image: python:3.9
include:
- template: Security/Dependency-Scanning.gitlab-ci.yml
variables:
POSTGRES_DB: smash
POSTGRES_USER: runner
POSTGRES_PASSWORD: password
gemnasium-python-dependency_scanning:
before_script:
- apt-get update && apt-get install -y python-dev-is-python3 libldap2-dev libssl-dev libcurl4-openssl-dev libpq-dev libsasl2-dev gcc
.test_template: &test_definition
stage: test
before_script:
- apt-get update && apt-get install -y --allow-unauthenticated libsasl2-dev libssl-dev locales locales-all libsasl2-dev libldap2-dev libssl-dev
- python -V
- pip install --upgrade pip --default-timeout=180 -i https://repomanager.lcsb.uni.lu/repository/pypi-proxy/simple/ --extra-index-url https://pypi.python.org/simple/
- pip install -r requirements.txt --default-timeout=180 -i https://repomanager.lcsb.uni.lu/repository/pypi-proxy/simple/ --extra-index-url https://pypi.python.org/simple/
- pip install -r requirements-dev.txt --default-timeout=180 -i https://repomanager.lcsb.uni.lu/repository/pypi-proxy/simple/ --extra-index-url https://pypi.python.org/simple/
test_migrations_created:
<<: *test_definition
services:
- postgres:latest
script:
- cp "local_settings_ci.py" "smash/smash/local_settings.py"
- cd smash
- python manage.py makemigrations --check --dry-run
- test 1 = $(python manage.py makemigrations --check --dry-run | grep 'No changes detected' |wc -l)
test_postgres:
<<: *test_definition
services:
- postgres:latest
script:
- cp "local_settings_ci.py" "smash/smash/local_settings.py"
- cd smash
- coverage run --source web manage.py test -v3
- coverage report -m --omit="*/test*,*/migrations*,*debug_utils*"
test_sqlite:
<<: *test_definition
script:
- cp "local_settings_ci_sqlite.py" "smash/smash/local_settings.py"
- cd smash
- coverage run --source web manage.py test -v3
- coverage report -m --omit="*/test*,*/migrations*,*debug_utils*"
test_python_3.9:
<<: *test_definition
image: python:3.9
script:
- cp "local_settings_ci_sqlite.py" "smash/smash/local_settings.py"
- cd smash
- coverage run --source web manage.py test -v3
- coverage report -m --omit="*/test*,*/migrations*,*debug_utils*"
test_python_3.10:
<<: *test_definition
image: python:3.10
script:
- cp "local_settings_ci_sqlite.py" "smash/smash/local_settings.py"
- cd smash
- coverage run --source web manage.py test -v3
- coverage report -m --omit="*/test*,*/migrations*,*debug_utils*"
test_python_3.11:
<<: *test_definition
image: python:3.11
script:
- cp "local_settings_ci_sqlite.py" "smash/smash/local_settings.py"
- cd smash
- coverage run --source web manage.py test -v3
- coverage report -m --omit="*/test*,*/migrations*,*debug_utils*"
test_python_3.12:
<<: *test_definition
image: python:3.12
script:
- cp "local_settings_ci_sqlite.py" "smash/smash/local_settings.py"
- cd smash
- coverage run --source web manage.py test -v3
- coverage report -m --omit="*/test*,*/migrations*,*debug_utils*"
test_create_dummy_script:
<<: *test_definition
script:
- cp "local_settings_ci_sqlite.py" "smash/smash/local_settings.py"
- cd smash
- python manage.py makemigrations web && python manage.py migrate
- python db_scripts/create_dummy_data.py
test_docker_compose:
image: docker:19.03.0
stage: test
only:
- tags
services:
- name: docker:19.03.0-dind
command: ["--mtu=1458", "--registry-mirror", "https://docker-registry.lcsb.uni.lu"]
tags:
- privileged
script:
- apk add --no-cache docker-compose curl
- docker-compose up --build -d
- sleep 30
- docker-compose down
variables:
DOCKER_HOST: tcp://docker:2375/
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ""
artifacts:
expire_in: 1 week
build_debian:
stage: build
only:
- tags
artifacts:
# you cannot enforce never here yet
expire_in: 1000 yrs
paths:
- "*.deb"
script:
- apt-get update
- DEBIAN_FRONTEND=noninteractive apt-get install -y --allow-unauthenticated libsasl2-dev libssl-dev locales locales-all python3 dh-make build-essential lintian devscripts xsltproc fakeroot xsltproc docbook-xsl curl gnupg git gcc g++ make libsasl2-dev python-dev libldap2-dev libssl-dev
- curl -sL https://deb.nodesource.com/setup_14.x | bash -
- DEBIAN_FRONTEND=noninteractive apt-get install -y nodejs
- pip install -r requirements.txt --default-timeout=180 -i https://repomanager.lcsb.uni.lu/repository/pypi-proxy/simple/ --extra-index-url https://pypi.python.org/simple/
- pip install -r requirements-dev.txt --default-timeout=180 -i https://repomanager.lcsb.uni.lu/repository/pypi-proxy/simple/ --extra-index-url https://pypi.python.org/simple/
- export DEBFULLNAME="Valentin Groues"
- export DEBEMAIL="valentin.groues@uni.lu"
- chmod 0755 build_deb.sh
- ./build_deb.sh
test_install_debian_package_ubuntu_18:
image: ubuntu:18.04
stage: test
only:
- tags
services:
- name: piotrgawron/debian-repo
alias: debian-repo
dependencies:
- build_debian
script:
- apt-get update
- DEBIAN_FRONTEND=noninteractive apt-get install -y ssh software-properties-common dirmngr wget curl
- debian_file=$(ls *.deb)
- echo "PUT $debian_file /docker/incoming" | sftp -o StrictHostKeyChecking=no user@debian-repo
- ssh root@debian-repo /usr/local/sbin/reprepro-import
- apt-add-repository "deb http://debian-repo/ unstable main" -n
- apt-get update --allow-insecure-repositories
- DEBIAN_FRONTEND=noninteractive apt-get install -y --allow-unauthenticated smasch
#systemd is not available on docker so we need to start manually gunicorn (smasch.service is not tested)
- cd /usr/lib/smasch/
- /usr/lib/smasch/env/bin/gunicorn -b 127.0.0.1:8888 --pid smasch.pid smash.wsgi --error-logfile /var/log/smasch/gunicorn.log --log-level DEBUG --capture-output --limit-request-line 8192 &
#we need to wait a bit for gunicorn start
- sleep 15
- wget http://localhost:8888/account/login/?next=/
#test if we can login
- test 302 = $(curl -X GET --write-out %{http_code} --silent --output /dev/null http://localhost:8888/)
- test 200 = $(curl -X GET --write-out %{http_code} --silent --output /dev/null http://localhost:8888/account/login/?next=/)
test_install_debian_package_ubuntu_20:
image: ubuntu:20.04
stage: test
only:
- tags
services:
- name: piotrgawron/debian-repo
alias: debian-repo
dependencies:
- build_debian
script:
- apt-get update
- DEBIAN_FRONTEND=noninteractive apt-get install -y ssh software-properties-common dirmngr wget curl
- debian_file=$(ls *.deb)
- echo "PUT $debian_file /docker/incoming" | sftp -o StrictHostKeyChecking=no user@debian-repo
- ssh root@debian-repo /usr/local/sbin/reprepro-import
- apt-add-repository "deb http://debian-repo/ unstable main" -n
- apt-get update --allow-insecure-repositories
- DEBIAN_FRONTEND=noninteractive apt-get install -y --allow-unauthenticated smasch
#systemd is not available on docker so we need to start manually gunicorn (smasch.service is not tested)
- cd /usr/lib/smasch/
- /usr/lib/smasch/env/bin/gunicorn -b 127.0.0.1:8888 --pid smasch.pid smash.wsgi --error-logfile /var/log/smasch/gunicorn.log --log-level DEBUG --capture-output --limit-request-line 8192 &
#we need to wait a bit for gunicorn start
- sleep 15
- wget http://localhost:8888/account/login/?next=/
#test if we can login and list projects
- test 302 = $(curl -X GET --write-out %{http_code} --silent --output /dev/null http://localhost:8888/)
- test 200 = $(curl -X GET --write-out %{http_code} --silent --output /dev/null http://localhost:8888/account/login/?next=/)
test_install_debian_package_debian_buster:
image: debian:buster
stage: test
only:
- tags
services:
- name: piotrgawron/debian-repo
alias: debian-repo
dependencies:
- build_debian
script:
- apt-get update
- DEBIAN_FRONTEND=noninteractive apt-get install -y ssh software-properties-common dirmngr wget curl
- debian_file=$(ls *.deb)
- echo "PUT $debian_file /docker/incoming" | sftp -o StrictHostKeyChecking=no user@debian-repo
- ssh root@debian-repo /usr/local/sbin/reprepro-import
- apt-add-repository "deb http://debian-repo/ unstable main"
- apt-get update --allow-insecure-repositories
- DEBIAN_FRONTEND=noninteractive apt-get install -y --allow-unauthenticated smasch
#systemd is not available on docker so we need to start manually gunicorn (smasch.service is not tested)
- cd /usr/lib/smasch/
- /usr/lib/smasch/env/bin/gunicorn -b 127.0.0.1:8888 --pid smasch.pid smash.wsgi --error-logfile /var/log/smasch/gunicorn.log --log-level DEBUG --capture-output --limit-request-line 8192 &
#we need to wait a bit for gunicorn start
- sleep 15
- wget http://localhost:8888/account/login/?next=/
#test if we can login and list projects
- test 302 = $(curl -X GET --write-out %{http_code} --silent --output /dev/null http://localhost:8888/)
- test 200 = $(curl -X GET --write-out %{http_code} --silent --output /dev/null http://localhost:8888/account/login/?next=/)
test_version_in_base_html:
script:
- CURRENT_VERSION=`cat CHANGELOG |grep smasch |head -1 | cut -f2 -d'(' | cut -f1 -d')' | cut -f1 -d'-' `
- test 1 = $(cat smash/web/templates/_base.html |grep "<strong>$CURRENT_VERSION</strong>" |wc -l)
lint:pylint:
<<: *test_definition
script:
- cp "local_settings_ci_sqlite.py" "smash/smash/local_settings.py"
- cd smash
- pylint --rcfile=../.pylintrc --django-settings-module=smash.settings --load-plugins pylint_django web --extension-pkg-allow-list=pycurl
lint:pep8:
<<: *test_definition
script:
- cp "local_settings_ci_sqlite.py" "smash/smash/local_settings.py"
- cd smash
- pycodestyle web
build_rpm:
stage: build
only:
- tags
artifacts:
# you cannot enforce never here yet
expire_in: 1000 yrs
paths:
- "rpm/RPMS/noarch/*.rpm"
script:
- apt-get update
- DEBIAN_FRONTEND=noninteractive apt-get install -y --allow-unauthenticated libsasl2-dev libssl-dev locales locales-all python3 dh-make build-essential lintian devscripts xsltproc fakeroot xsltproc docbook-xsl curl gnupg git gcc g++ make libsasl2-dev python-dev libldap2-dev libssl-dev rpm
- curl -sL https://deb.nodesource.com/setup_14.x | bash -
- DEBIAN_FRONTEND=noninteractive apt-get install -y nodejs
- pip install -r requirements.txt --default-timeout=180 -i https://repomanager.lcsb.uni.lu/repository/pypi-proxy/simple/ --extra-index-url https://pypi.python.org/simple/
- pip install -r requirements-dev.txt --default-timeout=180 -i https://repomanager.lcsb.uni.lu/repository/pypi-proxy/simple/ --extra-index-url https://pypi.python.org/simple/
- sh build_rpm.sh
test_install_rpm_package_rocky:
image: rockylinux:8
stage: test
only:
- tags
dependencies:
- build_rpm
script:
- ls -al
- yum -y localinstall rpm/RPMS/noarch/smasch-*.rpm
#systemd is not available on docker, so we need to start manually gunicorn (smasch.service is not tested)
- cd /usr/lib/smasch/
- /usr/lib/smasch/env/bin/gunicorn -b 127.0.0.1:8888 --pid smasch.pid smash.wsgi --error-logfile /var/log/smasch/gunicorn.log --log-level DEBUG --capture-output --limit-request-line 8192 &
#we need to wait a bit for gunicorn start
- sleep 15
- yum -y install wget curl
- wget http://localhost:8888/account/login/?next=/
#test if we can login
- test 302 = $(curl -X GET --write-out %{http_code} --silent --output /dev/null http://localhost:8888/)
- test 200 = $(curl -X GET --write-out %{http_code} --silent --output /dev/null http://localhost:8888/account/login/?next=/)