image: golang:1.19
stages:
- prepare
- test
- build
- deploy
- test-build
- release
variables:
GOPATH: "$CI_PROJECT_DIR/.gopath"
GOFLAGS: -mod=readonly
OPENAPI_JSON: ./public/api.json
.release-rules: &release-rules
# rule to run job on a tag-reference which has the form number.number.number (semantic versioning)
# or number.number.number-text (semantic versioning + release-name)
# and where a Dockerfile exists
- if: $CI_COMMIT_TAG =~ /^\d+[.]\d+[.]\d+$/ || $CI_COMMIT_TAG =~ /^\d+[.]\d+[.]\d+[-]\S+$/
exists:
- Dockerfile
cache:
paths:
- .gopath/
- ui/assets_vfsdata.go
key: default
policy: pull
prepare:
stage: prepare
cache:
policy: pull-push
script:
- mkdir -p .gopath
- export GOPATH="$CI_PROJECT_DIR/.gopath"
- go generate ./ui
- go vet ./...
test-all-but-store:
stage: test
script:
- go test -v -cover $(go list ./... | grep -v tank/store)
test-store-postgres:
stage: test
services:
- postgres:14
variables:
POSTGRES_DB: "tank"
POSTGRES_USER: "tank"
POSTGRES_PASSWORD: "aura"
AURA_TANK_TEST_DB_TYPE: "postgres"
AURA_TANK_TEST_DB_HOST: "postgres"
script:
- go run contrib/waitfor-tcp.go postgres:5432 30
- go test -v -cover ./store
build:
stage: build
script:
# we should actually use `make build` here, see #30
- go build -ldflags "-extldflags '-static'" -tags netgo -o $CI_PROJECT_DIR/tank ./cmd/tank
## sqlite needs cgo... :(
##- go build -o $CI_PROJECT_DIR/tank ./cmd/tank
only:
- master
artifacts:
paths:
- tank
build-openapi-2-scheme:
stage: build
script:
- go install github.com/swaggo/swag/cmd/swag
- make api-docs
artifacts:
paths:
- api/docs/swagger.yaml
build-openapi-3-scheme:
stage: build
image:
name: openapitools/openapi-generator-cli:latest-release
needs:
- job: build-openapi-2-scheme
artifacts: true
script:
- /usr/local/bin/docker-entrypoint.sh generate -i api/docs/swagger.yaml -o api/docs -g openapi --minimal-update
- mkdir public
- cp api/docs/openapi.json $OPENAPI_JSON
artifacts:
paths:
- $OPENAPI_JSON
deploy_spec:
stage: deploy
image: node:16-alpine
before_script:
- apk update
- apk add nodejs npm lftp
- node -v
- npm i -g npm@latest
- npm install swagger-ui-dist@3.52.5
script:
- cp -rp node_modules/swagger-ui-dist/* ./public
- 'sed -i "s@.*url.*@url: \"api.json\",@" ./public/index.html'
- echo "Deploying AURA Tank API Spec..."
- lftp -c "set ftp:ssl-allow no; open -u $FTP_AURA_RADIO_USER,$FTP_AURA_RADIO_PWD $FTP_AURA_RADIO_HOST; mirror -Rnev ./public/ ./api.aura.radio/tank --ignore-time --parallel=10 --exclude-glob .git* --exclude .git/"
- echo "AURA Tank API Spec successfully deployed."
artifacts:
paths:
- public
expire_in: 2 days
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
when: always
docker:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
cache:
paths:
- .docker/cache
key: default
policy: pull-push
script:
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
only:
- master
test-scheme:
stage: test-build
needs:
- job: build-openapi-3-scheme
artifacts: true
image:
name: schemathesis/schemathesis:stable
entrypoint: [""]
services:
- name: postgres:13
alias: postgres
- name: autoradio/tank:unstable
entrypoint: ["/bin/bash"]
command:
- '-c'
- |
# make sure postgres is up before starting tank
while true; do
timeout 0.25 cat >/dev/null 2>&1 </dev/tcp/postgres/5432
if [ "$?" = 124 ]; then break; fi
done
# disable authentication
sed '/auth:/q' /etc/aura/tank.yaml | head -n-1 >/tmp/tank.yaml
/usr/local/bin/tank --config /tmp/tank.yaml run --listen :"$TANK_PORT"
alias: tank
variables:
POSTGRES_DB: tank
POSTGRES_USER: tank
POSTGRES_PASSWORD: aura
TANK_DB_HOST: postgres
TANK_PORT: 8040
# Enable per-build-network so that service aliases are also
# usable in the service containers themselves.
FF_NETWORK_PER_BUILD: 1
# https://stackoverflow.com/questions/71228282/could-not-resolve-host-when-trying-to-access-service-in-gitlab
DOCKER_HOST: "tcp://docker:2375"
DOCKER_TLS_CERTDIR: ""
parallel:
matrix:
# see https://schemathesis.readthedocs.io/en/stable/cli.html#cmdoption-schemathesis-run-c
- CHECKS: status_code_conformance
- CHECKS: response_headers_conformance
- CHECKS: response_schema_conformance
script:
- schemathesis run -c "$CHECKS" -b http://tank:"$TANK_PORT" --hypothesis-suppress-health-check too_slow $OPENAPI_JSON
allow_failure: true
docker-hub-push:
# Use the official docker image.
image: docker:latest
stage: release
variables:
# the name of the image without version
AURA_IMAGE_NAME: "autoradio/tank"
services:
- docker:dind
before_script:
# on a feature branch will login to gitlab registry
# else to docker hub
# hint: feature branches must begin with "feat"
- |
if expr "$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME" : ^feat > /dev/null
then docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
else docker login -u "$DOCKER_ID" -p "$DOCKER_HUB_AUTH"
fi
script:
# every commit on main branch should build and push image as unstable
# elseif its a feature branch build and push to gitlab registry
# else it is from a tag (enforced by gitlab-ci rules)
# hint: tags are references independent of branches
# hint: feature branches must begin with "feat"
- |
if [ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]
then docker build -t $AURA_IMAGE_NAME:unstable .
docker push $AURA_IMAGE_NAME:unstable
elif expr "$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME" : ^feat > /dev/null
then docker build -t $AURA_IMAGE_NAME -t $CI_REGISTRY_IMAGE:$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME .
docker push $CI_REGISTRY_IMAGE:$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME
else docker build -t $AURA_IMAGE_NAME -t $AURA_IMAGE_NAME:$CI_COMMIT_TAG .
docker push $AURA_IMAGE_NAME:$CI_COMMIT_TAG
fi
rules:
- *release-rules
# every commit on master/main or feature branch should trigger a push
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME =~ /^feat/
exists:
- Dockerfile
reload-service:
image: alpine:latest
stage: release
needs:
- docker-hub-push
variables:
SERVICE_NAME: tank
before_script:
- apk update
- apk add openssh
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- echo "$SSH_SERVER_HOSTKEYS" > ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
script:
- ssh $SSH_AURA_RADIO_USER@$SSH_AURA_RADIO_HOST "cd $DOCKER_COMPOSE; docker compose stop $SERVICE_NAME && docker compose pull --quiet $SERVICE_NAME && docker compose up --build --detach $SERVICE_NAME"
release_job:
stage: release
needs:
- docker-hub-push
image: registry.gitlab.com/gitlab-org/release-cli:latest
rules: *release-rules
script:
- echo "this will be a release when there is a tag, but tags should be protected to be only createable by maintainers."
release:
name: 'Release $CI_COMMIT_TAG'
description: ./CHANGELOG.md
tag_name: '$CI_COMMIT_TAG'
ref: '$CI_COMMIT_TAG'