Psion-fanatic/platypush
1
0
Fork 0
forked from platypush/platypush
Code Pull requests Activity
platypush/.drone.yml
Fabio Manganiello 8b245a1618
Backup/restore the git configuration in the build-ui step. 
This is to ensure that following steps that depend on the default
username and email (e.g. the AUR release step) won't fail because of
mismatching identities.
2023-08-07 00:19:02 +02:00

311 lines
8.2 KiB
YAML
Raw Blame History

---
kind: pipeline
type: docker
name: default
volumes:
- name: docs
host:
path: /opt/docs/platypush
steps:
- name: github-mirror
image: alpine
environment:
SSH_PUBKEY:
from_secret: ssh_pubkey
SSH_PRIVKEY:
from_secret: ssh_privkey
commands:
- apk add --update --no-cache git openssh
- mkdir -p ~/.ssh
- echo $SSH_PUBKEY > ~/.ssh/id_rsa.pub
- |
cat <<EOF > ~/.ssh/id_rsa
$SSH_PRIVKEY
EOF
- chmod 0600 ~/.ssh/id_rsa
- ssh-keyscan github.com >> ~/.ssh/known_hosts 2>/dev/null
- git config --global --add safe.directory $PWD
- git remote add github git@github.com:/BlackLight/platypush.git
- git pull github master
- git push --all -v github
- name: docs
image: alpine
volumes:
- name: docs
path: /docs
commands:
- echo "Installing required build dependencies"
- apk add --update --no-cache make py3-sphinx py3-pip py3-paho-mqtt
- pip install -U hid sphinx-rtd-theme sphinx-book-theme
- pip install .
- mkdir -p /docs/current
- export APPDIR=$PWD
- rm -rf "$APPDIR/docs/build"
- echo "Building the updated documentation"
- cd "$APPDIR/docs"
- make html
- rm -f config*.yaml
- cd "$APPDIR"
- echo "Copying the new documentation files to the target folder"
- mv -v "$APPDIR/docs/build" /docs/new
- cd /docs
- mv current old
- mv new current
- rm -rf old
when:
event:
- tag
- name: tests
image: python:3.11-alpine
commands:
- apk add --update --no-cache redis
- apk add --update --no-cache --virtual build-base g++ rust
- pip install -U pip
- pip install .
- pip install -r requirements-tests.txt
- apk del build-base g++ rust
- pytest tests
- name: build-ui
image: node:current-alpine3.18
environment:
SSH_PUBKEY:
from_secret: ssh_pubkey
SSH_PRIVKEY:
from_secret: ssh_privkey
PGP_KEY:
from_secret: pgp_key
PGP_KEY_ID:
from_secret: pgp_key_id
when:
branch:
- master
event:
- push
depends_on:
- tests
commands:
- apk add --update --no-cache git
- git config --global --add safe.directory $PWD
- cd platypush/backend/http/webapp
- |
if [ $(git log --pretty=oneline $DRONE_COMMIT_AFTER...$DRONE_COMMIT_BEFORE . | wc -l) -eq 0 ]; then
echo "No UI changes detected, skipping build"
exit 0
fi
- |
if [ "$(git log --pretty=format:%s HEAD...HEAD~1)" == "[Automatic] Updated UI files" ]; then
echo "UI changes have already been committed, skipping build"
exit 0
fi
- rm -rf node_modules dist
- npm install
- npm run build
- |
if [ $(git status --porcelain dist | wc -l) -eq 0 ]; then
echo "No build files have been changed"
exit 0
fi
- apk add --update --no-cache bash gnupg openssh
- mkdir -p ~/.ssh
- |
cat <<EOF | gpg --import --armor
$PGP_KEY
EOF
- echo $SSH_PUBKEY > ~/.ssh/id_rsa.pub
- |
cat <<EOF > ~/.ssh/id_rsa
$SSH_PRIVKEY
EOF
- chmod 0600 ~/.ssh/id_rsa
- ssh-keyscan git.platypush.tech >> ~/.ssh/known_hosts 2>/dev/null
# Backup the original git configuration before changing name and email
- cp .git/config /tmp/git.config.orig
- git config user.name "Platypush CI/CD Automation"
- git config user.email "admin@platypush.tech"
- git config commit.gpgsign true
- git config user.signingkey $PGP_KEY_ID
- git add dist
- git commit dist -S -m "[Automatic] Updated UI files" --no-verify
- git remote rm origin
- git remote add origin git@git.platypush.tech:platypush/platypush.git
- git push origin master
# Restore the original git configuration
- mv /tmp/git.config.orig .git/config
- name: update-arch-packages
image: python:3.11-alpine
environment:
WORKDIR: /tmp/workdir
SSH_PUBKEY:
from_secret: ssh_pubkey
SSH_PRIVKEY:
from_secret: ssh_privkey
when:
branch:
- master
event:
- push
depends_on:
- build-ui
commands:
- echo "-- Installing dependencies"
- apk add --update --no-cache curl git openssh pacman sudo
- echo "--- Parsing metadata"
- git config --global --add safe.directory $PWD
- git pull origin master --tags
- export VERSION=$(python setup.py --version)
- export HEAD=$(git log | head -1 | awk '{printf "%.8s", $2}')
- export GIT_VERSION="$VERSION.r$(git log --pretty=oneline HEAD...v$VERSION | wc -l).$HEAD"
- export TAG_URL="https://git.platypush.tech/platypush/platypush/archive/v$VERSION.tar.gz"
- export TAG_ARCHIVE="platypush-$VERSION.tar.gz"
- export CHECKSUM=$(curl --silent https://git.platypush.tech/platypush/platypush/archive/master.tar.gz | sha512sum | awk '{print $1}')
- echo "--- Preparing environment"
- mkdir -p ~/.ssh
- echo $SSH_PUBKEY > ~/.ssh/id_rsa.pub
- |
cat <<EOF > ~/.ssh/id_rsa
$SSH_PRIVKEY
EOF
- chmod 0600 ~/.ssh/id_rsa
- ssh-keyscan git.platypush.tech >> ~/.ssh/known_hosts 2>/dev/null
- ssh-keyscan aur.archlinux.org >> ~/.ssh/known_hosts 2>/dev/null
- adduser -u 1000 -D build
- mkdir -p $WORKDIR
- echo "--- Updating Arch git version"
- export PKGDIR=$WORKDIR/git
- git clone ssh://aur@aur.archlinux.org/platypush-git.git $PKGDIR
- git config --global --add safe.directory $PKGDIR
- chown -R build $PKGDIR
- cd $PKGDIR
- |
sed -i 'PKGBUILD' -r \
-e "s/^pkgver=.*/pkgver=$GIT_VERSION/" \
-e "s/^pkgrel=.*/pkgrel=1/" \
-e "s/^sha512sums=.*/sha512sums=('$CHECKSUM')/"
- sudo -u build makepkg --printsrcinfo > .SRCINFO
- export FILES_CHANGED=$(git status --porcelain --untracked-files=no | wc -l)
- |
if [ $FILES_CHANGED -gt 0 ]; then
echo "--- Pushing git package version $GIT_VERSION"
git commit -a -m '[Automatic] Package update'
git push origin master
fi
- echo "--- Updating Arch stable version"
- export PKGDIR=$WORKDIR/stable
- git clone ssh://aur@aur.archlinux.org/platypush.git $PKGDIR
- git config --global --add safe.directory $PKGDIR
- chown -R build $PKGDIR
- cd $PKGDIR
- export RELEASED_VERSION=$(grep -e '^pkgver=' PKGBUILD | sed -r -e 's/^pkgver=(.*)\s*/\1/')
- |
if [ "$RELEASED_VERSION" == "$VERSION" ]; then
exit 0
fi
- export TAG_CHECKSUM=$(curl --silent "$TAG_URL" | sha512sum | awk '{print $1}')
- |
sed -i 'PKGBUILD' -r \
-e "s/^pkgver=.*/pkgver=$VERSION/" \
-e "s/^pkgrel=.*/pkgrel=1/" \
-e "s/^sha512sums=.*/sha512sums=('$TAG_CHECKSUM')/"
- sudo -u build makepkg --printsrcinfo > .SRCINFO
- export FILES_CHANGED=$(git status --porcelain --untracked-files=no | wc -l)
- |
if [ $FILES_CHANGED -gt 0 ]; then
echo "--- Pushing stable package version $VERSION"
git commit -a -m '[Automatic] Package update'
git push origin master
fi
- name: update-pip-package
image: python:3.11-alpine
environment:
TWINE_USERNAME:
from_secret: pypi_user
TWINE_PASSWORD:
from_secret: pypi_pass
when:
event:
- tag
depends_on:
- tests
- docs
commands:
- apk add --update --no-cache py3-twine
- python setup.py sdist bdist_wheel
- twine upload dist/platypush-$(python setup.py --version).tar.gz
- name: notify-release
image: python:3.11-alpine
environment:
WORKER_RPC_SECRET:
from_secret: worker_rpc_secret
when:
event:
- tag
depends_on:
- update-pip-package
- update-arch-packages
commands:
- apk add --update --no-cache curl
- |
curl --silent -XPOST \
-H "X-Token: $WORKER_RPC_SECRET" \
"https://worker.ci-cd.platypush.tech/hook/notify-platypush-release?version=$(python setup.py --version)"
- name: notify-build-status
image: alpine
environment:
WORKER_RPC_SECRET:
from_secret: worker_rpc_secret
when:
branch:
- master
event:
- push
status:
- success
- failure
depends_on:
- update-arch-packages
commands:
- apk add --update --no-cache curl
- |
curl --silent -XPOST \
-H "X-Token: $WORKER_RPC_SECRET" \
"https://worker.ci-cd.platypush.tech/hook/notify-platypush-build?status=$DRONE_BUILD_STATUS"
View git blame Copy permalink