ARCHIVE/xahaud
3
0
Fork 0
mirror of https://github.com/Xahau/xahaud.git synced 2025-12-06 17:27:52 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c78404e233268d4983e41b7ceefaec101accdf5a
xahaud/Builds/containers/gitlab-ci/pkgbuild.yml
Mike Ellery 948e724dff Improvements to pkg CI pipeline: 
* add manual approval option before push to prod
* Use new public repo DNS name
* add distros to smoketest
2019-04-29 08:17:24 -04:00

563 lines
16 KiB
YAML
Raw Blame History

#########################################################################
## ##
## gitlab CI defintition for rippled build containers and distro ##
## packages (rpm and dpkg). ##
## ##
#########################################################################
# NOTE: these are sensible defaults for Ripple pipelines. These
# can be overridden by project or group variables as needed.
variables:
RPM_CONTAINER_NAME: "rippled-rpm-builder"
DPKG_CONTAINER_NAME: "rippled-dpkg-builder"
ARTIFACTORY_HOST: "artifactory.ops.ripple.com"
ARTIFACTORY_HUB: "${ARTIFACTORY_HOST}:6555"
GIT_SIGN_PUBKEYS_URL: "https://gitlab.ops.ripple.com/snippets/11/raw"
PUBLIC_REPO_ROOT: "https://repos.ripple.com/repos"
# also need to define this variable ONLY for the primary
# build/publish pipeline on the mainline repo:
# IS_PRIMARY_REPO = "true"
# and if you want to pause for manual approval before
# pushing to pkg repos:
# REQUIRE_APPROVAL = "true"
stages:
- build_containers
- build_packages
- smoketest
- verify_sig
- tag_images
- push_to_test
- verify_from_test
- wait_approval_prod
- push_to_prod
- verify_from_prod
- get_final_hashes
.dind_template: &dind_param
before_script:
- . ./Builds/containers/gitlab-ci/docker_alpine_setup.sh
variables:
docker_driver: overlay2
image:
name: docker:latest
services:
- docker:dind
tags:
- docker-4xlarge
.only_primary_template: &only_primary
only:
refs:
- /^(master|release|develop)$/
variables:
- $IS_PRIMARY_REPO == "true"
.only_primary_manual_template: &only_primary_manual
only:
refs:
- /^(master|release|develop)$/
variables:
- $IS_PRIMARY_REPO == "true"
- $REQUIRE_APPROVAL == "true"
when: manual
.smoketest_local_template: &run_local_smoketest
tags:
- xlarge
script:
- . ./Builds/containers/gitlab-ci/smoketest.sh local
.smoketest_repo_template: &run_repo_smoketest
tags:
- xlarge
script:
- . ./Builds/containers/gitlab-ci/smoketest.sh repo
#########################################################################
## ##
## stage: build_containers ##
## ##
## build containers from docker definitions. These containers are ##
## subsequently used to build the rpm and deb packages. ##
## ##
#########################################################################
build_centos_container:
stage: build_containers
<<: *dind_param
cache:
key: containers
paths:
- .nih_c
script:
- . ./Builds/containers/gitlab-ci/build_container.sh rpm
build_ubuntu_container:
stage: build_containers
<<: *dind_param
cache:
key: containers
paths:
- .nih_c
script:
- . ./Builds/containers/gitlab-ci/build_container.sh dpkg
#########################################################################
## ##
## stage: build_packages ##
## ##
## build packages using containers from previous stage. ##
## ##
#########################################################################
rpm_build:
stage: build_packages
dependencies:
- build_centos_container
<<: *dind_param
artifacts:
paths:
- build/rpm/packages/
cache:
key: rpm
paths:
- .nih_c/pkgbuild
script:
- . ./Builds/containers/gitlab-ci/build_package.sh rpm
dpkg_build:
stage: build_packages
dependencies:
- build_ubuntu_container
<<: *dind_param
artifacts:
paths:
- build/dpkg/packages/
cache:
key: dpkg
paths:
- .nih_c/pkgbuild
script:
- . ./Builds/containers/gitlab-ci/build_package.sh dpkg
#########################################################################
## ##
## stage: smoketest ##
## ##
## install unsigned packages from previous step and run unit tests. ##
## ##
#########################################################################
centos_7_smoketest:
stage: smoketest
dependencies:
- rpm_build
image:
name: centos:7
<<: *run_local_smoketest
fedora_29_smoketest:
stage: smoketest
dependencies:
- rpm_build
image:
name: fedora:29
<<: *run_local_smoketest
fedora_28_smoketest:
stage: smoketest
dependencies:
- rpm_build
image:
name: fedora:28
<<: *run_local_smoketest
fedora_27_smoketest:
stage: smoketest
dependencies:
- rpm_build
image:
name: fedora:27
<<: *run_local_smoketest
## this one is not LTS, but we
## get some extra coverage by including it
## consider dropping it when 20.04 is ready
ubuntu_19_smoketest:
stage: smoketest
dependencies:
- dpkg_build
image:
name: ubuntu:19.04
<<: *run_local_smoketest
ubuntu_18_smoketest:
stage: smoketest
dependencies:
- dpkg_build
image:
name: ubuntu:18.04
<<: *run_local_smoketest
ubuntu_16_smoketest:
stage: smoketest
dependencies:
- dpkg_build
image:
name: ubuntu:16.04
<<: *run_local_smoketest
debian_9_smoketest:
stage: smoketest
dependencies:
- dpkg_build
image:
name: debian:9
<<: *run_local_smoketest
#########################################################################
## ##
## stage: verify_sig ##
## ##
## use git/gpg to verify that HEAD is signed by an approved ##
## committer. The whitelist of pubkeys is manually mantained ##
## and fetched from GIT_SIGN_PUBKEYS_URL (currently a snippet ##
## link). ##
## ONLY RUNS FOR PRIMARY BRANCHES/REPO ##
## ##
#########################################################################
verify_head_signed:
stage: verify_sig
image:
name: ubuntu:latest
<<: *only_primary
script:
- . ./Builds/containers/gitlab-ci/verify_head_commit.sh
#########################################################################
## ##
## stage: tag_images ##
## ##
## apply rippled version tag to containers from previous stage. ##
## ONLY RUNS FOR PRIMARY BRANCHES/REPO ##
## ##
#########################################################################
tag_bld_images:
stage: tag_images
variables:
docker_driver: overlay2
image:
name: docker:latest
services:
- docker:dind
tags:
- docker-large
dependencies:
- rpm_build
- dpkg_build
<<: *only_primary
script:
- . ./Builds/containers/gitlab-ci/tag_docker_image.sh
#########################################################################
## ##
## stage: push_to_test ##
## ##
## push packages to artifactory repositories (test) ##
## ONLY RUNS FOR PRIMARY BRANCHES/REPO ##
## ##
#########################################################################
push_test:
stage: push_to_test
variables:
DEB_REPO: "rippled-deb-test-mirror"
RPM_REPO: "rippled-rpm-test-mirror"
image:
name: alpine:latest
artifacts:
paths:
- files.info
dependencies:
- rpm_build
- dpkg_build
<<: *only_primary
script:
- . ./Builds/containers/gitlab-ci/push_to_artifactory.sh "PUT" "."
#########################################################################
## ##
## stage: verify_from_test ##
## ##
## install/test packages from test repos. ##
## ONLY RUNS FOR PRIMARY BRANCHES/REPO ##
## ##
#########################################################################
centos_7_verify_repo_test:
stage: verify_from_test
variables:
RPM_REPO: "rippled-rpm-test-mirror"
image:
name: centos:7
dependencies:
- rpm_build
<<: *only_primary
<<: *run_repo_smoketest
fedora_29_verify_repo_test:
stage: verify_from_test
variables:
RPM_REPO: "rippled-rpm-test-mirror"
image:
name: fedora:29
dependencies:
- rpm_build
<<: *only_primary
<<: *run_repo_smoketest
fedora_28_verify_repo_test:
stage: verify_from_test
variables:
RPM_REPO: "rippled-rpm-test-mirror"
image:
name: fedora:28
dependencies:
- rpm_build
<<: *only_primary
<<: *run_repo_smoketest
fedora_27_verify_repo_test:
stage: verify_from_test
variables:
RPM_REPO: "rippled-rpm-test-mirror"
image:
name: fedora:27
dependencies:
- rpm_build
<<: *only_primary
<<: *run_repo_smoketest
ubuntu_19_verify_repo_test:
stage: verify_from_test
variables:
DISTRO: "disco"
DEB_REPO: "rippled-deb-test-mirror"
image:
name: ubuntu:19.04
dependencies:
- dpkg_build
<<: *only_primary
<<: *run_repo_smoketest
ubuntu_18_verify_repo_test:
stage: verify_from_test
variables:
DISTRO: "bionic"
DEB_REPO: "rippled-deb-test-mirror"
image:
name: ubuntu:18.04
dependencies:
- dpkg_build
<<: *only_primary
<<: *run_repo_smoketest
ubuntu_16_verify_repo_test:
stage: verify_from_test
variables:
DISTRO: "xenial"
DEB_REPO: "rippled-deb-test-mirror"
image:
name: ubuntu:16.04
dependencies:
- dpkg_build
<<: *only_primary
<<: *run_repo_smoketest
debian_9_verify_repo_test:
stage: verify_from_test
variables:
DISTRO: "stretch"
DEB_REPO: "rippled-deb-test-mirror"
image:
name: debian:9
dependencies:
- dpkg_build
<<: *only_primary
<<: *run_repo_smoketest
#########################################################################
## ##
## stage: wait_approval_prod ##
## ##
## wait for manual approval before proceeding to next stage ##
## which pushes to prod repo. ##
## ONLY RUNS FOR PRIMARY BRANCHES/REPO and when ##
## REQUIRE_APPROVAL is set to true. ##
## ##
#########################################################################
wait_before_push_prod:
stage: wait_approval_prod
image:
name: alpine:latest
<<: *only_primary_manual
script:
- echo "proceeding to next stage"
#########################################################################
## ##
## stage: push_to_prod ##
## ##
## push packages to artifactory repositories (prod) ##
## ONLY RUNS FOR PRIMARY BRANCHES/REPO ##
## ##
#########################################################################
push_prod:
variables:
DEB_REPO: "rippled-deb"
RPM_REPO: "rippled-rpm"
image:
name: alpine:latest
stage: push_to_prod
artifacts:
paths:
- files.info
dependencies:
- rpm_build
- dpkg_build
<<: *only_primary
script:
- . ./Builds/containers/gitlab-ci/push_to_artifactory.sh "PUT" "."
#########################################################################
## ##
## stage: verify_from_prod ##
## ##
## install/test packages from prod repos. ##
## ONLY RUNS FOR PRIMARY BRANCHES/REPO ##
## ##
#########################################################################
centos_7_verify_repo_prod:
stage: verify_from_prod
variables:
RPM_REPO: "rippled-rpm"
image:
name: centos:7
dependencies:
- rpm_build
<<: *only_primary
<<: *run_repo_smoketest
fedora_29_verify_repo_prod:
stage: verify_from_prod
variables:
RPM_REPO: "rippled-rpm"
image:
name: fedora:29
dependencies:
- rpm_build
<<: *only_primary
<<: *run_repo_smoketest
fedora_28_verify_repo_prod:
stage: verify_from_prod
variables:
RPM_REPO: "rippled-rpm"
image:
name: fedora:28
dependencies:
- rpm_build
<<: *only_primary
<<: *run_repo_smoketest
fedora_27_verify_repo_prod:
stage: verify_from_prod
variables:
RPM_REPO: "rippled-rpm"
image:
name: fedora:27
dependencies:
- rpm_build
<<: *only_primary
<<: *run_repo_smoketest
ubuntu_19_verify_repo_prod:
stage: verify_from_prod
variables:
DISTRO: "disco"
DEB_REPO: "rippled-deb"
image:
name: ubuntu:19.04
dependencies:
- dpkg_build
<<: *only_primary
<<: *run_repo_smoketest
ubuntu_18_verify_repo_prod:
stage: verify_from_prod
variables:
DISTRO: "bionic"
DEB_REPO: "rippled-deb"
image:
name: ubuntu:18.04
dependencies:
- dpkg_build
<<: *only_primary
<<: *run_repo_smoketest
ubuntu_16_verify_repo_prod:
stage: verify_from_prod
variables:
DISTRO: "xenial"
DEB_REPO: "rippled-deb"
image:
name: ubuntu:16.04
dependencies:
- dpkg_build
<<: *only_primary
<<: *run_repo_smoketest
debian_9_verify_repo_prod:
stage: verify_from_prod
variables:
DISTRO: "stretch"
DEB_REPO: "rippled-deb"
image:
name: debian:9
dependencies:
- dpkg_build
<<: *only_primary
<<: *run_repo_smoketest
#########################################################################
## ##
## stage: get_final_hashes ##
## ##
## fetch final hashes from artifactory. ##
## ONLY RUNS FOR PRIMARY BRANCHES/REPO ##
## ##
#########################################################################
get_prod_hashes:
variables:
DEB_REPO: "rippled-deb"
RPM_REPO: "rippled-rpm"
image:
name: alpine:latest
stage: get_final_hashes
artifacts:
paths:
- files.info
dependencies:
- rpm_build
- dpkg_build
<<: *only_primary
script:
- . ./Builds/containers/gitlab-ci/push_to_artifactory.sh "GET" ".checksums"
Reference in New Issue View Git Blame Copy Permalink