saltstack formula for sudoers
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
formula-sudoers/.gitlab-ci.yml

253 lines
12 KiB

# -*- coding: utf-8 -*-
# vim: ft=yaml
---
###############################################################################
# Define all YAML node anchors
###############################################################################
.node_anchors:
# `only` (also used for `except` where applicable)
only_branch_master_parent_repo: &only_branch_master_parent_repo
- 'master@saltstack-formulas/sudoers-formula'
# `stage`
stage_lint: &stage_lint 'lint'
stage_release: &stage_release 'release'
stage_test: &stage_test 'test'
# `image`
image_commitlint: &image_commitlint 'myii/ssf-commitlint:11'
image_dindruby: &image_dindruby 'myii/ssf-dind-ruby:2.7.1-r3'
image_precommit: &image_precommit
name: 'myii/ssf-pre-commit:2.9.2'
entrypoint: ['/bin/bash', '-c']
image_rubocop: &image_rubocop 'pipelinecomponents/rubocop:latest'
image_semantic-release: &image_semanticrelease 'myii/ssf-semantic-release:15.14'
# `services`
services_docker_dind: &services_docker_dind
- 'docker:dind'
# `variables`
# https://forum.gitlab.com/t/gitlab-com-ci-caching-rubygems/5627/3
# https://bundler.io/v1.16/bundle_config.html
variables_bundler: &variables_bundler
BUNDLE_CACHE_PATH: '${CI_PROJECT_DIR}/.cache/bundler'
BUNDLE_WITHOUT: 'production'
# `cache`
cache_bundler: &cache_bundler
key: '${CI_JOB_STAGE}'
paths:
- '${BUNDLE_CACHE_PATH}'
###############################################################################
# Define stages and global variables
###############################################################################
stages:
- *stage_lint
- *stage_test
- *stage_release
variables:
DOCKER_DRIVER: 'overlay2'
###############################################################################
# `lint` stage: `commitlint`, `pre-commit` & `rubocop` (latest, failure allowed)
###############################################################################
commitlint:
stage: *stage_lint
image: *image_commitlint
script:
# Add `upstream` remote to get access to `upstream/master`
- 'git remote add upstream
https://gitlab.com/saltstack-formulas/sudoers-formula.git'
- 'git fetch --all'
# Set default commit hashes for `--from` and `--to`
- 'export COMMITLINT_FROM="$(git merge-base upstream/master HEAD)"'
- 'export COMMITLINT_TO="${CI_COMMIT_SHA}"'
# `coqbot` adds a merge commit to test PRs on top of the latest commit in
# the repo; amend this merge commit message to avoid failure
- |
if [ "${GITLAB_USER_LOGIN}" = "coqbot" ] \
&& [ "${CI_COMMIT_BRANCH}" != "master" ]; then
git commit --amend -m \
'chore: reword coqbot merge commit message for commitlint'
export COMMITLINT_TO=HEAD
fi
# Run `commitlint`
- 'commitlint --from "${COMMITLINT_FROM}"
--to "${COMMITLINT_TO}"
--verbose'
pre-commit:
stage: *stage_lint
image: *image_precommit
# https://pre-commit.com/#gitlab-ci-example
variables:
PRE_COMMIT_HOME: '${CI_PROJECT_DIR}/.cache/pre-commit'
cache:
key: '${CI_JOB_NAME}'
paths:
- '${PRE_COMMIT_HOME}'
script:
- 'pre-commit run --all-files --color always --verbose'
# Use a separate job for `rubocop` other than the one potentially run by `pre-commit`
# - The `pre-commit` check will only be available for formulas that pass the default
# `rubocop` check -- and must continue to do so
# - This job is allowed to fail, so can be used for all formulas
# - Furthermore, this job uses all of the latest `rubocop` features & cops,
# which will help when upgrading the `rubocop` linter used in `pre-commit`
rubocop:
allow_failure: true
stage: *stage_lint
image: *image_rubocop
script:
- 'rubocop -d -P -S --enable-pending-cops'
###############################################################################
# Define `test` template
###############################################################################
.test_instance: &test_instance
stage: *stage_test
image: *image_dindruby
services: *services_docker_dind
variables: *variables_bundler
cache: *cache_bundler
before_script:
# TODO: This should work from the env vars above automatically
- 'bundle config set path "${BUNDLE_CACHE_PATH}"'
- 'bundle config set without "${BUNDLE_WITHOUT}"'
- 'bundle install'
script:
# Alternative value to consider: `${CI_JOB_NAME}`
- 'bin/kitchen verify "${DOCKER_ENV_CI_JOB_NAME}"'
###############################################################################
# Define `test` template (`allow_failure: true`)
###############################################################################
.test_instance_failure_permitted:
<<: *test_instance
allow_failure: true
###############################################################################
# `test` stage: each instance below uses the `test` template above
###############################################################################
## Define the rest of the matrix based on Kitchen testing
# Make sure the instances listed below match up with
# the `platforms` defined in `kitchen.yml`
# yamllint disable rule:line-length
# default-debian-11-tiamat-py3: {extends: '.test_instance'}
# default-debian-10-tiamat-py3: {extends: '.test_instance'}
# default-debian-9-tiamat-py3: {extends: '.test_instance'}
# default-ubuntu-2204-tiamat-py3: {extends: '.test_instance_failure_permitted'}
# default-ubuntu-2004-tiamat-py3: {extends: '.test_instance'}
# default-ubuntu-1804-tiamat-py3: {extends: '.test_instance'}
# default-centos-stream8-tiamat-py3: {extends: '.test_instance_failure_permitted'}
# default-centos-7-tiamat-py3: {extends: '.test_instance'}
# default-amazonlinux-2-tiamat-py3: {extends: '.test_instance'}
# default-oraclelinux-8-tiamat-py3: {extends: '.test_instance'}
# default-oraclelinux-7-tiamat-py3: {extends: '.test_instance'}
# default-almalinux-8-tiamat-py3: {extends: '.test_instance'}
# default-rockylinux-8-tiamat-py3: {extends: '.test_instance'}
# default-debian-11-master-py3: {extends: '.test_instance'}
# appended-debian-11-master-py3: {extends: '.test_instance'}
debian-11-master-py3: {extends: '.test_instance'}
# default-debian-10-master-py3: {extends: '.test_instance'}
# appended-debian-10-master-py3: {extends: '.test_instance'}
debian-10-master-py3: {extends: '.test_instance'}
# default-debian-9-master-py3: {extends: '.test_instance'}
# appended-debian-9-master-py3: {extends: '.test_instance'}
debian-9-master-py3: {extends: '.test_instance'}
# default-ubuntu-2204-master-py3: {extends: '.test_instance_failure_permitted'}
# appended-ubuntu-2204-master-py3: {extends: '.test_instance_failure_permitted'}
ubuntu-2204-master-py3: {extends: '.test_instance_failure_permitted'}
# default-ubuntu-2004-master-py3: {extends: '.test_instance'}
# appended-ubuntu-2004-master-py3: {extends: '.test_instance'}
ubuntu-2004-master-py3: {extends: '.test_instance'}
# default-ubuntu-1804-master-py3: {extends: '.test_instance'}
# appended-ubuntu-1804-master-py3: {extends: '.test_instance'}
ubuntu-1804-master-py3: {extends: '.test_instance'}
# default-centos-stream8-master-py3: {extends: '.test_instance_failure_permitted'}
# appended-centos-stream8-master-py3: {extends: '.test_instance_failure_permitted'}
centos-stream8-master-py3: {extends: '.test_instance_failure_permitted'}
# default-centos-7-master-py3: {extends: '.test_instance'}
# appended-centos-7-master-py3: {extends: '.test_instance'}
centos-7-master-py3: {extends: '.test_instance'}
# default-fedora-36-master-py3: {extends: '.test_instance_failure_permitted'}
# appended-fedora-36-master-py3: {extends: '.test_instance_failure_permitted'}
fedora-36-master-py3: {extends: '.test_instance_failure_permitted'}
# default-fedora-35-master-py3: {extends: '.test_instance'}
# appended-fedora-35-master-py3: {extends: '.test_instance'}
fedora-35-master-py3: {extends: '.test_instance'}
# default-opensuse-leap-153-master-py3: {extends: '.test_instance'}
# appended-opensuse-leap-153-master-py3: {extends: '.test_instance'}
opensuse-leap-153-master-py3: {extends: '.test_instance'}
# default-opensuse-tmbl-latest-master-py3: {extends: '.test_instance_failure_permitted'}
# appended-opensuse-tmbl-latest-master-py3: {extends: '.test_instance_failure_permitted'}
opensuse-tmbl-latest-master-py3: {extends: '.test_instance_failure_permitted'}
# default-amazonlinux-2-master-py3: {extends: '.test_instance'}
# appended-amazonlinux-2-master-py3: {extends: '.test_instance'}
amazonlinux-2-master-py3: {extends: '.test_instance'}
# default-oraclelinux-8-master-py3: {extends: '.test_instance'}
# appended-oraclelinux-8-master-py3: {extends: '.test_instance'}
oraclelinux-8-master-py3: {extends: '.test_instance'}
# default-oraclelinux-7-master-py3: {extends: '.test_instance'}
# appended-oraclelinux-7-master-py3: {extends: '.test_instance'}
oraclelinux-7-master-py3: {extends: '.test_instance'}
# default-arch-base-latest-master-py3: {extends: '.test_instance'}
# appended-arch-base-latest-master-py3: {extends: '.test_instance'}
arch-base-latest-master-py3: {extends: '.test_instance'}
# default-gentoo-stage3-latest-master-py3: {extends: '.test_instance'}
# appended-gentoo-stage3-latest-master-py3: {extends: '.test_instance'}
gentoo-stage3-latest-master-py3: {extends: '.test_instance'}
# default-gentoo-stage3-systemd-master-py3: {extends: '.test_instance'}
# appended-gentoo-stage3-systemd-master-py3: {extends: '.test_instance'}
gentoo-stage3-systemd-master-py3: {extends: '.test_instance'}
# default-almalinux-8-master-py3: {extends: '.test_instance'}
# appended-almalinux-8-master-py3: {extends: '.test_instance'}
almalinux-8-master-py3: {extends: '.test_instance'}
# default-rockylinux-8-master-py3: {extends: '.test_instance'}
# appended-rockylinux-8-master-py3: {extends: '.test_instance'}
rockylinux-8-master-py3: {extends: '.test_instance'}
# default-debian-11-3004-1-py3: {extends: '.test_instance'}
# default-debian-10-3004-1-py3: {extends: '.test_instance'}
# default-debian-9-3004-1-py3: {extends: '.test_instance'}
# default-ubuntu-2204-3004-1-py3: {extends: '.test_instance_failure_permitted'}
# default-ubuntu-2004-3004-1-py3: {extends: '.test_instance'}
# default-ubuntu-1804-3004-1-py3: {extends: '.test_instance'}
# default-centos-stream8-3004-1-py3: {extends: '.test_instance_failure_permitted'}
# default-centos-7-3004-1-py3: {extends: '.test_instance'}
# default-fedora-36-3004-1-py3: {extends: '.test_instance_failure_permitted'}
# default-fedora-35-3004-1-py3: {extends: '.test_instance'}
# default-amazonlinux-2-3004-1-py3: {extends: '.test_instance'}
# default-oraclelinux-8-3004-1-py3: {extends: '.test_instance'}
# default-oraclelinux-7-3004-1-py3: {extends: '.test_instance'}
# default-arch-base-latest-3004-1-py3: {extends: '.test_instance'}
# default-gentoo-stage3-latest-3004-1-py3: {extends: '.test_instance'}
# default-gentoo-stage3-systemd-3004-1-py3: {extends: '.test_instance'}
# default-almalinux-8-3004-1-py3: {extends: '.test_instance'}
# default-rockylinux-8-3004-1-py3: {extends: '.test_instance'}
# default-opensuse-leap-153-3004-0-py3: {extends: '.test_instance'}
# default-opensuse-tmbl-latest-3004-0-py3: {extends: '.test_instance_failure_permitted'}
# default-debian-10-3003-4-py3: {extends: '.test_instance'}
# default-debian-9-3003-4-py3: {extends: '.test_instance'}
# default-ubuntu-2004-3003-4-py3: {extends: '.test_instance'}
# default-ubuntu-1804-3003-4-py3: {extends: '.test_instance'}
# default-centos-stream8-3003-4-py3: {extends: '.test_instance_failure_permitted'}
# default-centos-7-3003-4-py3: {extends: '.test_instance'}
# default-amazonlinux-2-3003-4-py3: {extends: '.test_instance'}
# default-oraclelinux-8-3003-4-py3: {extends: '.test_instance'}
# default-oraclelinux-7-3003-4-py3: {extends: '.test_instance'}
# default-almalinux-8-3003-4-py3: {extends: '.test_instance'}
# yamllint enable rule:line-length
###############################################################################
# `release` stage: `semantic-release`
###############################################################################
semantic-release:
only: *only_branch_master_parent_repo
stage: *stage_release
image: *image_semanticrelease
variables:
MAINTAINER_TOKEN: '${GH_TOKEN}'
script:
# Update `AUTHORS.md`
- '${HOME}/go/bin/maintainer contributor'
# Run `semantic-release`
- 'semantic-release'