image: registry.gitlab.com/josm/docker-library/openjdk:8 cache: &global_cache paths: - .gradle/wrapper - .gradle/caches before_script: - export GRADLE_USER_HOME=`pwd`/.gradle ############################# # Various additional Checks # ############################# include: - template: Code-Quality.gitlab-ci.yml - template: SAST.gitlab-ci.yml - template: Dependency-Scanning.gitlab-ci.yml - template: License-Scanning.gitlab-ci.yml # - template: Container-Scanning.gitlab-ci.yml # - template: DAST.gitlab-ci.yml stages: - build - test - deploy - release sast: variables: {} variables: GRADLE_PATH: "./gradlew" FAIL_NEVER: 1 SAST_EXCLUDED_PATHS: ".gradle" # CI_DEBUG_TRACE: "true" variables: GIT_SUBMODULE_STRATEGY: recursive PLUGIN_NAME: "MapWithAI" PLUGIN_JAR_BASE_NAME: "mapwithai" ############### # Build stage # ############### assemble: stage: build script: - ./gradlew assemble --stacktrace artifacts: paths: - build/ expire_in: 1 day interruptible: true assemble with java 11: stage: build image: registry.gitlab.com/josm/docker-library/openjdk:11 script: - ./gradlew assemble --stacktrace artifacts: paths: - build/ expire_in: 1 day interruptible: true assemble with java 17: stage: build image: registry.gitlab.com/josm/docker-library/openjdk:17 script: - ./gradlew assemble --stacktrace artifacts: paths: - build/ expire_in: 1 day allow_failure: true interruptible: true code_navigation: stage: build script: - apk add --update curl bash - curl -fLo coursier https://git.io/coursier-cli - chmod +x coursier - ./coursier launch com.sourcegraph:lsif-java_2.13:0.7.2 -- index --build-tool gradle artifacts: reports: lsif: dump.lsif rules: - if: '$CI_PIPELINE_SOURCE != "schedule" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' when: always allow_failure: true interruptible: true cache: <<: *global_cache policy: pull ############## # Test stage # ############## build: stage: test script: - ./gradlew build localDist --stacktrace #--info artifacts: paths: - build expire_in: 1 day needs: ["assemble"] dependencies: - assemble interruptible: true test: stage: test script: - ./gradlew check --stacktrace --continue #--info - ./gradlew jacocoTestReport - ./gradlew jacocoTestCoverageVerification artifacts: paths: - build reports: junit: build/test-results/**/TEST-*.xml needs: ["assemble"] dependencies: - assemble interruptible: true coverage: '/.*Instruction Coverage.*?([0-9.]{1,8}) ?%/' coverage: stage: deploy needs: ["test"] dependencies: - test image: haynes/jacoco2cobertura:1.0.8 script: - python /opt/cover2cover.py build/reports/jacoco/test/jacocoTestReport.xml $CI_PROJECT_DIR/src/main/java/ > build/reports/jacoco/test/coverage.xml artifacts: reports: coverage_report: coverage_format: cobertura path: "build/reports/jacoco/test/coverage.xml" interruptible: true cache: <<: *global_cache policy: pull translate: stage: test script: - ./gradlew generatePot --stacktrace artifacts: paths: - build needs: ["assemble"] cache: <<: *global_cache policy: pull compile against min JOSM: stage: test script: - ./gradlew compileJava_minJosm --stacktrace needs: ["assemble"] dependencies: - assemble interruptible: true allow_failure: true # It should still run against it, but there are some methods if'd around cache: <<: *global_cache policy: pull compile against latest JOSM: stage: test script: - ./gradlew compileJava_latestJosm --stacktrace needs: ["assemble"] dependencies: - assemble interruptible: true cache: <<: *global_cache policy: pull build with java 11: stage: test image: registry.gitlab.com/josm/docker-library/openjdk:11 script: - ./gradlew build --stacktrace needs: ["assemble with java 11"] dependencies: - assemble with java 11 interruptible: true cache: <<: *global_cache policy: pull build with java 17: stage: test image: registry.gitlab.com/josm/docker-library/openjdk:17 script: - ./gradlew build --stacktrace allow_failure: true needs: ["assemble with java 17"] dependencies: - assemble with java 17 interruptible: true cache: <<: *global_cache policy: pull ################ # Deploy stage # ################ transifex.com: image: registry.gitlab.com/josm/docker-library/python-transifex:latest stage: deploy environment: name: transifex.com url: https://www.transifex.com/josm/josm/josm-plugin_$PLUGIN_NAME/ script: - TX_TOKEN="$TRANSIFEX_TOKEN" tx push -s --no-interactive needs: ["translate"] only: refs: - master variables: - $TRANSIFEX_TOKEN cache: <<: *global_cache policy: pull codecov.io: image: alpine:3.10 stage: deploy environment: name: codecov.io url: https://codecov.io/gh/JOSM/$PLUGIN_NAME before_script: - apk add --update curl bash script: - curl -s https://codecov.io/bash | bash - curl -s https://codecov.io/bash | bash /dev/stdin -c -F model_and_api needs: ["build"] only: refs: - master variables: - $CODECOV_TOKEN sonarcloud.io: image: registry.gitlab.com/josm/docker-library/openjdk:11 stage: deploy environment: name: sonarcloud.io url: https://sonarcloud.io/dashboard?id=$PLUGIN_NAME script: - git fetch --unshallow || echo "Already unshallowed" - ./gradlew -Dsonar.login=$SONAR_TOKEN sonarqube needs: ["test"] dependencies: - test only: refs: - $CI_DEFAULT_BRANCH variables: - $SONAR_TOKEN =~ /[0-9a-z]+/ GitLab Maven repo: stage: deploy environment: name: GitLab.com / Maven packages url: $CI_PROJECT_URL/-/packages script: - ./gradlew publishAllPublicationsToGitlabRepository needs: ["build", "compile against min JOSM", "compile against latest JOSM"] rules: - if: '$CI_COMMIT_REF_PROTECTED == "true" && $CI_COMMIT_TAG != null && $CI_PIPELINE_SOURCE != "schedule"' when: always cache: <<: *global_cache policy: pull ################# # Release stage # ################# release: stage: release environment: name: pages branch / dist directory url: ${CI_PAGES_URL}/${CI_PROJECT_NAME} script: - &clone_pages_branch | echo "$SSH_PRIVATE_DEPLOY_KEY" > ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa git clone --depth 1 --branch pages git@${CI_SERVER_HOST}:${CI_PROJECT_PATH} pages - ¤t_version | version=`git describe --always --dirty` longVersion=`git describe --always --long --dirty` commitMessage="Release version $longVersion" - | #mkdir -pv "pages/public/dist/$version" #cp -v "build/dist/"* "build/tmp/jar/MANIFEST.MF" "pages/public/dist/$version" rm -fv "pages/public/dist/latest" ln -s "./$version" "pages/public/dist/latest" - &push_pages_branch | cd pages/ git config user.name "Deploy with GitLab CI" git config user.email "${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}@${CI_SERVER_HOST}" git stage . git commit -a -m "$commitMessage" git push origin pages needs: ["build", "compile against min JOSM", "compile against latest JOSM"] dependencies: - build rules: - if: '$SSH_PRIVATE_DEPLOY_KEY != null && $CI_COMMIT_REF_PROTECTED == "true" && $CI_COMMIT_TAG != null && $CI_PIPELINE_SOURCE != "schedule"' when: manual cache: <<: *global_cache policy: pull release hotfix: stage: release environment: name: pages branch / dist directory url: ${CI_PAGES_URL}/${CI_PROJECT_NAME} script: - *clone_pages_branch - *current_version - | mkdir -pv "pages/public/dist/$version" cp -v "build/dist/"* "build/tmp/jar/MANIFEST.MF" "pages/public/dist/$version" - *push_pages_branch needs: ["compile against min JOSM", "compile against latest JOSM", "build"] dependencies: - build rules: - if: '$SSH_PRIVATE_DEPLOY_KEY != null && $CI_COMMIT_REF_PROTECTED == "true" && $CI_COMMIT_TAG != null && $CI_PIPELINE_SOURCE != "schedule" && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH' when: always publish update site: stage: release environment: name: pages branch / snapshot update site url: ${CI_PAGES_URL}/${CI_PROJECT_NAME}/snapshot/${CI_COMMIT_REF_NAME}/update-site script: - *clone_pages_branch - | commitHash=`git rev-parse HEAD` commitMessage="Make latest commit from ${CI_COMMIT_REF_NAME} available via JOSM update site ($commitHash)" - | rm -vrf "pages/public/snapshot/${CI_COMMIT_REF_NAME}" mkdir -pv "pages/public/snapshot/${CI_COMMIT_REF_NAME}" rm -vrf "pages/public/snapshot/libs" mkdir -pv "pages/public/snapshot/libs" cp -v "build/snapshot-update-site" "pages/public/snapshot/${CI_COMMIT_REF_NAME}/update-site" cp -v "build/localDist/list" "pages/public/snapshot/${CI_COMMIT_REF_NAME}/update-site" sed -i "1s/.*/${PLUGIN_JAR_BASE_NAME}-dev.jar;${CI_PAGES_URL}/${CI_PROJECT_NAME}/snapshot/${CI_COMMIT_REF_NAME}/${PLUGIN_JAR_BASE_NAME}-dev.jar" cp -v "build/dist/"* "pages/public/snapshot/${CI_COMMIT_REF_NAME}" cp -v "build/dist/${PLUGIN_JAR_BASE_NAME}.jar" "pages/public/snapshot/${CI_COMMIT_REF_NAME}/${PLUGIN_JAR_BASE_NAME}-dev.jar" cp -v "build/libs/"*"test-fixture"* "pages/public/snapshot/libs/mapwithai-test-fixture.jar" - *push_pages_branch needs: ["compile against min JOSM", "compile against latest JOSM", "build"] dependencies: - build rules: - if: '$SSH_PRIVATE_DEPLOY_KEY != null && $CI_PIPELINE_SOURCE != "schedule" && $CI_COMMIT_REF_NAME != null' when: always release to Gitlab.com: stage: release environment: name: GitLab.com / Releases url: $CI_PROJECT_URL/-/releases script: - ./gradlew releaseToGitlab needs: ["GitLab Maven repo"] rules: - if: '$SSH_PRIVATE_DEPLOY_KEY != null && $CI_COMMIT_REF_PROTECTED == "true" && $CI_COMMIT_TAG != null && $CI_PIPELINE_SOURCE != "schedule" && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH' when: always cache: <<: *global_cache policy: pull