-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.gitlab-ci.yml
109 lines (99 loc) · 3.62 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
variables:
MAVEN_REPO_DIR: $CI_PROJECT_DIR/.m2/repository
MAVEN_IMAGE: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/maven:3.9-eclipse-temurin-8
MAVEN_OPTS: >-
-Xmx256m
-Dhttps.protocols=TLSv1.2
-Dmaven.repo.local=$MAVEN_REPO_DIR
-Dorg.slf4j.simpleLogger.showDateTime=true
-Djava.awt.headless=true
MAVEN_CLI_OPTS: >-
--settings=$MVN_SETTINGS
--batch-mode
--errors
--fail-at-end
--show-version
--no-transfer-progress
DOCKER_VERSION: "24.0"
DOCKER_HOST: "tcp://docker:2375"
DOCKER_TLS_CERTDIR: ""
DOCKER_DRIVER: overlay2
# https://java.testcontainers.org/features/image_name_substitution/
# Note that this requires logging in into the GitLab Docker Registry
# Note that the GitLab Docker Registry only caches the Docker Hub repository,
# so for instance Azurite isn't cached. testcontainers handles this transparently.
# TODO: Better yet: use Harbor
TESTCONTAINERS_HUB_IMAGE_NAME_PREFIX: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/
workflow:
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
- if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS
when: never
- if: $CI_COMMIT_BRANCH
- if: $CI_COMMIT_TAG =~ /^v.*/
stages:
- test
- deploy
image: ${MAVEN_IMAGE}
cache:
paths:
- $MAVEN_REPO_DIR
utest:backend:
stage: test
# We need Docker for the testcontainers used in common-file-repository
services:
- name: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/docker:${DOCKER_VERSION}-dind
alias: docker
command: [ "--tls=false" ]
before_script:
- apt-get update
- apt-get -y install docker.io
- docker login -u $CI_DEPENDENCY_PROXY_USER -p $CI_DEPENDENCY_PROXY_PASSWORD $CI_DEPENDENCY_PROXY_SERVER
script:
- 'mvn $MAVEN_CLI_OPTS verify'
artifacts:
when: always
reports:
junit:
- '**/target/surefire-reports/*.xml'
.deploy:
stage: deploy
variables:
TZ: "UTC" # Generally recommended for reproducible builds
before_script:
- if [[ -f ci-before.sh ]]; then ./ci-before.sh; fi
- apt-get update
- apt-get -y install gpg
- gpg --pinentry-mode loopback --passphrase $MAVEN_GPG_PASSPHRASE --import $MAVEN_GPG_PRIVATE_KEY
- gpg --list-keys
script:
# For reproducible builds, we have to run the build twice:
- mvn $MAVEN_CLI_OPTS clean install -DskipTests
- mvn $MAVEN_CLI_OPTS clean verify artifact:compare -DskipTests -Dreference.repo=foreach-mirror
- mvn $MAVEN_CLI_OPTS --activate-profiles deploy,$MAVEN_PROFILE deploy -DskipTests
# This job is triggered only on a branch push, and:
# - When the pom.xml revision is set to a snapshot, this publishes to the internal snapshot repo
# - When the pom.xml revision is set to a release, this publishes to the internal releases repo
deploy:foreach:
extends:
- .deploy
variables:
MAVEN_PROFILE: foreach
rules:
- if: $CI_COMMIT_TAG == null
# This job is triggered only on a tag push, and:
# - A tag MUST NOT be pushed when the pom.xml revision is a snapshot
# - This publishes the release to Maven Central
deploy:sonatype:
extends:
- .deploy
variables:
MAVEN_PROFILE: sonatype
rules:
- if: $CI_COMMIT_TAG =~ /^v.*/
# So the release procedure consists of:
# 1. Change the revision in the top-level pom.xml and commit.
# 2. Push to GitLab. This will trigger the deploy:foreach job to deploy to the Foreach Nexus.
# 3. When the deploy:foreach job is successful, create a tag (format: the letter v followed by the revision property).
# 4. Push to GitLab. This will trigger the deploy:sonatype job to deploy to Maven Central.
# 5. Close, release and drop the staging repository at https://oss.sonatype.org/#stagingRepositories