variables: PROJECT_NAME: glitchtip IMAGE_NAME: registry.gitlab.com/glitchtip/glitchtip-backend CONTAINER_TEST_IMAGE: registry.gitlab.com/glitchtip/glitchtip-backend:$CI_BUILD_REF_NAME PIP_DISABLE_PIP_VERSION_CHECK: "on" PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip" POETRY_VIRTUALENVS_CREATE: "false" POETRY_HOME: "/opt/poetry" POSTGRES_HOST_AUTH_METHOD: "trust" DEBUG: "true" include: - template: SAST.gitlab-ci.yml - template: Dependency-Scanning.gitlab-ci.yml - template: Secret-Detection.gitlab-ci.yml workflow: rules: - when: always test: image: python:3.11 variables: SECRET_KEY: testing ENABLE_TEST_API: "true" ENABLE_OPEN_USER_REGISTRATION: "true" services: - postgres:15 cache: key: ${CI_COMMIT_REF_SLUG} paths: - .cache/pip script: - curl -sSL https://install.python-poetry.org | python3 - - $POETRY_HOME/bin/poetry install --no-interaction --no-ansi - ./manage.py test rules: - if: $CI_PIPELINE_SOURCE != "schedule" lint: image: python:3.11 script: - curl -sSL https://install.python-poetry.org | python3 - - $POETRY_HOME/bin/poetry install --no-interaction --no-ansi # - isort --check glitchtip not compatible with black :( # - pylint --load-plugins=pylint_django --django-settings-module=glitchtip.settings --disable=R glitchtip rules: - if: $CI_PIPELINE_SOURCE != "schedule" build: image: docker:20 rules: # Run only on protected branches that are not tagged and not merge requests - if: '$CI_PIPELINE_SOURCE != "merge_request_event" && $CI_COMMIT_REF_PROTECTED == "true" && $CI_COMMIT_TAG =~ "/^$/"' services: - docker:20-dind script: - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.gitlab.com - docker build -t $CONTAINER_TEST_IMAGE --build-arg IS_CI="True" . - docker push $CONTAINER_TEST_IMAGE rules: - if: $CI_PIPELINE_SOURCE != "schedule" buildx: image: docker:20-git variables: GIT_STRATEGY: none artifacts: paths: - buildx expire_in: 1 hour services: - docker:20-dind script: - export DOCKER_BUILDKIT=1 - git clone https://github.com/docker/buildx.git ./docker-buildx - docker build --platform=local -o . ./docker-buildx rules: - if: $CI_PIPELINE_SOURCE =~ "schedule" when: never - if: $CI_COMMIT_TAG =~ /^v\d+.\d+.\d+/ build_arm_x86: image: docker:20 needs: - buildx services: - docker:20-dind before_script: - mkdir -p ~/.docker/cli-plugins - mv buildx ~/.docker/cli-plugins/docker-buildx - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes script: - wget https://gitlab.com/api/v4/projects/15449363/jobs/artifacts/$CI_COMMIT_TAG/download?job=build-assets -O assets.zip - unzip assets.zip - rm assets.zip - mv dist/glitchtip-frontend/* dist/ - rmdir dist/glitchtip-frontend/ - VERSION=${CI_COMMIT_REF_NAME#*v} - echo "Build version $VERSION ci registry image $CI_REGISTRY_IMAGE commit ref $CI_COMMIT_REF_NAME" - docker login -u ${DOCKER_CI_REGISTRY_USER} -p ${DOCKER_CI_REGISTRY_PASSWORD} - docker buildx create --use - docker buildx build --platform linux/arm64/v8,linux/amd64 --push -t ${DOCKER_CI_REGISTRY_IMAGE}:${CI_COMMIT_REF_NAME} -t ${DOCKER_CI_REGISTRY_IMAGE}:latest --build-arg IS_CI="True" --build-arg GLITCHTIP_VERSION=$VERSION --build-arg COLLECT_STATIC="True" . rules: - if: $CI_PIPELINE_SOURCE =~ "schedule" when: never - if: '$CI_COMMIT_TAG =~ /^v\d+.\d+.\d+/ && $CI_COMMIT_REF_PROTECTED == "true"' update_deps: image: renovate/renovate:latest variables: RENOVATE_PLATFORM: gitlab RENOVATE_ENDPOINT: https://gitlab.com/api/v4 RENOVATE_TOKEN: $GITLAB_ACCESS_TOKEN RENOVATE_REPOSITORIES: glitchtip/glitchtip-backend rules: - if: $CI_PIPELINE_SOURCE == "schedule" - if: $CI_PIPELINE_SOURCE != "schedule" when: manual script: renovate