.gitlab-ci.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151

---
stages:
  - code-check
  - build
  - tests
  - package
  - benchmark


variables:
  DOCKER_DRIVER: overlay

# Cache a folder between builds.
# Tox sets it to be our pip cache.
cache:
  untracked: true
  key: soledad-shared-pip-cache
  paths:
    - testing/.cache/

before_script:
  - echo "Running on ${HOST_HOSTNAME:=$(hostname)}"

.job_template: &job_definition
  stage: package
  image: "0xacab.org:4567/leap/gitlab-buildpackage:build_${DIST}_${ARCH}"
  script:
    - "if [ -z \"$(git remote | grep upstream)\" ]; then git remote add upstream https://0xacab.org/leap/soledad; fi"
    - "git fetch --tags upstream"
    - "pwd; git describe"
    - build-build-package
    # Test the package with lintian
    - build-test-lintian
    - "if [ -n \"${SSH_PRIVATE_KEY}\" ]; then upload-package; else echo \"Skipping package upload because SSH_PRIVATE_KEY is not set.\"; fi"
    # sleep 1h to allow debugging of running container
    # - sleep 3600
  artifacts:
    expire_in: 1w
    paths:
      - '*_*.xz'
      - '*_*.dsc'
      - '*_amd64.changes'
      - '*.deb'
      - 'results/*'

code-check:
  stage: code-check
  image: 0xacab.org:4567/leap/soledad:latest
  script:
    - cd testing
    - tox -e code-check

tests:
  stage: tests
  image: 0xacab.org:4567/leap/soledad:latest
  services:
    - couchdb
  script:
    - cd testing
    - tox -- --couch-url http://couchdb:5984

benchmark:
  stage: benchmark
  image: 0xacab.org:4567/leap/soledad:latest
  tags:
    - benchmark
  services:
    - couchdb
  allow_failure: true
  script:
    # By default, gitlab-runner will checkout in a detached HEAD
    # (see https://gitlab.com/gitlab-org/gitlab-ce/issues/19421)
    # We want pytest-benchmark to report the proper branch name,
    # so we make sure we stay at the current branch.
    # Also, variable names have changed in latest version of gitlab,
    # but the doc seems to be outdated (see also
    # https://docs.gitlab.com/ce/ci/variables/README.html).
    - git checkout -B "$CI_COMMIT_REF_NAME" "$CI_COMMIT_REF"
    # Gitlab will checkout current revision as master / origin/master
    # We need some files from the "furure" in order to post the right
    # benchmarking data to elasticsearch.
    - git remote add leap https://leap.se/git/soledad
    - git fetch leap
    - git checkout leap/master
        testing/tox.ini
        testing/tests/benchmarks/conftest.py
        testing/tests/conftest.py
        testing/check-pysqlcipher.py
    - git checkout leap/benchmark-all-commits scripts/benchmark/tune-adbapi-parameters.sh
    # ensure larger timeout and more retries for async/concurrent sqlcipher access
    - ./scripts/benchmark/tune-adbapi-parameters.sh
    - git status
    - git show -s --pretty=fuller
    - cd testing
    - curl -s couchdb:5984
    # You can provide a $NETRC variable containing the creds for your
    # elasticsearch instance so it's protected from being leaked in the
    # CI console
    # We can't get it working inside docker for unknown reasons.
    # - echo "$NETRC" > /root/.netrc && chmod 600 /root/.netrc
    #
    # Add $PYTEST_OPTS to pytest.ini to allow posting benchmark tests
    # to an elasticsearch instance
    - echo "addopts=$PYTEST_OPTS" >> pytest.ini && chmod 600 pytest.ini
    - /usr/bin/unbuffer tox --recreate -e benchmark -- --couch-url http://couchdb:5984 | /usr/bin/ts -s
    # Output locally saved benchmarks if they exist
    - 'if [ -d .benchmarks ]; then find .benchmarks -type f -exec cat {} \; ; fi'

build_docker_image:
  stage: build
  image: 0xacab.org:4567/leap/soledad:latest
  services:
    - docker:dind
  tags:
    - docker-in-docker
  before_script:
    - >
      export LAST_COMMIT=$(curl -s \
        --header "PRIVATE-TOKEN: ${LEAP_CODE_O_MATIC_PRIVATE_TOKEN}" \
        https://0xacab.org/api/v4/projects/519/pipelines | \
        python -c "import sys, json; print json.load(sys.stdin)[1]['sha']")
  script:
    - >
      if git diff $LAST_COMMIT HEAD --name-only|grep testing/docker; then
        docker --version
        docker info
        docker login -u gitlab-ci-token -e sysdev@leap.se \
          -p $CI_JOB_TOKEN $CI_REGISTRY
        docker build -t ${CI_REGISTRY_IMAGE}:latest testing/docker
        docker push ${CI_REGISTRY_IMAGE}:latest
      fi

package:amd64_jessie:
  variables:
    ARCH: "amd64"
    DIST: "jessie"
    REPONAMES: "platform"
    # Default is to fail on warnings, we disable it here
    # unless a manpage is included (see #8895)
    LINTIAN_OPTS: "-X filename-length"
  <<: *job_definition

# package:amd64_stretch:
#  variables:
#    ARCH: "amd64"
#    DIST: "stretch"
#    REPONAMES: "platform"
#    # Default is to fail on warnings, we disable it here
#    # unless a manpage is included (see #8895)
#    LINTIAN_OPTS: "-X filename-length"
#  <<: *job_definition