image: shockrah/fc-pipeline:latest stages: - documentation - build - test workflow: rules: - if: '$CI_COMMIT_BRANCH' variables: CARGO_HOME: $CI_PROJECT_DIR/.cargo GIT_SUBMODULE_STRATEGY: recursive # Not doing strict host checking to avoid writing the host fingerprint anywhere # This is important because I don't host this gitlab instance, if I did host my # own gitlab however this wouldn't be here as it would be under my control but # this isn't the case # Really we're just trading one security issue for another: # - keeping fingerprints on someone else's server # - not verifying the host for my little known service SHOPTS: "-o StrictHostKeyChecking=no" before_script: - export PATH="$CARGO_HOME/bin:$PATH" build-json-api: # This is easily the most expensive stage since cargo sucks so we try to cache # everything we can between jobs here stage: build only: refs: - master script: - cd json-api/ - cargo build --release # primarily used to cache between jobs # expirey time overwritten later for weekly builds artifacts: paths: - json-api/target/ - $CARGO_HOME expire_in: 30 mins build-rtc-server: stage: build only: refs: - master script: - cd rtc-server/ - npm install artifacts: paths: - rtc-server/node_modules/ expire_in: 30 mins build-channer: stage: build only: refs: - master changes: - chan-like/Cargo.* - chan-like/src/main.rs script: - cd chan-like/ - cargo build --release artifacts: paths: - json-api/target/ - $CARGO_HOME expire_in: 1 week build-wiki: image: shockrah/website:latest stage: documentation only: refs: - master changes: - docs/archetypes/* - docs/content/**/* - docs/layouts/partials/* - docs/config.toml before_script: - eval $(ssh-agent -s) - echo "${SSH_PRIVATE_KEY}" | ssh-add - > /dev/null - mkdir -p ~/.ssh/ - chmod 700 ~/.ssh/ script: - cd docs/ - hugo - ssh $SHOPTS web@shockrah.xyz "rm -rf /var/www/freechat" - scp $SHOPTS -r public/ web@shockrah.xyz:/var/www/freechat # Test routines past this point cargo-test-json-api: stage: test needs: - build-json-api only: refs: - master dependencies: - build-json-api variables: HMAC_PATH: "../hmac.secret" WSS_HMAC_PATH: "../wss-hmac.secret" script: - head --bytes=32 /dev/urandom > hmac.secret - head --bytes=32 /dev/urandom > wss-hmac.secret - cd json-api/ - cargo test --release -- --nocapture artifacts: paths: - json-api/target/release/json-api expire_in: 1 week name: json-api full-mock-tests: stage: test needs: - build-json-api - build-rtc-server only: refs: - master dependencies: - build-json-api - build-rtc-server # Note: the command line flags below are probably redundant/pointless but # this is here in case something becomes fuxy with them as both implementations # are(at the time of writing this) in a more/less _improve later_ state before_script: - export HMAC_PATH="../hmac.secret" - export WSS_HMAC_PATH="../wss-hmac.secret" script: # Setup some dummy keys - head --bytes=32 > hmac.secret - head --bytes=32 > wss-hmac.secret # Install deps for the client - pushd json-api/client-tests/ - virtualenv . && source bin/activate && pip install -r requirements.txt - popd # Next we setup the databases tables - bash scripts/build-db.sh json-api/migrations/ json-api/.env # It's typically safer to turn on the rtc-server first all it does is provide # data for listeners, the api-server is the one that talks to this server mostly # See https://freechat.shockrah.xyz/#rtc-auth for the intra-network architecture - pushd rtc-server/ - npm run autotest& - popd - pushd json-api/ # Yes i know this looks kinda wack but hopefully cargo won't try to reuild if just # use the binary directly - target/release/json-api -H ../hmac.secret -w ../wss-hmac.secret -s& - popd - sleep 5 # TODO: do some kind of more intelligent logging here (maybe some integrations or something idk) - pushd json-api/client-tests && source bin/activate && python main.py