---
stages:
- prepare
- build
- collect
- deploy
workflow:
rules:
- if: '$CI_COMMIT_TAG'
when: never
- if: '$CI_PIPELINE_SOURCE == "push"'
when: always
- when: never
# Anchors
.release_rules: &release_rules
rules:
- if: '$CI_COMMIT_BRANCH != "master"'
when: never
- if: "$CI_COMMIT_MESSAGE =~ /#release/"
when: always
- when: never
# When changing, also make changes to copies in the build stage
.beta_rules: &beta_rules
rules:
- if: '$CI_COMMIT_BRANCH != "master"'
when: never
- if: "$CI_COMMIT_MESSAGE =~ /#release/"
when: never
- when: always
.dev_rules: &dev_rules
rules:
- if: '$CI_COMMIT_BRANCH != "master"'
when: always
- when: never
# ========================================================================
# Stage: prepare
#
# Builds unpacked extensions from the source files.
# ========================================================================
.prepare:
stage: prepare
image: python:3.7-stretch
artifacts:
paths:
- version
- build/**
prepare:dev:
stage: prepare
image: python:3.7-stretch
script:
- VERSION=$(python3 scripts/update-version.py -n)
- bash scripts/build.sh --version "$VERSION"
<<: *dev_rules
prepare:beta:
extends: .prepare
script:
- python3 scripts/update-version.py -k "$SSH_TAGGING_KEY" -i build -f build -o version -v
- bash scripts/build.sh --version "$(cat version)"
<<: *beta_rules
prepare:release:
extends: .prepare
script:
- python3 scripts/update-version.py -k "$SSH_TAGGING_KEY" -i patch -f patch -o version -v
- bash scripts/build.sh --version "$(cat version)"
<<: *release_rules
# ========================================================================
# Stage: build
#
# Builds packages from the prepared unpacked extensions.
# ========================================================================
#
# Build for Edge
#
.build:edge:
stage: build
image: python:3.7-stretch
script:
- apt-get -y update
- apt-get -y install zip
- cd build/edge
- zip -r ../../safelinks-cleaner-edge-$VARIANT.zip *
artifacts:
paths:
- safelinks-cleaner-edge-$VARIANT.zip
build:edge:beta:
extends: .build:edge
variables:
VARIANT: beta
rules:
- if: '$CI_COMMIT_BRANCH != "master"'
when: never
- if: "$CI_COMMIT_MESSAGE =~ /#release/"
when: never
- if: '$CI_COMMIT_MESSAGE =~ /#force-(re)?build:(all|edge)/'
when: always
- changes:
- shared/**/*
- firefox/**/*
- edge/**/*
when: always
- when: never
build:edge:release:
extends: .build:edge
variables:
VARIANT: release
<<: *release_rules
#
# Build for Chrome
#
build:chrome:beta:
stage: build
image: python:3.7-stretch
script:
- apt-get -y update
- apt-get -y install zip xxd
- bash scripts/crxbuild.sh -o "safelinks-cleaner-chrome-beta.crx" -k "$CHROME_SIGNING_KEY" -s build/chrome
rules:
- if: '$CI_COMMIT_BRANCH != "master"'
when: never
- if: "$CI_COMMIT_MESSAGE =~ /#release/"
when: never
- if: '$CI_COMMIT_MESSAGE =~ /#force-(re)?build:(all|chrome)/'
when: always
- changes:
- shared/**/*
- firefox/**/*
- chrome/**/*
- edge/**/*
when: always
- when: never
artifacts:
paths:
- safelinks-cleaner-chrome-beta.crx
build:chrome:release:
stage: build
image: python:3.7-stretch
script:
- apt-get -y update
- apt-get -y install zip
- cd build/chrome
- zip -r ../../safelinks-cleaner-chrome-release.zip *
artifacts:
paths:
- safelinks-cleaner-chrome-release.zip
<<: *release_rules
#
# Build for Firefox
#
build:firefox:beta:
stage: build
image: node:lts-buster
cache:
paths:
- $CI_PROJECT_DIR/.cache/npm
before_script:
- mkdir -p "$CI_PROJECT_DIR/.cache/npm"
script:
- npm install --global web-ext --cache "$CI_PROJECT_DIR/.cache/npm" --prefer-offline --no-audit
- cd build/firefox
- web-ext -a . sign --channel=unlisted
- mv safe_links_cleaner* ../../safelinks-cleaner-firefox-beta.xpi
rules:
- if: '$CI_COMMIT_BRANCH != "master"'
when: never
- if: "$CI_COMMIT_MESSAGE =~ /#release/"
when: never
- if: '$CI_COMMIT_MESSAGE =~ /#force-(re)?build:(all|firefox)/'
when: always
- changes:
- shared/**/*
- firefox/**/*
when: always
- when: never
artifacts:
paths:
- safelinks-cleaner-firefox-beta.xpi
build:firefox:release:
stage: build
image: python:3.7-stretch
<<: *release_rules
script:
- apt-get -y update
- apt-get -y install zip
- cd build/firefox
- zip -r ../../safelinks-cleaner-firefox-release.zip *
artifacts:
paths:
- safelinks-cleaner-firefox-release.zip
#
# Build for Thunderbird
#
.build:thunderbird:
stage: build
image: python:3.7-stretch
script:
- apt-get -y update
- apt-get -y install zip
- cd build/thunderbird
- zip -r ../../safelinks-cleaner-thunderbird-$VARIANT.xpi *
artifacts:
paths:
- safelinks-cleaner-thunderbird-$VARIANT.xpi
build:thunderbird:beta:
extends: .build:thunderbird
variables:
VARIANT: beta
rules:
- if: '$CI_COMMIT_BRANCH != "master"'
when: never
- if: "$CI_COMMIT_MESSAGE =~ /#release/"
when: never
- if: '$CI_COMMIT_MESSAGE =~ /#force-(re)?build:(all|thunderbird)/'
when: always
- changes:
- shared/**/*
- thunderbird/**/*
when: always
- when: never
build:thunderbird:release:
extends: .build:thunderbird
variables:
VARIANT: release
<<: *release_rules
# ========================================================================
# Stage: collect/deploy
#
# Wait for build artifacts then deploy new beta version to pages.
# ========================================================================
collect:
stage: collect
image: busybox
script:
- 'echo "I have seen the CONSING!"'
<<: *beta_rules
pages:
stage: deploy
image: python:3.7-stretch
script:
- cp -r site .public
- sed -i -e "s|%BUILDDATE%|$(date +'%Y-%m-%d %H:%M')|g" .public/index.html
- sed -i -e "s|%VERSION%|$(cat version)|g" .public/index.html
- sed -i -e "s|%PROJECT_URL%|$CI_PROJECT_URL|g" .public/index.html
- cp safelinks-cleaner-firefox-beta.xpi .public
- cp safelinks-cleaner-thunderbird-beta.xpi .public
- cp safelinks-cleaner-edge-beta.zip .public
- cp safelinks-cleaner-chrome-beta.crx .public
- mv .public public
- ls -lR public
needs:
- job: prepare:beta
- job: collect
- project: $CI_PROJECT_PATH
job: build:thunderbird:beta
ref: $CI_COMMIT_REF_NAME
artifacts: true
- project: $CI_PROJECT_PATH
job: build:firefox:beta
ref: $CI_COMMIT_REF_NAME
artifacts: true
- project: $CI_PROJECT_PATH
job: build:edge:beta
ref: $CI_COMMIT_REF_NAME
artifacts: true
- project: $CI_PROJECT_PATH
job: build:chrome:beta
ref: $CI_COMMIT_REF_NAME
artifacts: true
<<: *beta_rules
artifacts:
paths:
- public/
# Upload and release
upload:
stage: collect
image: curlimages/curl:latest
<<: *release_rules
script:
- VERSION=$(cat version)
- PACKAGE_REGISTRY_URL="${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/${CI_PROJECT_NAME}/${VERSION}"
- >-
curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" \
--upload-file safelinks-cleaner-firefox-release.zip \
${PACKAGE_REGISTRY_URL}/
- >-
curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" \
--upload-file safelinks-cleaner-thunderbird-release.xpi \
${PACKAGE_REGISTRY_URL}/
- >-
curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" \
--upload-file safelinks-cleaner-edge-release.zip \
${PACKAGE_REGISTRY_URL}/
- >-
curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" \
--upload-file safelinks-cleaner-chrome-release.zip \
${PACKAGE_REGISTRY_URL}/
release:
stage: deploy
image: registry.gitlab.com/gitlab-org/release-cli:latest
<<: *release_rules
script:
- VERSION=$(cat version)
- PACKAGE_REGISTRY_URL="${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/${CI_PROJECT_NAME}/${VERSION}"
- >-
release-cli create \
--name "Release $VERSION" \
--description "Release $VERSION" \
--tag-name "release-$VERSION" \
--assets-link \
"{\"name\":\"safelinks-cleaner-thunderbird-release.xpi\", \
\"url\":\"${PACKAGE_REGISTRY_URL}/safelinks-cleaner-thunderbird-release.xpi\"}" \
--assets-link \
"{\"name\":\"safelinks-cleaner-firefox-release.zip\", \
\"url\":\"${PACKAGE_REGISTRY_URL}/safelinks-cleaner-firefox-release.zip\"}" \
--assets-link \
"{\"name\":\"safelinks-cleaner-edge-release.zip\", \
\"url\":\"${PACKAGE_REGISTRY_URL}/safelinks-cleaner-edge-release.zip\"}" \
--assets-link \
"{\"name\":\"safelinks-cleaner-chrome-release.zip\", \
\"url\":\"${PACKAGE_REGISTRY_URL}/safelinks-cleaner-chrome-release.zip\"}"