revil-O/platypush
1
0
Fork 0
forked from platypush/platypush
Code Pull requests Activity
platypush/.drone.yml
Fabio Manganiello 8c0943e700
[CI/CD] Moved generation of Arch stable package to tag events. 
Separating the generation of the Arch git package (on each commit to
master) from the generation of the Arch stable package (only on a new
tag) ensures that:

1. The checksum of the package isn't calculated on an older version of
   the archive.

2. The stable version of the package is always exactly aligned with the
   commit associated to the tag.
2024-07-16 22:03:32 +02:00

407 lines
6.3 KiB
YAML
Raw Blame History

---
kind: pipeline
type: docker
name: default
volumes:
- name: docs
host:
path: /opt/docs/platypush
- name: repos
host:
path: /opt/repos/platypush
steps:
###
### Mirror the current repository state to Github
###
- name: github-mirror
image: alpine
environment:
SSH_PUBKEY:
from_secret: ssh_pubkey
SSH_PRIVKEY:
from_secret: ssh_privkey
commands:
- . .drone/github-mirror.sh
###
### Rebuild the docs
###
- name: docs
image: alpine
volumes:
- name: docs
path: /docs
commands:
- . .drone/rebuild-docs.sh
when:
event:
- tag
###
### Run the tests
###
- name: tests
image: alpine
commands:
- . .drone/run-tests.sh
###
### Rebuild the UI files
###
- name: build-ui
image: node:current-alpine3.18
environment:
SSH_PUBKEY:
from_secret: ssh_pubkey
SSH_PRIVKEY:
from_secret: ssh_privkey
PGP_KEY:
from_secret: pgp_key
PGP_KEY_ID:
from_secret: pgp_key_id
when:
branch:
- master
event:
- push
depends_on:
- tests
commands:
- . .drone/build-ui.sh
###
### Regenerate the components.json cache
###
- name: update-components-cache
image: alpine
environment:
SSH_PUBKEY:
from_secret: ssh_pubkey
SSH_PRIVKEY:
from_secret: ssh_privkey
PGP_KEY:
from_secret: pgp_key
PGP_KEY_ID:
from_secret: pgp_key_id
when:
branch:
- master
event:
- push
depends_on:
- build-ui
commands:
- . .drone/update-components-cache.sh
###
### Update the Arch git package
###
- name: update-arch-git-package
image: python:3.11-alpine
environment:
WORKDIR: /tmp/workdir
SSH_PUBKEY:
from_secret: ssh_pubkey
SSH_PRIVKEY:
from_secret: ssh_privkey
when:
branch:
- master
event:
- push
depends_on:
- update-components-cache
commands:
- . .drone/update-arch-git-package.sh
###
### Update the Arch stable package
###
- name: update-arch-stable-package
image: python:3.11-alpine
environment:
WORKDIR: /tmp/workdir
SSH_PUBKEY:
from_secret: ssh_pubkey
SSH_PRIVKEY:
from_secret: ssh_privkey
when:
event:
- tag
commands:
- . .drone/update-arch-stable-package.sh
###
### Update the Debian (stable) packages
###
- name: update-debian-stable-packages
image: debian:stable
volumes:
- name: repos
path: /repos
environment:
DEB_VERSION: stable
WORKDIR: /tmp/workdir
APT_ROOT: /repos/apt
PKG_NAME: platypush
when:
branch:
- master
event:
- push
depends_on:
- update-components-cache
commands:
- . .drone/update-deb-packages.sh
###
### Update the Debian (oldstable) packages
###
- name: update-debian-oldstable-packages
image: debian:oldstable
volumes:
- name: repos
path: /repos
environment:
DEB_VERSION: oldstable
WORKDIR: /tmp/workdir
APT_ROOT: /repos/apt
PKG_NAME: platypush
when:
branch:
- master
event:
- push
depends_on:
- update-components-cache
commands:
- . .drone/update-deb-packages.sh
###
### Update the Ubuntu (latest) packages
###
- name: update-ubuntu-packages
image: ubuntu:latest
volumes:
- name: repos
path: /repos
environment:
DEB_VERSION: ubuntu
WORKDIR: /tmp/workdir
APT_ROOT: /repos/apt
PKG_NAME: platypush
when:
branch:
- master
event:
- push
depends_on:
- update-components-cache
commands:
- . .drone/update-deb-packages.sh
###
### Updates the APT repository after new packages have been pushed
###
- name: update-apt-repo
image: debian:stable
volumes:
- name: repos
path: /repos
environment:
REPOS_ROOT: /repos
APT_ROOT: /repos/apt
PGP_PUBKEY:
from_secret: apt_pgp_pub_key
PGP_PRIVKEY:
from_secret: apt_pgp_priv_key
when:
branch:
- master
event:
- push
depends_on:
- update-debian-stable-packages
- update-debian-oldstable-packages
- update-ubuntu-packages
commands:
- . .drone/update-apt-repo.sh
###
### Update the RPM (stable) packages
###
- name: update-rpm-repo
image: fedora
volumes:
- name: repos
path: /repos
environment:
RPM_VERSION: stable
REPOS_ROOT: /repos
RPM_ROOT: /repos/rpm
WORKDIR: /tmp/workdir
PKG_NAME: platypush
PGP_PUBKEY:
from_secret: rpm_pgp_pub_key
PGP_PRIVKEY:
from_secret: rpm_pgp_priv_key
when:
branch:
- master
event:
- push
depends_on:
- update-components-cache
commands:
- . .drone/update-rpm-repo.sh
###
### Updates the pip package upon new releases
###
- name: update-pip-package
image: alpine
environment:
TWINE_USERNAME:
from_secret: pypi_user
TWINE_PASSWORD:
from_secret: pypi_pass
when:
event:
- tag
depends_on:
- tests
- docs
commands:
- . .drone/update-pip-package.sh
###
### Checkpoint step that waits for all the package update
### steps to complete before proceeding to the next steps.
###
- name: wait-pkg-update
image: alpine
when:
branch:
- master
event:
- push
depends_on:
- update-arch-git-package
- update-rpm-repo
- update-apt-repo
commands:
- echo "All packages have been successfully updated"
###
### Notifies about a new release
###
- name: notify-release
image: python:3.11-alpine
environment:
WORKER_RPC_SECRET:
from_secret: worker_rpc_secret
when:
event:
- tag
depends_on:
- update-pip-package
- update-arch-stable-package
commands:
- apk add --update --no-cache curl
- |
curl --silent -XPOST \
-H "X-Token: $WORKER_RPC_SECRET" \
"https://worker.ci-cd.platypush.tech/hook/notify-platypush-release?version=$(python setup.py --version)"
###
### Notifies about a change in the CI/CD build status
###
- name: notify-build-status
image: alpine
environment:
WORKER_RPC_SECRET:
from_secret: worker_rpc_secret
when:
branch:
- master
event:
- push
status:
- success
- failure
depends_on:
- wait-pkg-update
commands:
- apk add --update --no-cache curl
- |
curl --silent -XPOST \
-H "X-Token: $WORKER_RPC_SECRET" \
"https://worker.ci-cd.platypush.tech/hook/notify-platypush-build?status=$DRONE_BUILD_STATUS"
View git blame Copy permalink