-
-
Notifications
You must be signed in to change notification settings - Fork 7
/
.gitlab-ci.yml
95 lines (85 loc) · 4.25 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
image: danger89/gtk3-docker-cmake-ninja:4.2
stages:
- build
- test
- release
variables:
GIT_SUBMODULE_STRATEGY: recursive
PACKAGE_REGISTRY_URL: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/libreweb-browser/${CI_COMMIT_TAG}"
RELEASE_LINKS_URL: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/releases/${CI_COMMIT_TAG}/assets/links"
SAST_EXCLUDED_ANALYZERS: "bandit,brakeman,eslint,gosec,kubesec,nodejs-scan,phpcs-security-audit,pmd-apex,security-code-scan,sobelow,spotbugs"
SAST_EXCLUDED_PATHS: "lib"
doxygen:
stage: build
script:
- ./scripts/build-docs.sh
artifacts:
name: Doxygen
paths:
- build_docs/docs/html/
linux_build:
stage: build
script:
- ./scripts/build-lnx-prod.sh
- ./scripts/create_source_archive.sh
artifacts:
name: Packages
expire_in: 4 weeks
paths:
- build_prod/libreweb-browser-*.deb
- build_prod/libreweb-browser-*.rpm
- build_prod/libreweb-browser-*.tar.gz
- build_prod/libreweb-browser-source-*.tar.gz
static_code_analysis:
stage: build
script: ./scripts/cpp-check.sh
code_style_guidelines:
stage: build
script: ./scripts/check-format.sh
unit_test:
stage: test
script: ./scripts/build-run-tests.sh
sast:
stage: test
variables:
SEARCH_MAX_DEPTH: 3
include:
- template: Security/SAST.gitlab-ci.yml
# Upload artifacts & Create new release
upload_and_release:
stage: release
image: curlimages/curl:latest
rules:
- if: $CI_PROJECT_NAMESPACE == "libreweb" && $CI_COMMIT_TAG
script:
- 'curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file build_prod/libreweb-browser-v${CI_COMMIT_TAG}.deb
${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.deb'
- 'curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file build_prod/libreweb-browser-v${CI_COMMIT_TAG}.rpm
${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.rpm'
- 'curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file build_prod/libreweb-browser-v${CI_COMMIT_TAG}.tar.gz
${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.tar.gz'
- 'curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file build_prod/libreweb-browser-source-v${CI_COMMIT_TAG}.tar.gz
${PACKAGE_REGISTRY_URL}/libreweb-browser-source-v${CI_COMMIT_TAG}.tar.gz'
- 'curl --header "PRIVATE-TOKEN: ${ACCESS_TOKEN}" --header "Content-Type: application/json"
--request POST --data "{\"name\":\"LibreWeb Browser (Compressed binary)\",\"url\":\"${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.tar.gz\",\"link_type\":\"package\"}"
${RELEASE_LINKS_URL}'
- 'curl --header "PRIVATE-TOKEN: ${ACCESS_TOKEN}" --header "Content-Type: application/json"
--request POST --data "{\"name\":\"LibreWeb Browser (Red-Hat/Fedora/openSUSE)\",\"url\":\"${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.rpm\",\"link_type\":\"package\"}"
${RELEASE_LINKS_URL}'
- 'curl --header "PRIVATE-TOKEN: ${ACCESS_TOKEN}" --header "Content-Type: application/json"
--request POST --data "{\"name\":\"LibreWeb Browser (Debian/Ubuntu/Linux Mint)\",\"url\":\"${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.deb\",\"link_type\":\"package\"}"
${RELEASE_LINKS_URL}'
- 'curl --header "PRIVATE-TOKEN: ${ACCESS_TOKEN}" --header "Content-Type: application/json"
--request POST --data "{\"name\":\"LibreWeb Browser Source Code Archive (tar.gz)\",\"url\":\"${PACKAGE_REGISTRY_URL}/libreweb-browser-source-v${CI_COMMIT_TAG}.tar.gz\",\"link_type\":\"package\"}"
${RELEASE_LINKS_URL}'
# Create new release
#release:
# stage: release
# image: registry.gitlab.com/gitlab-org/release-cli:edge
# rules:
# - if: '$CI_PROJECT_NAMESPACE == "libreweb" && $CI_COMMIT_TAG'
# script:
# - release-cli --timeout 700s create --name "Release version $CI_COMMIT_TAG" --tag-name $CI_COMMIT_TAG \
# --assets-link "{\"name\":\"LibreWeb Browser (Debian/Ubuntu/Linux Mint)\",\"url\":\"${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.deb\"}" \
# --assets-link "{\"name\":\"LibreWeb Browser (Red-Hat/Fedora/openSUSE)\",\"url\":\"${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.rpm\"}" \
# --assets-link "{\"name\":\"LibreWeb Browser (Compressed binary)\",\"url\":\"${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.tar.gz\"}"