From 51e1eaaac5f4ead8e5adac08d2b15c8c2354ef4e Mon Sep 17 00:00:00 2001 From: jem Date: Fri, 12 Mar 2021 09:52:01 +0100 Subject: [PATCH 01/11] test deployment --- .gitlab-ci.yml | 11 ++++++----- package.json | 2 +- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 2c46fa7..304c7b3 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -32,7 +32,7 @@ stages: .clj-job: &clj image: clojure:lein-2.7.1-alpine -build_and_test: +.build_and_test: <<: *cljs stage: build_and_test script: @@ -52,7 +52,7 @@ build_and_test: paths: - target/build-report.html -package: +.package: <<: *cljs stage: package script: @@ -66,7 +66,7 @@ package: - target/mastodon-bot.js.sha256 - target/mastodon-bot.js.sha512 -sast: +.sast: variables: SAST_EXCLUDED_ANALYZERS: bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit, @@ -77,7 +77,7 @@ sast: include: - template: Security/SAST.gitlab-ci.yml -upload-cljs-prerelease: +.upload-cljs-prerelease: <<: *js-upload stage: upload rules: @@ -96,7 +96,8 @@ upload-clj-prerelease: - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' script: - echo "{:user {:auth {#\"clojars\" {:username :env/CLOJARS_USER :password :env/CLOJARS_PASSWORD}}}}" > ~/.lein/profiles.clj - - lein deploy + - cat ~/.lein/profiles.clj + - lein deploy clojars upload-js-release: <<: *js-upload diff --git a/package.json b/package.json index 998f56e..4a3e771 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,7 @@ "name": "mastodon-bot", "description": "Bot to publish twitter, tumblr or rss posts to an mastodon account.", "author": "Dmitri Sotnikov", - "version": "1.10.5-20210311180500", + "version": "1.10.5-SNAPSHOT", "homepage": "https://github.com/yogthos/mastodon-bot", "repository": "https://www.npmjs.com/package/mastodon-bot", "license": "MIT", -- GitLab From 9cb96e68d3c1c181fae19b96bd4d21a6c685d735 Mon Sep 17 00:00:00 2001 From: jem Date: Fri, 12 Mar 2021 09:55:36 +0100 Subject: [PATCH 02/11] fix sast --- .gitlab-ci.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 304c7b3..2f0ebc7 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -66,16 +66,16 @@ stages: - target/mastodon-bot.js.sha256 - target/mastodon-bot.js.sha512 -.sast: - variables: - SAST_EXCLUDED_ANALYZERS: - bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit, - pmd-apex, security-code-scan, sobelow, spotbugs - stage: security - before_script: - - mkdir -p builds && cp -r target/ builds/ -include: - - template: Security/SAST.gitlab-ci.yml +#sast: +# variables: +# SAST_EXCLUDED_ANALYZERS: +# bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit, +# pmd-apex, security-code-scan, sobelow, spotbugs +# stage: security +# before_script: +# - mkdir -p builds && cp -r target/ builds/ +#include: +# - template: Security/SAST.gitlab-ci.yml .upload-cljs-prerelease: <<: *js-upload -- GitLab From e4ca06c81dfea9579960bd143e756c77e9f19062 Mon Sep 17 00:00:00 2001 From: jem Date: Fri, 12 Mar 2021 09:58:49 +0100 Subject: [PATCH 03/11] enable deployment --- .gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 2f0ebc7..260dbf3 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -92,8 +92,8 @@ stages: upload-clj-prerelease: <<: *clj stage: upload - rules: - - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' + #rules: + # - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' script: - echo "{:user {:auth {#\"clojars\" {:username :env/CLOJARS_USER :password :env/CLOJARS_PASSWORD}}}}" > ~/.lein/profiles.clj - cat ~/.lein/profiles.clj -- GitLab From 81967749b4b079216dfd4f84c1bb98e3c60a8411 Mon Sep 17 00:00:00 2001 From: jem Date: Fri, 12 Mar 2021 10:02:14 +0100 Subject: [PATCH 04/11] fix auth --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 260dbf3..c2f93c4 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -95,7 +95,7 @@ upload-clj-prerelease: #rules: # - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' script: - - echo "{:user {:auth {#\"clojars\" {:username :env/CLOJARS_USER :password :env/CLOJARS_PASSWORD}}}}" > ~/.lein/profiles.clj + - echo "{:user {:auth {:repository-auth {#\"clojars\" {:username :env/CLOJARS_USER :password :env/CLOJARS_PASSWORD}}}}}" > ~/.lein/profiles.clj - cat ~/.lein/profiles.clj - lein deploy clojars -- GitLab From e2f4adc384c840d758dac4dfd88b27cf43f1ad7d Mon Sep 17 00:00:00 2001 From: jem Date: Fri, 12 Mar 2021 10:06:34 +0100 Subject: [PATCH 05/11] #3 --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index c2f93c4..d17582d 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -95,7 +95,7 @@ upload-clj-prerelease: #rules: # - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' script: - - echo "{:user {:auth {:repository-auth {#\"clojars\" {:username :env/CLOJARS_USER :password :env/CLOJARS_PASSWORD}}}}}" > ~/.lein/profiles.clj + - echo "{:user {:auth {:repository-auth {#\"clojars\" {:username ${CLOJARS_USER} :password ${CLOJARS_PASSWORD} }}}}}" > ~/.lein/profiles.clj - cat ~/.lein/profiles.clj - lein deploy clojars -- GitLab From 4c753225e6b211379d3e753985ba7399cea39ae5 Mon Sep 17 00:00:00 2001 From: jem Date: Fri, 12 Mar 2021 10:11:02 +0100 Subject: [PATCH 06/11] #4 --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d17582d..6430944 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -95,7 +95,7 @@ upload-clj-prerelease: #rules: # - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' script: - - echo "{:user {:auth {:repository-auth {#\"clojars\" {:username ${CLOJARS_USER} :password ${CLOJARS_PASSWORD} }}}}}" > ~/.lein/profiles.clj + - echo "{:user {:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_PASSWORD}\" }}}}}" > ~/.lein/profiles.clj - cat ~/.lein/profiles.clj - lein deploy clojars -- GitLab From a665aaf969dd387d751a0a2d607ee60bac55f7ba Mon Sep 17 00:00:00 2001 From: jem Date: Fri, 12 Mar 2021 10:16:53 +0100 Subject: [PATCH 07/11] #5 --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6430944..e760294 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -95,7 +95,7 @@ upload-clj-prerelease: #rules: # - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' script: - - echo "{:user {:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_PASSWORD}\" }}}}}" > ~/.lein/profiles.clj + - echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_PASSWORD}\" }}}}" > ~/.lein/profiles.clj - cat ~/.lein/profiles.clj - lein deploy clojars -- GitLab From a2b069728d870e6858ba6677324b3fd26853bef8 Mon Sep 17 00:00:00 2001 From: jem Date: Fri, 12 Mar 2021 10:24:21 +0100 Subject: [PATCH 08/11] enable snapshot for npm --- .gitlab-ci.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index e760294..6a698da 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -77,18 +77,16 @@ stages: #include: # - template: Security/SAST.gitlab-ci.yml -.upload-cljs-prerelease: +upload-cljs-prerelease: <<: *js-upload stage: upload rules: - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' script: - cp package.json target/npm-build/ + - sed -i 's|SNAPSHOT|'$(date +"%Y%m%d%H%M%S")'|' ./target/npm-build/package.json - npm publish ./target/npm-build --access public - # unsure wether that's a good idea to bump versions from ci. - #- npm version prerelease -m "[skip-ci] version bump prerelease version" - #- git push - + upload-clj-prerelease: <<: *clj stage: upload -- GitLab From f9969f47ab58f13f3b3da2f680e2cddac1d2a758 Mon Sep 17 00:00:00 2001 From: jem Date: Fri, 12 Mar 2021 10:25:25 +0100 Subject: [PATCH 09/11] #6 --- .gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6a698da..94eb6d8 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -80,8 +80,8 @@ stages: upload-cljs-prerelease: <<: *js-upload stage: upload - rules: - - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' + #rules: + # - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' script: - cp package.json target/npm-build/ - sed -i 's|SNAPSHOT|'$(date +"%Y%m%d%H%M%S")'|' ./target/npm-build/package.json -- GitLab From 2c7599cb4979bd3123b68c24d0bb306279bdf529 Mon Sep 17 00:00:00 2001 From: jem Date: Fri, 12 Mar 2021 10:27:33 +0100 Subject: [PATCH 10/11] #7 --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 94eb6d8..0c1e1fa 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -52,7 +52,7 @@ stages: paths: - target/build-report.html -.package: +package: <<: *cljs stage: package script: -- GitLab From 58f37c44e4dccbdd4fad06fbad7073710b5812b4 Mon Sep 17 00:00:00 2001 From: jem Date: Fri, 12 Mar 2021 10:39:05 +0100 Subject: [PATCH 11/11] [skip-ci] reenable the full pipeline --- .gitlab-ci.yml | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0c1e1fa..d343408 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -31,8 +31,10 @@ stages: .clj-job: &clj image: clojure:lein-2.7.1-alpine + before_script: + - echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_PASSWORD}\" }}}}" > ~/.lein/profiles.clj -.build_and_test: +build_and_test: <<: *cljs stage: build_and_test script: @@ -42,7 +44,7 @@ stages: paths: - .m2 -#activate as soon as https://github.com/thheller/shadow-cljs/issues/843 is implemented +#activate as soon as https://github.com/thheller/shadow-cljs/issues/843 is implemented .report: <<: *cljs stage: build_and_test @@ -66,35 +68,33 @@ package: - target/mastodon-bot.js.sha256 - target/mastodon-bot.js.sha512 -#sast: -# variables: -# SAST_EXCLUDED_ANALYZERS: -# bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit, -# pmd-apex, security-code-scan, sobelow, spotbugs -# stage: security -# before_script: -# - mkdir -p builds && cp -r target/ builds/ -#include: -# - template: Security/SAST.gitlab-ci.yml +sast: + variables: + SAST_EXCLUDED_ANALYZERS: + bandit, brakeman, flawfinder, gosec, kubesec, phpcs-security-audit, + pmd-apex, security-code-scan, sobelow, spotbugs + stage: security + before_script: + - mkdir -p builds && cp -r target/ builds/ +include: + - template: Security/SAST.gitlab-ci.yml upload-cljs-prerelease: <<: *js-upload stage: upload - #rules: - # - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' + rules: + - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' script: - cp package.json target/npm-build/ - sed -i 's|SNAPSHOT|'$(date +"%Y%m%d%H%M%S")'|' ./target/npm-build/package.json - npm publish ./target/npm-build --access public - + upload-clj-prerelease: <<: *clj stage: upload - #rules: - # - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' + rules: + - if: '$CI_COMMIT_BRANCH == "master" && $CI_COMMIT_TAG == null' script: - - echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_PASSWORD}\" }}}}" > ~/.lein/profiles.clj - - cat ~/.lein/profiles.clj - lein deploy clojars upload-js-release: -- GitLab