forked from ya-b/registry-client
-
Notifications
You must be signed in to change notification settings - Fork 2
/
.gitlab-ci.yml
118 lines (104 loc) · 3.7 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
# Secrets should never be versioned.
include:
- template: Security/Secret-Detection.gitlab-ci.yml
stages:
- prepare
- test
- build
- publish
variables:
GPG_KEYRING_DIR: /gpg
GPG_KEYRING_PATH: ${GPG_KEYRING_DIR}/keyring
GRADLE_USER_HOME: /.gradle
GRADLE_VERSION: 7.5.1
GRADLE_IMAGE: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/gradle:${GRADLE_VERSION}-jdk17-alpine
default:
tags:
- docker
make-version-name:
stage: prepare
# regex check does not work with /bin/sh because of parenthesis so we need /bin/bash here
image: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/bash:5.2.15-alpine3.16
script:
- | # If no tag has been pushed ($CI_COMMIT_TAG is empty), name it as SNAPSHOT
if [ -z ${CI_COMMIT_TAG} ]; then
echo "CM_VERSION=${CI_COMMIT_SHORT_SHA}-$(date '+%Y%m%d-%H%M%S')-SNAPSHOT" > .env
else
# Else use the tag
echo "CM_VERSION=${CI_COMMIT_TAG}" > .env
fi
- cat .env
artifacts:
reports:
dotenv: .env
.make-gradle-properties:
before_script:
- mkdir -p ${GRADLE_USER_HOME}
- mkdir -p ${GPG_KEYRING_DIR}
- touch ${GRADLE_USER_HOME}/gradle.properties
# MavenCentral
- export GPG_KEY_ID="$(echo ${OSSRH_GPG_KEY_CODE} | tr -d '[:space:]\n' | rev | cut -c 1-8 | rev)"
- echo "signing.keyId=${GPG_KEY_ID}" >> ${GRADLE_USER_HOME}/gradle.properties
- echo "signing.password=${OSSRH_GPG_KEY_PASSPHRASE}" >> ${GRADLE_USER_HOME}/gradle.properties
- echo "signing.secretKeyRingFile=${GPG_KEYRING_PATH}" >> ${GRADLE_USER_HOME}/gradle.properties
- echo "ossrhUsername=${OSSRH_USERNAME}" >> ${GRADLE_USER_HOME}/gradle.properties
- echo "ossrhPassword=${OSSRH_PASSWORD}" >> ${GRADLE_USER_HOME}/gradle.properties
# Gitlab
- echo "gitLabPrivateToken=${CI_JOB_TOKEN}" >> ${GRADLE_USER_HOME}/gradle.properties
- echo "gitlabTokenName=Job-Token" >> ${GRADLE_USER_HOME}/gradle.properties
- echo "gitlabRepoUrl=${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/maven" >> ${GRADLE_USER_HOME}/gradle.properties
- cat ${GRADLE_USER_HOME}/gradle.properties
junit-tests:
extends: .make-gradle-properties
stage: test
image: ${GRADLE_IMAGE}
services:
- alias: registry
name: registry:latest
variables:
REGISTRY_STORAGE_DELETE_ENABLED: 'true'
REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: '/data'
script:
- gradle test
artifacts:
reports:
junit: build/test-results/test/**/TEST-*.xml
build-jar:
extends: .make-gradle-properties
stage: build
image: ${GRADLE_IMAGE}
needs:
- job: make-version-name
artifacts: true
services:
- alias: registry
name: registry:latest
variables:
REGISTRY_STORAGE_DELETE_ENABLED: 'true'
REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: '/data'
script:
- sed -i -- "s/version '0.0.0'/version '${CM_VERSION}'/g" build.gradle
- gradle clean build
artifacts:
when: on_success
expire_in: "30 days"
paths:
- build/libs/registry-client-*.jar
publish:
extends: .make-gradle-properties
stage: publish
image: ${GRADLE_IMAGE}
needs:
- job: make-version-name
artifacts: true
rules:
- if: $CI_COMMIT_TAG
script:
- apk update && apk add gpg gpg-agent
- gpg --import ${OSSRH_GPG_PUBKEY}
- gpg --pinentry-mode loopback --passphrase ${OSSRH_GPG_KEY_PASSPHRASE} --import ${OSSRH_GPG_PRIVKEY}
- gpg --pinentry-mode loopback --passphrase ${OSSRH_GPG_KEY_PASSPHRASE} --export-secret-key ${OSSRH_GPG_KEY_CODE} > ${GPG_KEYRING_PATH}
- sed -i -- "s/version '0.0.0'/version '${CM_VERSION}'/g" build.gradle
- gradle publishToComCytomine
- gradle findComCytomineStagingRepository closeComCytomineStagingRepository
- gradle findComCytomineStagingRepository releaseComCytomineStagingRepository