391 lines
12 KiB
YAML
391 lines
12 KiB
YAML
stages:
|
|
- dependencies
|
|
- build
|
|
- test
|
|
- publish
|
|
|
|
default:
|
|
retry:
|
|
max: 2
|
|
when:
|
|
- api_failure
|
|
- runner_system_failure
|
|
- scheduler_failure
|
|
- stale_schedule
|
|
- stuck_or_timeout_failure
|
|
- unknown_failure
|
|
|
|
variables: &default-variables
|
|
TZ: "UTC"
|
|
GIT_DEPTH: "1"
|
|
|
|
.build-resources-xs: &build-resources-xs
|
|
KUBERNETES_MEMORY_REQUEST: 512Mi
|
|
KUBERNETES_MEMORY_LIMIT: 512Mi
|
|
|
|
.build-resources-s: &build-resources-s
|
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
KUBERNETES_MEMORY_LIMIT: 1Gi
|
|
|
|
.build-resources-m: &build-resources-m
|
|
KUBERNETES_MEMORY_REQUEST: 2Gi
|
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
|
|
.haproxy_stable: &haproxy-stable
|
|
HAPROXY_GITREPO: "https://git.haproxy.org/?p=haproxy-2.7.git"
|
|
HAPROXY_VERSION: 2.7.2
|
|
# https://git.haproxy.org/?p=haproxy-2.7.git;a=commit;h=739996c80a847cd9572d3a4e4e418a7a38ddc2ff
|
|
HAPROXY_GITREF: "739996c80a847cd9572d3a4e4e418a7a38ddc2ff"
|
|
|
|
.haproxy_dev: &haproxy-dev
|
|
HAPROXY_GITREPO: "https://git.haproxy.org/?p=haproxy.git"
|
|
HAPROXY_VERSION: 2.8-dev
|
|
# https://git.haproxy.org/?p=haproxy.git;a=commit;h=a0658c3cf3b4e93c9f7e27874ec2817758d6c61e
|
|
HAPROXY_GITREF: "a0658c3cf3b4e93c9f7e27874ec2817758d6c61e"
|
|
|
|
.build-job: &build-job
|
|
image: registry.gitlab.com/mangadex-pub/debuilder/buster:main
|
|
needs: [ ]
|
|
before_script:
|
|
- apt -qq update
|
|
- apt install -y --no-install-recommends -qq build-essential ca-certificates cmake curl git libpcre2-dev libreadline-dev libsystemd-dev tar zlib1g-dev
|
|
- cc --version
|
|
|
|
#----------------------
|
|
# Common dependencies
|
|
#----------------------
|
|
|
|
lua:
|
|
<<: *build-job
|
|
stage: dependencies
|
|
script: make -C deps/lua
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-xs
|
|
artifacts:
|
|
expire_in: 7 days
|
|
paths: [ "deps/lua/lua-dist.tar.gz" ]
|
|
|
|
pcre2:
|
|
<<: *build-job
|
|
stage: dependencies
|
|
script: make -C deps/pcre2
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-xs
|
|
artifacts:
|
|
expire_in: 7 days
|
|
paths: [ "deps/pcre2/pcre2-dist.tar.gz" ]
|
|
|
|
quictls:
|
|
<<: *build-job
|
|
stage: dependencies
|
|
script: make -C deps/quictls
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-m
|
|
artifacts:
|
|
expire_in: 7 days
|
|
paths: [ "deps/quictls/quictls-dist.tar.gz" ]
|
|
|
|
vtest:
|
|
<<: *build-job
|
|
stage: dependencies
|
|
script: make -C deps/vtest
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-xs
|
|
artifacts:
|
|
expire_in: 7 days
|
|
paths: [ "deps/vtest/dist/vtest" ]
|
|
|
|
.needs-dependencies: &needs-dependencies
|
|
- job: lua
|
|
artifacts: true
|
|
- job: pcre2
|
|
artifacts: true
|
|
- job: quictls
|
|
artifacts: true
|
|
|
|
#----------------------
|
|
# HAProxy job templates
|
|
#----------------------
|
|
|
|
.haproxy-build: &haproxy-build
|
|
<<: *build-job
|
|
stage: build
|
|
script:
|
|
- apt install -y --no-install-recommends -qq bzip2 git
|
|
- mkdir deps/lua/dist && tar -C deps/lua/dist -xf deps/lua/lua-dist.tar.gz
|
|
- mkdir deps/pcre2/dist && tar -C deps/pcre2/dist -xf deps/pcre2/pcre2-dist.tar.gz
|
|
- mkdir deps/quictls/dist && tar -C deps/quictls/dist -xf deps/quictls/quictls-dist.tar.gz
|
|
- make -C haproxy HAPROXY_GITREPO="$HAPROXY_GITREPO" HAPROXY_VERSION="$HAPROXY_VERSION" HAPROXY_GITREF="$HAPROXY_GITREF"
|
|
needs: *needs-dependencies
|
|
artifacts:
|
|
expire_in: 7 days
|
|
paths: [ "haproxy/dist", "haproxy/haproxy-dist.tar.gz" ]
|
|
|
|
.haproxy-regtests: &haproxy-regtests
|
|
<<: *build-job
|
|
stage: test
|
|
script:
|
|
- apt install -y --no-install-recommends -qq bzip2 git
|
|
- mkdir deps/lua/dist && tar -C deps/lua/dist -xf deps/lua/lua-dist.tar.gz
|
|
- mkdir deps/pcre2/dist && tar -C deps/pcre2/dist -xf deps/pcre2/pcre2-dist.tar.gz
|
|
- mkdir deps/quictls/dist && tar -C deps/quictls/dist -xf deps/quictls/quictls-dist.tar.gz
|
|
- make -C haproxy HAPROXY_GITREPO="$HAPROXY_GITREPO" HAPROXY_VERSION="$HAPROXY_VERSION" HAPROXY_GITREF="$HAPROXY_GITREF" build test
|
|
needs:
|
|
- *needs-dependencies
|
|
- job: vtest
|
|
artifacts: true
|
|
|
|
.haproxy-debian: &haproxy-debian
|
|
<<: *build-job
|
|
stage: publish
|
|
script:
|
|
- apt install -y --no-install-recommends -qq bzip2 devscripts debhelper pkg-config
|
|
- mkdir deps/lua/dist && tar -C deps/lua/dist -xf deps/lua/lua-dist.tar.gz
|
|
- mkdir deps/pcre2/dist && tar -C deps/pcre2/dist -xf deps/pcre2/pcre2-dist.tar.gz
|
|
- mkdir deps/quictls/dist && tar -C deps/quictls/dist -xf deps/quictls/quictls-dist.tar.gz
|
|
- export BUILD_MESSAGE="$CI_COMMIT_MESSAGE"
|
|
- make -C haproxy dist-deb HAPROXY_GITREPO="$HAPROXY_GITREPO" HAPROXY_VERSION="$HAPROXY_VERSION" HAPROXY_GITREF="$HAPROXY_GITREF"
|
|
- |
|
|
set -euo pipefail
|
|
|
|
PACKAGE_NAME="haproxy-debian"
|
|
DEB_VERSION="$(cat haproxy/*.dsc | grep -E '^Version:' | cut -d' ' -f2-)"
|
|
if [ "$CI_COMMIT_REF_NAME" != "$CI_DEFAULT_BRANCH" ]; then
|
|
export PACKAGE_NAME="haproxy-debian-branches"
|
|
export DEB_VERSION="branch-$CI_COMMIT_REF_SLUG"
|
|
echo "Git reference $CI_COMMIT_REF_NAME is not the default branch. Setting coordinates to $PACKAGE_NAME/$DEB_VERSION"
|
|
fi
|
|
|
|
GITLAB_PACKAGE_VERSION=$(echo "${DEB_VERSION}" | tr '~' '-')
|
|
echo "Publishing Debian package version ${DEB_VERSION} to haproxy-debian@${GITLAB_PACKAGE_VERSION}"
|
|
|
|
for artifact in haproxy/haproxy*.deb; do
|
|
artifact_filename=$(basename "${artifact}")
|
|
gitlab_is_lame_artifact_filename=$(echo "${artifact_filename}" | tr '~' '-' | tr '+' '-')
|
|
echo "Uploading to haproxy-debian@${DEB_VERSION}... ${artifact_filename} -> ${gitlab_is_lame_artifact_filename}"
|
|
curl -fsSL -H"JOB-TOKEN: $CI_JOB_TOKEN" \
|
|
--upload-file "${artifact}" \
|
|
"${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/${PACKAGE_NAME}/${GITLAB_PACKAGE_VERSION}/${gitlab_is_lame_artifact_filename}"
|
|
echo "OK"
|
|
done
|
|
artifacts:
|
|
expire_in: 7 days
|
|
paths: [ "haproxy/haproxy*" ]
|
|
|
|
.haproxy-tarball: &haproxy-tarball
|
|
image: docker.io/curlimages/curl:latest
|
|
stage: publish
|
|
script: |
|
|
set -eu
|
|
|
|
PKG_VER=$HAPROXY_VERSION
|
|
if [ "$CI_COMMIT_REF_NAME" != "$CI_DEFAULT_BRANCH" ]; then
|
|
export PKG_VER="branch-$CI_COMMIT_REF_SLUG-$HAPROXY_VERSION-$HAPROXY_GITREF"
|
|
echo "Git reference $CI_COMMIT_REF_NAME is not the default branch. Setting version to $PKG_VER"
|
|
fi
|
|
|
|
curl -fsSL \
|
|
-H"JOB-TOKEN: $CI_JOB_TOKEN" \
|
|
--upload-file "haproxy/haproxy-dist.tar.gz" \
|
|
"${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/haproxy/$PKG_VER/haproxy-$HAPROXY_VERSION.tar.gz"
|
|
|
|
.haproxy-docker: &haproxy-docker
|
|
stage: publish
|
|
image:
|
|
name: gcr.io/kaniko-project/executor:debug
|
|
entrypoint: [ "" ]
|
|
before_script:
|
|
- mkdir -p /kaniko/.docker
|
|
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"gitlab-ci-token\",\"password\":\"$CI_JOB_TOKEN\"}}}" > /kaniko/.docker/config.json
|
|
script: |
|
|
set -eu
|
|
|
|
export DEBIAN_CODENAME="bullseye"
|
|
export JOB_TIMESTAMP="$(date -D '%Y-%m-%dT%H:%M:%S' -d "$CI_JOB_STARTED_AT" +'%Y%m%d-%H%M')"
|
|
|
|
# A.B.C -> A.B, otherwise preserve original (eg 2.x-dev -> 2.x-dev)
|
|
if echo "$HAPROXY_VERSION" | grep -E '([0-9]\.){2}[0-9]'; then
|
|
export HAPROXY_SHORTVER="$(echo "$HAPROXY_VERSION" | cut -d'.' -f1-2)"
|
|
else
|
|
export HAPROXY_SHORTVER=$HAPROXY_VERSION
|
|
fi
|
|
|
|
echo "Building image with"
|
|
echo " -> haproxy version: $HAPROXY_VERSION ($HAPROXY_SHORTVER)"
|
|
echo " -> debian codename: $DEBIAN_CODENAME"
|
|
echo " -> git commit hash: $CI_COMMIT_SHORT_SHA"
|
|
echo " -> build timestamp: $JOB_TIMESTAMP"
|
|
|
|
export IMAGE_TAG_UNIQUE="$CI_COMMIT_SHORT_SHA-$JOB_TIMESTAMP-$HAPROXY_SHORTVER-$HAPROXY_GITREF"
|
|
export IMAGE_TAG_ROLLING_COMMIT="git-$CI_COMMIT_SHORT_SHA-$HAPROXY_VERSION"
|
|
export IMAGE_TAG_ROLLING_GITREF="$CI_COMMIT_REF_SLUG-$HAPROXY_VERSION"
|
|
|
|
export IMAGE_TAG_VERSIONS="$HAPROXY_VERSION-$DEBIAN_CODENAME"
|
|
export IMAGE_TAG_SHORTVER="$HAPROXY_SHORTVER-$DEBIAN_CODENAME"
|
|
if [ "$CI_COMMIT_REF_NAME" != "$CI_DEFAULT_BRANCH" ]; then
|
|
export IMAGE_TAG_VERSIONS="branch-$CI_COMMIT_REF_SLUG-$IMAGE_TAG_VERSIONS"
|
|
export IMAGE_TAG_SHORTVER="branch-$CI_COMMIT_REF_SLUG-$IMAGE_TAG_SHORTVER"
|
|
echo "Git reference $CI_COMMIT_REF_NAME is not the default branch. Rewriting git rolling tag as $IMAGE_TAG_VERSIONS / $IMAGE_TAG_SHORTVER"
|
|
fi
|
|
|
|
echo "***"
|
|
echo "Will build and push image as:"
|
|
echo "- $CI_REGISTRY_IMAGE:$IMAGE_TAG_UNIQUE"
|
|
echo "- $CI_REGISTRY_IMAGE:$IMAGE_TAG_ROLLING_COMMIT"
|
|
echo "- $CI_REGISTRY_IMAGE:$IMAGE_TAG_ROLLING_GITREF"
|
|
echo "- $CI_REGISTRY_IMAGE:$IMAGE_TAG_VERSIONS"
|
|
echo "- $CI_REGISTRY_IMAGE:$IMAGE_TAG_SHORTVER"
|
|
echo "***"
|
|
|
|
(
|
|
set -x;
|
|
/kaniko/executor \
|
|
--context . \
|
|
--dockerfile Dockerfile \
|
|
--build-arg "CANONICAL_VERSION=$IMAGE_TAG_UNIQUE" \
|
|
--destination "$CI_REGISTRY_IMAGE:$IMAGE_TAG_UNIQUE" \
|
|
--destination "$CI_REGISTRY_IMAGE:$IMAGE_TAG_ROLLING_COMMIT" \
|
|
--destination "$CI_REGISTRY_IMAGE:$IMAGE_TAG_ROLLING_GITREF" \
|
|
--destination "$CI_REGISTRY_IMAGE:$IMAGE_TAG_VERSIONS" \
|
|
--destination "$CI_REGISTRY_IMAGE:$IMAGE_TAG_SHORTVER" \
|
|
--single-snapshot
|
|
)
|
|
|
|
#----------------------
|
|
# HAProxy jobs
|
|
#----------------------
|
|
|
|
build:stable:
|
|
<<: *haproxy-build
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-s
|
|
<<: *haproxy-stable
|
|
|
|
build:dev:
|
|
<<: *haproxy-build
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-s
|
|
<<: *haproxy-dev
|
|
|
|
regtests:stable:
|
|
<<: *haproxy-regtests
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-m
|
|
<<: *haproxy-stable
|
|
|
|
regtests:dev:
|
|
<<: *haproxy-regtests
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-m
|
|
<<: *haproxy-dev
|
|
|
|
haproxy-tarball:stable:
|
|
<<: *haproxy-tarball
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-xs
|
|
<<: *haproxy-stable
|
|
needs:
|
|
- job: "regtests:stable"
|
|
artifacts: false
|
|
- job: "build:stable"
|
|
artifacts: true
|
|
|
|
haproxy-tarball:dev:
|
|
<<: *haproxy-tarball
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-xs
|
|
<<: *haproxy-dev
|
|
needs:
|
|
- job: "regtests:dev"
|
|
artifacts: false
|
|
- job: "build:dev"
|
|
artifacts: true
|
|
|
|
docker:stable:
|
|
<<: *haproxy-docker
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-m
|
|
<<: *haproxy-stable
|
|
needs:
|
|
- job: "quictls"
|
|
artifacts: true
|
|
- job: "regtests:stable"
|
|
artifacts: false
|
|
- job: "build:stable"
|
|
artifacts: true
|
|
|
|
docker:dev:
|
|
<<: *haproxy-docker
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-m
|
|
<<: *haproxy-dev
|
|
needs:
|
|
- job: "quictls"
|
|
artifacts: true
|
|
- job: "regtests:dev"
|
|
artifacts: false
|
|
- job: "build:dev"
|
|
artifacts: true
|
|
|
|
debian:stable:
|
|
<<: *haproxy-debian
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-m
|
|
<<: *haproxy-stable
|
|
needs:
|
|
- *needs-dependencies
|
|
- job: "regtests:stable"
|
|
artifacts: false
|
|
|
|
debian:dev:
|
|
<<: *haproxy-debian
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-m
|
|
<<: *haproxy-dev
|
|
needs:
|
|
- *needs-dependencies
|
|
- job: "regtests:dev"
|
|
artifacts: false
|
|
|
|
quictls:tarball:
|
|
image: docker.io/curlimages/curl:latest
|
|
stage: publish
|
|
script: |
|
|
set -eu
|
|
|
|
PKG_VER="$(cat deps/quictls/Makefile | head -n1 | cut -d'=' -f2 | tr -d ' ')"
|
|
QUICTLS_VER="$PKG_VER"
|
|
if [ "$CI_COMMIT_REF_NAME" != "$CI_DEFAULT_BRANCH" ]; then
|
|
export PKG_VER="branch-$CI_COMMIT_REF_SLUG"
|
|
echo "Git reference $CI_COMMIT_REF_NAME is not the default branch. Setting version to $PKG_VER"
|
|
fi
|
|
|
|
curl -fsSL \
|
|
-H"JOB-TOKEN: $CI_JOB_TOKEN" \
|
|
--upload-file "deps/quictls/quictls-dist.tar.gz" \
|
|
"${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/quictls/$PKG_VER/quictls-$QUICTLS_VER.tar.gz"
|
|
needs:
|
|
- job: quictls
|
|
artifacts: true
|
|
- job: "regtests:dev"
|
|
artifacts: false
|
|
- job: "regtests:stable"
|
|
artifacts: false
|
|
variables:
|
|
<<: *default-variables
|
|
<<: *build-resources-xs
|