CentOS-8-fips-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/centos_8_fips:${BUILDER_IMAGE_REVISION}"
|
|
extends: .fips_branch_template
|
|
Ubuntu-18.04-fips-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_18.04_fips:${BUILDER_IMAGE_REVISION}"
|
|
extends: .fips_branch_template
|
|
Ubuntu-20.04-fips-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_20.04_fips:${BUILDER_IMAGE_REVISION}"
|
|
extends: .fips_branch_template
|
|
|
|
Docker-branch:
|
|
extends: .docker_job
|
|
stage: image
|
|
script:
|
|
- bundle exec rake docker:build:image
|
|
- bundle exec rake docker:push:staging
|
|
- bundle exec rake docker:push:nightly
|
|
tags:
|
|
- docker-builder
|
|
cache: !reference [.branch-cache]
|
|
needs:
|
|
- job: Ubuntu-20.04-branch
|
|
artifacts: false
|
|
- job: generate-facts
|
|
optional: true
|
|
artifacts: true
|
|
retry: 1
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /_(NIGHTLY|BRANCH)_BUILD_PIPELINE$/'
|
|
|
|
QA-branch:
|
|
extends: .docker_job
|
|
stage: image
|
|
variables:
|
|
QA_SCREENSHOTS_DIR: $CI_PROJECT_DIR/screenshots
|
|
script:
|
|
- bundle exec rake qa:build
|
|
- bundle exec rake qa:push:nightly
|
|
- bundle exec rake qa:push:staging
|
|
artifacts:
|
|
when: on_failure
|
|
expire_in: 7d
|
|
paths:
|
|
- screenshots/
|
|
tags:
|
|
- docker-builder
|
|
cache: !reference [.branch-cache]
|
|
needs:
|
|
- job: Ubuntu-20.04-branch
|
|
artifacts: false
|
|
- job: generate-facts
|
|
optional: true
|
|
artifacts: true
|
|
retry: 1
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /_(NIGHTLY|BRANCH)_BUILD_PIPELINE$/'
|
|
|
|
Raspberry-Pi-2-Buster-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/rpi_10:${BUILDER_IMAGE_REVISION}"
|
|
extends: .rpi_branch_template
|
|
|
|
Raspberry-Pi-2-Bullseye-branch:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/rpi_11:${BUILDER_IMAGE_REVISION}"
|
|
extends: .rpi_branch_template
|
|
|
|
# This job runs only on nightly EE builds
|
|
RAT-Nightly:
|
|
stage: slow_jobs
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_16.04:${BUILDER_IMAGE_REVISION}"
|
|
script:
|
|
- bundle exec rake qa:rat:nightly
|
|
cache: !reference [.branch-cache]
|
|
needs:
|
|
- Ubuntu-20.04-branch
|
|
allow_failure: true
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE == "EE_NIGHTLY_BUILD_PIPELINE"'
|
|
|
|
# This job runs only on nightly EE builds
|
|
RAT-Nightly-FIPS:
|
|
stage: slow_jobs
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_16.04:${BUILDER_IMAGE_REVISION}"
|
|
variables:
|
|
USE_SYSTEM_SSL: "true"
|
|
RAT_REFERENCE_ARCHITECTURE: "omnibus-gitlab-mrs-fips"
|
|
script:
|
|
- bundle exec rake qa:rat:nightly
|
|
cache: !reference [.branch-cache]
|
|
needs:
|
|
- CentOS-8-fips-branch
|
|
allow_failure: true
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE == "EE_NIGHTLY_BUILD_PIPELINE"'
|
|
|
|
############################
|
|
# Release pipeline #
|
|
############################
|
|
|
|
# fetch-assets job from .gitlab-ci.yml file runs here
|
|
|
|
# We build package for deploying to GitLab.com first
|
|
Ubuntu-16.04:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_16.04:${BUILDER_IMAGE_REVISION}"
|
|
stage: package
|
|
extends: .tag_template
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
# Also build for auto-deploy tags
|
|
- if: '$PIPELINE_TYPE =~ /(_RC|_TAG|AUTO_DEPLOY)_BUILD_PIPELINE$/'
|
|
|
|
Ubuntu-18.04:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_18.04:${BUILDER_IMAGE_REVISION}"
|
|
stage: package
|
|
extends: .tag_template
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
# Also build for auto-deploy tags
|
|
- if: '$PIPELINE_TYPE =~ /(_RC|_TAG|AUTO_DEPLOY)_BUILD_PIPELINE$/'
|
|
|
|
Ubuntu-20.04:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_20.04:${BUILDER_IMAGE_REVISION}"
|
|
stage: package
|
|
extends: .tag_template
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
# Also build for auto-deploy tags
|
|
- if: '$PIPELINE_TYPE =~ /(_RC|_TAG|AUTO_DEPLOY)_BUILD_PIPELINE$/'
|
|
|
|
Ubuntu-22.04:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_22.04:${BUILDER_IMAGE_REVISION}"
|
|
stage: package
|
|
extends: .tag_template
|
|
|
|
## Build the docker image for QA
|
|
## This is necessary for the deployment
|
|
## pipeline so it must happen before
|
|
## the upload and deploy stage for GitLab.com
|
|
Docker-QA:
|
|
extends: .docker_job
|
|
stage: image
|
|
script:
|
|
- bundle exec rake qa:build qa:push:staging
|
|
cache: !reference [.tag-cache]
|
|
tags:
|
|
- docker-builder
|
|
needs:
|
|
- job: generate-facts
|
|
optional: true
|
|
artifacts: true
|
|
retry: 1
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /(_RC|_TAG)_BUILD_PIPELINE$/'
|
|
|
|
###########################################################
|
|
## Upload and deploy to staging or preprod for GitLab.com
|
|
## * Regular tagged releases are deployed to staging
|
|
## * Regular patch releases, RCs and tags that are
|
|
## not auto-deploys are deployed to
|
|
## $PATCH_DEPLOY_ENVIRONMENT, set in CI vars
|
|
##
|
|
## Ubuntu 16.04: used for all omnibus installation
|
|
## Ubuntu 18.04: used on some non-omnibus infrastructure, we
|
|
## will eventually need to trigger deployments
|
|
## after this package is built
|
|
|
|
Ubuntu-16.04-upload-deploy:
|
|
extends: .staging_upload_with_deployment_template
|
|
needs:
|
|
- job: Ubuntu-16.04
|
|
optional: true
|
|
- job: Ubuntu-16.04-branch
|
|
optional: true
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /(_RC|_TAG|AUTO_DEPLOY|NIGHTLY)_BUILD_PIPELINE$/'
|
|
|
|
Ubuntu-18.04-staging:
|
|
extends: .staging_upload_with_deployment_template
|
|
needs:
|
|
- job: Ubuntu-18.04
|
|
optional: true
|
|
- job: Ubuntu-18.04-branch
|
|
optional: true
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /(_RC|_TAG|AUTO_DEPLOY|NIGHTLY)_BUILD_PIPELINE$/'
|
|
|
|
Ubuntu-20.04-staging:
|
|
extends: .staging_upload_with_deployment_template
|
|
needs:
|
|
- job: Ubuntu-20.04
|
|
optional: true
|
|
- job: Ubuntu-20.04-branch
|
|
optional: true
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /(_RC|_TAG|AUTO_DEPLOY|NIGHTLY)_BUILD_PIPELINE$/'
|
|
|
|
Ubuntu-22.04-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: Ubuntu-22.04
|
|
optional: true
|
|
- job: Ubuntu-22.04-branch
|
|
optional: true
|
|
|
|
### Package builds
|
|
Debian-10:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/debian_10:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
Debian-10-arm:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/debian_10_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
tags:
|
|
- docker-arm-builder
|
|
Debian-11:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/debian_11:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
Debian-11-arm:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/debian_11_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
tags:
|
|
- docker-arm-builder
|
|
Ubuntu-20.04-arm:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_20.04_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
tags:
|
|
- docker-arm-builder
|
|
Ubuntu-22.04-arm:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_22.04_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
tags:
|
|
- docker-arm-builder
|
|
CentOS-7:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/centos_7:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
CentOS-8:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/centos_8:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
CentOS-8-arm64:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/centos_8_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
tags:
|
|
- docker-arm-builder
|
|
OpenSUSE-15.3:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/opensuse_15.3:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
OpenSUSE-15.3-arm64:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/opensuse_15.3_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
tags:
|
|
- docker-arm-builder
|
|
OpenSUSE-15.4:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/opensuse_15.4:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
OpenSUSE-15.4-arm64:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/opensuse_15.4_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
tags:
|
|
- docker-arm-builder
|
|
AmazonLinux-2:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
AmazonLinux-2-arm64:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2_arm64:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
tags:
|
|
- docker-arm-builder
|
|
SLES-12.5:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/sles_12sp5:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/'
|
|
SLES-15.2:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/sles_15sp2:${BUILDER_IMAGE_REVISION}"
|
|
extends: .tag_template
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/'
|
|
AmazonLinux-2-fips:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2_fips:${BUILDER_IMAGE_REVISION}"
|
|
extends: .fips_tag_template
|
|
CentOS-8-fips:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/centos_8_fips:${BUILDER_IMAGE_REVISION}"
|
|
extends: .fips_tag_template
|
|
Ubuntu-18.04-fips:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_18.04_fips:${BUILDER_IMAGE_REVISION}"
|
|
extends: .fips_tag_template
|
|
Ubuntu-20.04-fips:
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_20.04_fips:${BUILDER_IMAGE_REVISION}"
|
|
extends: .fips_tag_template
|
|
|
|
Docker:
|
|
extends: .docker_job
|
|
stage: image
|
|
script:
|
|
- bundle exec rake docker:build:image
|
|
- bundle exec rake docker:push:staging
|
|
tags:
|
|
- docker-builder
|
|
cache: !reference [.tag-cache]
|
|
needs:
|
|
- job: Ubuntu-20.04
|
|
artifacts: false
|
|
- job: generate-facts
|
|
optional: true
|
|
artifacts: true
|
|
retry: 1
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /(_RC|_TAG|AUTO_DEPLOY)_BUILD_PIPELINE$/'
|
|
|
|
### Staging uploads
|
|
Debian-10-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: Debian-10
|
|
optional: true
|
|
- job: Debian-10-branch
|
|
optional: true
|
|
Debian-10-arm-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: Debian-10-arm
|
|
optional: true
|
|
- job: Debian-10-arm-branch
|
|
optional: true
|
|
Debian-11-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: Debian-11
|
|
optional: true
|
|
- job: Debian-11-branch
|
|
optional: true
|
|
Debian-11-arm-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: Debian-11-arm
|
|
optional: true
|
|
- job: Debian-11-arm-branch
|
|
optional: true
|
|
Ubuntu-20.04-arm-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: Ubuntu-20.04-arm
|
|
optional: true
|
|
- job: Ubuntu-20.04-arm-branch
|
|
optional: true
|
|
Ubuntu-22.04-arm-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: Ubuntu-22.04-arm
|
|
optional: true
|
|
- job: Ubuntu-22.04-arm-branch
|
|
optional: true
|
|
CentOS-7-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: CentOS-7
|
|
optional: true
|
|
- job: CentOS-7-branch
|
|
optional: true
|
|
CentOS-8-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: CentOS-8
|
|
optional: true
|
|
- job: CentOS-8-branch
|
|
optional: true
|
|
CentOS-8-arm64-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: CentOS-8-arm64
|
|
optional: true
|
|
- job: CentOS-8-arm64-branch
|
|
optional: true
|
|
OpenSUSE-15.3-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: OpenSUSE-15.3
|
|
optional: true
|
|
- job: OpenSUSE-15.3-branch
|
|
optional: true
|
|
OpenSUSE-15.3-arm64-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: OpenSUSE-15.3-arm64
|
|
optional: true
|
|
- job: OpenSUSE-15.3-arm64-branch
|
|
optional: true
|
|
OpenSUSE-15.4-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: OpenSUSE-15.4
|
|
optional: true
|
|
- job: OpenSUSE-15.4-branch
|
|
optional: true
|
|
OpenSUSE-15.4-arm64-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: OpenSUSE-15.4-arm64
|
|
optional: true
|
|
- job: OpenSUSE-15.4-arm64-branch
|
|
optional: true
|
|
AmazonLinux-2-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: AmazonLinux-2
|
|
optional: true
|
|
- job: AmazonLinux-2-branch
|
|
optional: true
|
|
AmazonLinux-2-arm64-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: AmazonLinux-2-arm64
|
|
optional: true
|
|
- job: AmazonLinux-2-arm64-branch
|
|
optional: true
|
|
SLES-12.5-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: SLES-12.5
|
|
optional: true
|
|
- job: SLES-12.5-branch
|
|
optional: true
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/'
|
|
SLES-15.2-staging:
|
|
extends: .staging_upload_template
|
|
needs:
|
|
- job: SLES-15.2
|
|
optional: true
|
|
- job: SLES-15.2-branch
|
|
optional: true
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/'
|
|
AmazonLinux-2-fips-staging:
|
|
extends: .fips_staging_upload_template
|
|
needs:
|
|
- job: AmazonLinux-2-fips
|
|
optional: true
|
|
- job: AmazonLinux-2-fips-branch
|
|
optional: true
|
|
CentOS-8-fips-staging:
|
|
extends: .fips_staging_upload_template
|
|
needs:
|
|
- job: CentOS-8-fips
|
|
optional: true
|
|
- job: CentOS-8-fips-branch
|
|
optional: true
|
|
Ubuntu-18.04-fips-staging:
|
|
extends: .fips_staging_upload_template
|
|
needs:
|
|
- job: Ubuntu-18.04-fips
|
|
optional: true
|
|
- job: Ubuntu-18.04-fips-branch
|
|
optional: true
|
|
Ubuntu-20.04-fips-staging:
|
|
extends: .fips_staging_upload_template
|
|
needs:
|
|
- job: Ubuntu-20.04-fips
|
|
optional: true
|
|
- job: Ubuntu-20.04-fips-branch
|
|
optional: true
|
|
|
|
### Package releases
|
|
Ubuntu-18.04-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- Ubuntu-18.04
|
|
Ubuntu-20.04-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- Ubuntu-20.04
|
|
Ubuntu-22.04-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- Ubuntu-22.04
|
|
Ubuntu-20.04-arm-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- Ubuntu-20.04-arm
|
|
Ubuntu-22.04-arm-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- Ubuntu-22.04-arm
|
|
Debian-10-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- Debian-10
|
|
Debian-10-arm-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- Debian-10-arm
|
|
Debian-11-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- Debian-11
|
|
Debian-11-arm-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- Debian-11-arm
|
|
CentOS-7-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- CentOS-7
|
|
CentOS-8-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- CentOS-8
|
|
CentOS-8-arm64-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- CentOS-8-arm64
|
|
OpenSUSE-15.3-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- OpenSUSE-15.3
|
|
OpenSUSE-15.3-arm64-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- OpenSUSE-15.3-arm64
|
|
OpenSUSE-15.4-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- OpenSUSE-15.4
|
|
OpenSUSE-15.4-arm64-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- OpenSUSE-15.4-arm64
|
|
AmazonLinux-2-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- AmazonLinux-2
|
|
AmazonLinux-2-arm64-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- AmazonLinux-2-arm64
|
|
SLES-12.5-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- SLES-12.5
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- !reference [.skip_release_jobs, rules]
|
|
- if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/'
|
|
when: manual
|
|
SLES-15.2-release:
|
|
extends: .production_release_template
|
|
needs:
|
|
- SLES-15.2
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- !reference [.skip_release_jobs, rules]
|
|
- if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/'
|
|
when: manual
|
|
AmazonLinux-2-fips-release:
|
|
extends: .fips_release_template
|
|
needs:
|
|
- AmazonLinux-2-fips
|
|
CentOS-8-fips-release:
|
|
extends: .fips_release_template
|
|
needs:
|
|
- CentOS-8-fips
|
|
Ubuntu-18.04-fips-release:
|
|
extends: .fips_release_template
|
|
needs:
|
|
- Ubuntu-18.04-fips
|
|
Ubuntu-20.04-fips-release:
|
|
extends: .fips_release_template
|
|
needs:
|
|
- Ubuntu-20.04-fips
|
|
|
|
Docker-Release:
|
|
extends: .docker_job
|
|
stage: package-and-image-release
|
|
script:
|
|
- bundle exec rake release:docker
|
|
cache: !reference [.tag-cache]
|
|
needs:
|
|
- Docker
|
|
- job: generate-facts
|
|
optional: true
|
|
artifacts: true
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- !reference [.skip_release_jobs, rules]
|
|
- if: '$PIPELINE_TYPE =~ /_(RC|TAG)_BUILD_PIPELINE$/'
|
|
when: manual
|
|
|
|
AWS:
|
|
extends: .aws_ami_build
|
|
|
|
AWS-ARM64:
|
|
extends: .aws_ami_build
|
|
variables:
|
|
AWS_ARCHITECTURE: 'arm64'
|
|
|
|
AWS-Ultimate:
|
|
extends: .aws_ami_build
|
|
variables:
|
|
AWS_RELEASE_TYPE: "ultimate"
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- !reference [.skip_release_jobs, rules]
|
|
- if: '$PIPELINE_TYPE == "EE_TAG_BUILD_PIPELINE"'
|
|
when: manual
|
|
|
|
AWS-Premium:
|
|
extends: .aws_ami_build
|
|
variables:
|
|
AWS_RELEASE_TYPE: "premium"
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- !reference [.skip_release_jobs, rules]
|
|
- if: '$PIPELINE_TYPE == "EE_TAG_BUILD_PIPELINE"'
|
|
when: manual
|
|
|
|
QA-Tag:
|
|
extends: .docker_job
|
|
stage: package-and-image-release
|
|
variables:
|
|
QA_SCREENSHOTS_DIR: $CI_PROJECT_DIR/screenshots
|
|
script:
|
|
- bundle exec rake release:qa
|
|
artifacts:
|
|
when: on_failure
|
|
expire_in: 7d
|
|
paths:
|
|
- screenshots/
|
|
tags:
|
|
- docker-builder
|
|
cache: !reference [.tag-cache]
|
|
needs:
|
|
- Docker-QA
|
|
- job: generate-facts
|
|
optional: true
|
|
artifacts: true
|
|
retry: 1
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- !reference [.skip_release_jobs, rules]
|
|
- if: '$PIPELINE_TYPE =~ /_(RC|TAG)_BUILD_PIPELINE$/'
|
|
when: manual
|
|
|
|
license-upload:
|
|
stage: metrics
|
|
image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_18.04:${BUILDER_IMAGE_REVISION}"
|
|
script:
|
|
- bundle exec rake license:upload
|
|
tags:
|
|
- docker-builder
|
|
cache: !reference [.tag-cache]
|
|
needs:
|
|
- Ubuntu-18.04
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- !reference [.skip_release_jobs, rules]
|
|
- if: '$PIPELINE_TYPE =~ /_(RC|TAG)_BUILD_PIPELINE$/'
|
|
when: manual
|
|
|
|
RAT-Tag:
|
|
stage: slow_jobs
|
|
image: "dev.gitlab.org:5005/cookbooks/gitlab-omnibus-builder/ubuntu_16.04:${BUILDER_IMAGE_REVISION}"
|
|
script:
|
|
- bundle exec rake qa:rat:tag
|
|
cache: !reference [.tag-cache]
|
|
needs:
|
|
- Ubuntu-20.04
|
|
allow_failure: true
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/'
|
|
|
|
Raspberry-Pi-2-Buster:
|
|
extends: .rpi_tag_template
|
|
image: "${BUILDER_IMAGE_REGISTRY}/rpi_10:${BUILDER_IMAGE_REVISION}"
|
|
|
|
Raspberry-Pi-2-Bullseye:
|
|
extends: .rpi_tag_template
|
|
image: "${BUILDER_IMAGE_REGISTRY}/rpi_11:${BUILDER_IMAGE_REVISION}"
|
|
|
|
Raspberry-Pi-2-Buster-release:
|
|
extends: .raspbian_release_template
|
|
needs:
|
|
- Raspberry-Pi-2-Buster
|
|
|
|
Raspberry-Pi-2-Bullseye-release:
|
|
extends: .raspbian_release_template
|
|
needs:
|
|
- Raspberry-Pi-2-Bullseye
|
|
|
|
AWS-CE-Release:
|
|
variables:
|
|
AWS_LISTING_NAME: "GitLab Community Edition"
|
|
extends: .aws_marketplace_release
|
|
needs:
|
|
- AWS
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- !reference [.skip_release_jobs, rules]
|
|
- if: '$PIPELINE_TYPE == "CE_TAG_BUILD_PIPELINE"'
|
|
|
|
AWS-EE-Ultimate-Release:
|
|
variables:
|
|
AWS_LISTING_NAME: "GitLab Ultimate"
|
|
extends: .aws_marketplace_release
|
|
needs:
|
|
- AWS-Ultimate
|
|
|
|
AWS-EE-Premium-Release:
|
|
variables:
|
|
AWS_LISTING_NAME: "GitLab Premium"
|
|
extends: .aws_marketplace_release
|
|
needs:
|
|
- AWS-Premium
|
|
|
|
check-packages:
|
|
stage: verify
|
|
trigger:
|
|
include: '/gitlab-ci-config/check-packages.yml'
|
|
rules:
|
|
- !reference [.default_rules, rules]
|
|
- if: '$PIPELINE_TYPE =~ /_TAG_BUILD_PIPELINE$/'
|