-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path.gitlab-ci.yml
86 lines (80 loc) · 2 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
stages:
- legal
- quality
- build
- check
- deploy
# stage: legal
include:
- project: 'tools/gitlab_ci_templates'
file: '/legal/copyright.yml'
allow_failure: true
pyflakes:
stage: quality
tags:
- bash
image: library/alpine:3.11
script:
- apk add --no-cache py3-pip
- pip3 install pyflakes
- pyflakes spec2policy.py
allow_failure: true
cache:
key: build-cache
paths:
- published/
policy: pull-push
build-policy:
stage: build
tags:
- tools
image: library/python:3.7-alpine3.11
artifacts:
when: on_success
paths:
- policy.json
script:
- apk add --no-cache coreutils
- cat "$CFG" | wc -c
- cat "$CFG" | base64 -di > $HOME/.ldapsync.cfg
- pip3 install --user pipenv
- export PATH=$HOME/.local/bin:$PATH
- pipenv sync
- pipenv install --system --deploy
- pipenv run python3 ./spec2policy.py matrix.yml policy.json
check-differences:
stage: check
when: on_success
tags:
- tools
image: library/python:3.7-alpine3.11
script:
- apk add --no-cache colordiff
- if [ -f published/policy.json ]; then ls -ls published/policy.json ; fi
- ls -ls policy.json
- if diff published/policy.json policy.json > /dev/null ; then echo "no differences" ; PUSH=0 ; else echo "policy.json to be pushed" ; PUSH=1 ; fi
- if [ "$PUSH" = "0" ]; then echo "Aborting pipeline..." ; exit 1 ; fi
- echo "======== Changes ========"
- colordiff --context=10 published/policy.json policy.json || true
- echo "========================="
push-policy:
stage: deploy
when: on_success
environment:
name: matrix
url: https://matrix.domain.com
tags:
- tools
image: library/python:3.7-alpine3.11
script:
- apk add --no-cache curl
- >
curl --insecure -XPUT
--data "@$(pwd)/policy.json"
-H "Authorization: Bearer $BEARER"
https://matrix.domain.com/_matrix/corporal/policy
- mkdir -p published/
- cp policy.json published/
only:
refs:
- master