-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy path.gitlab-ci.yml
134 lines (125 loc) · 4.19 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
default:
before_script:
- if [[ -f /load-env.sh ]]; then source /load-env.sh; fi
tags:
- shared-small
variables:
MODULES: ./localAgent ./ed25519 ./vpnPing
ARTIFACTS_DIR: artifacts
GIT_FETCH_DEFAULT_BRANCH: "yes" # For gitleaks scan.
stages:
- test
- build
- mirror
- publish
workflow:
rules:
- if: $CI_PIPELINE_SOURCE == 'merge_request_event'
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
include:
- component: gitlab.protontech.ch/proton/devops/cicd-components/kits/devsecops/[email protected]
test:
image: ${PROTON_CI_REGISTRY}/docker.io/library/golang:1.23-alpine3.21
stage: test
script:
- go test $MODULES
build android:
image: ${PROTON_CI_REGISTRY}/android-shared/docker-android/oci-ndk:v2.1.1
stage: build
tags:
- shared-medium
before_script:
- !reference [ default, before_script ]
- export BUILD_CONFIG=`pwd`/build/android.json
- export ARTIFACTS_PATH=`pwd`/$ARTIFACTS_DIR
- apt-get update && apt-get install -y make jq wget tar;
- apt-get install make
- GOLANG_VERSION=$(cat $BUILD_CONFIG | jq -r '.go_version');
- GOLANG_CHECKSUM=$(cat $BUILD_CONFIG | jq -r '.go_SHA256_checksum');
- wget -q -O go.tgz "https://golang.org/dl/go$GOLANG_VERSION.linux-amd64.tar.gz";
- echo "$GOLANG_CHECKSUM go.tgz" | sha256sum -c
- tar -C /usr/local -xzf go.tgz;
- rm go.tgz;
- export PATH="/usr/local/go/bin:$PATH";
- go version
- ls $ANDROID_NDK_HOME > /dev/null
- export ANDROID_HOME=$ANDROID_SDK_ROOT
- export ANDROID_NDK_HOME=$ANDROID_SDK_ROOT/ndk/23.1.7779620
- export GOPRIVATE=gitlab.protontech.ch
- git config --global url."[email protected]:".insteadOf "https://gitlab.protontech.ch/"
- cd ..
- git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@$GOMOBILE_BUILD_REPO
script:
- cd gomobile-build-script
- make clean
- make build cfg=$BUILD_CONFIG
- mkdir $ARTIFACTS_PATH
- OUTDIR=$(cat $BUILD_CONFIG | jq -r '.out_dir');
- BUILD_NAME=$(cat $BUILD_CONFIG | jq -r '.build_name');
- cp $OUTDIR/android/$BUILD_NAME.aar $ARTIFACTS_PATH/
- cp $OUTDIR/android/$BUILD_NAME-sources.jar $ARTIFACTS_PATH/
- cp $BUILD_CONFIG $ARTIFACTS_PATH/build-config.json
- make clean
artifacts:
paths:
- $ARTIFACTS_DIR/*
publish android:
image: ${PROTON_CI_REGISTRY}/android-shared/docker-android/oci-ndk:v2.1.1
stage: publish
only:
refs:
- master
script:
- ./gradlew publish
- ./gradlew publishSlack
build iOS:
stage: build
when: manual
tags:
- iOS-deploy
before_script:
- export BUILD_CONFIG=`pwd`/build/apple.json
- export ARTIFACTS_PATH=`pwd`/$ARTIFACTS_DIR
- brew install make jq wget || true
- jq ".replacements[0].local_path |= \"`pwd`\"" $BUILD_CONFIG.template > $BUILD_CONFIG
- GOLANG_VERSION=$(cat $BUILD_CONFIG | jq -r '.go_version')
- GOLANG_CHECKSUM=$(cat $BUILD_CONFIG | jq -r '.go_SHA256_checksum');
- wget -q -O go.tgz "https://golang.org/dl/go$GOLANG_VERSION.darwin-amd64.tar.gz";
- echo "$GOLANG_CHECKSUM go.tgz" | shasum -a 256 -c
- tar -C . -xzf go.tgz;
- rm go.tgz
- export PATH="$(pwd)/go/bin:$PATH";
- go version
- cd ..
- GOMOBILE_DIR=`basename $GOMOBILE_BUILD_REPO .git`
- if cd $GOMOBILE_DIR; then git pull; else git clone https://vpn:$GOMOBILE_BUILD_REPO_PAT@$GOMOBILE_BUILD_REPO && cd $GOMOBILE_DIR; fi
script:
- make clean
- make build cfg=$BUILD_CONFIG
- mkdir $ARTIFACTS_PATH
- OUTDIR=$(cat $BUILD_CONFIG | jq -r '.out_dir')
- BUILD_NAME=$(cat $BUILD_CONFIG | jq -r '.build_name')
- cp -r $OUTDIR/$BUILD_NAME.xcframework $ARTIFACTS_PATH
- cp $BUILD_CONFIG $ARTIFACTS_PATH/build-config.json
after_script:
- GOMOBILE_DIR=`basename $GOMOBILE_BUILD_REPO .git`
- cd $GOMOBILE_DIR
- make clean
- rm -r go
artifacts:
paths:
- $ARTIFACTS_DIR/*
sync-app:
image: ${PROTON_CI_REGISTRY}/android-shared/docker-android/oci:v2.1.1
cache: {}
stage: mirror
only:
refs:
- master
before_script:
- !reference [ default, before_script ]
- apt update && apt-get install -y connect-proxy
script:
- git remote add public $PUBLIC_REPO_URL
- git fetch origin master
- git push public origin/master:master -f