.only-default: &only-default only: - master - branches - merge_requests stages: - pre-commit - gitlab - test - deploy - docker include: - template: Dependency-Scanning.gitlab-ci.yml - template: Security/SAST.gitlab-ci.yml before_script: - apt-get update && apt-get install redis-server -y - redis-server --daemonize yes - python -V - pip install wheel tox pre-commit-check: <<: *only-default stage: pre-commit image: python:3.6-buster variables: PRE_COMMIT_HOME: ${CI_PROJECT_DIR}/.cache/pre-commit cache: paths: - ${PRE_COMMIT_HOME} script: - pip install pre-commit - pre-commit run --all-files sast: stage: gitlab before_script: [] dependency_scanning: stage: gitlab before_script: - apt-get update && apt-get install redis-server libmariadb-dev -y - redis-server --daemonize yes - python -V - pip install wheel tox test-3.7-core: <<: *only-default image: python:3.7-bullseye script: - tox -e py37-core artifacts: when: always reports: cobertura: coverage.xml test-3.8-core: <<: *only-default image: python:3.8-bullseye script: - tox -e py38-core artifacts: when: always reports: cobertura: coverage.xml test-3.9-core: <<: *only-default image: python:3.9-bullseye script: - tox -e py39-core artifacts: when: always reports: cobertura: coverage.xml test-3.10-core: <<: *only-default image: python:3.10-bullseye script: - tox -e py310-core artifacts: when: always reports: cobertura: coverage.xml test-3.7-all: <<: *only-default image: python:3.7-bullseye script: - tox -e py37-all artifacts: when: always reports: cobertura: coverage.xml test-3.8-all: <<: *only-default image: python:3.8-bullseye script: - tox -e py38-all artifacts: when: always reports: cobertura: coverage.xml test-3.9-all: <<: *only-default image: python:3.9-bullseye script: - tox -e py39-all artifacts: when: always reports: cobertura: coverage.xml test-3.10-all: <<: *only-default image: python:3.10-bullseye script: - tox -e py310-all artifacts: when: always reports: cobertura: coverage.xml deploy_production: stage: deploy image: python:3.10-bullseye before_script: - pip install twine wheel script: - python setup.py sdist bdist_wheel - twine upload dist/* rules: - if: $CI_COMMIT_TAG build-image: before_script: [] image: docker:20.10.10 stage: docker services: - docker:20.10.10-dind script: | CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -) IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_COMMIT_SHORT_SHA CURRENT_TAG=$CI_REGISTRY_IMAGE/auth:$CI_COMMIT_TAG MINOR_TAG=$CI_REGISTRY_IMAGE/auth:$(echo $CI_COMMIT_TAG | cut -d '.' -f 1-2) MAJOR_TAG=$CI_REGISTRY_IMAGE/auth:$(echo $CI_COMMIT_TAG | cut -d '.' -f 1) LATEST_TAG=$CI_REGISTRY_IMAGE/auth:latest docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY docker build . -t $IMAGE_TAG -f docker/Dockerfile --build-arg AUTH_VERSION=$(echo $CI_COMMIT_TAG | cut -c 2-) docker tag $IMAGE_TAG $CURRENT_TAG docker tag $IMAGE_TAG $MINOR_TAG docker tag $IMAGE_TAG $MAJOR_TAG docker tag $IMAGE_TAG $LATEST_TAG docker image push --all-tags $CI_REGISTRY_IMAGE/auth rules: - if: $CI_COMMIT_TAG build-image-dev: before_script: [] image: docker:20.10.10 stage: docker services: - docker:20.10.10-dind script: | CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -) IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_COMMIT_BRANCH-$CI_COMMIT_SHORT_SHA docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY docker build . -t $IMAGE_TAG -f docker/Dockerfile --build-arg AUTH_PACKAGE=git+https://gitlab.com/allianceauth/allianceauth@$CI_COMMIT_BRANCH docker push $IMAGE_TAG rules: - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == ""' when: manual - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME != ""' when: never build-image-mr: before_script: [] image: docker:20.10.10 stage: docker services: - docker:20.10.10-dind script: | CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -) IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME-$CI_COMMIT_SHORT_SHA docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY docker build . -t $IMAGE_TAG -f docker/Dockerfile --build-arg AUTH_PACKAGE=git+$CI_MERGE_REQUEST_SOURCE_PROJECT_URL@$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME docker push $IMAGE_TAG rules: - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' when: manual - if: '$CI_PIPELINE_SOURCE != "merge_request_event"' when: never