Saltstack Official UFW Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

171 lines
7.1KB

  1. # -*- coding: utf-8 -*-
  2. # vim: ft=yaml
  3. ---
  4. ###############################################################################
  5. # Define all YAML node anchors
  6. ###############################################################################
  7. .node_anchors:
  8. # `only` (also used for `except` where applicable)
  9. only_branch_master_parent_repo: &only_branch_master_parent_repo
  10. - 'master@saltstack-formulas/ufw-formula'
  11. # `stage`
  12. stage_lint: &stage_lint 'lint'
  13. stage_release: &stage_release 'release'
  14. stage_test: &stage_test 'test'
  15. # `image`
  16. image_commitlint: &image_commitlint 'myii/ssf-commitlint:11'
  17. image_dindruby: &image_dindruby 'myii/ssf-dind-ruby:2.7.1-r3'
  18. image_precommit: &image_precommit
  19. name: 'myii/ssf-pre-commit:2.9.2'
  20. entrypoint: ['/bin/bash', '-c']
  21. image_rubocop: &image_rubocop 'pipelinecomponents/rubocop:latest'
  22. image_semantic-release: &image_semanticrelease 'myii/ssf-semantic-release:15.14'
  23. # `services`
  24. services_docker_dind: &services_docker_dind
  25. - 'docker:dind'
  26. # `variables`
  27. # https://forum.gitlab.com/t/gitlab-com-ci-caching-rubygems/5627/3
  28. # https://bundler.io/v1.16/bundle_config.html
  29. variables_bundler: &variables_bundler
  30. BUNDLE_CACHE_PATH: '${CI_PROJECT_DIR}/.cache/bundler'
  31. BUNDLE_WITHOUT: 'production'
  32. # `cache`
  33. cache_bundler: &cache_bundler
  34. key: '${CI_JOB_STAGE}'
  35. paths:
  36. - '${BUNDLE_CACHE_PATH}'
  37. ###############################################################################
  38. # Define stages and global variables
  39. ###############################################################################
  40. stages:
  41. - *stage_lint
  42. - *stage_test
  43. - *stage_release
  44. variables:
  45. DOCKER_DRIVER: 'overlay2'
  46. ###############################################################################
  47. # `lint` stage: `commitlint` & `pre-commit`
  48. ###############################################################################
  49. commitlint:
  50. stage: *stage_lint
  51. image: *image_commitlint
  52. script:
  53. # Add `upstream` remote to get access to `upstream/master`
  54. - 'git remote add upstream ${CI_PROJECT_URL}.git'
  55. - 'git fetch --all'
  56. # Set default commit hashes for `--from` and `--to`
  57. - 'export COMMITLINT_FROM="$(git merge-base upstream/master HEAD)"'
  58. - 'export COMMITLINT_TO="${CI_COMMIT_SHA}"'
  59. # `coqbot` adds a merge commit to test PRs on top of the latest commit in
  60. # the repo; amend this merge commit message to avoid failure
  61. - |
  62. if [ "${GITLAB_USER_LOGIN}" = "coqbot" ] \
  63. && [ "${CI_COMMIT_BRANCH}" != "master" ]; then
  64. git commit --amend -m \
  65. 'chore: reword coqbot merge commit message for commitlint'
  66. export COMMITLINT_TO=HEAD
  67. fi
  68. # Run `commitlint`
  69. - 'commitlint --from "${COMMITLINT_FROM}"
  70. --to "${COMMITLINT_TO}"
  71. --verbose'
  72. pre-commit:
  73. stage: *stage_lint
  74. image: *image_precommit
  75. # https://pre-commit.com/#gitlab-ci-example
  76. variables:
  77. PRE_COMMIT_HOME: '${CI_PROJECT_DIR}/.cache/pre-commit'
  78. cache:
  79. key: '${CI_JOB_NAME}'
  80. paths:
  81. - '${PRE_COMMIT_HOME}'
  82. script:
  83. - 'pre-commit run --all-files --color always --verbose'
  84. # Use a separate job for `rubocop` other than the one potentially run by `pre-commit`
  85. # - The `pre-commit` check will only be available for formulas that pass the default
  86. # `rubocop` check -- and must continue to do so
  87. # - This job is allowed to fail, so can be used for all formulas
  88. # - Furthermore, this job uses all of the latest `rubocop` features & cops,
  89. # which will help when upgrading the `rubocop` linter used in `pre-commit`
  90. rubocop:
  91. allow_failure: true
  92. stage: *stage_lint
  93. image: *image_rubocop
  94. script:
  95. - 'rubocop -d -P -S --enable-pending-cops'
  96. ###############################################################################
  97. # Define `test` template
  98. ###############################################################################
  99. .test_instance:
  100. stage: *stage_test
  101. image: *image_dindruby
  102. services: *services_docker_dind
  103. variables: *variables_bundler
  104. cache: *cache_bundler
  105. before_script:
  106. # TODO: This should work from the env vars above automatically
  107. - 'bundle config set path "${BUNDLE_CACHE_PATH}"'
  108. - 'bundle config set without "${BUNDLE_WITHOUT}"'
  109. - 'bundle install'
  110. script:
  111. # Alternative value to consider: `${CI_JOB_NAME}`
  112. - 'bin/kitchen verify "${DOCKER_ENV_CI_JOB_NAME}"'
  113. ###############################################################################
  114. # `test` stage: each instance below uses the `test` template above
  115. ###############################################################################
  116. ## Define the rest of the matrix based on Kitchen testing
  117. # Make sure the instances listed below match up with
  118. # the `platforms` defined in `kitchen.yml`
  119. default-debian-10-master-py3: {extends: '.test_instance'}
  120. without-ipv6-ubuntu-2004-master-py3: {extends: '.test_instance'}
  121. # without-ipv6-ubuntu-1804-master-py3: {extends: '.test_instance'}
  122. default-centos-8-master-py3: {extends: '.test_instance'}
  123. without-ipv6-fedora-32-master-py3: {extends: '.test_instance'}
  124. # without-ipv6-fedora-31-master-py3: {extends: '.test_instance'}
  125. # without-ipv6-opensuse-leap-152-master-py3: {extends: '.test_instance'}
  126. # without-ipv6-amazonlinux-2-master-py3: {extends: '.test_instance'}
  127. # without-ipv6-debian-10-3000-3-py3: {extends: '.test_instance'}
  128. # without-ipv6-debian-9-3000-3-py3: {extends: '.test_instance'}
  129. # without-ipv6-ubuntu-1804-3000-3-py3: {extends: '.test_instance'}
  130. # without-ipv6-centos-8-3000-3-py3: {extends: '.test_instance'}
  131. # without-ipv6-centos-7-3000-3-py3: {extends: '.test_instance'}
  132. # without-ipv6-fedora-31-3000-3-py3: {extends: '.test_instance'}
  133. without-ipv6-opensuse-leap-152-3000-3-py3: {extends: '.test_instance'}
  134. without-ipv6-amazonlinux-2-3000-3-py3: {extends: '.test_instance'}
  135. # without-ipv6-ubuntu-1804-3000-3-py2: {extends: '.test_instance'}
  136. # without-ipv6-ubuntu-1604-3000-3-py2: {extends: '.test_instance'}
  137. # without-ipv6-arch-base-latest-3000-3-py2: {extends: '.test_instance'}
  138. # without-ipv6-debian-10-2019-2-py3: {extends: '.test_instance'}
  139. # without-ipv6-debian-9-2019-2-py3: {extends: '.test_instance'}
  140. # without-ipv6-ubuntu-1804-2019-2-py3: {extends: '.test_instance'}
  141. # without-ipv6-ubuntu-1604-2019-2-py3: {extends: '.test_instance'}
  142. # without-ipv6-centos-8-2019-2-py3: {extends: '.test_instance'}
  143. # without-ipv6-centos-7-2019-2-py3: {extends: '.test_instance'}
  144. # without-ipv6-fedora-31-2019-2-py3: {extends: '.test_instance'}
  145. # without-ipv6-opensuse-leap-152-2019-2-py3: {extends: '.test_instance'}
  146. # without-ipv6-amazonlinux-2-2019-2-py3: {extends: '.test_instance'}
  147. # without-ipv6-centos-6-2019-2-py2: {extends: '.test_instance'}
  148. # without-ipv6-amazonlinux-1-2019-2-py2: {extends: '.test_instance'}
  149. without-ipv6-arch-base-latest-2019-2-py2: {extends: '.test_instance'}
  150. ###############################################################################
  151. # `release` stage: `semantic-release`
  152. ###############################################################################
  153. semantic-release:
  154. only: *only_branch_master_parent_repo
  155. stage: *stage_release
  156. image: *image_semanticrelease
  157. variables:
  158. MAINTAINER_TOKEN: '${GH_TOKEN}'
  159. script:
  160. # Update `AUTHORS.md`
  161. - '${HOME}/go/bin/maintainer contributor'
  162. # Run `semantic-release`
  163. - 'semantic-release'