stages:
- build
- test
- deploy
variables:
GIT_SUBMODULE_STRATEGY: recursive
PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip"
POSTGRESQL_USER: biscuit
POSTGRESQL_DB: biscuit
BISCUIT_http__allowed_hosts: "['*']"
BISCUIT_caching__memcached__address: memcached:11211
BISCUIT_database__host: db
cache:
key:
files:
- poetry.lock
paths:
- .cache/pip
build_wheel:
stage: build
image:
name: registry.edugit.org/teckids/docker-images/python-pimped:master
script:
- poetry build
artifacts:
paths:
- dist/
build_docker:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
script:
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" >/kaniko/.docker/config.json
- /kaniko/executor
--context $CI_PROJECT_DIR
--dockerfile $CI_PROJECT_DIR/Dockerfile
--destination $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
--cache=true
--cleanup
- /kaniko/executor
--context $CI_PROJECT_DIR/docker/nginx
--dockerfile $CI_PROJECT_DIR/docker/nginx/Dockerfile
--destination $CI_REGISTRY_IMAGE/nginx:$CI_COMMIT_REF_NAME
--cache=true
--cleanup
only:
- master
- tags
test_wheel:
stage: test
image:
name: registry.edugit.org/teckids/docker-images/python-pimped:master
services:
- selenium/hub
- selenium/node-chrome
- selenium/node-firefox
before_script:
- adduser --disabled-password --gecos "Test User" testuser
- mkdir -p screenshots && chown testuser screenshots
script:
- poetry export --without-hashes --dev -f requirements.txt | pip install -r /dev/stdin
- eatmydata pip install dist/*.whl
- python ./manage.py compilemessages
- eatmydata python ./manage.py yarn install
- python ./manage.py collectstatic --no-input --clear
- sudo -u testuser eatmydata env TEST_SCREENSHOT_PATH=./screenshots tox
- pip freeze | safety check --stdin --full-report
artifacts:
paths:
- screenshots/
test_docker:
stage: test
image:
name: registry.edugit.org/teckids/docker-images/python-pimped:master
services:
- name: postgres:12
alias: db
- name: memcached
alias: memcached
- name: registry.edugit.org/biscuit/biscuit-ng:${CI_COMMIT_REF_NAME}
alias: app
script:
- echo true
only:
- master
- tags
deploy_demo-master:
stage: deploy
environment:
name: demo/master
url: http://demo-master.biscuit-sis.org
image:
name: debian:buster-slim
before_script:
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- echo "$SSH_KNOWN_HOSTS" >~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
script:
- grep -v "build:" docker-compose.yml | ssh root@demo-master.biscuit-sis.org
env BISCUIT_IMAGE_TAG=${CI_COMMIT_REF_NAME}
docker-compose
-p biscuit-${CI_ENVIRONMENT_SLUG}
-f /dev/stdin
pull
- grep -v "build:" docker-compose.yml | ssh root@demo-master.biscuit-sis.org
env BISCUIT_IMAGE_TAG=${CI_COMMIT_REF_NAME}
NGINX_HTTP_PORT=80
BISCUIT_maintenance__debug=true
docker-compose
-p biscuit-${CI_ENVIRONMENT_SLUG}
-f /dev/stdin
up -d
only:
- master
pages:
stage: deploy
image:
name: registry.edugit.org/teckids/docker-images/python-pimped:master
script:
- poetry export --without-hashes --dev -f requirements.txt | eatmydata pip install -r /dev/stdin
- make -C docs html BUILDDIR=../public/docs
artifacts:
paths:
- public/
only:
- master