mirror of
https://git.collinwebdesigns.de/oscar.krause/fastapi-dls.git
synced 2025-10-31 22:50:16 +01:00
242 lines
8.9 KiB
YAML
242 lines
8.9 KiB
YAML
cache:
|
|
key: one-key-to-rule-them-all
|
|
|
|
build:docker:
|
|
image: docker:dind
|
|
interruptible: true
|
|
stage: build
|
|
rules:
|
|
- if: $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
|
|
tags: [ docker ]
|
|
before_script:
|
|
- echo "COMMIT=${CI_COMMIT_SHA}" >> version.env # COMMIT=`git rev-parse HEAD`
|
|
script:
|
|
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
|
- docker build . --tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF}
|
|
- docker push ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF}
|
|
|
|
build:apt:
|
|
image: debian:bookworm-slim
|
|
interruptible: true
|
|
stage: build
|
|
rules:
|
|
- if: $CI_COMMIT_BRANCH
|
|
before_script:
|
|
- echo "COMMIT=${CI_COMMIT_SHA}" >> version.env
|
|
- source version.env
|
|
# install build dependencies
|
|
- apt-get update -qq && apt-get install -qq -y build-essential
|
|
# create build directory for .deb sources
|
|
- mkdir build
|
|
# copy install instructions
|
|
- cp -r .DEBIAN build/DEBIAN
|
|
- chmod -R 0775 build/DEBIAN
|
|
# copy app into "/usr/share/fastapi-dls" as "/usr/share/fastapi-dls/app" & copy README.md and version.env
|
|
- mkdir -p build/usr/share/fastapi-dls
|
|
- cp -r app build/usr/share/fastapi-dls
|
|
- cp README.md version.env build/usr/share/fastapi-dls
|
|
# create conf file
|
|
- mkdir -p build/etc/fastapi-dls
|
|
- touch build/etc/fastapi-dls/env
|
|
# cd into "build/"
|
|
- cd build/
|
|
script:
|
|
- sed -i -E 's/(Version\:\s)0.0/\1'"$VERSION"'/g' DEBIAN/control
|
|
- dpkg -b . build.deb
|
|
- dpkg -I build.deb
|
|
artifacts:
|
|
expire_in: 1 week
|
|
paths:
|
|
- build/build.deb
|
|
|
|
build:pacman:
|
|
image: archlinux:base-devel
|
|
interruptible: true
|
|
stage: build
|
|
rules:
|
|
- if: $CI_COMMIT_BRANCH
|
|
before_script:
|
|
- echo "COMMIT=${CI_COMMIT_SHA}" >> version.env
|
|
# install build dependencies
|
|
- pacman -Syu --noconfirm git
|
|
# create a build-user because "makepkg" don't like root user
|
|
- useradd --no-create-home --shell=/bin/false build && usermod -L build
|
|
- 'echo "build ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers'
|
|
- 'echo "root ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers'
|
|
- chown -R build:build .
|
|
# move .PKGBUILD contents to root directory
|
|
- mv .PKGBUILD/* .
|
|
script:
|
|
- pwd
|
|
# download dependencies
|
|
- source PKGBUILD && pacman -Syu --noconfirm --needed --asdeps "${makedepends[@]}" "${depends[@]}"
|
|
# build
|
|
- sudo -u build makepkg -s
|
|
artifacts:
|
|
expire_in: 1 week
|
|
paths:
|
|
- "*.pkg.tar.zst"
|
|
|
|
test:
|
|
image: python:3.10-slim-bullseye
|
|
stage: test
|
|
rules:
|
|
- if: $CI_COMMIT_BRANCH
|
|
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
|
|
variables:
|
|
DATABASE: sqlite:///../app/db.sqlite
|
|
before_script:
|
|
- pip install -r requirements.txt
|
|
- pip install pytest httpx
|
|
- mkdir -p app/cert
|
|
- openssl genrsa -out app/cert/instance.private.pem 2048
|
|
- openssl rsa -in app/cert/instance.private.pem -outform PEM -pubout -out app/cert/instance.public.pem
|
|
- cd test
|
|
script:
|
|
- pytest main.py
|
|
|
|
.test:linux:
|
|
stage: test
|
|
rules:
|
|
- changes:
|
|
- .DEBIAN/**/*
|
|
- app/**/*
|
|
needs:
|
|
- job: build:apt
|
|
artifacts: true
|
|
variables:
|
|
DEBIAN_FRONTEND: noninteractive
|
|
before_script:
|
|
- apt-get update -qq && apt-get install -qq -y jq curl
|
|
script:
|
|
# test installation
|
|
- apt-get install -q -y ./build/build.deb --fix-missing
|
|
- openssl req -x509 -newkey rsa:2048 -nodes -out /etc/fastapi-dls/webserver.crt -keyout /etc/fastapi-dls/webserver.key -days 7 -subj "/C=DE/O=GitLab-CI/OU=Test/CN=localhost"
|
|
# copy example config from GitLab-CI-Variables
|
|
#- cat ${EXAMPLE_CONFIG} > /etc/fastapi-dls/env
|
|
# start service in background
|
|
- cd /usr/share/fastapi-dls/app
|
|
- uvicorn main:app
|
|
--host 127.0.0.1 --port 443
|
|
--app-dir /usr/share/fastapi-dls/app
|
|
--ssl-keyfile /etc/fastapi-dls/webserver.key
|
|
--ssl-certfile /etc/fastapi-dls/webserver.crt
|
|
--proxy-headers &
|
|
- FASTAPI_DLS_PID=$!
|
|
- echo "Started service with pid $FASTAPI_DLS_PID"
|
|
# testing service
|
|
- if [ "`curl --insecure -s https://127.0.0.1/-/health | jq .status`" != "up" ]; then echo "Success"; else "Error"; fi
|
|
# cleanup
|
|
- kill $FASTAPI_DLS_PID
|
|
- apt-get purge -qq -y fastapi-dls
|
|
- apt-get autoremove -qq -y && apt-get clean -qq
|
|
|
|
test:debian:
|
|
extends: .test:linux
|
|
image: debian:bookworm-slim
|
|
|
|
test:ubuntu:
|
|
extends: .test:linux
|
|
image: ubuntu:22.10
|
|
|
|
test:archlinux:
|
|
image: archlinux:base
|
|
rules:
|
|
- changes:
|
|
- .PKGBUILD/**/*
|
|
- app/**/*
|
|
needs:
|
|
- job: build:pacman
|
|
artifacts: true
|
|
script:
|
|
- pacman -Sy
|
|
- pacman -U --noconfirm *.pkg.tar.zst
|
|
|
|
.deploy:
|
|
rules:
|
|
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
|
|
- if: $CI_COMMIT_TAG
|
|
when: never
|
|
|
|
deploy:docker:
|
|
extends: .deploy
|
|
stage: deploy
|
|
before_script:
|
|
- echo "COMMIT=${CI_COMMIT_SHA}" >> version.env
|
|
- source version.env
|
|
- echo "Building docker image for commit ${COMMIT} with version ${VERSION}"
|
|
script:
|
|
- echo "GitLab-Registry"
|
|
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
|
- docker build . --tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${VERSION}
|
|
- docker build . --tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:latest
|
|
- docker push ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${VERSION}
|
|
- docker push ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:latest
|
|
- echo "Docker-Hub"
|
|
- docker login -u $PUBLIC_REGISTRY_USER -p $PUBLIC_REGISTRY_TOKEN
|
|
- docker build . --tag $PUBLIC_REGISTRY_USER/${CI_PROJECT_NAME}:${VERSION}
|
|
- docker build . --tag $PUBLIC_REGISTRY_USER/${CI_PROJECT_NAME}:latest
|
|
- docker push $PUBLIC_REGISTRY_USER/${CI_PROJECT_NAME}:${VERSION}
|
|
- docker push $PUBLIC_REGISTRY_USER/${CI_PROJECT_NAME}:latest
|
|
|
|
deploy:apt:
|
|
# doc: https://git.collinwebdesigns.de/help/user/packages/debian_repository/index.md#install-a-package
|
|
extends: .deploy
|
|
image: debian:bookworm-slim
|
|
stage: deploy
|
|
needs:
|
|
- job: build:apt
|
|
artifacts: true
|
|
before_script:
|
|
- apt-get update -qq && apt-get install -qq -y curl lsb-release
|
|
# create distribution initial
|
|
- CODENAME=`lsb_release -cs`
|
|
# create repo if not exists
|
|
- 'if [ "`curl -s -o /dev/null -w "%{http_code}" --header "JOB-TOKEN: $CI_JOB_TOKEN" -s ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/debian_distributions/${CODENAME}/key.asc`" != "200" ]; then curl --request POST --header "JOB-TOKEN: $CI_JOB_TOKEN" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/debian_distributions?codename=${CODENAME}"; fi'
|
|
script:
|
|
# Naming format: <name>_<version>-<release>_<arch>.deb
|
|
# Version is the version number of the app being packaged
|
|
# Release number is the version number of the *packaging* itself.
|
|
# The release number might increment if the package maintainer
|
|
# updated the packaging, while the version number of the application
|
|
# being packaged did not change.
|
|
- BUILD_NAME=build/build.deb # inherited by build-stage
|
|
- PACKAGE_NAME=`dpkg -I ${BUILD_NAME} | grep "Package:" | awk '{ print $2 }'`
|
|
- PACKAGE_VERSION=`dpkg -I ${BUILD_NAME} | grep "Version:" | awk '{ print $2 }'`
|
|
- PACKAGE_ARCH=amd64
|
|
#- EXPORT_NAME="${PACKAGE_NAME}_${PACKAGE_VERSION}-0_${PACKAGE_ARCH}.deb"
|
|
- EXPORT_NAME="${PACKAGE_NAME}_${PACKAGE_VERSION}_${PACKAGE_ARCH}.deb"
|
|
- mv ${BUILD_NAME} ${EXPORT_NAME}
|
|
- 'echo "PACKAGE_NAME: ${PACKAGE_NAME}"'
|
|
- 'echo "PACKAGE_VERSION: ${PACKAGE_VERSION}"'
|
|
- 'echo "PACKAGE_ARCH: ${PACKAGE_ARCH}"'
|
|
- 'echo "EXPORT_NAME: ${EXPORT_NAME}"'
|
|
# https://docs.gitlab.com/14.3/ee/user/packages/debian_repository/index.html
|
|
- URL="${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/debian/${EXPORT_NAME}"
|
|
- 'echo "URL: ${URL}"'
|
|
#- 'curl --request PUT --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file ${EXPORT_NAME} ${URL}'
|
|
# using generic-package-registry until debian-registry is GA
|
|
# https://docs.gitlab.com/ee/user/packages/generic_packages/index.html#publish-a-generic-package-by-using-cicd
|
|
- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file ${EXPORT_NAME} "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/${PACKAGE_NAME}/${PACKAGE_VERSION}/${EXPORT_NAME}"'
|
|
|
|
deploy:pacman:
|
|
extends: .deploy
|
|
image: archlinux:base-devel
|
|
stage: deploy
|
|
needs:
|
|
- job: build:pacman
|
|
artifacts: true
|
|
script:
|
|
- source .PKGBUILD/PKGBUILD
|
|
# fastapi-dls-1.0-1-any.pkg.tar.zst
|
|
- BUILD_NAME=${pkgname}-${pkgver}-${pkgrel}-any.pkg.tar.zst
|
|
- PACKAGE_NAME=${pkgname}
|
|
- PACKAGE_VERSION=${pkgver}
|
|
- PACKAGE_ARCH=any
|
|
- EXPORT_NAME=${BUILD_NAME}
|
|
- 'echo "PACKAGE_NAME: ${PACKAGE_NAME}"'
|
|
- 'echo "PACKAGE_VERSION: ${PACKAGE_VERSION}"'
|
|
- 'echo "PACKAGE_ARCH: ${PACKAGE_ARCH}"'
|
|
- 'echo "EXPORT_NAME: ${EXPORT_NAME}"'
|
|
- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file ${EXPORT_NAME} "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/${PACKAGE_NAME}/${PACKAGE_VERSION}/${EXPORT_NAME}"'
|