friendica/.drone.yml

572 lines
14 KiB
YAML

kind: pipeline
type: docker
name: Check messages.po
steps:
- name: Run default Xgettext
image: friendicaci/transifex
commands:
- ./bin/run_xgettext.sh
- name: Check default
image: friendicaci/transifex
commands:
- /check-messages.sh
---
kind: pipeline
type: docker
name: Integrity checks
steps:
- name: Check database version
image: alpine
commands:
- export DBSTRUCTURE_VERSION="$(sed -rn "s/.*'DB_UPDATE_VERSION', ([0-9]+).*/\1/p" static/dbstructure.config.php)"
- export DATABASE_VERSION="$(sed -rn 's/.*DB_UPDATE_VERSION ([0-9]+).*/\1/p' database.sql)"
- echo "Database $DATABASE_VERSION - DB-Structure $DBSTRUCTURE_VERSION"
- if [[ "$DBSTRUCTURE_VERSION" != "$DATABASE_VERSION" ]]; then
echo "Database version mismatch.";
exit 1;
fi
---
kind: pipeline
type: docker
name: php7.3-lint
steps:
- name: Test
image: php:7.3
commands:
- ./bin/composer.phar run lint
---
kind: pipeline
type: docker
name: php7.4-lint
steps:
- name: Test
image: php:7.4
commands:
- ./bin/composer.phar run lint
---
kind: pipeline
type: docker
name: php8.0-lint
steps:
- name: Test
image: php:8.0
commands:
- ./bin/composer.phar run lint
---
kind: pipeline
type: docker
name: php-cs check
trigger:
event:
- pull_request
steps:
- name: Restore cache
image: meltwater/drone-cache:dev
settings:
backend: "filesystem"
restore: true
cache_key: '{{ .Repo.Name }}_phpcs_{{ arch }}_{{ os }}'
archive_format: "gzip"
mount:
- '.composer'
volumes:
- name: cache
path: /tmp/cache
- name: Install dependencies
image: composer
commands:
- export COMPOSER_HOME=.composer
- ./bin/composer.phar run cs:install
- name: Rebuild cache
image: meltwater/drone-cache:dev
settings:
backend: "filesystem"
rebuild: true
cache_key: '{{ .Repo.Name }}_phpcs_{{ arch }}_{{ os }}'
archive_format: "gzip"
mount:
- '.composer'
volumes:
- name: cache
path: /tmp/cache
- name: Run coding standards check
image: friendicaci/php-cs
commands:
- export CHANGED_FILES="$(git diff --name-status ${DRONE_COMMIT_BEFORE}..${DRONE_COMMIT_AFTER} | grep ^A | cut -f2)"
- /check-php-cs.sh
volumes:
- name: cache
host:
path: /tmp/drone-cache
---
kind: pipeline
type: docker
name: php7.3-mariadb
depends_on:
- php7.3-lint
steps:
- name: Restore cache
image: meltwater/drone-cache:dev
settings:
backend: "filesystem"
restore: true
cache_key: '{{ .Repo.Name }}_php73_{{ arch }}_{{ os }}'
archive_format: "gzip"
mount:
- '.composer'
volumes:
- name: cache
path: /tmp/cache
- name: Composer install
image: friendicaci/php7.3:php7.3.28
commands:
- export COMPOSER_HOME=.composer
- ./bin/composer.phar validate
- ./bin/composer.phar install --prefer-dist
- name: Rebuild cache
image: meltwater/drone-cache:dev
settings:
backend: "filesystem"
rebuild: true
cache_key: '{{ .Repo.Name }}_php73_{{ arch }}_{{ os }}'
archive_format: "gzip"
mount:
- '.composer'
volumes:
- name: cache
path: /tmp/cache
- name: Test Friendica
image: friendicaci/php7.3:php7.3.28
environment:
MYSQL_HOST: "mariadb"
MYSQL_PORT: 3306
MYSQL_DATABASE: "test"
MYSQL_PASSWORD: "test"
MYSQL_USER: "test"
REDIS_HOST: "redis"
MEMCACHED_HOST: "memcached"
MEMCACHE_HOST: "memcached"
commands:
- cp config/local-sample.config.php config/local.config.php
- if ! bin/wait-for-connection $MYSQL_HOST $MYSQL_PORT 300; then echo "[ERROR] Waited 300 seconds, no response" >&2; exit 1; fi
- mysql -h$MYSQL_HOST -P$MYSQL_PORT -p$MYSQL_PASSWORD -u$MYSQL_USER $MYSQL_DATABASE < database.sql
- phpunit --configuration tests/phpunit.xml
services:
- name: mariadb
image: mariadb:latest
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: "true"
MYSQL_DATABASE: "test"
MYSQL_PASSWORD: "test"
MYSQL_USER: "test"
tmpfs:
- /var/lib/mysql
- name: memcached
image: memcached
- name: redis
image: redis
volumes:
- name: cache
host:
path: /tmp/drone-cache
---
kind: pipeline
type: docker
name: php7.4-mariadb
depends_on:
- php7.4-lint
steps:
- name: Restore cache
image: meltwater/drone-cache:dev
settings:
backend: "filesystem"
restore: true
cache_key: '{{ .Repo.Name }}_php74_{{ arch }}_{{ os }}'
archive_format: "gzip"
mount:
- '.composer'
volumes:
- name: cache
path: /tmp/cache
- name: Composer install
image: friendicaci/php7.4:php7.4.18
commands:
- export COMPOSER_HOME=.composer
- ./bin/composer.phar validate
- ./bin/composer.phar install --prefer-dist
- name: Rebuild cache
image: meltwater/drone-cache:dev
settings:
backend: "filesystem"
rebuild: true
cache_key: '{{ .Repo.Name }}_php74_{{ arch }}_{{ os }}'
archive_format: "gzip"
mount:
- '.composer'
volumes:
- name: cache
path: /tmp/cache
- name: Test Friendica
image: friendicaci/php7.4:php7.4.18
environment:
MYSQL_HOST: "mariadb"
MYSQL_PORT: 3306
MYSQL_DATABASE: "test"
MYSQL_PASSWORD: "test"
MYSQL_USER: "test"
REDIS_HOST: "redis"
MEMCACHED_HOST: "memcached"
MEMCACHE_HOST: "memcached"
XDEBUG_MODE: "coverage"
commands:
- phpenmod xdebug
- cp config/local-sample.config.php config/local.config.php
- if ! bin/wait-for-connection $MYSQL_HOST $MYSQL_PORT 300; then echo "[ERROR] Waited 300 seconds, no response" >&2; exit 1; fi
- mysql -h$MYSQL_HOST -P$MYSQL_PORT -p$MYSQL_PASSWORD -u$MYSQL_USER $MYSQL_DATABASE < database.sql
- phpunit --configuration tests/phpunit.xml --coverage-clover clover.xml
- name: Codecov
image: plugins/codecov
when:
repo:
- friendica/friendica
settings:
token:
from_secret: codecov-token
files:
- clover.xml
services:
- name: mariadb
image: mariadb:latest
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: "true"
MYSQL_DATABASE: "test"
MYSQL_PASSWORD: "test"
MYSQL_USER: "test"
tmpfs:
- /var/lib/mysql
- name: memcached
image: memcached
- name: redis
image: redis
volumes:
- name: cache
host:
path: /tmp/drone-cache
---
kind: pipeline
type: docker
name: php8.0-mariadb
depends_on:
- php8.0-lint
steps:
- name: Restore cache
image: meltwater/drone-cache:dev
settings:
backend: "filesystem"
restore: true
cache_key: '{{ .Repo.Name }}_php80_{{ arch }}_{{ os }}'
archive_format: "gzip"
mount:
- '.composer'
volumes:
- name: cache
path: /tmp/cache
- name: Composer install
image: friendicaci/php8.0:php8.0.5
commands:
- export COMPOSER_HOME=.composer
- ./bin/composer.phar validate
- ./bin/composer.phar install --prefer-dist
- name: Rebuild cache
image: meltwater/drone-cache:dev
settings:
backend: "filesystem"
rebuild: true
cache_key: '{{ .Repo.Name }}_php80_{{ arch }}_{{ os }}'
archive_format: "gzip"
mount:
- '.composer'
volumes:
- name: cache
path: /tmp/cache
- name: Test Friendica
image: friendicaci/php8.0:php8.0.5
environment:
MYSQL_HOST: "mariadb"
MYSQL_PORT: 3306
MYSQL_DATABASE: "test"
MYSQL_PASSWORD: "test"
MYSQL_USER: "test"
REDIS_HOST: "redis"
MEMCACHED_HOST: "memcached"
MEMCACHE_HOST: "memcached"
commands:
- cp config/local-sample.config.php config/local.config.php
- if ! bin/wait-for-connection $MYSQL_HOST $MYSQL_PORT 300; then echo "[ERROR] Waited 300 seconds, no response" >&2; exit 1; fi
- mysql -h$MYSQL_HOST -P$MYSQL_PORT -p$MYSQL_PASSWORD -u$MYSQL_USER $MYSQL_DATABASE < database.sql
- phpunit --configuration tests/phpunit.xml
services:
- name: mariadb
image: mariadb:latest
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: "true"
MYSQL_DATABASE: "test"
MYSQL_PASSWORD: "test"
MYSQL_USER: "test"
tmpfs:
- /var/lib/mysql
- name: memcached
image: memcached
- name: redis
image: redis
volumes:
- name: cache
host:
path: /tmp/drone-cache
---
kind: pipeline
type: docker
name: continuous-deployment
depends_on:
- php7.3-mariadb
- php7.4-mariadb
- php8.0-mariadb
trigger:
repo:
- friendica/friendica
branch:
- develop
- 20*-rc
event:
- push
node:
node: releaser # This prevents executing this pipeline at other servers than drone.friendi.ca
steps:
- name: Restore cache
image: meltwater/drone-cache:dev
settings:
backend: "filesystem"
restore: true
cache_key: '{{ .Repo.Name }}_php74_{{ arch }}_{{ os }}'
archive_format: "gzip"
mount:
- '.composer'
volumes:
- name: cache
path:
/tmp/cache
- name: Composer install
image: friendicaci/php7.4:php7.4.18
commands:
- export COMPOSER_HOME=.composer
- composer validate
- composer install --no-dev --optimize-autoloader
- name: Create artifacts
image: debian
commands:
- apt-get update
- apt-get install bzip2
- mkdir ./build
- export VERSION="$(cat VERSION)"
- # Create artifact
- export RELEASE="friendica-full-$VERSION"
- export ARTIFACT="$RELEASE.tar.gz"
- tar
--transform "s,^,$RELEASE/,"
-X mods/release-list-exclude.txt
-T mods/release-list-include.txt
-cvzf ./build/$ARTIFACT
- # calculate SHA256 checksum
- cd ./build
- sha256sum "$ARTIFACT" > "$ARTIFACT.sum256"
- chmod 664 ./*
- ls -lh
- # output the sha256 sum for checking
- cat "$ARTIFACT.sum256"
- sha256sum "$ARTIFACT"
- name: Sign artifacts
image: plugins/gpgsign
settings:
key:
from_secret: gpg_key
passphrase:
from_secret: gpg_password
files:
- build/*
exclude:
- build/*.sum256
detach_sign: true
- name: Upload artifacts
image: alpine
environment:
LFTP_HOST:
from_secret: sftp_host
LFTP_USER:
from_secret: sftp_user
LFTP_KEY:
from_secret: ssh_key
LFTP_PORT: "22"
LFTP_SOURCE: "build"
LFTP_TARGET: "/http"
commands:
- apk add lftp openssh openssl
- touch drone.key
- chmod 400 drone.key
- echo "$LFTP_KEY" | openssl base64 -A -d > drone.key
- lftp -c "
set net:timeout 5;
set net:max-retries 2;
set net:reconnect-interval-base 5;
set sftp:auto-confirm true;
set sftp:connect-program 'ssh -q -a -x -i drone.key';
connect sftp://$LFTP_USER:@$LFTP_HOST:$LFTP_PORT;
cd $LFTP_TARGET;
mput $LFTP_SOURCE/*;
"
- rm drone.key
volumes:
- name: cache
host:
path: /tmp/drone-cache
---
kind: pipeline
type: docker
name: release-deployment
depends_on:
- php7.3-mariadb
- php7.4-mariadb
- php8.0-mariadb
trigger:
repo:
- friendica/friendica
branch:
- stable
event:
- tag
node:
node: releaser # This prevents executing this pipeline at other servers than drone.friendi.ca
steps:
- name: Restore cache
image: meltwater/drone-cache:dev
settings:
backend: "filesystem"
restore: true
cache_key: '{{ .Repo.Name }}_php74_{{ arch }}_{{ os }}'
archive_format: "gzip"
mount:
- '.composer'
volumes:
- name: cache
path:
/tmp/cache
- name: Composer install
image: friendicaci/php7.4:php7.4.18
commands:
- export COMPOSER_HOME=.composer
- composer validate
- composer install --no-dev --optimize-autoloader
- name: Create artifacts
image: debian
commands:
- apt-get update
- apt-get install bzip2
- mkdir ./build
- export VERSION="$(cat VERSION)"
- # Create artifact
- export RELEASE="friendica-full-$VERSION"
- export ARTIFACT="$RELEASE.tar.gz"
- tar
--transform "s,^,$RELEASE/,"
-X mods/release-list-exclude.txt
-T mods/release-list-include.txt
-cvzf ./build/$ARTIFACT
- # calculate SHA256 checksum
- cd ./build
- sha256sum "$ARTIFACT" > "$ARTIFACT.sum256"
- chmod 664 ./*
- ls -lh
- # output the sha256 sum for checking
- cat "$ARTIFACT.sum256"
- sha256sum "$ARTIFACT"
- name: Sign artifacts
image: plugins/gpgsign
settings:
key:
from_secret: gpg_key
passphrase:
from_secret: gpg_password
files:
- build/*
exclude:
- build/*.sum256
detach_sign: true
- name: Upload artifacts
image: alpine
environment:
LFTP_HOST:
from_secret: sftp_host
LFTP_USER:
from_secret: sftp_user
LFTP_KEY:
from_secret: ssh_key
LFTP_PORT: "22"
LFTP_SOURCE: "build"
LFTP_TARGET: "/http"
commands:
- apk add lftp openssh openssl
- touch drone.key
- chmod 400 drone.key
- echo "$LFTP_KEY" | openssl base64 -A -d > drone.key
- lftp -c "
set net:timeout 5;
set net:max-retries 2;
set net:reconnect-interval-base 5;
set sftp:auto-confirm true;
set sftp:connect-program 'ssh -q -a -x -i drone.key';
connect sftp://$LFTP_USER:@$LFTP_HOST:$LFTP_PORT;
cd $LFTP_TARGET;
mput $LFTP_SOURCE/*;
"
- rm drone.key
volumes:
- name: cache
host:
path: /tmp/drone-cache