Skip to content
Snippets Groups Projects
Commit 1e0060b0 authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

Merge branch 'feat/improvements' into 'master' 

Feat/improvements

Closes #30

See merge request to-be-continuous/python!40
parents 6e74b254 eb115a23
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
.releaserc.yml
+ 2
1
View file @ 1e0060b0
...@@ -6,7 +6,8 @@ plugins: [ ...@@ -6,7 +6,8 @@ plugins: [
[ [
"@semantic-release/exec", "@semantic-release/exec",
{ {
"prepareCmd": "./bumpversion.sh \"${lastRelease.version}\" \"${nextRelease.version}\" \"${nextRelease.type}\"" "prepareCmd": "./bumpversion.sh \"${lastRelease.version}\" \"${nextRelease.version}\" \"${nextRelease.type}\"",
"successCmd": "./post-release.sh \"${nextRelease.version}\""
} }
], ],
[ [
......
post-release.sh 0 → 100755
+ 35
0
View file @ 1e0060b0
#!/usr/bin/env bash
function log_info() {
>&2 echo -e "[\\e[1;94mINFO\\e[0m] $*"
}
function log_warn() {
>&2 echo -e "[\\e[1;93mWARN\\e[0m] $*"
}
function log_error() {
>&2 echo -e "[\\e[1;91mERROR\\e[0m] $*"
}
# check number of arguments
if [[ "$#" -lt 1 ]]; then
log_error "Missing arguments"
log_error "Usage: $0 <next version>"
exit 1
fi
nextVer=$1
minorVer=${nextVer%\.[0-9]*}
majorVer=${nextVer%\.[0-9]*\.[0-9]*}
log_info "Creating minor version tag alias \\e[33;1m${minorVer}\\e[0m from $nextVer..."
git tag --force -a "$minorVer" "$nextVer" -m "Minor version alias (targets $nextVer)"
log_info "Creating major version tag alias \\e[33;1m${majorVer}\\e[0m from $nextVer..."
git tag --force -a "$majorVer" "$nextVer" -m "Major version alias (targets $nextVer)"
log_info "Pushing tags..."
git_base_url=$(echo "$CI_REPOSITORY_URL" | cut -d\@ -f2)
git_auth_url="https://token:${GITLAB_TOKEN}@${git_base_url}"
git push --tags --force "$git_auth_url"
renovate.json
+ 2
1
View file @ 1e0060b0
{ {
"$schema": "https://docs.renovatebot.com/renovate-schema.json", "$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [ "extends": [
"config:base" "config:base",
":disableDependencyDashboard"
] ]
} }
templates/gitlab-ci-python.yml
+ 38
77
View file @ 1e0060b0
...@@ -13,7 +13,18 @@ ...@@ -13,7 +13,18 @@
# program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth # program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
# Floor, Boston, MA 02110-1301, USA. # Floor, Boston, MA 02110-1301, USA.
# ========================================================================================= # =========================================================================================
# default workflow rules
workflow:
rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
- when: always
variables: variables:
# variabilized tracking image
TBC_TRACKING_IMAGE: "$CI_REGISTRY/to-be-continuous/tools/tracking:master"
# Change pip's cache directory to be inside the project directory since we can # Change pip's cache directory to be inside the project directory since we can
# only cache local items. # only cache local items.
PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip" PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip"
...@@ -54,7 +65,6 @@ variables: ...@@ -54,7 +65,6 @@ variables:
PYTHON_REPOSITORY_USERNAME: 'gitlab-ci-token' PYTHON_REPOSITORY_USERNAME: 'gitlab-ci-token'
PYTHON_REPOSITORY_PASSWORD: $CI_JOB_TOKEN PYTHON_REPOSITORY_PASSWORD: $CI_JOB_TOKEN
.python-scripts: &python-scripts | .python-scripts: &python-scripts |
# BEGSCRIPT # BEGSCRIPT
set -e set -e
...@@ -494,7 +504,7 @@ variables: ...@@ -494,7 +504,7 @@ variables:
# 3: Git commit, tag and push # 3: Git commit, tag and push
log_info "--- git push commit and tag..." log_info "--- git push commit and tag..."
git push "$git_auth_url" "$CI_BUILD_REF_NAME" git push "$git_auth_url" "$CI_COMMIT_REF_NAME"
git push "$git_auth_url" --tags git push "$git_auth_url" --tags
# 4: build new version distribution # 4: build new version distribution
...@@ -522,25 +532,6 @@ variables: ...@@ -522,25 +532,6 @@ variables:
fi fi
} }
function get_latest_template_version() {
tag_json=$(wget -T 5 -q -O - "$CI_API_V4_URL/projects/to-be-continuous%2F$1/repository/tags?per_page=1" || echo "")
echo "$tag_json" | sed -rn 's/^.*"name":"([^"]*)".*$/\1/p'
}
function check_for_update() {
template="$1"
actual="$2"
latest=$(get_latest_template_version "$template")
if [[ -n "$latest" ]] && [[ "$latest" != "$actual" ]]
then
log_warn "\\e[1;93m=======================================================================================================\\e[0m"
log_warn "\\e[93mThe template \\e[32m$template\\e[93m:\\e[33m$actual\\e[93m you're using is not up-to-date: consider upgrading to version \\e[32m$latest\\e[0m"
log_warn "\\e[93m(set \$TEMPLATE_CHECK_UPDATE_DISABLED to disable this message)\\e[0m"
log_warn "\\e[1;93m=======================================================================================================\\e[0m"
fi
}
if [[ "$TEMPLATE_CHECK_UPDATE_DISABLED" != "true" ]]; then check_for_update python "4.0.1"; fi
unscope_variables unscope_variables
# ENDSCRIPT # ENDSCRIPT
...@@ -551,7 +542,7 @@ variables: ...@@ -551,7 +542,7 @@ variables:
.python-base: .python-base:
image: $PYTHON_IMAGE image: $PYTHON_IMAGE
services: services:
- name: "$CI_REGISTRY/to-be-continuous/tools/tracking:master" - name: "$TBC_TRACKING_IMAGE"
command: ["--service", "python", "4.0.1"] command: ["--service", "python", "4.0.1"]
# Cache downloaded dependencies and plugins between builds. # Cache downloaded dependencies and plugins between builds.
# To keep cache across branches add 'key: "$CI_JOB_NAME"' # To keep cache across branches add 'key: "$CI_JOB_NAME"'
...@@ -588,9 +579,6 @@ py-package: ...@@ -588,9 +579,6 @@ py-package:
paths: paths:
- $PYTHON_PROJECT_DIR/dist/* - $PYTHON_PROJECT_DIR/dist/*
rules: rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
- if: '$PYTHON_PACKAGE_ENABLED == "true"' - if: '$PYTHON_PACKAGE_ENABLED == "true"'
py-lint: py-lint:
...@@ -620,16 +608,15 @@ py-lint: ...@@ -620,16 +608,15 @@ py-lint:
paths: paths:
- $PYTHON_PROJECT_DIR/reports/ - $PYTHON_PROJECT_DIR/reports/
rules: rules:
# exclude merge requests # exclude if $PYLINT_ENABLED not set
- if: $CI_MERGE_REQUEST_ID - if: '$PYLINT_ENABLED != "true"'
when: never when: never
# on production branch(es): if $PYLINT_ENABLED is set # on non-production, non-integration branches: manual & non-blocking
- if: '$PYLINT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $PROD_REF' - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
# on integration branch(es): if $PYLINT_ENABLED is set when: manual
- if: '$PYLINT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $INTEG_REF'
# on non-production, non-integration branches, with $PYLINT_ENABLED set: auto & non-blocking
- if: '$PYLINT_ENABLED == "true"'
allow_failure: true allow_failure: true
# else: manual & non-blocking
- when: always
py-compile: py-compile:
extends: .python-base extends: .python-base
...@@ -638,9 +625,6 @@ py-compile: ...@@ -638,9 +625,6 @@ py-compile:
- install_requirements - install_requirements
- _python -m compileall $PYTHON_COMPILE_ARGS - _python -m compileall $PYTHON_COMPILE_ARGS
rules: rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
# on any branch: only when none of supported unit test framework is enabled # on any branch: only when none of supported unit test framework is enabled
- if: '$UNITTEST_ENABLED != "true" && $PYTEST_ENABLED != "true" && $NOSETESTS_ENABLED != "true"' - if: '$UNITTEST_ENABLED != "true" && $PYTEST_ENABLED != "true" && $NOSETESTS_ENABLED != "true"'
...@@ -673,9 +657,6 @@ py-unittest: ...@@ -673,9 +657,6 @@ py-unittest:
paths: paths:
- $PYTHON_PROJECT_DIR/reports/ - $PYTHON_PROJECT_DIR/reports/
rules: rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
# on any branch: when $UNITTEST_ENABLED is set # on any branch: when $UNITTEST_ENABLED is set
- if: '$UNITTEST_ENABLED == "true"' - if: '$UNITTEST_ENABLED == "true"'
...@@ -700,9 +681,6 @@ py-pytest: ...@@ -700,9 +681,6 @@ py-pytest:
paths: paths:
- $PYTHON_PROJECT_DIR/reports/ - $PYTHON_PROJECT_DIR/reports/
rules: rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
# on any branch: when $PYTEST_ENABLED is set # on any branch: when $PYTEST_ENABLED is set
- if: '$PYTEST_ENABLED == "true"' - if: '$PYTEST_ENABLED == "true"'
...@@ -726,9 +704,6 @@ py-nosetests: ...@@ -726,9 +704,6 @@ py-nosetests:
paths: paths:
- $PYTHON_PROJECT_DIR/reports/ - $PYTHON_PROJECT_DIR/reports/
rules: rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
# on any branch: when $NOSETESTS_ENABLED is set # on any branch: when $NOSETESTS_ENABLED is set
- if: '$NOSETESTS_ENABLED == "true"' - if: '$NOSETESTS_ENABLED == "true"'
...@@ -757,17 +732,15 @@ py-bandit: ...@@ -757,17 +732,15 @@ py-bandit:
paths: paths:
- $PYTHON_PROJECT_DIR/reports/ - $PYTHON_PROJECT_DIR/reports/
rules: rules:
# exclude merge requests # exclude if $BANDIT_ENABLED not set
- if: $CI_MERGE_REQUEST_ID - if: '$BANDIT_ENABLED != "true"'
when: never when: never
# on production branch(es): if $BANDIT_ENABLED is set # on non-production, non-integration branches: manual & non-blocking
- if: '$BANDIT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $PROD_REF' - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
# on integration branch(es): if $BANDIT_ENABLED is set
- if: '$BANDIT_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $INTEG_REF'
# on non-production, non-integration branches, with $BANDIT_ENABLED set: manual & non-blocking
- if: '$BANDIT_ENABLED == "true"'
when: manual when: manual
allow_failure: true allow_failure: true
# else: manual & non-blocking
- when: always
# Safety (dependency check) # Safety (dependency check)
py-safety: py-safety:
...@@ -795,17 +768,15 @@ py-safety: ...@@ -795,17 +768,15 @@ py-safety:
paths: paths:
- $PYTHON_PROJECT_DIR/reports/ - $PYTHON_PROJECT_DIR/reports/
rules: rules:
# exclude merge requests # exclude if $SAFETY_ENABLED not set
- if: $CI_MERGE_REQUEST_ID - if: '$SAFETY_ENABLED != "true"'
when: never when: never
# on production branch(es): if $SAFETY_ENABLED is set # on non-production, non-integration branches: manual & non-blocking
- if: '$SAFETY_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $PROD_REF' - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
# on integration branch(es): if $SAFETY_ENABLED is set
- if: '$SAFETY_ENABLED == "true" && $CI_COMMIT_REF_NAME =~ $INTEG_REF'
# on non-production, non-integration branches, with $SAFETY_ENABLED set: manual & non-blocking
- if: '$SAFETY_ENABLED == "true"'
when: manual when: manual
allow_failure: true allow_failure: true
# else: manual & non-blocking
- when: always
# Trivy (dependency check) # Trivy (dependency check)
py-trivy: py-trivy:
...@@ -856,19 +827,15 @@ py-trivy: ...@@ -856,19 +827,15 @@ py-trivy:
paths: paths:
- $PYTHON_PROJECT_DIR/reports/ - $PYTHON_PROJECT_DIR/reports/
rules: rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
# on production branch(es): if $TRIVY_ENABLED is set
# exclude if $PYTHON_TRIVY_ENABLED not set # exclude if $PYTHON_TRIVY_ENABLED not set
- if: '$PYTHON_TRIVY_ENABLED != "true"' - if: '$PYTHON_TRIVY_ENABLED != "true"'
when: never when: never
# on production or integration branches: auto
- if: '$CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF'
# on non-production, non-integration branches: manual & non-blocking # on non-production, non-integration branches: manual & non-blocking
- if: '$PYTHON_TRIVY_ENABLED == "true"' # useless but prevents GitLab warning - if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
when: manual when: manual
allow_failure: true allow_failure: true
# else: manual & non-blocking
- when: always
# (manual from master branch): triggers a release (tag creation) # (manual from master branch): triggers a release (tag creation)
py-release: py-release:
...@@ -877,23 +844,17 @@ py-release: ...@@ -877,23 +844,17 @@ py-release:
script: script:
- git config --global user.email "$GITLAB_USER_EMAIL" - git config --global user.email "$GITLAB_USER_EMAIL"
- git config --global user.name "$GITLAB_USER_LOGIN" - git config --global user.name "$GITLAB_USER_LOGIN"
- git checkout -B $CI_BUILD_REF_NAME - git checkout -B $CI_COMMIT_REF_NAME
- configure_scm_auth - configure_scm_auth
- _release - _release
artifacts: artifacts:
paths: paths:
- $PYTHON_PROJECT_DIR/dist/* - $PYTHON_PROJECT_DIR/dist/*
rules: rules:
# exclude merge requests
- if: $CI_MERGE_REQUEST_ID
when: never
# exclude if $PYTHON_RELEASE_ENABLED not set # exclude if $PYTHON_RELEASE_ENABLED not set
- if: '$PYTHON_RELEASE_ENABLED != "true"' - if: '$PYTHON_RELEASE_ENABLED != "true"'
when: never when: never
# exclude on non-prod, non-integ branches # on production or integration branch: manual, non blocking
- if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF' - if: '$CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF'
when: never
# else: manual
- if: '$PYTHON_RELEASE_ENABLED == "true"' # useless but prevents GitLab warning
when: manual when: manual
allow_failure: true allow_failure: true
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment