106 lines
3.1 KiB
YAML
106 lines
3.1 KiB
YAML
stages:
|
|
- compiling
|
|
- assembling
|
|
- testing
|
|
- signing
|
|
- packaging
|
|
- publishing
|
|
|
|
image: ubuntu:20.04
|
|
|
|
Compile:
|
|
stage: compiling
|
|
script:
|
|
- apt update
|
|
- apt install -y npm
|
|
- npm install
|
|
- if [ "${CI_COMMIT_REF_NAME}" == "stable" ] ; then npm run build:prod ; fi
|
|
- if [ "${CI_COMMIT_REF_NAME}" != "stable" ] ; then npm run build:nightly ; fi
|
|
artifacts:
|
|
paths:
|
|
- ./src/js/Static/*
|
|
- ./src/l10n/*
|
|
- ./src/css/*
|
|
|
|
Assemble:
|
|
stage: assembling
|
|
script:
|
|
- mkdir passwords
|
|
- if [ "${CI_COMMIT_REF_NAME}" == "stable" ] ; then sed -i -e "s/-BUILD//g" ./src/appinfo/info.xml ; fi
|
|
- if [ "${CI_COMMIT_REF_NAME}" != "stable" ] ; then sed -i -e "s/-BUILD/-build${CI_PIPELINE_ID}/g" ./src/appinfo/info.xml ; fi
|
|
- rsync -r --exclude="vue" --exclude="js" --exclude="scss" src/* passwords
|
|
- rsync -r src/js/Static passwords/js/
|
|
- cp CHANGELOG.md passwords/
|
|
artifacts:
|
|
paths:
|
|
- ./passwords
|
|
|
|
PHPUnit:
|
|
stage: testing
|
|
script:
|
|
- npm run phpunit
|
|
artifacts:
|
|
paths:
|
|
- ./passwords
|
|
|
|
Sign:
|
|
stage: signing
|
|
script:
|
|
- echo "-----BEGIN PRIVATE KEY-----" > sign.key
|
|
- echo $SIGN_KEY | tr " " "\n" >> sign.key
|
|
- echo "-----END PRIVATE KEY-----" >> sign.key
|
|
- echo "-----BEGIN CERTIFICATE-----" > sign.crt
|
|
- echo $SIGN_CRT | tr " " "\n" >> sign.crt
|
|
- echo "-----END CERTIFICATE-----" >> sign.crt
|
|
- /usr/src/nextcloud/occ integrity:sign-app --path=$(pwd)/passwords --privateKey=$(pwd)/sign.key --certificate=$(pwd)/sign.crt
|
|
- rm sign.key sign.crt
|
|
artifacts:
|
|
paths:
|
|
- ./passwords
|
|
only:
|
|
- testing
|
|
- stable
|
|
|
|
Pack:
|
|
stage: packaging
|
|
script:
|
|
- tar -zcf passwords.tar.gz passwords
|
|
- echo "export JOB_ID=\"${CI_JOB_ID}\"" > job.id
|
|
artifacts:
|
|
paths:
|
|
- ./passwords.tar.gz
|
|
- job.id
|
|
only:
|
|
- testing
|
|
- stable
|
|
|
|
Publish Nightly:
|
|
stage: publishing
|
|
script:
|
|
- source job.id
|
|
- echo "-----BEGIN PRIVATE KEY-----" > sign.key
|
|
- echo $SIGN_KEY | tr " " "\n" >> sign.key
|
|
- echo "-----END PRIVATE KEY-----" >> sign.key
|
|
- SIGNATURE=$(openssl dgst -sha512 -sign ./sign.key ./passwords.tar.gz | openssl base64 | tr -d "\n")
|
|
- rm sign.key
|
|
- 'curl -f -X POST ${API_URL} -H "Authorization: Token ${API_TOKEN}" -H "Content-Type: application/json" -d "{\"download\":\"${CI_PROJECT_URL}/-/jobs/${JOB_ID}/artifacts/raw/passwords.tar.gz\",\"signature\":\"${SIGNATURE}\",\"nightly\":true}"'
|
|
environment:
|
|
name: Testing
|
|
only:
|
|
- testing
|
|
|
|
Publish Stable:
|
|
stage: publishing
|
|
script:
|
|
- source job.id
|
|
- echo "-----BEGIN PRIVATE KEY-----" > sign.key
|
|
- echo $SIGN_KEY | tr " " "\n" >> sign.key
|
|
- echo "-----END PRIVATE KEY-----" >> sign.key
|
|
- SIGNATURE=$(openssl dgst -sha512 -sign ./sign.key ./passwords.tar.gz | openssl base64 | tr -d "\n")
|
|
- rm sign.key
|
|
- 'curl -f -X POST ${API_URL} -H "Authorization: Token ${API_TOKEN}" -H "Content-Type: application/json" -d "{\"download\":\"${CI_PROJECT_URL}/-/jobs/${JOB_ID}/artifacts/raw/passwords.tar.gz\",\"signature\":\"${SIGNATURE}\",\"nightly\":false}"'
|
|
environment:
|
|
name: Stable
|
|
only:
|
|
- stable
|