friendica-github/.woodpecker/.continuous-deployment.yml
2021-12-30 14:04:10 +01:00

129 lines
3.2 KiB
YAML

matrix:
include:
- PHP_MAJOR_VERSION: 7.4
PHP_VERSION: 7.4.18
depends_on:
- phpunit
- code_standards_check
- database_checks
- messages.po_check
platform: releaser/release # This prevents executing this pipeline at other servers than ci.friendi.ca
skip_clone: true
pipeline:
clone:
image: alpine/git
commands:
- git clone $CI_REPO_LINK .
- git checkout $CI_COMMIT_BRANCH
- git fetch origin $CI_COMMIT_REF
- git merge $CI_COMMIT_SHA
when:
repo: friendica/friendica
branch: [ develop, '*-rc' ]
event: push
restore_cache:
image: meltwater/drone-cache:dev
settings:
backend: "filesystem"
restore: true
cache_key: "{{ .Repo.Name }}_php${PHP_MAJOR_VERSION}_{{ arch }}_{{ os }}"
archive_format: "gzip"
mount:
- '.composer'
volumes:
- /tmp/drone-cache:/tmp/cache
when:
repo: friendica/friendica
branch: [ develop, '*-rc' ]
event: push
composer_install:
image: friendicaci/php${PHP_MAJOR_VERSION}:php${PHP_VERSION}
commands:
- export COMPOSER_HOME=.composer
- composer validate
- composer install --no-dev --optimize-autoloader
volumes:
- /etc/hosts:/etc/hosts
when:
repo: friendica/friendica
branch: [ develop, '*-rc' ]
event: push
create_artifacts:
image: debian
commands:
- apt-get update
- apt-get install bzip2
- mkdir ./build
- export VERSION="$(cat VERSION)"
- export RELEASE="friendica-full-$VERSION"
- export ARTIFACT="$RELEASE.tar.gz"
- tar
--transform "s,^,$RELEASE/,"
-X mods/release-list-exclude.txt
-T mods/release-list-include.txt
-cvzf ./build/$ARTIFACT
- cd ./build
- sha256sum "$ARTIFACT" > "$ARTIFACT.sum256"
- chmod 664 ./*
- ls -lh
- cat "$ARTIFACT.sum256"
- sha256sum "$ARTIFACT"
when:
repo: friendica/friendica
branch: [ develop, '*-rc' ]
event: push
sign_artifacts:
image: plugins/gpgsign
settings:
key:
from_secret: gpg_key
passphrase:
from_secret: gpg_password
files:
- build/*
exclude:
- build/*.sum256
detach_sign: true
when:
repo: friendica/friendica
branch: [ develop, '*-rc' ]
event: push
upload_artifacts:
image: alpine
secrets:
- source: sftp_host
target: lftp_host
- source: sftp_user
target: lftp_user
- source: ssh_key
target: lftp_key
environment:
LFTP_PORT: "22"
LFTP_SOURCE: "build"
LFTP_TARGET: "/http"
volumes:
- /etc/hosts:/etc/hosts
commands:
- apk add lftp openssh openssl
- touch drone.key
- chmod 400 drone.key
- echo "$LFTP_KEY" | openssl base64 -A -d > drone.key
- lftp -c "
set net:timeout 5;
set net:max-retries 2;
set net:reconnect-interval-base 5;
set sftp:auto-confirm true;
set sftp:connect-program 'ssh -q -a -x -i drone.key';
connect sftp://$LFTP_USER:@$LFTP_HOST:$LFTP_PORT;
cd $LFTP_TARGET;
mput $LFTP_SOURCE/*;
"
- rm drone.key
when:
repo: friendica/friendica
branch: [ develop, '*-rc' ]
event: push