-
Notifications
You must be signed in to change notification settings - Fork 87
/
.gitlab-ci.yml
executable file
·196 lines (184 loc) · 6.28 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
.helm:
image:
name: alpine/helm:latest@sha256:761b0f39033ade8ce9e52e03d9d1608d6ca9cad1c7e68dc3e005f9e4e244410e
entrypoint: [""]
variables:
CHART_NAME: bloopyboi
CHART_VERSION: "0.1.1"
REPO_NAME: bloopyboi-charts
LIBRARY_REPO_NAME: k8s-at-home-library-charts
LIBRARY_REPO_URL: https://library-charts.k8s-at-home.com
HELM_REPO_URL: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/api/stable/charts"
curly_publish_script:
- helm package charts/$CHART_NAME
- curl --request POST --form chart=@${CHART_NAME}-${CHART_VERSION}.tgz --user gitlab-ci-token:$CI_JOB_TOKEN $HELM_REPO_URL
basic_publish_script:
- helm repo add --username $CI_REGISTRY_USER --password $CI_REGISTRY_PASSWORD $REPO_NAME $CI_REGISTRY
- helm package charts/$CHART_NAME
- helm push ${CHART_NAME}-${CHART_VERSION}.tgz $REPO_NAME
.changes:
gopkg: &gopkg_changes
- bot/*
- main.go
- VERSION
- go.mod
- go.sum
- Dockerfile
- makefile
helm: &helm_changes
- charts/*
- charts/*/*
- charts/*/templates/*
.docker:
before_script:
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
stages:
- lint
- build
- push
- prepare
- release
- publish_charts
- deploy
docker_build:
# Use the official docker image.
image: docker:latest@sha256:66776493766db8133f3d892b9c647551cd9bc5b8a948c57177d4ffbd4b33681e
stage: build
services:
- docker:dind@sha256:66776493766db8133f3d892b9c647551cd9bc5b8a948c57177d4ffbd4b33681e
before_script:
- !reference [.docker, before_script]
script:
# Doesn't fail if latest image not found
- docker pull $CI_REGISTRY_IMAGE:latest || true
# Builds the project
- >
docker build
--pull
--cache-from "$CI_REGISTRY_IMAGE:latest"
--label "org.opencontainers.image.title=$CI_PROJECT_TITLE"
--label "org.opencontainers.image.url=$CI_PROJECT_URL"
--label "org.opencontainers.image.created=$CI_JOB_STARTED_AT"
--label "org.opencontainers.image.revision=$CI_COMMIT_SHA"
--label "org.opencontainers.image.version=$CI_COMMIT_REF_NAME"
--label "org.opencontainers.image.license=Apache-2.0"
--tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
.
- docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_SHA"
# Run this job in a branch where a Dockerfile exists
rules:
- if: $CI_COMMIT_BRANCH
exists:
- Dockerfile
changes: *gopkg_changes
# Tags only the $CI_DEFAULT_BRANCH as latest
push_latest:
image: docker:latest@sha256:66776493766db8133f3d892b9c647551cd9bc5b8a948c57177d4ffbd4b33681e
services:
- docker:dind@sha256:66776493766db8133f3d892b9c647551cd9bc5b8a948c57177d4ffbd4b33681e
variables:
# Disable fresh pull of source
GIT_STRATEGY: none
stage: push
before_script: !reference [.docker, before_script]
only:
refs:
- tags
- main@h3mmy/bloopyboi
changes: *gopkg_changes
script:
- docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
- docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:latest
- docker push $CI_REGISTRY_IMAGE:latest
push_tag:
image: docker:latest@sha256:66776493766db8133f3d892b9c647551cd9bc5b8a948c57177d4ffbd4b33681e
services:
- docker:dind@sha256:66776493766db8133f3d892b9c647551cd9bc5b8a948c57177d4ffbd4b33681e
variables:
GIT_STRATEGY: none
stage: push
only:
refs:
- tags
changes: *gopkg_changes
before_script: !reference [.docker, before_script]
script:
- docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
- docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
- docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
prepare_release:
stage: prepare
needs:
- job: docker_build
rules:
- if: $CI_COMMIT_TAG
when: never
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
changes: *gopkg_changes
script:
- echo "EXTRA_DESCRIPTION=blahblah" >> variables.env
- echo "TAG=v$(cat VERSION)" >> variables.env
artifacts:
reports:
dotenv: variables.env
release_job:
stage: release
image: registry.gitlab.com/gitlab-org/release-cli:latest@sha256:696013aea0f2a20482800ce3a77341f840d7c7ec17bd78bd555e0bd6c00e4f11
needs:
- job: prepare_release
artifacts: true
rules:
- if: $CI_COMMIT_TAG
when: never # Do not run this job when a tag is created manually
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH # Run this job when commits are pushed or merged to the default branch
changes: *gopkg_changes
- if: $CI_DEPLOY_FREEZE == null
changes: *gopkg_changes
script:
- echo "running release_job for $TAG"
release:
name: 'Release $TAG'
description: 'Created using the release-cli $EXTRA_DESCRIPTION' # $EXTRA_DESCRIPTION and the $TAG
tag_name: '$TAG' # variables must be defined elsewhere
ref: '$CI_COMMIT_SHA' # in the pipeline. For example, in the
milestones: # prepare_job
- $CI_MERGE_REQUEST_MILESTONE
# Disable released_at to use current time
# released_at: $CI_COMMIT_TIMESTAMP
# assets:
# links:
# - name: 'asset1'
# url: 'https://example.com/assets/1'
# - name: 'asset2'
# url: 'https://example.com/assets/2'
# filepath: '/pretty/url/1' # optional
# link_type: 'other' # optional
deploy_bloopysphere:
stage: deploy
environment:
name: bloopysphere
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
- if: $CI_DEPLOY_FREEZE == null
script:
- echo "Alerting bloopysphere to new release container, or new helm charts using a webhook."
- echo "The bloopysphere is smart enough to pick it up from there with a gitOps operator."
helm_lint:
stage: lint
image: !reference [.helm, image]
variables: !reference [.helm, variables]
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
changes: *helm_changes
script:
- helm lint charts/${CHART_NAME}
helm_publish:
stage: publish_charts
needs:
- helm_lint
image: !reference [.helm, image]
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
changes: *helm_changes
variables: !reference [.helm, variables]
script: !reference [.helm, curly_publish_script]