goshorly/.gitlab-ci.yml

193 lines
5.7 KiB
YAML
Raw Normal View History

2021-12-11 01:14:38 +00:00
variables:
REPO_NAME: git.ucode.space/Phil/goshorly
2022-01-06 16:49:09 +00:00
DOCKER_BUILDKIT: 1
2022-01-08 15:55:09 +00:00
2021-12-07 21:23:41 +00:00
stages:
- test
2022-01-23 20:41:40 +00:00
- build-binary
- build-docker
2022-01-08 15:55:09 +00:00
2022-01-08 16:14:51 +00:00
check-format:
2021-12-07 21:23:41 +00:00
image: golang:latest
stage: test
2021-12-11 01:14:38 +00:00
before_script:
- mkdir -p $GOPATH/src/$(dirname $REPO_NAME)
- ln -svf $CI_PROJECT_DIR $GOPATH/src/$REPO_NAME
- cd $GOPATH/src/$REPO_NAME
2021-12-07 21:23:41 +00:00
script:
- go fmt $(go list ./... | grep -v /vendor/)
- go vet $(go list ./... | grep -v /vendor/)
- go test -race $(go list ./... | grep -v /vendor/)
2022-01-08 16:14:51 +00:00
only:
- merge_requests
2022-01-08 15:55:09 +00:00
2022-01-08 16:14:51 +00:00
check-gosec:
2021-12-11 01:14:38 +00:00
image: golang:latest
before_script:
- mkdir -p $GOPATH/src/$(dirname $REPO_NAME)
- ln -svf $CI_PROJECT_DIR $GOPATH/src/$REPO_NAME
- cd $GOPATH/src/$REPO_NAME
2021-12-11 01:14:38 +00:00
script:
- go install github.com/securego/gosec/v2/cmd/gosec@latest
- go get -v -d .
- gosec ./...
2022-01-08 16:14:51 +00:00
only:
- merge_requests
2022-01-08 15:55:09 +00:00
2022-01-23 20:41:40 +00:00
release-prod-linux-amd64:
image: golang:alpine
stage: build-binary
variables:
GOOS: "linux"
GOARCH: "amd64"
CGO_ENABLED: 0
before_script:
- go get -d -v ./...
- apk add curl
script:
- go build -a -installsuffix cgo -ldflags="-X $I_PACKAGE.CI_COMMIT_SHORT_SHA=$CI_COMMIT_SHORT_SHA -X $I_PACKAGE.CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH -X $I_PACKAGE.CI_COMMIT_TAG=$CI_COMMIT_TAG" -o linux-amd64 .
- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file linux-amd64 "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/release/${CI_COMMIT_TAG}/linux-amd64"'
- rm linux-amd64
only:
- tags
except:
- branches
release-prod-linux-arm64:
image: golang:alpine
stage: build-binary
variables:
GOOS: "linux"
GOARCH: "arm64"
CGO_ENABLED: 0
before_script:
- go get -d -v ./...
script:
- go build -a -installsuffix cgo -ldflags="-X $I_PACKAGE.CI_COMMIT_SHORT_SHA=$CI_COMMIT_SHORT_SHA -X $I_PACKAGE.CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH -X $I_PACKAGE.CI_COMMIT_TAG=$CI_COMMIT_TAG" -o linux-arm64 .
- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file linux-arm64 "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/release/${CI_COMMIT_TAG}/linux-arm64"'
- rm linux-arm64
only:
- tags
except:
- branches
release-prod-darwin-amd64:
image: golang:alpine
stage: build-binary
variables:
GOOS: "darwin"
GOARCH: "amd64"
CGO_ENABLED: 0
before_script:
- go get -d -v ./...
script:
- go build -a -installsuffix cgo -ldflags="-X $I_PACKAGE.CI_COMMIT_SHORT_SHA=$CI_COMMIT_SHORT_SHA -X $I_PACKAGE.CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH -X $I_PACKAGE.CI_COMMIT_TAG=$CI_COMMIT_TAG" -o darwin-amd64 .
- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file darwin-amd64 "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/release/${CI_COMMIT_TAG}/darwin-amd64"'
- rm darwin-amd64
only:
- tags
except:
- branches
release-prod-darwin-arm64:
image: golang:alpine
stage: build-binary
variables:
GOOS: "darwin"
GOARCH: "arm64"
CGO_ENABLED: 0
before_script:
- go get -d -v ./...
script:
- go build -a -installsuffix cgo -ldflags="-X $I_PACKAGE.CI_COMMIT_SHORT_SHA=$CI_COMMIT_SHORT_SHA -X $I_PACKAGE.CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH -X $I_PACKAGE.CI_COMMIT_TAG=$CI_COMMIT_TAG" -o darwin-arm64 .
- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file darwin-arm64 "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/release/${CI_COMMIT_TAG}/darwin-arm64"'
- rm darwin-arm64
only:
- tags
except:
- branches
release-prod-windows-amd64:
image: golang:alpine
stage: build-binary
variables:
GOOS: "windows"
GOARCH: "amd64"
CGO_ENABLED: 0
before_script:
- go get -d -v ./...
script:
- go build -a -installsuffix cgo -ldflags="-X $I_PACKAGE.CI_COMMIT_SHORT_SHA=$CI_COMMIT_SHORT_SHA -X $I_PACKAGE.CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH -X $I_PACKAGE.CI_COMMIT_TAG=$CI_COMMIT_TAG" -o windows-amd64.exe .
- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file windows-amd64.exe "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/release/${CI_COMMIT_TAG}/windows-amd64.exe"'
- rm windows-amd64.exe
only:
- tags
except:
- branches
2022-01-06 17:00:14 +00:00
docker-build-prod-latest:
2022-01-09 16:15:24 +00:00
image: ezkrg/buildx
2022-01-23 20:41:40 +00:00
stage: build-docker
2021-12-07 17:13:02 +00:00
services:
2022-01-09 16:12:25 +00:00
- docker:dind
2021-12-07 17:13:02 +00:00
before_script:
- docker buildx create --use
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
2021-12-07 17:13:02 +00:00
script:
- |
docker buildx build \
--platform linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 \
2022-01-09 14:14:19 +00:00
--build-arg CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH \
--build-arg CI_COMMIT_SHORT_SHA=$CI_COMMIT_SHORT_SHA \
--build-arg CI_COMMIT_TAG=$CI_COMMIT_TAG \
--push \
--tag $CI_REGISTRY_IMAGE:latest \
.
2022-01-06 17:00:14 +00:00
only:
- main
2022-01-08 15:55:09 +00:00
docker-build-prod-tagged:
image: ezkrg/buildx
2022-01-23 20:41:40 +00:00
stage: build-docker
services:
- docker:dind
before_script:
- docker buildx create --use
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
script:
- |
docker buildx build \
--platform linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 \
--build-arg CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH \
--build-arg CI_COMMIT_SHORT_SHA=$CI_COMMIT_SHORT_SHA \
--build-arg CI_COMMIT_TAG=$CI_COMMIT_TAG \
--push \
--tag $CI_REGISTRY_IMAGE:$CI_COMMIT_TAG \
.
only:
- tags
except:
- branches
2022-01-08 15:55:09 +00:00
docker-build-dry-run:
2021-12-11 01:14:38 +00:00
image: docker:latest
2022-01-23 20:41:40 +00:00
stage: build-docker
2021-12-11 01:14:38 +00:00
services:
- docker:dind
2021-12-11 01:14:38 +00:00
script:
- |
if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
tag=""
echo "Running on default branch '$CI_DEFAULT_BRANCH': tag = 'latest'"
else
tag=":$CI_COMMIT_REF_SLUG"
echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
fi
- docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" .
2021-12-11 01:14:38 +00:00
only:
- merge_requests
2022-01-08 15:55:09 +00:00
include:
- template: Security/SAST.gitlab-ci.yml
- template: Security/SAST-IaC.latest.gitlab-ci.yml