.gitlab-ci.yml 6.44 KB
Newer Older
Kamil Trzcinski's avatar
Kamil Trzcinski committed
1
stages:
2
  - prepare-assets
3
4
  - trigger-package
  - trigger-docker
Ian Baum's avatar
Ian Baum committed
5
  - trigger-ha-validate
Balasankar C's avatar
Balasankar C committed
6
  - trigger-qa
Balasankar C's avatar
Balasankar C committed
7
  - check
8
  - prepare
9
  - tests
10
  - post-test
11
12
  - gitlab_com:package
  - gitlab_com:upload_deploy
Balasankar C's avatar
Balasankar C committed
13
  - package-and-image
14
  - scan-dependencies
15
  - staging_upload
Balasankar C's avatar
Balasankar C committed
16
  - package-and-image-release
Ian Baum's avatar
Ian Baum committed
17
  - validate
18
  - metrics
19
  - slow_jobs
20
  - raspbian-release
21
  - aws-marketplace-release
22
  - notification_fail
23

24
25
workflow:
  rules:
Balasankar C's avatar
Balasankar C committed
26
27
28
29
30
31
32
33
34
35
36
37
    # Do not create a pipeline on branch push to QA mirror
    - if: '$CI_PROJECT_NAME == "omnibus-gitlab-mirror" && $CI_PIPELINE_SOURCE == "push"'
      when: never
    # No pipeline on auto-deploy branches as a tag will definitely follow
    - if: '$CI_COMMIT_BRANCH =~ /^[0-9]+-[0-9]+-auto-deploy-[0-9]+$/'
      when: never
    # For all other branches, create a pipeline. We are explicitly specifying
    # this so that this rule gets matched earlier before MR pipelines gets
    # triggered, thus causing two pipelines for a branch push - a regular one
    # and a detached one. If we ever decide not to run pipelines on branch
    # pushes that doesn't cause an MR, we can change the following to
    # $CI_MERGE_REQUEST_IID
38
    - if: '$CI_COMMIT_BRANCH'
Balasankar C's avatar
Balasankar C committed
39
    # For tags, always create a pipeline.
40
41
42
43
44
45
    - if: '$CI_COMMIT_TAG'

default:
  tags:
    - gitlab-org

46
variables:
47
48
49
50
51
  # BUILDER_IMAGE_REGISTRY is set to
  # `dev.gitlab.org:5005/cookbooks/gitlab-omnibus-builder` in the project
  # settings of omnibus-gitlab mirror in dev.gitlab.org so that builds there
  # will use images from that registry and not depend on GitLab.com
  BUILDER_IMAGE_REGISTRY: "registry.gitlab.com/gitlab-org/gitlab-omnibus-builder"
52
  PUBLIC_BUILDER_IMAGE_REGISTRY: "registry.gitlab.com/gitlab-org/gitlab-omnibus-builder"
53
  BUILDER_IMAGE_REVISION: "0.0.73"
54
55
56
57
58
  # The registry to pull the assets image from
  ASSET_REGISTRY: "${CI_REGISTRY}"
  ASSET_SYNC_EXISTING_REMOTE_FILES: "keep"
  ASSET_SYNC_GZIP_COMPRESSION: "true"
  ASSET_PATH: "assets-${CI_COMMIT_REF_SLUG}"
59
  COMPILE_ASSETS: "false"
Ian Baum's avatar
Ian Baum committed
60
  RUBY_IMAGE: "ruby:2.6"
61
  BUNDLE_PATH__SYSTEM: "false"
62
63
64
65
66
  # Format of the auto-deploy tag for auto-deploy builds.
  # https://gitlab.com/gitlab-org/release/docs/blob/master/general/deploy/auto-deploy.md#auto-deploy-tagging
  AUTO_DEPLOY_TAG_REGEX: '^\d+\.\d+\.\d+\+[^ ]{7,}\.[^ ]{7,}$'
  # Default environment for auto-deploy
  AUTO_DEPLOY_ENVIRONMENT: 'pre'
Ian Baum's avatar
Ian Baum committed
67
  MAX_PACKAGE_SIZE_MB: "860"
68
  OMNIBUS_GITLAB_MIRROR_ID: "14588374"
69

70
71
72
73
### For services that need a docker daemon
.docker_job: &docker_job
  image: "${BUILDER_IMAGE_REGISTRY}/ruby_docker:${BUILDER_IMAGE_REVISION}"
  variables:
74
    DOCKER_DRIVER: overlay2
75
76
    DOCKER_HOST: tcp://docker:2375
  services:
Balasankar C's avatar
Balasankar C committed
77
    - docker:19.03.0-dind
78
  tags:
79
    - gitlab-org-docker
80

81
82
83
84
85
86
87
88
89
90
91
92
93
### Measure memory usage
.measure_memory_script_artifacts: &measure_memory_script_artifacts
  extends: .docker_job
  variables:
    OUTPUT_DIR: "tmp/measure_omnibus_memory"
  script:
    - mkdir -p ${OUTPUT_DIR}
    - bundle exec rake docker:measure_memory DEBUG_OUTPUT_DIR=${OUTPUT_DIR} >> "${OUTPUT_DIR}/memory_on_boot_metrics.txt"
  allow_failure: true
  artifacts:
    paths:
      - ${OUTPUT_DIR}

94
before_script:
95
  - export CE_ONLY=(Raspberry)
96
  - export EE_ONLY=(SLES HA-Validate)
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
  - for job in "${CE_ONLY[@]}"; do
      if [[ "${CI_JOB_NAME}" =~ ${job} ]]; then
        if ./support/is_gitlab_ee.sh; then
          echo "EE build found. ${CI_JOB_NAME} is run only on CE builds";
          exit 0 ;
        fi;
      fi;
    done
  - for job in "${EE_ONLY[@]}"; do
      if [[ "${CI_JOB_NAME}" =~ ${job} ]]; then
        if ! ./support/is_gitlab_ee.sh; then
          echo "CE build found. ${CI_JOB_NAME} is run only on EE builds";
          exit 0 ;
        fi;
      fi;
    done
113
114
115
116
  - echo $NIGHTLY
  - mkdir -p ~/.ssh
  - mkdir -p ~/.aws
  - mkdir -p cache
Balasankar C's avatar
Balasankar C committed
117
118
119
120
121
  - if [ -n "$DEV_GITLAB_SSH_KEY" ]; then
      echo "$DEV_GITLAB_SSH_KEY" > ~/.ssh/id_rsa;
      cp support/known_hosts ~/.ssh/known_hosts;
      chmod -R 0600 ~/.ssh/;
    fi
122
  - bundle install -j $(nproc) --binstubs --path gems --without rubocop
123
124
125
126
127
128
129
130
131
  # If ALTERNATIVE_SOURCES are used, the public mirror for omnibus will be used.
  # This will alter Gemfile.lock file. As part of the build pipeline, we are
  # checking whether the state of the repository is unchanged during the build
  # process, by comparing it with the last commit (So that no unexpected monsters
  # show up). So, an altered Gemfile.lock file will fail on this
  # check. Hence we do a git commit as part of the pipeline if
  # ALTERNATIVE_SOURCES is used.
  - if [ -n "$ALTERNATIVE_SOURCES" ]; then
        git config --global user.email "packages@gitlab.com"
132
133
134
        && git config --global user.name "GitLab Inc.";
        git add Gemfile.lock || true ;
        git commit -m "Updating Gemfile.lock" || true;
135
    fi
136
  - if [ -n "$NIGHTLY" ]; then export STAGING_REPO=nightly-builds; fi
137

138
fetch-assets:
139
  extends: .docker_job
140
141
  stage: prepare-assets
  script:
142
    - export VERSION=${GITLAB_REF_SLUG-$(bundle exec rake build:version)}
143
    - support/fetch_assets "${VERSION}"
144
145
146
  artifacts:
    paths:
      - ${ASSET_PATH}
Balasankar C's avatar
Balasankar C committed
147
148
149
150
151
152
153
154
155
156
157
  rules:
    - if: '$COMPILE_ASSETS == "true"'
      when: never
    - if: '$DEPS_PIPELINE'
      when: never
    - if: '$CI_COMMIT_TAG =~ /^\d+\.\d+\.\d+\+[^ ]{7,}\.[^ ]{7,}$/'
      when: never
    # Run on dev.gitlab.org (except auto-deploy tag covered above) and
    # multi-project pipelines on omnibus-gitlab-mirror
    - if: '$CI_PROJECT_PATH == "gitlab/omnibus-gitlab"'
    - if: '$CI_PIPELINE_SOURCE == "pipeline" && $CI_PROJECT_PATH == "gitlab-org/build/omnibus-gitlab-mirror"'
Balasankar C's avatar
Balasankar C committed
158
159
160
include:
  - '/gitlab-ci-config/gitlab-com.yml'
  - '/gitlab-ci-config/dev-gitlab-org.yml'
161

162
.notify:
163
  before_script:
J0WI's avatar
J0WI committed
164
    - apk add --no-cache curl
165
  image: "alpine"
166
  stage: notification_fail
167
168
169
170

notify:slack-fail:
  extends:
    - .notify
171
  script:
172
    - ./support/notify_slack.sh "#g_distribution" "Build on \`$CI_COMMIT_REF_NAME\` failed! See <https://dev.gitlab.org/gitlab/omnibus-gitlab/pipelines/"$CI_PIPELINE_ID">"
173
174
  when: on_failure
  only:
175
176
    - master@gitlab-org/omnibus-gitlab
    - /.*-stable(-ee)?$/@gitlab-org/omnibus-gitlab
177
  except:
178
    - triggers@gitlab-org/omnibus-gitlab
179
  dependencies: []
180
181
182
183
184
185
186
187
188
189
190
191

notify:slack-fail:scheduled-master:
  extends:
    - .notify
  script:
    - ./support/notify_slack.sh "#qa-master" "☠️ Scheduled omnibus-build against master failed! ☠️ See $CI_PIPELINE_URL (triggered from $TOP_UPSTREAM_SOURCE_JOB)"
  only:
    refs:
      - pipelines@gitlab-org/build/omnibus-gitlab-mirror
    variables:
      - $TOP_UPSTREAM_SOURCE_JOB && $TOP_UPSTREAM_SOURCE_REF == 'master'
  when: on_failure