wikibase/.gitlab-ci.yml

124 lines
3.8 KiB
YAML

variables:
GIT_SUBMODULE_STRATEGY: recursive
GIT_SUBMODULE_UPDATE_FLAGS: --jobs 4
# https://hub.docker.com/r/alpine/git/tags
GIT_VERSION: v2.36.2
stages:
- test
- update
- build
# Description
# This script allows to store the artefacts of a step into the current
# repository, to improve the efficiency of the next build process.
# Set up this script
# 1. Create a new personal access token (https://gitlab.com/-/profile/personal_access_tokens)
# with the following scopes:
# - read_repository
# - write_repository
# 2. Inside Settings -> CI / CD -> Variables, create the following variables:
#
# GITLAB_TOKEN Personal access token previously created.
# (masked)
# GITLAB_USERNAME Username associated with the personal access token.
# COMMIT_MESSAGE Commit message
# Other variables used by this script
# The following variables are defined automatically by GitLab CI. Thus, you
# don't need to override them.
#
# CI_COMMIT_SHA Commit SHA, to use a unique directory name.
# CI_DEFAULT_BRANCH Default branch.
# CI_PROJECT_PATH Current project path.
# CI_SERVER_HOST Hostname of the current GitLab instance.
# GITLAB_USER_EMAIL Email of the user used to commit the changes to the
# secondary repository.
# GITLAB_USER_NAME User name of the user used to commit the changes to
# the secondary repository.
.git:push:
after_script:
# Go to the new directory
- cd "${CI_COMMIT_SHA}"
# Add all generated files to Git
- git add .
- |-
# Check if we have modifications to commit
CHANGES=$(git status --porcelain | wc -l)
if [ "$CHANGES" -gt "0" ]; then
# Show the status of files that are about to be created, updated or deleted
git status
# Commit all changes
git commit -m "${COMMIT_MESSAGE}"
# Update the repository and make sure to skip the pipeline create for this commit
git push origin "${CI_DEFAULT_BRANCH}" -o ci.skip
fi
before_script:
# Clone the repository via HTTPS inside a new directory
- git clone "https://${GITLAB_USERNAME}:${GITLAB_TOKEN}@${CI_SERVER_HOST}/${CI_PROJECT_PATH}.git" "${CI_COMMIT_SHA}"
# Set the displayed user with the commits that are about to be made
- git config --global user.email "${GIT_USER_EMAIL:-$GITLAB_USER_EMAIL}"
- git config --global user.name "${GIT_USER_NAME:-$GITLAB_USER_NAME}"
image:
entrypoint: ['']
name: alpine/git:${GIT_VERSION}
sast:
stage: test
include:
- template: Security/SAST.gitlab-ci.yml
update-gitmodules:
extends: .git:push
stage: update
script:
- cd "${CI_COMMIT_SHA}"
- git submodule update --init --recursive
- git submodule update --remote
only:
- schedules
- manual
except:
- main
needs: []
build-docker:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
script:
- mkdir -p /kaniko/.docker
- echo "{\"auths\":{\"${CI_REGISTRY}\":{\"auth\":\"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
- >-
/kaniko/executor --force
--context "${CI_PROJECT_DIR}"
--dockerfile "${CI_PROJECT_DIR}/Dockerfile"
--destination "${CI_REGISTRY}/mediawiki/miki:${CI_COMMIT_SHORT_SHA}"
--cache=true
--cache-repo="${CI_REGISTRY}/mediawiki/miki-cache"
- >-
/kaniko/executor --force
--context "${CI_PROJECT_DIR}"
--dockerfile "${CI_PROJECT_DIR}/Dockerfile"
--destination "${CI_REGISTRY}/mediawiki/miki:latest"
--cache=true
--cache-repo="${CI_REGISTRY}/mediawiki/miki-cache"
only:
- main
except:
- schedules
needs:
- job: update-gitmodules
optional: true