SMusatov
/
GlitchTip
mirror of https://gitlab.com/glitchtip/glitchtip-backend.git


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697
							variables:
  PROJECT_NAME: glitchtip
  IMAGE_NAME: registry.gitlab.com/glitchtip/glitchtip-backend
  CONTAINER_TEST_IMAGE: registry.gitlab.com/glitchtip/glitchtip-backend:$CI_BUILD_REF_NAME
  PIP_DISABLE_PIP_VERSION_CHECK: "on"
  PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip"
  POETRY_VIRTUALENVS_CREATE: "false"
  POETRY_HOME: "/opt/poetry"
  POSTGRES_HOST_AUTH_METHOD: "trust"
  DEBUG: "true"

include:
  - template: SAST.gitlab-ci.yml
  - template: Dependency-Scanning.gitlab-ci.yml
  - template: Secret-Detection.gitlab-ci.yml

workflow:
  rules:
    - when: always

test:
  image: python:3.10
  variables:
    SECRET_KEY: testing
    ENABLE_TEST_API: "true"
    ENABLE_OPEN_USER_REGISTRATION: "true"
  services:
    - postgres:14
  cache:
    key: ${CI_COMMIT_REF_SLUG}
    paths:
      - .cache/pip
  script:
    - curl -sSL https://install.python-poetry.org | python3 -
    - $POETRY_HOME/bin/poetry install --no-interaction --no-ansi
    - ./manage.py test

lint:
  image: python:3.10
  script:
    - curl -sSL https://install.python-poetry.org | python3 -
    - $POETRY_HOME/bin/poetry install --no-interaction --no-ansi
    # - isort --check glitchtip not compatible with black :(
    # - pylint --load-plugins=pylint_django --django-settings-module=glitchtip.settings --disable=R glitchtip

build:
  image: docker:20
  rules:
    # Run only on protected branches that are not tagged and not merge requests
    - if: '$CI_PIPELINE_SOURCE != "merge_request_event" && $CI_COMMIT_REF_PROTECTED == "true" && $CI_COMMIT_TAG =~ "/^$/"'
  services:
    - docker:20-dind
  script:
    - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.gitlab.com
    - docker build -t $CONTAINER_TEST_IMAGE --build-arg IS_CI="True" .
    - docker push $CONTAINER_TEST_IMAGE

buildx:
  image: docker:20-git
  rules:
    - if: $CI_COMMIT_TAG =~ /^v\d+.\d+.\d+/
  variables:
    GIT_STRATEGY: none
  artifacts:
    paths:
      - buildx
    expire_in: 1 hour
  services:
    - docker:20-dind
  script:
    - export DOCKER_BUILDKIT=1
    - git clone https://github.com/docker/buildx.git ./docker-buildx
    - docker build --platform=local -o . ./docker-buildx

build_arm_x86:
  image: docker:20
  rules:
    - if: '$CI_COMMIT_TAG =~ /^v\d+.\d+.\d+/ && $CI_COMMIT_REF_PROTECTED == "true"'
  needs:
    - buildx
  services:
    - docker:20-dind
  before_script:
    - mkdir -p ~/.docker/cli-plugins
    - mv buildx ~/.docker/cli-plugins/docker-buildx
    - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
  script:
    - wget https://gitlab.com/api/v4/projects/15449363/jobs/artifacts/$CI_COMMIT_TAG/download?job=build-assets -O assets.zip
    - unzip assets.zip
    - rm assets.zip
    - mv dist/glitchtip-frontend/* dist/
    - rmdir dist/glitchtip-frontend/
    - VERSION=${CI_COMMIT_REF_NAME#*v}
    - echo "Build version $VERSION ci registry image $CI_REGISTRY_IMAGE commit ref $CI_COMMIT_REF_NAME"
    - docker login -u ${DOCKER_CI_REGISTRY_USER} -p ${DOCKER_CI_REGISTRY_PASSWORD}
    - docker buildx create --use
    - docker buildx build --platform linux/arm64/v8,linux/amd64 --push -t ${DOCKER_CI_REGISTRY_IMAGE}:${CI_COMMIT_REF_NAME} -t ${DOCKER_CI_REGISTRY_IMAGE}:latest --build-arg IS_CI="True" --build-arg GLITCHTIP_VERSION=$VERSION --build-arg COLLECT_STATIC="True" .