Untitled
unknown
plain_text
2 years ago
4.5 kB
5
Indexable
default:
tags:
- gtn-runner-1
stages:
- pre build
- build-packages
- test
- scan-image
- publish-packages
variables:
CENTRAL_S3_BUCKET: infor-infor-dsa-gtn-gtndsa-centralrepo-us-west-2
ARTIFACT_NAME: "${CI_PROJECT_NAME}-${CI_COMMIT_REF_SLUG}-py${PYTHON_MAJOR_VERSION}-${CI_PIPELINE_IID}.whl"
IAM_ROLE: arn:aws:iam::597538321941:role/infra-gtndnacct-role-cloudop-iam-OpsRole-117RBE7G4AUZ6
.aws-credentials: &aws-credentials
- apt-get -qq update
- apt-get install -y jq
- pip install awscli
- mkdir ~/.aws
- echo "[gtndn-cloudop]" >> ~/.aws/config
- echo "region = us-west-2" >> ~/.aws/config
- aws sts assume-role --role-arn $IAM_ROLE --role-session-name cc-refresh >> credentials.json
- rm -rf ~/.aws/config
- echo [gtndn-cloudop] >> ~/.aws/credentials
- echo aws_access_key_id=$(jq '.Credentials.AccessKeyId' credentials.json | sed 's/"//g') >> ~/.aws/credentials
- echo aws_secret_access_key=$(jq '.Credentials.SecretAccessKey' credentials.json | sed 's/"//g') >> ~/.aws/credentials
- echo aws_session_token=$(jq '.Credentials.SessionToken' credentials.json | sed 's/"//g') >> ~/.aws/credentials
Code quality:
image: python:3.11
stage: pre build
rules:
- if: "$CI_PIPELINE_SOURCE == 'merge_request_event'"
- if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS
when: never
- if: "$CI_PIPELINE_SOURCE == 'push' && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH"
before_script:
- pip install ruff
script:
- ruff ./src ./tests --format gitlab > flock-code-quality-report.json
artifacts:
name: "${CI_PROJECT_NAME}_code_quality"
when: always
reports:
codequality: flock-code-quality-report.json
expire_in: 1 day
build-python-package:
image: python:3.11
stage: build-packages
before_script:
- curl -sSL https://install.python-poetry.org | python3 -
script:
- ~/.local/bin/poetry install
- ~/.local/bin/poetry build -f wheel
artifacts:
paths:
- dist
unit test:
image: python:3.11
stage: test
before_script:
- *aws-credentials
script:
- WHEEL_FILE="$(ls dist/ | grep whl)"
- pip install ./dist/${WHEEL_FILE}
- pytest -v ./tests/unit/. --cov-report html:unit_cov_html --cov-report xml:unit_cov.xml --cov=src --junitxml=unit_junit.xml
artifacts:
when: always
paths:
- unit_cov_html/
- unit_cov.xml
- unit_junit.xml
expire_in: 2 days
reports:
junit: unit_junit.xml
integration test:
image: python:3.11
script:
- WHEEL_FILE="$(ls dist/ | grep whl)"
- pip install ./dist/${WHEEL_FILE}
- pytest -v ./tests/integration/. --cov-report html:integration_cov_html --cov-report xml:integration_cov.xml --cov=src/routers --junitxml=integration_junit.xml
artifacts:
when: always
paths:
- integration_cov_html/
- integration_cov.xml
- integration_junit.xml
expire_in: 2 days
reports:
junit: integration_junit.xml
# scan-dependencies-api-package:
# image: 155255643833.dkr.ecr.us-east-1.amazonaws.com/faro/buildservices:latest
# stage: scan-image
# only:
# changes:
# - poetry.lock
# - pyproject.toml
# - src/**/*
# services:
# - docker:dind
# tags:
# - gtn-runner-1
# before_script:
# - pip3 install cyclonedx-bom
# script:
# - cyclonedx-py -p -o cc-api-container-latest-sbom.xml
# artifacts:
# paths:
# - cc-api-container-latest-sbom.xml
# publish-python-package:
# image: 155255643833.dkr.ecr.us-east-1.amazonaws.com/faro/buildservices:latest
# stage: publish-packages
# dependencies:
# - build-python-package
# only:
# refs:
# - develop
# - main
# changes:
# - poetry.lock
# - pyproject.toml
# - src/**/*
# tags:
# - gtn-runner-1
# script:
# - WHEEL_FILE="$(ls dist/ | grep whl)"
# # Upload the generated API package file to the S3 bucket
# - MAJOR_VERSION=$(echo $WHEEL_FILE | cut -d '-' -f 2 | cut -d '.' -f 1)
# - if [ $CI_COMMIT_BRANCH != "main" ]; then FILE_NAME=$(echo ${WHEEL_FILE} | cut -d '-' -f -2)-${MAJOR_VERSION}.${CI_COMMIT_BRANCH}.${CI_COMMIT_SHORT_SHA}-$(echo $WHEEL_FILE | cut -d '-' -f 3-); else FILE_NAME=$WHEEL_FILE; fi
# - aws s3 cp dist/*.whl s3://$CENTRAL_S3_BUCKET/flock/$FILE_NAME
Editor is loading...