-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.gitlab-ci.yml
143 lines (132 loc) · 4.67 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
image: docker-registry.wikimedia.org/releng/maven-java17:latest
include:
- template: Security/SAST.gitlab-ci.yml
# - template: Jobs/Build.gitlab-ci.yml
- template: Jobs/Secret-Detection.gitlab-ci.yml
# - project: "repos/ci-tools/sonarqube"
# ref: main
- project: don-vip/sonarqube
ref: fixes
file: "templates/maven-sonar-ci.yml"
cache:
key: maven
paths:
- .m2/repository
- target
stages:
- build
- test
- deploy
variables:
JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64
MAVEN_CLI_OPTS: "--batch-mode --no-transfer-progress -Dstyle.color=always"
MAVEN_OPTS: "-Dmaven.repo.local=.m2/repository"
# https://gitlab.com/gitlab-org/gitlab/-/blob/v16.8.5-ee/lib/gitlab/ci/templates/Jobs/Build.gitlab-ci.yml?ref_type=tags
# https://gitlab.com/gitlab-org/cluster-integration/auto-build-image/-/blob/v1.51.0/src/build.sh?ref_type=tags
.build:
variables:
AUTO_DEVOPS_BUILD_IMAGE_CNB_BUILDER: "tools-harbor.wmcloud.org/toolforge/heroku-builder:22"
before_script:
- docker info
build_maven:
stage: build
script:
- ./mvnw $MAVEN_CLI_OPTS -Pweb -Pjobs package -DskipTests=true
test:
stage: test
needs: ["build_maven"]
before_script:
- sed -i 's#/data/project/spacemedia/logs/#target/#g' src/main/resources/logback-spring-toolforge.xml
- export PATH=$PATH:.
script:
- >
./mvnw $MAVEN_CLI_OPTS -Pweb -Pjobs test
-Dspring.profiles.active=toolforge
-Dspring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MariaDBDialect
-Ddomain.datasource.url=jdbc:mariadb://tools.db.svc.wikimedia.cloud:3306/${user}__spacemedia
-Ddomain.datasource.username=$user
-Ddomain.datasource.password=$password
-Dcommons.datasource.url=jdbc:mariadb://commonswiki.analytics.db.svc.wikimedia.cloud:3306/commonswiki_p
-Dcommons.datasource.username=$user
-Dcommons.datasource.password=$password
-Dhashes.datasource.url=jdbc:mariadb://ch76yv6gnf5.svc.trove.eqiad1.wikimedia.cloud:3306/hash_associations
-Dhashes.datasource.username=$hashes_datasource_username
-Dhashes.datasource.password=$hashes_datasource_password
-Dflickr.api.key=$flickr_api_key
-Dflickr.secret=$flickr_secret
-Dcommons.api.password=$commons_api_password
-Dcommons.api.oauth1.consumer-token=$commons_api_oauth1_consumer_token
-Dcommons.api.oauth1.consumer-secret=$commons_api_oauth1_consumer_secret
-Dcommons.api.oauth1.access-token=$commons_api_oauth1_access_token
-Dcommons.api.oauth1.access-secret=$commons_api_oauth1_access_secret
-Ddvids.api.key=$dvids_api_key
-Dyoutube.api.key=$youtube_api_key
-Dgoogle.translate.project=$google_translate_project
-Dgoogle.translate.privateKeyId=$google_translate_privateKeyId
-Dgoogle.translate.privateKey="$translatePrivateKey"
-Dgoogle.translate.clientEmail=$google_translate_clientEmail
-Dgoogle.translate.clientId=$google_translate_clientId
-Dmastodon.api.oauth2.access-token=$mastodon_api_oauth2_access_token
-Dmastodon.api.oauth2.client-id=$mastodon_api_oauth2_client_id
-Dmastodon.api.oauth2.client-secret=$mastodon_api_oauth2_client_secret
-Dbox.api.oauth2.client-id=$box_api_oauth2_client_id
-Dbox.api.oauth2.client-secret=$box_api_oauth2_client_secret
-Dbox.api.user-email=$box_api_user_email
-Dbox.api.user-password=$box_api_user_password
-Dspring.security.oauth2.client.registration.wikimedia.client-secret=$spring_security_oauth2_client_registration_wikimedia_client_secret
artifacts:
public: false
# access: 'developer' # requires gitlab 16.10
when: always
paths:
- target/jacoco.*
- target/surefire-reports/*.txt
- target/surefire-reports/*.xml
expire_in: 7 days
reports:
junit: target/surefire-reports/*.xml
sonar-scanner:
cache:
- key: maven
policy: pull
paths:
- .m2/repository
- target
variables:
SONAR_MAVEN_BINARY: "./mvnw $MAVEN_CLI_OPTS"
SONAR_MAVEN_GOALS: "-Pweb -Pjobs verify sonar:sonar -DskipTests=true"
SONAR_PROJECT_KEY: "toolforge-repos_spacemedia"
needs: ["test"]
deploy_maven:
stage: deploy
script:
- ./mvnw $MAVEN_CLI_OPTS -s ci_settings.xml deploy -DskipTests=true
only:
refs:
- main
- master
- /^develop.*/
deploy_cloud_vps:
stage: deploy
script:
- echo "TODO Deploy to Cloud VPS"
environment:
name: Cloud VPS
url: https://spacemedia.wmcloud.org/
only:
refs:
- main
- master
- /^develop.*/
deploy_toolforge:
stage: deploy
script:
- echo "TODO Deploy to toolforge"
environment:
name: Toolforge
url: https://spacemedia.toolforge.org/
only:
refs:
- main
- master
- /^develop.*/