94 lines
2.6 KiB
YAML
94 lines
2.6 KiB
YAML
stages:
|
|
- build
|
|
- test
|
|
- publish
|
|
- deploy
|
|
|
|
variables:
|
|
# Can't compose variables with user-defined ones, so we repeat ourselves :'(
|
|
# See https://gitlab.com/gitlab-org/gitlab-runner/-/issues/1809
|
|
IMAGE_REGISTRY: rg.fr-par.scw.cloud/crocmagnon
|
|
IMAGE_TESTS: $CI_REGISTRY_IMAGE:tests-latest
|
|
IMAGE_DEPS_TESTS: $CI_REGISTRY_IMAGE:tests-deps
|
|
IMAGE_LATEST: rg.fr-par.scw.cloud/crocmagnon/blog:latest
|
|
IMAGE_DEPS_LATEST: $CI_REGISTRY_IMAGE:deps
|
|
|
|
PRE_COMMIT_IMAGE: rg.fr-par.scw.cloud/crocmagnon/pre-commit:latest
|
|
|
|
.build: &build
|
|
image: docker:20.10.1
|
|
services:
|
|
- docker:20.10.1-dind
|
|
script:
|
|
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
|
- docker login -u $REGISTRY_USER -p $REGISTRY_PASSWORD $IMAGE_REGISTRY
|
|
- docker pull $IMAGE || true
|
|
- docker pull $DEPS || true
|
|
# Build this first stage separately so that we can cache it
|
|
- docker build --pull --build-arg POETRY_OPTIONS --target venv --cache-from $DEPS -t $DEPS .
|
|
# Build the final image. The "cache from" deps is necessary to take advantage of the intermediate image cache.
|
|
# See https://stackoverflow.com/a/52649913/2758732 and https://github.com/moby/moby/issues/34715
|
|
- docker build --pull --build-arg POETRY_OPTIONS --cache-from $IMAGE --cache-from $DEPS -t $IMAGE .
|
|
- docker push $IMAGE
|
|
- docker push $DEPS
|
|
|
|
build-tests:
|
|
<<: *build
|
|
stage: build
|
|
variables:
|
|
POETRY_OPTIONS: ""
|
|
before_script:
|
|
- export IMAGE=$IMAGE_TESTS
|
|
- export DEPS=$IMAGE_DEPS_TESTS
|
|
|
|
.tests: &tests
|
|
stage: test
|
|
image: $IMAGE_TESTS
|
|
|
|
unit_tests:
|
|
<<: *tests
|
|
script:
|
|
- cd /app
|
|
- python -m pytest
|
|
|
|
pre_commit:
|
|
stage: test
|
|
image: $PRE_COMMIT_IMAGE
|
|
script:
|
|
- pre-commit run --all-files --color always --show-diff-on-failure
|
|
needs: []
|
|
|
|
missing_migrations:
|
|
<<: *tests
|
|
script:
|
|
- cd /app
|
|
- python manage.py makemigrations --check
|
|
|
|
publish:
|
|
<<: *build
|
|
stage: publish
|
|
variables:
|
|
POETRY_OPTIONS: "--no-dev"
|
|
before_script:
|
|
- export IMAGE=$IMAGE_LATEST
|
|
- export DEPS=$IMAGE_DEPS_LATEST
|
|
only:
|
|
- master
|
|
|
|
deploy:
|
|
stage: deploy
|
|
image: ubuntu
|
|
before_script:
|
|
- 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y --no-install-recommends )'
|
|
- eval $(ssh-agent -s)
|
|
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
|
|
- mkdir -p ~/.ssh
|
|
- chmod 700 ~/.ssh
|
|
- echo "$SSH_CONFIG" > ~/.ssh/config
|
|
- chmod 644 ~/.ssh/config
|
|
- echo "$SSH_KNOWN_HOSTS" >> ~/.ssh/known_hosts
|
|
- chmod 644 ~/.ssh/known_hosts
|
|
script:
|
|
- ssh blog "/home/gaugendre/blog/update"
|
|
only:
|
|
- master
|