forked from RIPE-NCC/rpki-commons
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.gitlab-ci.yml
92 lines (81 loc) · 3.2 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
image: maven:3.6-jdk-8-alpine
# Inspired by https://gitlab.com/gitlab-examples/maven/simple-maven-dep and
# https://gitlab.com/gitlab-org/gitlab-ci-yml/blob/master/Maven.gitlab-ci.yml
#
# Signing procedure inspired by https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/922/diffs
# and related code.
#
# run manually with `gitlab-runner exec docker <task_name>`
variables:
BUILD_NUMBER: ${CI_COMMIT_REF_SLUG}-${CI_PIPELINE_ID}
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
# As of Maven 3.3.0 instead of this you may define these options in `.mvn/maven.config` so the same config is used
MAVEN_CLI_OPTS: "--errors --batch-mode --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
cache:
key: one-shared-cache-for-all
paths:
- .m2/repository
include:
- project: 'swe/gitlab-ci'
file: '/templates/whitesource-scanning.yml'
# before every job - unless overridden in a stage.
#
# Protected environment variables are only available on protected
# branches and tags. Master is protected by default.
#
before_script:
- unset GPG_KEY
- unset GPG_PASSPHRASE
- apk update && apk add rsync
validate:
stage: build
script:
- mvn clean
- mvn $MAVEN_CLI_OPTS test-compile -Dbuild.number=${BUILD_NUMBER}
test:verify:
stage: test
script:
- mvn $MAVEN_CLI_OPTS verify -Dbuild.number=${BUILD_NUMBER}
artifacts:
paths:
- target/rpki-commons-${BUILD_NUMBER}.jar
.gpg_setup: &gpg_setup
before_script:
- apk update && apk add git gnupg rsync
- |
# checking GPG signing support
if [ -n "$GPG_KEY" ]; then
echo "$GPG_KEY" | gpg --batch --no-tty --allow-secret-key-import --import -
unset GPG_KEY
export GPG_KEYID=$(gpg --with-colon --list-secret-keys | head -n1 | cut -d : -f 5)
else
echo -e "\033[0;31m****** GPG signing disabled ******\033[0m"
fi
snapshot:deploy:
stage: deploy
environment:
name: snapshot
<<: *gpg_setup
script:
- if [ ! -f ci_settings.xml ];
then echo "CI settings missing\! If deploying to GitLab Maven Repository, please see https://docs.gitlab.com/ee/user/project/packages/maven_repository.html#creating-maven-packages-with-gitlab-cicd for instructions.";
fi
- mvn $MAVEN_CLI_OPTS package gpg:sign deploy -s ci_settings.xml
only:
- main
release:deploy:
stage: deploy
environment:
name: release
<<: *gpg_setup
script:
- if [ ! -f ci_settings.xml ];
then echo "CI settings missing\! If deploying to GitLab Maven Repository, please see https://docs.gitlab.com/ee/user/project/packages/maven_repository.html#creating-maven-packages-with-gitlab-cicd for instructions.";
fi
- if [[ "$CI_COMMIT_TAG" =~ ^rpki-commons-.* ]]; then echo "Correct tag"; else exit 1; fi
# Update version in pom.xml to match the tag
- mvn versions:set -DnewVersion=$(echo $CI_COMMIT_TAG | sed -e 's/rpki-commons-//')
# Use the release profile from pom.xml to deploy
- mvn $MAVEN_CLI_OPTS deploy -s ci_settings.xml -P default,release
only:
- tags