forked from digitalautonomy/wahay
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
122 lines (113 loc) · 4.76 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
image: digitalautonomy/wahay:0.2-build
stages:
- build
- check
- deploy
build-oldest:
image: digitalautonomy/wahay:0.4-build-oldest-golang
stage: build
script:
- make deps-ci
- make build-ci
build-newest:
image: digitalautonomy/wahay:0.4-build-latest-golang
stage: build
script:
- make deps-ci
- make build-ci
artifacts:
paths:
- bin/wahay-*
test-oldest:
image: digitalautonomy/wahay:0.4-check-oldest-golang
stage: check
script:
- make deps-ci
- make test
test-newest:
image: digitalautonomy/wahay:0.4-check-latest-golang
stage: check
script:
- make deps-ci
- make test
# coverage:
# stage: check
# coverage: '/total:.*?(\d+\.\d+\%)/'
# script:
# - make deps-ci
# - make cover-ci
# artifacts:
# paths:
# - coverage.html
# quality:
# stage: check
# script:
# - make deps-ci
# - make quality
deploy_staging:
image: digitalautonomy/wahay:0.1-deploy
stage: deploy
before_script:
- export SSH_PORT=2326
- 'export DO_SSH="ssh -p${SSH_PORT} [email protected]"'
- 'eval $(ssh-agent -s)'
- 'ssh-add <(echo "$DEPLOY_STAGING_SSH_PRIVATE_KEY")'
- mkdir -p ~/.ssh; chmod 700 ~/.ssh
- 'echo -e "[staging.wahay.app]:${SSH_PORT},[185.108.76.88]:${SSH_PORT} ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEiKOqqE2wJo4OnAvgbCPLsnObcSJuoYQU0cW3QRMPqK4XHeo9RTxOE4jt+40Gy3wfzzo7q1fmUJ/QZrORcNI6Y=" >> ~/.ssh/known_hosts'
- 'echo -e "[debian.autonomia.digital]:4242,[185.108.78.22]:4242 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIx8qF3puSAM1UAxc3ODJTNGrgwf8mET664pPfP/ZQgiMxTIKG8Ar8h1xxP52AyQoqTLpCWOPaBkUya2Q0+SZTg=" >> ~/.ssh/known_hosts'
- chmod 644 ~/.ssh/known_hosts
- 'echo "$GPG_SIGNING_SUBKEY" | gpg --batch --import'
- 'ssh-add <(echo "$ARTIFACTS_REPO_SSH_PRIVATE_KEY")'
- mkdir tmp_bundle
- "scp -P4242 '[email protected]:wahay/bundles/*' tmp_bundle/"
environment:
name: staging
url: https://staging.wahay.app
only:
- main
script:
- 'export DEPLOY_DIR=/home/wahay/tmp/deploy_binaries'
- '$DO_SSH rm -rf $DEPLOY_DIR'
- '$DO_SSH mkdir -p $DEPLOY_DIR'
- 'export BINARY_NAME=$(find bin -name "wahay-*" | head -1)'
- 'sha256sum $BINARY_NAME > $BINARY_NAME.sha256sum'
- 'gpg --batch --detach-sign --armor -u 3EE89711B35F8B3089646FCBF3B1159FC97D5490 $BINARY_NAME.sha256sum'
- 'deployment/create-bundles.sh'
- 'scp -P${SSH_PORT} $BINARY_NAME $BINARY_NAME.sha256sum $BINARY_NAME.sha256sum.asc publish-bundles/* [email protected]:$DEPLOY_DIR/'
- 'scp -P${SSH_PORT} deployment/*.{sh,rb,html} [email protected]:bin/'
- 'scp -P${SSH_PORT} deployment/supported-*-distros.txt [email protected]:$DEPLOY_DIR'
- '$DO_SSH bash bin/publish-downloads.sh $DEPLOY_DIR /usr/local/www/wahay/downloads $DEPLOY_DIR/$(basename $BINARY_NAME)'
deploy_production:
image: digitalautonomy/wahay:0.1-deploy
stage: deploy
before_script:
- export SSH_PORT=2387
- 'export DO_SSH="ssh -p${SSH_PORT} [email protected]"'
- 'eval $(ssh-agent -s)'
- 'ssh-add <(echo "$DEPLOY_PRODUCTION_SSH_PRIVATE_KEY")'
- mkdir -p ~/.ssh; chmod 700 ~/.ssh
- 'echo -e "[wahay.app]:${SSH_PORT},[185.108.76.87]:${SSH_PORT} ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBD7qdL4lFlIQwRU2h2fV6oIMBZl1ifd6bbcajd8iRYaFQfVvj7qxGvorfaBETyquGe+lk0xw3NrcJCfK1LvT2Wo=" >> ~/.ssh/known_hosts'
- 'echo -e "[debian.autonomia.digital]:4242,[185.108.78.22]:4242 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIx8qF3puSAM1UAxc3ODJTNGrgwf8mET664pPfP/ZQgiMxTIKG8Ar8h1xxP52AyQoqTLpCWOPaBkUya2Q0+SZTg=" >> ~/.ssh/known_hosts'
- chmod 644 ~/.ssh/known_hosts
- 'echo "$GPG_SIGNING_SUBKEY" | gpg --batch --import'
- 'ssh-add <(echo "$ARTIFACTS_REPO_SSH_PRIVATE_KEY")'
- mkdir tmp_bundle
- "scp -P4242 '[email protected]:wahay/bundles/*' tmp_bundle/"
environment:
name: production
url: https://wahay.app
when: manual
only:
- main
script:
- 'export DEPLOY_DIR=/home/wahay/tmp/deploy_binaries'
- '$DO_SSH rm -rf $DEPLOY_DIR'
- '$DO_SSH mkdir -p $DEPLOY_DIR'
- 'export BINARY_NAME=$(find bin -name "wahay-*" | head -1)'
- 'sha256sum $BINARY_NAME > $BINARY_NAME.sha256sum'
- 'gpg --batch --detach-sign --armor -u 3EE89711B35F8B3089646FCBF3B1159FC97D5490 $BINARY_NAME.sha256sum'
- 'deployment/create-bundles.sh'
- 'scp -P${SSH_PORT} $BINARY_NAME $BINARY_NAME.sha256sum $BINARY_NAME.sha256sum.asc publish-bundles/* [email protected]:$DEPLOY_DIR/'
- 'scp -P${SSH_PORT} deployment/*.{sh,rb,html} [email protected]:bin/'
- 'scp -P${SSH_PORT} deployment/supported-*-distros.txt [email protected]:$DEPLOY_DIR'
- '$DO_SSH bash bin/publish-downloads.sh $DEPLOY_DIR /usr/local/www/wahay/downloads $DEPLOY_DIR/$(basename $BINARY_NAME)'