feat(build): add CI

2022-02-15 08:10:52 -06:00 · 2022-02-15 08:10:52 -06:00 · 588356729f
parent f1acf9df38
commit 588356729f
7 changed files with 299 additions and 0 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -0,0 +1,105 @@
+include:
+  - local: /.gitlab/ci-tools.yml
+  - local: /.gitlab/ci-rules.yml
+
+stages:
+  - status-pre
+  - build
+  - image
+  - publish
+  - status-post
+
+# build jobs
+build-node:
+  stage: build
+  extends:
+    - .build-node
+
+  script:
+    - make ci
+
+  artifacts:
+    when: always
+    expire_in: 1 day
+    paths:
+      - out/
+
+  cache:
+    key: "${CI_COMMIT_REF_SLUG}"
+    policy: pull-push
+    paths:
+      - node_modules/
+      - out/api
+      - out/cache
+      - out/tmp
+
+# publish jobs
+publish-npm:
+  stage: publish
+  extends:
+    - .build-node
+    - .deploy-tags
+
+  dependencies:
+    - build-node
+  script:
+    - npm publish
+
+# commit status
+climate-pending:
+  stage: status-pre
+  extends:
+    - .build-climate
+
+  script:
+    - cc-test-reporter before-build
+
+climate-success:
+  stage: status-post
+  extends:
+    - .build-climate
+
+  dependencies:
+    - build-node
+  script:
+    - make upload-climate
+
+github-pending:
+  stage: status-pre
+  extends:
+    - .build-curl
+  script:
+    - ./scripts/github-status.sh pending
+
+github-failure:
+  stage: status-post
+  extends:
+    - .build-curl
+  when: on_failure
+  script:
+    - ./scripts/github-status.sh failure
+
+github-success:
+  stage: status-post
+  extends:
+    - .build-curl
+  when: on_success
+  script:
+    - ./scripts/github-status.sh success
+
+sonar-success:
+  stage: status-post
+  extends:
+    - .build-sonar
+
+  when: on_success
+  script:
+    - make node_modules
+    - sonar-scanner
+        -Dsonar.projectKey=ssube_salty-dog
+        -Dsonar.projectVersion=${CI_COMMIT_REF_SLUG}
+        -Dsonar.organization=ssube-github
+        -Dsonar.sources=src/,test/
+        -Dsonar.host.url=https://sonarcloud.io
+        -Dsonar.login=${SONAR_SECRET}
+        -Dsonar.typescript.lcov.reportPaths=out/coverage/lcov.info
--- a/.gitlab/ci-rules.yml
+++ b/.gitlab/ci-rules.yml
@ -0,0 +1,7 @@
+.deploy-branches:
+  except:
+    - tags
+
+.deploy-tags:
+  only:
+    - tags
--- a/.gitlab/ci-tools.yml
+++ b/.gitlab/ci-tools.yml
@ -0,0 +1,66 @@
+.build-base:
+  image: docker.artifacts.apextoaster.com/apextoaster/base:1.5
+  tags:
+    - platform:k8s
+    - runner:shared
+
+.build-aws:
+  extends:
+    - .build-base
+
+.build-curl:
+  extends:
+    - .build-base
+
+.build-climate:
+  image: docker.artifacts.apextoaster.com/apextoaster/code-climate:0.6
+  tags:
+    - platform:k8s
+    - runner:shared
+  allow_failure: false
+  variables:
+    CI_BRANCH: "${CI_COMMIT_REF_NAME}"
+    GIT_BRANCH: "${CI_COMMIT_REF_NAME}"
+    GIT_COMMIT_SHA: "${CI_COMMIT_SHA}"
+
+.build-docker:
+  image: docker.artifacts.apextoaster.com/apextoaster/docker:20.10
+  services:
+    - docker.artifacts.apextoaster.com/apextoaster/docker-dind:20.10
+  tags:
+    - platform:k8s
+    - runner:shared
+  allow_failure: false
+
+  before_script:
+    - mkdir ${HOME}/.docker
+    - echo "${DOCKER_SECRET}" | base64 -d > ${HOME}/.docker/config.json
+  script:
+    - ${CI_PROJECT_DIR}/scripts/docker-build.sh --push
+  after_script:
+    - rm -rfv ${HOME}/.docker
+
+  variables:
+    DOCKER_CERT_PATH: "/shared/docker/client"
+    DOCKER_DRIVER: overlay2
+    DOCKER_HOST: tcp://localhost:2376
+    DOCKER_TLS_CERTDIR: "/shared/docker"
+    DOCKER_TLS_VERIFY: 1
+    IMAGE_ROOT: "${CI_PROJECT_DIR}"
+
+.build-node:
+  image: docker.artifacts.apextoaster.com/apextoaster/node:16.6
+  tags:
+    - platform:k8s
+    - runner:shared
+  allow_failure: false
+
+  before_script:
+    - echo "${NPM_SECRET}" | base64 -d > ${HOME}/.npmrc
+
+.build-sonar:
+  image: docker.artifacts.apextoaster.com/apextoaster/sonar-scanner:4.4
+  tags:
+    - platform:k8s
+    - runner:shared
+  allow_failure: false
--- a/scripts/ci-project-path.sh
+++ b/scripts/ci-project-path.sh
@ -0,0 +1,7 @@
+#! /bin/sh
+
+PROJECT="${ROOT_PATH}"
+PARENT="$(dirname "${PROJECT}")"
+PROJECT_PATH="$(basename "${PARENT}")/$(basename "${PROJECT}")"
+
+echo "${PROJECT_PATH}"
--- a/scripts/docker-build.sh
+++ b/scripts/docker-build.sh
@ -0,0 +1,27 @@
+#! /bin/bash
+
+IMAGE_PUSH="${1:---skip}"
+IMAGE_DEFAULT="${2:---skip}"
+
+IMAGE_NAME="${CI_PROJECT_PATH}"
+IMAGE_TAG="$(echo "${CI_COMMIT_TAG:-${CI_COMMIT_REF_SLUG}}" | sed -r 's/[^-_a-zA-Z0-9\\.]/-/g')"
+
+IMAGE_SHORT="${IMAGE_NAME}:${IMAGE_TAG}"
+IMAGE_FULL="${IMAGE_NAME}:${IMAGE_TAG}-${IMAGE_ARCH}"
+
+echo "Building image: ${IMAGE_FULL}"
+
+docker build -f "Dockerfile.${IMAGE_ARCH}" -t "${IMAGE_FULL}" . || (echo "Failed to build image!" && exit 1)
+
+if [[ "${IMAGE_PUSH}" == "--push" ]];
+then
+  echo "Pushing image: ${IMAGE_FULL}"
+  docker push "${IMAGE_FULL}" || (echo "Failed to push image!" && exit 1)
+fi
+
+if [[ "${IMAGE_DEFAULT}" == "--default" ]];
+then
+  echo "Pushing image (default architecture): ${IMAGE_SHORT}"
+  docker tag "${IMAGE_FULL}" "${IMAGE_SHORT}"
+  docker push "${IMAGE_SHORT}" || (echo "Failed to push image!" && exit 1)
+fi
--- a/scripts/github-status.sh
+++ b/scripts/github-status.sh
@ -0,0 +1,19 @@
+#! /bin/sh
+
+STATUS="${1}"
+CI_COMMIT_SHA="${CI_COMMIT_SHA:-$(git rev-parse HEAD)}"
+
+STATUS_BODY="$(cat <<EOF
+{
+  "state": "${STATUS}",
+  "target_url": "${CI_PIPELINE_URL}",
+  "description": "CI pipeline ${STATUS}!",
+  "context": "gitlab/build"
+}
+EOF
+)"
+
+printf "Reporting status for %s...\n%s" "${CI_COMMIT_SHA}" "${STATUS_BODY}"
+printf "%s" "${STATUS_BODY}" | curl -d @- \
+  -H "Authorization: token $(printf "%s" "${GITHUB_SECRET}" | base64 -d)" \
+  -i "https://api.github.com/repos/${CI_PROJECT_PATH}/statuses/${CI_COMMIT_SHA}"
--- a/scripts/test-examples.sh
+++ b/scripts/test-examples.sh
@ -0,0 +1,68 @@
+#! /bin/sh
+
+mkdir -p ./out/test/examples
+
+EXAMPLES="$(find ./test/examples -name '*.yml')"
+
+for example in ${EXAMPLES};
+do
+  echo "Testing: ${example}"
+
+  USE_RULES="$(grep '# test rules' "${example}" | sed 's/# test rules \(.*\)/\1/')"
+  [ -z "${USE_RULES}" ] && echo "Test example must have '# test rules' pragma" && exit 1
+
+  USE_TAGS="$(grep '# test tags' "${example}" | sed 's/# test tags \(.*\)/\1/')"
+  [ -z "${USE_TAGS}" ] && echo "Test example must have '# test tags' pragma" && exit 1
+
+  EXPECTED_STATUS="$(grep '# test exit-status' "${example}" | sed 's/# test exit-status \([0-9]*\)/\1/')"
+  [ -z "${EXPECTED_STATUS}" ] && EXPECTED_STATUS=0
+
+  echo "Using rules: ${USE_RULES}"
+  echo "Using tags: ${USE_TAGS}"
+  echo "Expected status: ${EXPECTED_STATUS}"
+
+  STDOUT_PATH=./out/${example}-stdout.log
+  STDERR_PATH=./out/${example}-stderr.log
+
+  node out/src/index.js \
+    --config-path ./docs \
+    --config-name config-stderr.yml \
+    --count \
+    --rules "rules/${USE_RULES}.yml" \
+    --tag "${USE_TAGS}" \
+    --source "${example}" \
+    1> ${STDOUT_PATH} \
+    2> ${STDERR_PATH}
+
+  ACTUAL_STATUS=$?
+  echo "Test status: ${ACTUAL_STATUS}"
+
+  if [ -s ${STDOUT_PATH} ];
+  then
+    echo "Test output:"
+    echo "==="
+    echo ""
+    tail -n5 ${STDOUT_PATH}
+    echo ""
+    echo "==="
+  fi
+
+  if [ -s ${STDERR_PATH} ];
+  then
+    echo "Test errors:"
+    echo "==="
+    echo ""
+    tail -n5 ${STDERR_PATH}
+    echo ""
+    echo "==="
+  fi
+
+  if [ "${ACTUAL_STATUS}" != "${EXPECTED_STATUS}" ];
+  then
+    echo "Exit status does not match! (expected ${EXPECTED_STATUS}, got ${ACTUAL_STATUS})"
+    echo "Failed in: ${example}"
+    exit 1
+  fi
+done
+
+echo "All examples passed."