94 lines
2.6 KiB
YAML
94 lines
2.6 KiB
YAML
stages:
|
|
- compiling
|
|
- assembling
|
|
# - testing
|
|
# - signing
|
|
# - packaging
|
|
# - publishing
|
|
|
|
image: ubuntu:20.10
|
|
|
|
Compile:
|
|
stage: compiling
|
|
script:
|
|
- apt update
|
|
- DEBIAN_FRONTEND="noninteractive" apt install -y npm
|
|
- make dev-setup
|
|
- make build-js
|
|
|
|
Assemble:
|
|
stage: assembling
|
|
script:
|
|
- wget https://github.com/ChristophWurst/krankerl/releases/download/v0.12.3/krankerl_0.12.3_amd64.deb
|
|
- sudo dpkg -i krankerl_0.12.3_amd64.deb
|
|
- krankerl package
|
|
|
|
PHPUnit:
|
|
stage: testing
|
|
script:
|
|
- npm run phpunit
|
|
artifacts:
|
|
paths:
|
|
- ./passwords
|
|
|
|
Sign:
|
|
stage: signing
|
|
script:
|
|
- echo "-----BEGIN PRIVATE KEY-----" > sign.key
|
|
- echo $SIGN_KEY | tr " " "\n" >> sign.key
|
|
- echo "-----END PRIVATE KEY-----" >> sign.key
|
|
- echo "-----BEGIN CERTIFICATE-----" > sign.crt
|
|
- echo $SIGN_CRT | tr " " "\n" >> sign.crt
|
|
- echo "-----END CERTIFICATE-----" >> sign.crt
|
|
- /usr/src/nextcloud/occ integrity:sign-app --path=$(pwd)/passwords --privateKey=$(pwd)/sign.key --certificate=$(pwd)/sign.crt
|
|
- rm sign.key sign.crt
|
|
artifacts:
|
|
paths:
|
|
- ./passwords
|
|
only:
|
|
- testing
|
|
- stable
|
|
|
|
Pack:
|
|
stage: packaging
|
|
script:
|
|
- tar -zcf passwords.tar.gz passwords
|
|
- echo "export JOB_ID=\"${CI_JOB_ID}\"" > job.id
|
|
artifacts:
|
|
paths:
|
|
- ./passwords.tar.gz
|
|
- job.id
|
|
only:
|
|
- testing
|
|
- stable
|
|
|
|
Publish Nightly:
|
|
stage: publishing
|
|
script:
|
|
- source job.id
|
|
- echo "-----BEGIN PRIVATE KEY-----" > sign.key
|
|
- echo $SIGN_KEY | tr " " "\n" >> sign.key
|
|
- echo "-----END PRIVATE KEY-----" >> sign.key
|
|
- SIGNATURE=$(openssl dgst -sha512 -sign ./sign.key ./passwords.tar.gz | openssl base64 | tr -d "\n")
|
|
- rm sign.key
|
|
- 'curl -f -X POST ${API_URL} -H "Authorization: Token ${API_TOKEN}" -H "Content-Type: application/json" -d "{\"download\":\"${CI_PROJECT_URL}/-/jobs/${JOB_ID}/artifacts/raw/passwords.tar.gz\",\"signature\":\"${SIGNATURE}\",\"nightly\":true}"'
|
|
environment:
|
|
name: Testing
|
|
only:
|
|
- testing
|
|
|
|
Publish Stable:
|
|
stage: publishing
|
|
script:
|
|
- source job.id
|
|
- echo "-----BEGIN PRIVATE KEY-----" > sign.key
|
|
- echo $SIGN_KEY | tr " " "\n" >> sign.key
|
|
- echo "-----END PRIVATE KEY-----" >> sign.key
|
|
- SIGNATURE=$(openssl dgst -sha512 -sign ./sign.key ./passwords.tar.gz | openssl base64 | tr -d "\n")
|
|
- rm sign.key
|
|
- 'curl -f -X POST ${API_URL} -H "Authorization: Token ${API_TOKEN}" -H "Content-Type: application/json" -d "{\"download\":\"${CI_PROJECT_URL}/-/jobs/${JOB_ID}/artifacts/raw/passwords.tar.gz\",\"signature\":\"${SIGNATURE}\",\"nightly\":false}"'
|
|
environment:
|
|
name: Stable
|
|
only:
|
|
- stable
|