-
Notifications
You must be signed in to change notification settings - Fork 2
/
.gitlab-ci.yml
122 lines (101 loc) · 2.71 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
stages:
- test
- post-test
- deploy-testpypi
- deploy-pypi
# Set defaults
default:
interruptible: true
before_script:
- date
after_script:
- date
- python -V
.common_cache: &common_cache
cache:
key: "python3"
paths:
- .cache/
# For package caching
variables:
PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache"
PIPENV_CACHE_DIR: "$CI_PROJECT_DIR/.cache"
.junit_test_results: &junit_test_results
artifacts:
reports:
junit: .pytest-junit.xml
expire_in: 4 weeks
# Create the core definition of the test; TOXENV and image defined in each main job.
.core_test_definition: &core_test_definition
<<: *common_cache
<<: *junit_test_results
stage: test
script:
# Build out the docker image with what we need to get the tests rolling
- apk add --update libffi-dev python3 python3-dev make g++ git
- wget -O - https://bootstrap.pypa.io/get-pip.py | python3
- pip install pipenv
# Start the test stuff.
- make tox
python36:
<<: *core_test_definition
image: python:3.6-alpine
variables:
TOXENV: "py36"
python37:
<<: *core_test_definition
image: python:3.7-alpine
variables:
TOXENV: "py37"
python38:
<<: *core_test_definition
image: python:3.8-alpine
variables:
TOXENV: "py38"
python39:
<<: *core_test_definition
image: python:3.9-alpine
variables:
TOXENV: "py39"
# Deploy phases
.deploy_common: &deploy_common
<<: *common_cache
when: manual
interruptible: false
image: python:3.9-alpine
script:
- apk add --update libffi-dev python3 python3-dev make g++ git openssl-dev
# gcc musl-dev python3-dev libffi-dev openssl-dev cargo: for cryptography dependency (rust components; see https://cryptography.io/en/latest/installation.html)
- apk add --update gcc musl-dev python3-dev libffi-dev openssl-dev cargo
- wget -O - https://bootstrap.pypa.io/get-pip.py | python3
- pip install twine pipenv
- make create-pipenv
- make build
- twine upload --skip-existing --disable-progress-bar ./dist/*
environment:
name: pypi-pyhibp-deployment
url: https://example.com
testpypi-deploy:
<<: *deploy_common
stage: deploy-testpypi
variables:
TWINE_PASSWORD: $TWINE_PASSWORD_PYPITEST_PYHIBP
TWINE_REPOSITORY_URL: $TWINE_REPOSITORY_URL_PYPITEST
pypi-deploy:
<<: *deploy_common
stage: deploy-pypi
variables:
TWINE_PASSWORD: $TWINE_PASSWORD_PYPI_PYHIBP
TWINE_REPOSITORY_URL: $TWINE_REPOSITORY_URL_PYPI
# SAST/Code Quality -- GitLab templates, with overrides for artifacts
include:
- template: SAST.gitlab-ci.yml
- template: Code-Quality.gitlab-ci.yml
sast:
stage: post-test
artifacts:
expire_in: 2 weeks
code_quality:
stage: post-test
artifacts:
expire_in: 2 weeks