add gitlab-ci

This commit is contained in:
Jonas Heinrich 2020-10-13 11:31:35 +02:00
parent a578a5fc80
commit d14c5f519a

103
.gitlab-ci.yml Normal file
View File

@ -0,0 +1,103 @@
stages:
- compiling
# - assembling
# - testing
# - signing
# - packaging
# - publishing
image: ubuntu:20.04
Compile:
stage: compiling
script:
- npm install
- if [ "${CI_COMMIT_REF_NAME}" == "stable" ] ; then npm run build:prod ; fi
- if [ "${CI_COMMIT_REF_NAME}" != "stable" ] ; then npm run build:nightly ; fi
artifacts:
paths:
- ./src/js/Static/*
- ./src/l10n/*
- ./src/css/*
Assemble:
stage: assembling
script:
- mkdir passwords
- if [ "${CI_COMMIT_REF_NAME}" == "stable" ] ; then sed -i -e "s/-BUILD//g" ./src/appinfo/info.xml ; fi
- if [ "${CI_COMMIT_REF_NAME}" != "stable" ] ; then sed -i -e "s/-BUILD/-build${CI_PIPELINE_ID}/g" ./src/appinfo/info.xml ; fi
- rsync -r --exclude="vue" --exclude="js" --exclude="scss" src/* passwords
- rsync -r src/js/Static passwords/js/
- cp CHANGELOG.md passwords/
artifacts:
paths:
- ./passwords
PHPUnit:
stage: testing
script:
- npm run phpunit
artifacts:
paths:
- ./passwords
Sign:
stage: signing
script:
- echo "-----BEGIN PRIVATE KEY-----" > sign.key
- echo $SIGN_KEY | tr " " "\n" >> sign.key
- echo "-----END PRIVATE KEY-----" >> sign.key
- echo "-----BEGIN CERTIFICATE-----" > sign.crt
- echo $SIGN_CRT | tr " " "\n" >> sign.crt
- echo "-----END CERTIFICATE-----" >> sign.crt
- /usr/src/nextcloud/occ integrity:sign-app --path=$(pwd)/passwords --privateKey=$(pwd)/sign.key --certificate=$(pwd)/sign.crt
- rm sign.key sign.crt
artifacts:
paths:
- ./passwords
only:
- testing
- stable
Pack:
stage: packaging
script:
- tar -zcf passwords.tar.gz passwords
- echo "export JOB_ID=\"${CI_JOB_ID}\"" > job.id
artifacts:
paths:
- ./passwords.tar.gz
- job.id
only:
- testing
- stable
Publish Nightly:
stage: publishing
script:
- source job.id
- echo "-----BEGIN PRIVATE KEY-----" > sign.key
- echo $SIGN_KEY | tr " " "\n" >> sign.key
- echo "-----END PRIVATE KEY-----" >> sign.key
- SIGNATURE=$(openssl dgst -sha512 -sign ./sign.key ./passwords.tar.gz | openssl base64 | tr -d "\n")
- rm sign.key
- 'curl -f -X POST ${API_URL} -H "Authorization: Token ${API_TOKEN}" -H "Content-Type: application/json" -d "{\"download\":\"${CI_PROJECT_URL}/-/jobs/${JOB_ID}/artifacts/raw/passwords.tar.gz\",\"signature\":\"${SIGNATURE}\",\"nightly\":true}"'
environment:
name: Testing
only:
- testing
Publish Stable:
stage: publishing
script:
- source job.id
- echo "-----BEGIN PRIVATE KEY-----" > sign.key
- echo $SIGN_KEY | tr " " "\n" >> sign.key
- echo "-----END PRIVATE KEY-----" >> sign.key
- SIGNATURE=$(openssl dgst -sha512 -sign ./sign.key ./passwords.tar.gz | openssl base64 | tr -d "\n")
- rm sign.key
- 'curl -f -X POST ${API_URL} -H "Authorization: Token ${API_TOKEN}" -H "Content-Type: application/json" -d "{\"download\":\"${CI_PROJECT_URL}/-/jobs/${JOB_ID}/artifacts/raw/passwords.tar.gz\",\"signature\":\"${SIGNATURE}\",\"nightly\":false}"'
environment:
name: Stable
only:
- stable