etlbox/.gitlab-ci.yml at master · rpsft/etlbox · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
#file: noinspection CIAidGitLabYamlNeedsJobUnavailable
#file: noinspection CIAidGitLabYamlNeedsJobUnavailable - This is needed for an external job `get_unique_semversion`
include:
  # GitVersion component
  - component: $CI_SERVER_FQDN/open-source/ci-components/ultimate-auto-semversioning@0.1.5

variables:
  # Opt out of telemetry (turbo and others), see https://consoledonottrack.com/
  DO_NOT_TRACK: 1
  # Enable debug services
  CI_DEBUG_SERVICES: 'true'
  # Enable service network
  FF_NETWORK_PER_BUILD: 'true'
  # Nupkg folder
  NUPKG_FOLDER: '.packages'
  NUGET_SOURCE: https://nuget.rapidsoft.ru/nuget/Rapidsoft-Nuget/v3/index.json
  NUGETORG_SOURCE: https://api.nuget.org/v3/index.json
  # All console out of dotnet should be in English
  LANG: C
  LCID: 1033
  # Disable dotnet first time experience
  DOTNET_NOLOGO: true
  # Disable Husky in dotnet tools restore
  HUSKY: 0
  # Default package version for build/test/publish:internal. Release jobs
  # override this with RELEASE_VERSION (Major.Minor.Patch) before rebuilding.
  PACKAGE_VERSION: ${GitVersion_SemVer}

workflow:
  rules:
    # Run for merge request commits
    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
    # Avoid duplicates for merge requests
    - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS
      when: never
    # Launch for any branch commit
    - if: $CI_COMMIT_BRANCH
    # Tag pipelines are disabled: the release jobs build, push to NuGet, and
    # create the GitLab release directly. A tag push would only spawn a
    # redundant pipeline whose publish:nuget-org couldn't see the release
    # artifacts anyway.
    - if: $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_TAG =~ /^[0-9]+\.[0-9]+\.[0-9]+$/
      when: never

default:
  image: mcr.microsoft.com/dotnet/sdk:8.0

# KubeDock — a Docker API shim that orchestrates Testcontainers as real
# Kubernetes Pods instead of nested DinD containers. Deployed in the
# gitlab-runner namespace on every cluster (SYSOPS-1668); the hostname
# resolves to the local cluster's KubeDock pod. Replaces the former
# docker:dind service.
.using-kubedock:
  variables:
    DOCKER_HOST: tcp://kubedock.gitlab-runner.svc.cluster.local:2475
    # Required by KubeDock: it doesn't implement Testcontainers' Ryuk reaper
    # (which also can't work across the k8s-runner network boundary anyway —
    # see SYSOPS-1667). Cleanup is handled by Kubernetes tearing down the
    # job pod and everything KubeDock spawned for it.
    TESTCONTAINERS_RYUK_DISABLED: 'true'
    TESTCONTAINERS_CHECKS_DISABLE: 'true'

build_job:
  needs:
    - get_unique_semversion
  variables:
    ASSEMBLY_VERSION: '${GitVersion_MajorMinorPatch}.${CI_PIPELINE_IID}'
  script:
    - echo "Building package version $PACKAGE_VERSION, assembly version $ASSEMBLY_VERSION"
    - dotnet build --packages .nuget/packages/ -c Release -p:Version=$PACKAGE_VERSION -p:AssemblyVersion=$ASSEMBLY_VERSION
    - dotnet pack --no-build -c Release -p:Version=$PACKAGE_VERSION -o $NUPKG_FOLDER --include-symbols --include-source
  artifacts:
    expire_in: 1 week # save gitlab server space, we copy the files we need to deploy folder later on
    paths:
      - '$NUPKG_FOLDER/'

test_job:
  extends: .using-kubedock
  needs:
    - get_unique_semversion
  services:
    - name: mysql/mysql-server
      alias: localmysql
      variables:
        MYSQL_ROOT_HOST: '%'
        MYSQL_ROOT_PASSWORD: 'etlboxpassword'
    - name: postgres
      alias: localpostgres
      variables:
        POSTGRES_PASSWORD: 'etlboxpassword'
        LANG: en_US.utf8
    - name: mcr.microsoft.com/azure-sql-edge
      alias: localmssql
      variables:
        ACCEPT_EULA: 'Y'
        SA_PASSWORD: 'YourStrong@Passw0rd'
        MSSQL_PID: 'Developer'
    - name: clickhouse/clickhouse-server
      alias: localclickhouse
      variables:
        CLICKHOUSE_USER: clickhouse
        CLICKHOUSE_PASSWORD: Qwe123456
        CLICKHOUSE_MAX_CONNECTIONS: 100
    - name: apache/kafka:latest
      alias: kafka
      variables:
        KAFKA_NODE_ID: '1'
        KAFKA_PROCESS_ROLES: 'broker,controller'
        KAFKA_CONTROLLER_QUORUM_VOTERS: '1@kafka:9093'
        KAFKA_LISTENERS: 'PLAINTEXT://0.0.0.0:9092,CONTROLLER://0.0.0.0:9093'
        KAFKA_ADVERTISED_LISTENERS: 'PLAINTEXT://kafka:9092'
        KAFKA_CONTROLLER_LISTENER_NAMES: 'CONTROLLER'
        KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: '1'
        KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: '1'
        KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: '1'
        KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: '0'
        CLUSTER_ID: 'MkU3OEVBNTcwNTJENDM2Qk'
  before_script:
    - pushd test
    - pwsh ./Set-Configuration.ps1 gitlab-ci
    - popd
    - dotnet tool install dotnet-reportgenerator-globaltool --tool-path .tools || true
    - dotnet build --packages .nuget/packages/ -c Release -p:Version=$PACKAGE_VERSION
  script:
    - >
      dotnet test --no-build --configuration=Release --filter="Category!=Performance" --logger="console;verbosity=detailed"
      --logger="junit;LogFilePath=../artifacts/{assembly}-test-result.xml;MethodFormat=Class;FailureBodyFormat=Verbose"
      --collect="XPlat Code Coverage"
      --blame-hang --blame-hang-timeout 10m --blame-hang-dump-type full
  after_script:
    - .tools/reportgenerator "-reports:./**/*.cobertura.xml" "-targetdir:.coverage" -reportTypes:TextSummary
    - cat .coverage/Summary.txt
    - echo 'End Summary'
  coverage: /Line coverage:[\s\S].+%/
  artifacts:
    when: always
    paths:
      - ./**/*test-result.xml
    reports:
      junit:
        - ./**/*test-result.xml
      coverage_report:
        coverage_format: cobertura
        path: ./**/coverage.cobertura.xml

publish:internal:
  needs:
    - get_unique_semversion
    - build_job
    - test_job
  script:
    - echo "Publishing version $PACKAGE_VERSION internally to $NUGET_SOURCE"
    - dotnet nuget push "$NUPKG_FOLDER/*.nupkg" --source $NUGET_SOURCE --api-key $NUGET_API_KEY

# Release template: rebuild and repack at RELEASE_VERSION, push to internal
# NuGet, create the GitLab release via the Releases API with package links,
# and stash the resolved version in a dotenv so publish:nuget-org picks it up.
# The publish:nuget-org follow-up is a manual gate on top of this.
#
# `artifacts: false` on build_job/test_job dependencies is deliberate: without
# it, build_job's SemVer-tagged .nupkg files (e.g. *.1.18.1-15.nupkg) would
# land in $NUPKG_FOLDER alongside our release-version packages, and the
# `dotnet nuget push *.nupkg` below would push both versions. We want a clean
# folder so only RELEASE_VERSION packages exist when we push.
.release_base:
  interruptible: false
  allow_failure: true
  needs:
    - get_unique_semversion
    - job: build_job
      artifacts: false
    - job: test_job
      artifacts: false
  script:
    - echo "Releasing version $RELEASE_VERSION"
    - dotnet build --packages .nuget/packages/ -c Release -p:Version=$RELEASE_VERSION -p:AssemblyVersion=${RELEASE_VERSION}.${CI_PIPELINE_IID}
    - dotnet pack --no-build -c Release -p:Version=$RELEASE_VERSION -o $NUPKG_FOLDER --include-symbols --include-source
    - dotnet nuget push "$NUPKG_FOLDER/*.nupkg" --source $NUGET_SOURCE --api-key $NUGET_API_KEY
    - |
      NUGET_HOST="${NUGET_SOURCE%%/nuget/*}"
      NUGET_FEED="${NUGET_SOURCE#*/nuget/}"; NUGET_FEED="${NUGET_FEED%%/*}"
      LINKS=""
      for pkg in "$NUPKG_FOLDER"/*.nupkg; do
        [[ "$pkg" == *.symbols.nupkg ]] && continue
        filename=$(basename "$pkg" .nupkg)
        pkg_id="${filename%.${RELEASE_VERSION}}"
        [ -n "$LINKS" ] && LINKS="${LINKS},"
        LINKS="${LINKS}{\"name\":\"${pkg_id}\",\"url\":\"${NUGET_HOST}/feeds/${NUGET_FEED}/${pkg_id}/${RELEASE_VERSION}\",\"link_type\":\"package\"}"
      done
      curl --fail --request POST \
        --header "JOB-TOKEN: ${CI_JOB_TOKEN}" \
        --header "Content-Type: application/json" \
        --data "{\"tag_name\":\"${RELEASE_VERSION}\",\"name\":\"Release ${RELEASE_VERSION}\",\"ref\":\"${CI_COMMIT_SHA}\",\"generate_release_notes\":true,\"assets\":{\"links\":[${LINKS}]}}" \
        "${CI_SERVER_URL}/api/v4/projects/${CI_PROJECT_ID}/releases"
    - echo "RELEASE_VERSION=$RELEASE_VERSION" > release.env
  artifacts:
    expire_in: 1 week
    paths:
      - '$NUPKG_FOLDER/'
    reports:
      dotenv: release.env

# Patch release: tag = $GitVersion_MajorMinorPatch (e.g. 1.18.1 from 1.18.0).
release_job:
  extends: .release_base
  rules:
    - if: '$CI_COMMIT_BRANCH && $CI_COMMIT_REF_PROTECTED == "true"'
      when: manual
      allow_failure: true
  before_script:
    - export RELEASE_VERSION="${GitVersion_MajorMinorPatch}"

# Minor release: tag = $Major.($Minor+1).0 (e.g. 1.19.0 from 1.18.x).
# Use this whenever the changelog adds features or breaking changes.
release_new_version_job:
  extends: .release_base
  rules:
    - if: '$CI_COMMIT_BRANCH && $CI_COMMIT_REF_PROTECTED == "true"'
      when: manual
      allow_failure: true
  before_script:
    - export RELEASE_VERSION="${GitVersion_Major}.$((GitVersion_Minor + 1)).0"

# Push release packages to nuget.org. Two variants — one paired 1:1 with
# each release job — because GitLab does NOT have an "any of these needs"
# semantics: with `needs: optional: true` on multiple manual upstream
# jobs, the dependent was marked "skipped" (terminal, not retriggerable)
# once the pipeline reached its manual gate. By pairing each variant with
# one specific release job via a mandatory single `needs:`, the dependent
# stays "created" until its release job runs, then transitions to
# "manual" so the maintainer can trigger it — and it inherits the release
# job's already-built artifacts instead of rebuilding from scratch.
.publish_nuget_org_base:
  rules:
    - if: '$CI_COMMIT_BRANCH && $CI_COMMIT_REF_PROTECTED == "true"'
      when: manual
      allow_failure: true
  interruptible: false
  script:
    - echo "Publishing $RELEASE_VERSION to nuget.org..."
    - dotnet nuget push "$NUPKG_FOLDER/*.${RELEASE_VERSION}.nupkg" --source $NUGETORG_SOURCE --api-key $NUGET_ORG_API_KEY

# Paired with release_job (patch bump). Pushes the .nupkg files produced
# by release_job at $GitVersion_MajorMinorPatch.
publish:nuget-org:patch:
  extends: .publish_nuget_org_base
  needs:
    - job: release_job
      artifacts: true
  before_script:
    - export RELEASE_VERSION="${GitVersion_MajorMinorPatch}"

# Paired with release_new_version_job (minor bump). Pushes the .nupkg
# files produced by release_new_version_job at $Major.$((Minor+1)).0.
publish:nuget-org:new-version:
  extends: .publish_nuget_org_base
  needs:
    - job: release_new_version_job
      artifacts: true
  before_script:
    - export RELEASE_VERSION="${GitVersion_Major}.$((GitVersion_Minor + 1)).0"

pages:
  needs:
    - get_unique_semversion
    - build_job
  script:
    - dotnet tool restore
    - dotnet docfx docfx/docfx.json
    - mv _site public
  artifacts:
    paths:
      - public
  rules:
    - if: $CI_COMMIT_BRANCH == "master"
    # Allow manual docs generation on any branch
    - if: $CI_COMMIT_BRANCH != "master"
      when: manual
      allow_failure: true