ci: Release on multiple distributions & fix Docker multiple-step build
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
parent
797eb2334b
commit
262d1fcd4d
@ -6,8 +6,7 @@ stages:
|
|||||||
- build-js
|
- build-js
|
||||||
- sentry
|
- sentry
|
||||||
- test
|
- test
|
||||||
- docker
|
- build
|
||||||
- package
|
|
||||||
- upload
|
- upload
|
||||||
- deploy
|
- deploy
|
||||||
|
|
||||||
@ -125,7 +124,7 @@ deps:
|
|||||||
exunit:
|
exunit:
|
||||||
stage: test
|
stage: test
|
||||||
services:
|
services:
|
||||||
- name: postgis/postgis:14-3.2
|
- name: postgis/postgis:16-3.4
|
||||||
alias: postgres
|
alias: postgres
|
||||||
variables:
|
variables:
|
||||||
MIX_ENV: test
|
MIX_ENV: test
|
||||||
@ -164,7 +163,7 @@ vitest:
|
|||||||
e2e:
|
e2e:
|
||||||
stage: test
|
stage: test
|
||||||
services:
|
services:
|
||||||
- name: postgis/postgis:14-3.2
|
- name: postgis/postgis:16-3.4
|
||||||
alias: postgres
|
alias: postgres
|
||||||
variables:
|
variables:
|
||||||
MIX_ENV: "e2e"
|
MIX_ENV: "e2e"
|
||||||
@ -206,7 +205,7 @@ pages:
|
|||||||
- public
|
- public
|
||||||
|
|
||||||
.docker: &docker
|
.docker: &docker
|
||||||
stage: docker
|
stage: build
|
||||||
image: docker:24
|
image: docker:24
|
||||||
variables:
|
variables:
|
||||||
DOCKER_TLS_CERTDIR: "/certs"
|
DOCKER_TLS_CERTDIR: "/certs"
|
||||||
@ -214,6 +213,7 @@ pages:
|
|||||||
DOCKER_TLS_VERIFY: 1
|
DOCKER_TLS_VERIFY: 1
|
||||||
DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client"
|
DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client"
|
||||||
DOCKER_DRIVER: overlay2
|
DOCKER_DRIVER: overlay2
|
||||||
|
DOCKER_CLI_EXPERIMENTAL: enabled
|
||||||
services:
|
services:
|
||||||
- docker:24-dind
|
- docker:24-dind
|
||||||
cache: {}
|
cache: {}
|
||||||
@ -229,6 +229,8 @@ pages:
|
|||||||
# Install qemu/binfmt
|
# Install qemu/binfmt
|
||||||
- docker pull tonistiigi/binfmt:latest
|
- docker pull tonistiigi/binfmt:latest
|
||||||
- docker run --rm --privileged tonistiigi/binfmt:latest --install all
|
- docker run --rm --privileged tonistiigi/binfmt:latest --install all
|
||||||
|
# Install jq
|
||||||
|
- apk --no-cache add jq
|
||||||
# Login to DockerHub
|
# Login to DockerHub
|
||||||
- mkdir -p ~/.docker
|
- mkdir -p ~/.docker
|
||||||
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$CI_REGISTRY_AUTH\",\"email\":\"$CI_REGISTRY_EMAIL\"}}}" > ~/.docker/config.json
|
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$CI_REGISTRY_AUTH\",\"email\":\"$CI_REGISTRY_EMAIL\"}}}" > ~/.docker/config.json
|
||||||
@ -242,9 +244,9 @@ build-docker-main:
|
|||||||
when: never
|
when: never
|
||||||
- if: '$CI_PIPELINE_SOURCE == "schedule" || $CI_PIPELINE_TRIGGERED == "true"'
|
- if: '$CI_PIPELINE_SOURCE == "schedule" || $CI_PIPELINE_TRIGGERED == "true"'
|
||||||
script:
|
script:
|
||||||
- docker buildx build --push --platform linux/amd64 -t framasoft/mobilizon:main -f docker/production/Dockerfile .
|
- docker buildx build --platform linux/amd64 -t framasoft/mobilizon:main -f docker/production/Dockerfile .
|
||||||
|
|
||||||
build-and-push-to-latest-docker-tag:
|
build-docker-tag:
|
||||||
<<: *docker
|
<<: *docker
|
||||||
rules: &release-tag-rules
|
rules: &release-tag-rules
|
||||||
- if: '$CI_PROJECT_NAMESPACE != "framasoft"'
|
- if: '$CI_PROJECT_NAMESPACE != "framasoft"'
|
||||||
@ -257,9 +259,9 @@ build-and-push-to-latest-docker-tag:
|
|||||||
docker buildx build
|
docker buildx build
|
||||||
--push
|
--push
|
||||||
--platform linux/${ARCH}
|
--platform linux/${ARCH}
|
||||||
|
--provenance=false
|
||||||
--build-arg="${ERL_FLAGS}"
|
--build-arg="${ERL_FLAGS}"
|
||||||
-t framasoft/mobilizon:$CI_COMMIT_TAG
|
-t framasoft/mobilizon:${CI_COMMIT_TAG}-${ARCH}
|
||||||
-t framasoft/mobilizon:latest
|
|
||||||
-f docker/production/Dockerfile .
|
-f docker/production/Dockerfile .
|
||||||
parallel:
|
parallel:
|
||||||
matrix:
|
matrix:
|
||||||
@ -280,15 +282,49 @@ build-and-push-docker-tag:
|
|||||||
script:
|
script:
|
||||||
- >
|
- >
|
||||||
docker buildx build
|
docker buildx build
|
||||||
--push
|
|
||||||
--platform linux/amd64
|
--platform linux/amd64
|
||||||
-t framasoft/mobilizon:$CI_COMMIT_TAG
|
--provenance=false
|
||||||
|
-t framasoft/mobilizon:$CI_COMMIT_TAG-amd64
|
||||||
-f docker/production/Dockerfile .
|
-f docker/production/Dockerfile .
|
||||||
|
|
||||||
|
# Create manifest and push
|
||||||
|
docker-manifest-push:
|
||||||
|
<<: *docker
|
||||||
|
needs: ["build-docker-tag"]
|
||||||
|
rules: &release-tag-rules
|
||||||
|
- if: '$CI_PROJECT_NAMESPACE != "framasoft"'
|
||||||
|
when: never
|
||||||
|
- if: $CI_COMMIT_TAG != null
|
||||||
|
when: on_success
|
||||||
|
script:
|
||||||
|
- >
|
||||||
|
docker manifest create framasoft/mobilizon:${CI_COMMIT_TAG}
|
||||||
|
--amend framasoft/mobilizon:${CI_COMMIT_TAG}-amd64
|
||||||
|
--amend framasoft/mobilizon:${CI_COMMIT_TAG}-arm64
|
||||||
|
- docker manifest push --purge framasoft/mobilizon:${CI_COMMIT_TAG}
|
||||||
|
|
||||||
|
###
|
||||||
|
# Simply creating an alias to the tag doesn't work:
|
||||||
|
# « xxx is a manifest list »
|
||||||
|
# https://joonas.fi/2021/02/docker-multi-arch-image-tooling-buildx/
|
||||||
|
###
|
||||||
|
docker-latest:
|
||||||
|
<<: *docker
|
||||||
|
needs: ["docker-manifest-push"]
|
||||||
|
rules: &release-tag-rules
|
||||||
|
- if: '$CI_PROJECT_NAMESPACE != "framasoft"'
|
||||||
|
when: never
|
||||||
|
- if: $CI_COMMIT_TAG != null && $CI_COMMIT_TAG !~ /alpha|beta|rc/
|
||||||
|
when: on_success
|
||||||
|
script:
|
||||||
|
- echo docker manifest create framasoft/mobilizon:latest $(docker manifest inspect framasoft/mobilizon:$CI_COMMIT_TAG | jq '.manifests[] | .digest' | xargs -I {} echo framasoft/mobilizon@{})
|
||||||
|
- docker manifest create framasoft/mobilizon:latest $(docker manifest inspect framasoft/mobilizon:$CI_COMMIT_TAG | jq -r '.manifests[] | .digest' | xargs -I {} echo framasoft/mobilizon@{})
|
||||||
|
- docker manifest push --purge framasoft/mobilizon:latest
|
||||||
|
|
||||||
# Packaging app for amd64
|
# Packaging app for amd64
|
||||||
package-app:
|
package-app:
|
||||||
image: mobilizon/buildpack:1.15.5-erlang-26.0.2-debian-buster
|
image: mobilizon/buildpack:1.15.7-erlang-26.1.2-${SYSTEM}
|
||||||
stage: package
|
stage: build
|
||||||
variables: &release-variables
|
variables: &release-variables
|
||||||
MIX_ENV: "prod"
|
MIX_ENV: "prod"
|
||||||
DEBIAN_FRONTEND: noninteractive
|
DEBIAN_FRONTEND: noninteractive
|
||||||
@ -312,9 +348,23 @@ package-app:
|
|||||||
expire_in: 2 days
|
expire_in: 2 days
|
||||||
paths:
|
paths:
|
||||||
- ${APP_ASSET}
|
- ${APP_ASSET}
|
||||||
|
parallel:
|
||||||
|
matrix:
|
||||||
|
- SYSTEM:
|
||||||
|
[
|
||||||
|
"debian-bookworm",
|
||||||
|
"debian-bullseye",
|
||||||
|
"ubuntu-jammy",
|
||||||
|
"ubuntu-focal",
|
||||||
|
"ubuntu-bionic",
|
||||||
|
"alpine-3.17.5",
|
||||||
|
"alpine-3.18.4",
|
||||||
|
"fedora-38",
|
||||||
|
"fedora-39",
|
||||||
|
]
|
||||||
|
|
||||||
package-app-dev:
|
package-app-dev:
|
||||||
stage: package
|
stage: build
|
||||||
variables: *release-variables
|
variables: *release-variables
|
||||||
script: *release-script
|
script: *release-script
|
||||||
except:
|
except:
|
||||||
@ -326,7 +376,7 @@ package-app-dev:
|
|||||||
|
|
||||||
# Packaging app for multi-arch
|
# Packaging app for multi-arch
|
||||||
multi-arch-release:
|
multi-arch-release:
|
||||||
stage: package
|
stage: build
|
||||||
image: docker:24
|
image: docker:24
|
||||||
variables:
|
variables:
|
||||||
DOCKER_TLS_CERTDIR: "/certs"
|
DOCKER_TLS_CERTDIR: "/certs"
|
||||||
@ -366,6 +416,19 @@ multi-arch-release:
|
|||||||
parallel:
|
parallel:
|
||||||
matrix:
|
matrix:
|
||||||
- ARCH: ["arm64"]
|
- ARCH: ["arm64"]
|
||||||
|
## Currently not used as the hexpm base images do not have support for other architectures than amd64
|
||||||
|
# SYSTEM:
|
||||||
|
# [
|
||||||
|
# "debian-bookworm",
|
||||||
|
# "debian-bullseye",
|
||||||
|
# "ubuntu-jammy",
|
||||||
|
# "ubuntu-focal",
|
||||||
|
# "ubuntu-bionic",
|
||||||
|
# "alpine-3.17.5",
|
||||||
|
# "alpine-3.18.4",
|
||||||
|
# "fedora-38",
|
||||||
|
# "fedora-39",
|
||||||
|
# ]
|
||||||
rules:
|
rules:
|
||||||
- if: '$CI_COMMIT_TAG != null || $CI_PIPELINE_SOURCE == "schedule" || $CI_PIPELINE_TRIGGERED == "true"'
|
- if: '$CI_COMMIT_TAG != null || $CI_PIPELINE_SOURCE == "schedule" || $CI_PIPELINE_TRIGGERED == "true"'
|
||||||
timeout: 3h
|
timeout: 3h
|
||||||
|
@ -1,4 +1,6 @@
|
|||||||
FROM elixir:1.15 as build
|
ARG IMAGE="elixir:1.15"
|
||||||
|
|
||||||
|
FROM ${IMAGE} as build
|
||||||
SHELL ["/bin/bash", "-c"]
|
SHELL ["/bin/bash", "-c"]
|
||||||
ENV MIX_ENV prod
|
ENV MIX_ENV prod
|
||||||
# ENV LANG en_US.UTF-8
|
# ENV LANG en_US.UTF-8
|
||||||
@ -12,7 +14,7 @@ ENV ERL_FLAGS=$ERL_FLAGS
|
|||||||
# Set the right versions
|
# Set the right versions
|
||||||
ENV ELIXIR_VERSION latest
|
ENV ELIXIR_VERSION latest
|
||||||
ENV ERLANG_VERSION latest
|
ENV ERLANG_VERSION latest
|
||||||
ENV NODE_VERSION 18
|
ENV NODE_VERSION 20
|
||||||
|
|
||||||
# Install system dependencies
|
# Install system dependencies
|
||||||
RUN apt-get update -yq && apt-get install -yq build-essential cmake postgresql-client git curl gnupg unzip exiftool webp imagemagick gifsicle
|
RUN apt-get update -yq && apt-get install -yq build-essential cmake postgresql-client git curl gnupg unzip exiftool webp imagemagick gifsicle
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
# First build the application assets
|
# First build the application assets
|
||||||
FROM node:18-alpine as assets
|
FROM node:20-alpine as assets
|
||||||
|
|
||||||
RUN apk add --no-cache python3 build-base libwebp-tools bash imagemagick ncurses
|
RUN apk add --no-cache python3 build-base libwebp-tools bash imagemagick ncurses
|
||||||
WORKDIR /build
|
WORKDIR /build
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
FROM elixir:latest
|
FROM elixir:latest
|
||||||
LABEL maintainer="Thomas Citharel <tcit@tcit.fr>"
|
LABEL maintainer="Thomas Citharel <thomas.citharel@framasoft.org>"
|
||||||
|
|
||||||
ENV REFRESHED_AT=2023-08-17
|
ENV REFRESHED_AT=2023-11-20
|
||||||
RUN apt-get update -yq && apt-get install -yq build-essential inotify-tools postgresql-client git curl gnupg xvfb libgtk-3-dev libnotify-dev libgconf-2-4 libnss3 libxss1 libasound2 cmake exiftool python3-pip python3-setuptools
|
RUN apt-get update -yq && apt-get install -yq build-essential inotify-tools postgresql-client git curl gnupg xvfb libgtk-3-dev libnotify-dev libgconf-2-4 libnss3 libxss1 libasound2 cmake exiftool python3-pip python3-setuptools
|
||||||
RUN curl -sL https://deb.nodesource.com/setup_20.x | bash && apt-get install nodejs -yq
|
RUN curl -sL https://deb.nodesource.com/setup_20.x | bash && apt-get install nodejs -yq
|
||||||
RUN npm install -g wait-on
|
RUN npm install -g wait-on
|
||||||
|
Loading…
Reference in New Issue
Block a user