# .gitlab-ci.yml # # polkadot # # pipelines can be triggered manually in the web # setting DEPLOY_TAG will only deploy the tagged image # # please do not add new jobs without "rules:" and "*-env". There are &rules-test for everything, # &rules-pr-only and &rules-build presets. And "kubernetes-env" with "docker-env" to set a runner # which executes the job. stages: - build - publish - deploy image: paritytech/ci-linux:production workflow: rules: - if: $CI_COMMIT_TAG - if: $CI_COMMIT_BRANCH variables: GIT_STRATEGY: fetch GIT_DEPTH: 100 CI_SERVER_NAME: "GitLab CI" DOCKER_OS: "debian:stretch" ARCH: "x86_64" default: cache: {} .collect-artifacts: &collect-artifacts artifacts: name: "${CI_JOB_NAME}_${CI_COMMIT_REF_NAME}" when: on_success expire_in: 28 days paths: - artifacts/ .kubernetes-env: &kubernetes-env tags: - kubernetes-parity-build interruptible: true .docker-env: &docker-env retry: max: 2 when: - runner_system_failure - unknown_failure - api_failure interruptible: true tags: - linux-docker .compiler-info: &compiler-info before_script: - rustup show - cargo --version - sccache -s .rules-build: &rules-build rules: # Due to https://gitlab.com/gitlab-org/gitlab/-/issues/31264 there's no way to setup a manual # build job so that publish-docker-rococo would "needs" build-linux-rococo job. This leads # either to blocked or to forever running pipeline. It was decided to run these jobs from UI # and on schedule. # # $PIPELINE should be passed in https://gitlab.parity.io/parity/polkadot/-/pipeline_schedules # or other trigger to avoid running these jobs and run just those allowing this variable. - if: $PIPELINE == "rococo" when: never - if: $CI_PIPELINE_SOURCE == "web" - if: $CI_PIPELINE_SOURCE == "schedule" - if: $CI_COMMIT_REF_NAME == "master" - if: $CI_COMMIT_REF_NAME =~ /^v[0-9]+\.[0-9]+.*$/ # i.e. v1.0, v2.1rc1 .rules-test: &rules-test # these jobs run always* rules: - if: $PIPELINE == "rococo" when: never - when: always .pr-only: &rules-pr-only # these jobs run only on PRs rules: - if: $PIPELINE == "rococo" when: never - if: $CI_PIPELINE_SOURCE == "schedule" when: never - if: $CI_COMMIT_REF_NAME =~ /^[0-9]+$/ # PRs .pack-artifacts: &pack-artifacts - mkdir -p ./artifacts - VERSION="${CI_COMMIT_REF_NAME}" # will be tag or branch name - mv ./target/release/polkadot ./artifacts/. - sha256sum ./artifacts/polkadot | tee ./artifacts/polkadot.sha256 - if [ "${CI_COMMIT_TAG}" ]; then EXTRATAG="latest"; else EXTRATAG="$(./artifacts/polkadot --version | sed -n -r 's/^polkadot ([0-9.]+.*-[0-9a-f]{7,13})-.*$/\1/p')"; EXTRATAG="${CI_COMMIT_REF_NAME}-${EXTRATAG}-$(cut -c 1-8 ./artifacts/polkadot.sha256)"; fi - echo "Polkadot version = ${VERSION} (EXTRATAG ${EXTRATAG})" - echo -n ${VERSION} > ./artifacts/VERSION - echo -n ${EXTRATAG} > ./artifacts/EXTRATAG - cp -r scripts/docker/* ./artifacts build-linux-release: stage: build <<: *collect-artifacts <<: *docker-env <<: *compiler-info rules: # .rules-test with manual on PRs - if: $PIPELINE == "rococo" when: never - if: $CI_COMMIT_REF_NAME =~ /^[0-9]+$/ # PRs when: manual allow_failure: true - when: always script: - time cargo build --release --verbose - sccache -s - *pack-artifacts build-linux-rococo: stage: build <<: *collect-artifacts <<: *docker-env <<: *compiler-info rules: - if: $PIPELINE == "rococo" script: - time cargo build --release --verbose --features=real-overseer - sccache -s - *pack-artifacts generate-impl-guide: stage: build <<: *rules-test <<: *docker-env image: name: michaelfbryan/mdbook-docker-image:latest entrypoint: [""] script: - mdbook build roadmap/implementers-guide #### stage: publish .build-push-docker-image: &build-push-docker-image <<: *kubernetes-env <<: *collect-artifacts image: quay.io/buildah/stable before_script: &check-versions - test -s ./artifacts/VERSION || exit 1 - test -s ./artifacts/EXTRATAG || exit 1 - VERSION="$(cat ./artifacts/VERSION)" - EXTRATAG="$(cat ./artifacts/EXTRATAG)" - echo "Polkadot version = ${VERSION} (EXTRATAG ${EXTRATAG})" script: - test "$Docker_Hub_User_Parity" -a "$Docker_Hub_Pass_Parity" || ( echo "no docker credentials provided"; exit 1 ) - cd ./artifacts - buildah bud --format=docker --build-arg VCS_REF="${CI_COMMIT_SHA}" --build-arg BUILD_DATE="$(date -u '+%Y-%m-%dT%H:%M:%SZ')" --tag "$IMAGE_NAME:$VERSION" --tag "$IMAGE_NAME:$EXTRATAG" . # The job will success only on the protected branch - echo "$Docker_Hub_Pass_Parity" | buildah login --username "$Docker_Hub_User_Parity" --password-stdin docker.io - buildah info - buildah push --format=v2s2 "$IMAGE_NAME:$VERSION" - buildah push --format=v2s2 "$IMAGE_NAME:$EXTRATAG" after_script: - buildah logout "$IMAGE_NAME" # only VERSION information is needed for the deployment - find ./artifacts/ -depth -not -name VERSION -not -name artifacts -delete publish-docker-polkadot: stage: publish <<: *build-push-docker-image # Don't run on releases - this is handled by the Github Action here: # .github/workflows/publish-docker-release.yml rules: - if: $PIPELINE == "rococo" when: never - if: $CI_PIPELINE_SOURCE == "schedule" - if: $CI_PIPELINE_SOURCE == "web" - if: $CI_COMMIT_REF_NAME == "master" needs: - job: build-linux-release artifacts: true variables: GIT_STRATEGY: none # DOCKERFILE: scripts/docker/Dockerfile IMAGE_NAME: docker.io/parity/polkadot publish-docker-rococo: stage: publish <<: *build-push-docker-image rules: - if: $PIPELINE == "rococo" needs: - job: build-linux-rococo artifacts: true variables: GIT_STRATEGY: none # DOCKERFILE: scripts/docker/Dockerfile IMAGE_NAME: docker.io/parity/rococo publish-s3-release: stage: publish <<: *rules-build needs: - job: build-linux-release artifacts: true <<: *kubernetes-env image: paritytech/awscli:latest variables: GIT_STRATEGY: none BUCKET: "releases.parity.io" PREFIX: "polkadot/${ARCH}-${DOCKER_OS}" before_script: - *check-versions script: - echo "uploading objects to https://${BUCKET}/${PREFIX}/${VERSION}" - aws s3 sync ./artifacts/ s3://${BUCKET}/${PREFIX}/${VERSION}/ - echo "update objects at https://${BUCKET}/${PREFIX}/${EXTRATAG}" - find ./artifacts -type f | while read file; do name="${file#./artifacts/}"; aws s3api copy-object --copy-source ${BUCKET}/${PREFIX}/${VERSION}/${name} --bucket ${BUCKET} --key ${PREFIX}/${EXTRATAG}/${name}; done - | cat <<-EOM | | polkadot binary paths: | | - https://${BUCKET}/${PREFIX}/${EXTRATAG}/polkadot | - https://${BUCKET}/${PREFIX}/${VERSION}/polkadot | EOM after_script: - aws s3 ls s3://${BUCKET}/${PREFIX}/${EXTRATAG}/ --recursive --human-readable --summarize #### stage: deploy deploy-polkasync-kusama: stage: deploy <<: *rules-build variables: POLKADOT_CI_COMMIT_NAME: "${CI_COMMIT_REF_NAME}" POLKADOT_CI_COMMIT_REF: "${CI_COMMIT_REF}" allow_failure: true trigger: "parity/infrastructure/parity-testnet" #### stage: .post check-labels: stage: .post image: paritytech/tools:latest <<: *rules-pr-only <<: *kubernetes-env script: - ./scripts/gitlab/check_labels.sh