Semaphore/.circleci/config.yml
2018-04-09 20:08:52 +00:00

263 lines
7.2 KiB
YAML

# Workflow based configuration
version: 2
aliases:
- &golang-image
image: circleci/golang:1.10
- &working-dir
/go/src/github.com/ansible-semaphore/semaphore
- &store-bin-artifacts
store_artifacts:
path: /go/src/github.com/ansible-semaphore/semaphore/bin
- &install-task-binary
run:
name: install task binary
command: |
cd /go/bin
curl -L https://github.com/go-task/task/releases/download/v2.0.1/task_linux_amd64.tar.gz | tar xvz
cd -
- &persist-bin
persist_to_workspace:
root: .
paths:
- bin/*
- &install-node
run:
name: Install node
command: |
set +e
curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.5/install.sh | bash
export NVM_DIR="$HOME/.nvm"
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
nvm install 8.2.0 && nvm alias default 8.2.0
# Each step uses the same `$BASH_ENV`, so need to modify it
echo 'export NVM_DIR="$HOME/.nvm"' >> $BASH_ENV
echo "[ -s \"$NVM_DIR/nvm.sh\" ] && . \"$NVM_DIR/nvm.sh\"" >> $BASH_ENV
- &unlock-gpg
run:
name: unlock gpg key, trying to do this in the goreleaser step with env vars does not seem to work
command: |
echo $GPG_KEY | tr " " "\n" | base64 -d | gpg --import --batch
gpg --sign -u "9B25 8A9C 32B9 7E50 E753 3575 DE95 8D8F 20C7 845F" --pinentry-mode loopback --yes --batch --passphrase "${GPG_PASS}" --output unlock.sig --detach-sign README.md
rm -f unlock.sig
- &test-compile-changes
run:
name: test that compile did not create/modify untracked files
command: git diff --exit-code --stat -- . ':(exclude)web/package-lock.json'
- &save-npm-cache
save_cache:
key: v1-npm-deps-{{ checksum "web/package.json" }}
paths:
- web/node_modules
- &save-go-cache
save_cache:
key: v1-go-deps-{{ checksum "Gopkg.lock" }}-{{ checksum "Gopkg.toml" }}
paths:
- vendor
- &load-npm-cache
restore_cache:
keys:
- v1-npm-deps-{{ checksum "web/package.json" }}
- v1-npm-deps-
- &load-go-cache
restore_cache:
keys:
- v1-go-deps-{{ checksum "Gopkg.lock" }}-{{ checksum "Gopkg.toml" }}
- v1-go-deps-{{ checksum "Gopkg.lock" }}
- v1-go-deps-
jobs:
build:local:
docker:
- *golang-image
working_directory: *working-dir
steps:
- run: export
- *install-node
- *install-task-binary
- checkout
- *load-go-cache
- *load-npm-cache
- run: task deps
- *save-go-cache
- *save-npm-cache
- run: task compile
- *test-compile-changes
- run: task build:local
- *store-bin-artifacts
- *persist-bin
build:
docker:
- *golang-image
working_directory: *working-dir
steps:
- *install-node
- *install-task-binary
- run: sudo apt-get install rpm
- checkout
- *load-go-cache
- *load-npm-cache
- run: task deps
- run: task compile
- *test-compile-changes
- *unlock-gpg
- run: task build
- *store-bin-artifacts
# Run goverage and post results
test:golang:
docker:
- *golang-image
working_directory: *working-dir
steps:
- *install-task-binary
# Needed only in ci to post coverage reports
- run: go get github.com/schrej/godacov
- checkout
- *load-go-cache
- run: task deps:tools
- run: task deps:be
- run: task compile:be
- run: task test
- run: godacov -t "${CODACY_TOKEN}" -r ./coverage.out -c "${CIRCLE_SHA1}" || true
- store_test_results:
path: /go/src/github.com/ansible-semaphore/semaphore/coverage.out
- store_artifacts:
path: /go/src/github.com/ansible-semaphore/semaphore/coverage.out
test:integration:
docker:
- *golang-image
- image: circleci/mysql
working_directory: *working-dir
steps:
- attach_workspace:
at: *working-dir
# This looks like utter filth in circleci v2 but we have no choice apart from this escaping madness
- run: "cat > config.json <<EOF\n{\n\t\"mysql\": {\n\t\t\"host\": \"127.0.0.1:3306\"\
,\n\t\t\"user\": \"root\",\n\t\t\"pass\": \"\",\n\t\t\"name\": \"circle_test\"\
\n\t},\n\t\"email_alert\": false\n}\nEOF\n"
- run:
name: Wait for db
command: dockerize -wait tcp://127.0.0.1:3306 -timeout 1m
- run: bin/semaphore --migrate -config config.json
# TODO - Here we could do some api/functional testing
test:docker:
docker:
- *golang-image
steps:
- *install-task-binary
- checkout
- setup_remote_docker
- run: context=prod task docker:test
deploy:dev:
docker:
- *golang-image
steps:
- *install-task-binary
- checkout
- setup_remote_docker
- run: docker login -u $DOCKER_USER -p $DOCKER_PASS
- run: context=prod tag=develop task docker:build
- run: tag=develop task docker:push
deploy:prod:
docker:
- *golang-image
steps:
- *install-task-binary
- checkout
- setup_remote_docker
- run: docker login -u $DOCKER_USER -p $DOCKER_PASS
- run: context=prod tag=latest task docker:build
- run: tag=latest task docker:push
- run: docker tag ansiblesemaphore/semaphore:latest ansiblesemaphore/semaphore:$CIRCLE_TAG
- run: tag=$CIRCLE_TAG task docker:push
# For releases to work in the ci you will need to have the following env vars set
# GITHUB_TOKEN - token needs writes to make a release
# GPG_PASS - password for the GP key to sign releases with, circleci sets env vars with "" so be wary of special chars
# GPG_KEY - base64 encoded version of the GPG private key
release:
docker:
- *golang-image
working_directory: *working-dir
steps:
- *install-node
- *install-task-binary
- run: sudo apt-get install rpm
- checkout
- *load-go-cache
- *load-npm-cache
- run: task deps
- *unlock-gpg
- run:
name: reset repo as npm install may have changed lock file
command: git reset --hard
- run: task release:prod
- *store-bin-artifacts
workflows:
version: 2
build-test:
jobs:
- test:docker
- test:golang
- build:local
- test:integration:
requires:
- build:local
# Don't build on master because build is just a gorelease without the release
- build:
requires:
- test:golang
- test:integration
filters:
branches:
ignore: master
# Dev deploys require all tests to pass and app builds
- deploy:dev:
requires:
- build
- test:docker
filters:
branches:
only: develop
# Production releases only run on tags
# use _ in tags and not - due to rpmbuild not allowing hyphens in version numbers
# https://github.com/semver/semver/issues/145
release:
jobs:
- release:
filters:
branches:
ignore: /.*/
tags:
only: /^v.*/
- deploy:prod:
filters:
branches:
ignore: /.*/
tags:
only: /^v.*/