-
Notifications
You must be signed in to change notification settings - Fork 1
/
.gitlab-ci.yml
122 lines (115 loc) · 4.12 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
# yaml-language-server: $schema=https://gitlab.com/gitlab-org/gitlab/-/raw/master/app/assets/javascripts/editor/schema/ci.json
include:
- project: templates/ci
file: default.yml
# Diasable cache
cache: []
variables:
GIT_STRATEGY: clone
UPSTREAM_IMAGE: ${CI_REGISTRY}/docker/alpine-base-service
TRIGGER_SHELLCHECK:
description: Run ShellCheck
value: "DISABLED"
options:
- "ENABLED"
- "DISABLED"
TRIGGER_REBUILD:
description: Rebuild
value: "DISABLED"
options:
- "ENABLED"
- "DISABLED"
shellcheck:
stage: test
image:
name: ${CI_REGISTRY}/tools/shellcheck:latest
pull_policy: always
interruptible: true
needs: []
rules:
- if: $CI_COMMIT_BRANCH
changes:
compare_to: "refs/heads/main"
paths:
- rootfs/*
- if: $TRIGGER_SHELLCHECK == 'ENABLED'
before_script:
- shellcheck --version
after_script: []
script:
- find rootfs/etc/conf.d -type f | xargs -n 1 shellcheck -a -x --color=always
- find rootfs/etc/s6-overlay -type f -name 'run' | xargs -n 1 shellcheck -a -x --color=always
- find scripts/ -type f | xargs -n 1 shellcheck -a -x --color=always
check-new-tags:
stage: test
image:
name: ${CI_REGISTRY}/tools/gitlab-cli:latest
pull_policy: always
rules:
- if: $GITLAB_USER_NAME != "PROJECT_BOT_TOKEN" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE == "schedule"
- if: $GITLAB_USER_NAME != "PROJECT_BOT_TOKEN" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE == "web"
variables:
HEALTH_CHECK_UUID: f032f24d-963c-4014-9425-f6a9ac8b7070
before_script: []
after_script: !reference [.healthcheck, after_script]
script:
- scripts/check-new-tag
rebuild:
stage: build
image:
name: ${CI_REGISTRY}/docker/alpine-base:latest
pull_policy: always
rules:
- if: $CI_COMMIT_TAG
when: never
- if: $GITLAB_USER_NAME != "PROJECT_BOT_TOKEN" && $TRIGGER_REBUILD == 'ENABLED' && $CI_PIPELINE_SOURCE == "web"
- if: $GITLAB_USER_NAME != "PROJECT_BOT_TOKEN" && $TRIGGER_REBUILD == 'ENABLED' && $CI_PIPELINE_SOURCE == "schedule"
- if: $GITLAB_USER_NAME != "PROJECT_BOT_TOKEN" && $CI_PIPELINE_SOURCE == "push"
- if: $GITLAB_USER_NAME != "PROJECT_BOT_TOKEN" && $CI_PIPELINE_SOURCE == "pipeline"
before_script: []
after_script: []
script:
- git tag --sort=version:refname | sort -V -r | head -n 3 > .gitlab/versions.tags
- jq -c -n --arg inarr "$(cat .gitlab/versions.tags)" '$inarr | split("\n")' > .gitlab/versions.json
- sed "s~###REMOTE_VERSIONS###~$(cat .gitlab/versions.json)~" .gitlab/rebuild.tmpl.yml > .gitlab/rebuild.yml
artifacts:
paths:
- .gitlab/versions.tags
- .gitlab/versions.json
- .gitlab/rebuild.yml
rebuild:tags:
stage: deploy
needs:
- rebuild
rules:
- if: $CI_COMMIT_TAG
when: never
- if: $GITLAB_USER_NAME != "PROJECT_BOT_TOKEN" && $TRIGGER_REBUILD == 'ENABLED' && $CI_PIPELINE_SOURCE == "web"
- if: $GITLAB_USER_NAME != "PROJECT_BOT_TOKEN" && $TRIGGER_REBUILD == 'ENABLED' && $CI_PIPELINE_SOURCE == "schedule"
- if: $GITLAB_USER_NAME != "PROJECT_BOT_TOKEN" && $CI_PIPELINE_SOURCE == "push"
- if: $GITLAB_USER_NAME != "PROJECT_BOT_TOKEN" && $CI_PIPELINE_SOURCE == "pipeline"
inherit:
variables: false
trigger:
include:
- job: rebuild
artifact: .gitlab/rebuild.yml
release:
extends: .docker-build-multi
rules:
- if: $CI_COMMIT_TAG
variables:
REMOTE_VERSION: ${CI_COMMIT_TAG}
PLATFORM: "linux/arm64,linux/amd64"
DOCKER_HUB: "ENABLED"
DOCKER_IMAGE: ${DOCKER_IMAGE_PATH}:${CI_COMMIT_TAG}
DOCKER_IMAGE_CACHE_FROM: ${DOCKER_IMAGE_CACHE_PATH}:${CI_COMMIT_TAG}
DOCKER_IMAGE_CACHE_TO: ${DOCKER_IMAGE_CACHE_PATH}:${CI_COMMIT_TAG}
DOCKER_ARGS: >-
--build-arg REMOTE_VERSION=${REMOTE_VERSION}
--cache-from=type=registry,ref=${UPSTREAM_IMAGE}/cache:latest
--cache-from=type=registry,ref=${UPSTREAM_IMAGE}/cache:amd64
--cache-from=type=registry,ref=${UPSTREAM_IMAGE}/cache:arm64
--build-arg=DOCKER_IMAGE_BASE=${UPSTREAM_IMAGE}:latest
DOCKER_TAGS: >-
--tag=${DOCKER_IMAGE_HUB_PATH}:${CI_COMMIT_TAG}