-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.gitlab-ci.yml
135 lines (120 loc) · 2.93 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
include:
- remote: https://github.com/elct9620/ruby-gitlab-ci/raw/main/rails.yml
- remote: https://github.com/elct9620/ruby-gitlab-ci/raw/main/swarm.yml
- remote: https://github.com/elct9620/ruby-gitlab-ci/raw/main/sentry.yml
variables:
RUBY_VERSION: 3.2.2
BUNDLER_VERSION: 2.3.14
SORBET_ENABLED: 'yes'
# Test
RSPEC_JUNIT_REPORT: 'yes'
# Deploy
DEPLOY_BASE_DOMAIN: basaltic.tw
DEPLOY_STACK_FILE: stack.yml
DEPLOY_NAME: newera-$CI_ENVIRONMENT_SLUG
bundler-audit:
rules:
- if: $CI_MERGE_REQUEST_ID
- if: $CI_PIPELINE_SOURCE == 'schedule'
bundler-leak:
rules:
- if: $CI_MERGE_REQUEST_ID
- if: $CI_PIPELINE_SOURCE == 'schedule'
yarn-audit:
rules:
- if: $CI_MERGE_REQUEST_ID
- if: $CI_PIPELINE_SOURCE == 'schedule'
rubocop:
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
- if: $CI_MERGE_REQUEST_ID
brakeman:
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
- if: $CI_MERGE_REQUEST_ID
rspec:
before_script:
- !reference [".rails:test", before_script]
- cat $SPREADSHEET_SERVICE_ACCOUNT > config/credentials/spreadsheet-service_account.json
cucumber:
services:
- "postgres:$POSTGRES_VERSION"
- "redis:7-alpine"
variables:
REDIS_URL: redis://redis:6379
before_script:
- !reference [".rails:test", before_script]
- cat $SPREADSHEET_SERVICE_ACCOUNT > config/credentials/spreadsheet-service_account.json
assets:precompile:
needs:
- rspec
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
- if: $CI_COMMIT_TAG
docker:
needs:
- job: assets:precompile
artifacts: true
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
variables:
LATEST_IMAGE: 'yes'
- if: $CI_COMMIT_TAG
trivy:
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
- if: $CI_PIPELINE_SOURCE == 'schedule'
deploy:
extends: .deploy
stage: deploy
variables:
DEPLOY_DOMAIN: ne.basaltic.tw
SENTRY_ENVIRONMENT: production
environment:
name: production
resource_group: production
needs:
- docker
tags:
- tyc
- swarm
rules:
- if: $CI_PIPELINE_SOURCE == 'schedule'
when: never
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
sentry:releases:
extends: .sentry:release
needs:
- deploy
rules:
- if: $CI_PIPELINE_SOURCE == 'schedule'
when: never
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
deploy:beta:
extends: .deploy
stage: deploy
variables:
DEPLOY_DOMAIN: ne-beta.basaltic.tw
SENTRY_ENVIRONMENT: beta
environment:
name: beta
resource_group: beta
needs:
- docker
tags:
- tyc
- swarm
rules:
- if: $CI_PIPELINE_SOURCE == 'schedule'
when: never
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
sentry:beta-releases:
extends: .sentry:release
variables:
SENTRY_ENVIRONMENT: beta
needs:
- deploy:beta
rules:
- if: $CI_PIPELINE_SOURCE == 'schedule'
when: never
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH