-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
135 lines (127 loc) · 4.56 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
stages:
- build
- test
- publish
variables:
GODEBUG: "http2client=0" # https://github.com/GoogleContainerTools/kaniko/issues/2751
.full-matrix:
parallel:
matrix:
- OS: ubuntu-22.04
LLVM: [12, 13, 14, 15]
- OS: ubuntu-24.04
LLVM: [14, 15, 16, 17, 18]
build-base:
stage: build
needs: []
image:
name: gcr.io/kaniko-project/executor:v1.22.0-debug
entrypoint: [""]
before_script:
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d '\n')\"},\"$CI_DEPENDENCY_PROXY_SERVER\":{\"auth\":\"$(printf "%s:%s" ${CI_DEPENDENCY_PROXY_USER} "${CI_DEPENDENCY_PROXY_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
extends: .full-matrix
script:
# we also enable two less-than-stable features (`--use-new-run` and `--snapshot-mode=redo`) purely for performance
- /kaniko/executor
--image-fs-extract-retry 5
--build-arg REGISTRY=${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}
--context "${CI_PROJECT_DIR}"
--cache
--cache-repo ${CI_REGISTRY_IMAGE}/cache
--use-new-run
--snapshot-mode=redo
--skip-unused-stages
--dockerfile "${CI_PROJECT_DIR}/dockerfiles/${OS}.dockerfile"
--build-arg LLVM=${LLVM}
--build-arg JOBS=4
--target base
--destination "${CI_REGISTRY_IMAGE}/ci/base:${CI_COMMIT_SHA}-${OS}-llvm-${LLVM}"
build-prebuilt:
stage: build
needs: [build-base]
image:
name: gcr.io/kaniko-project/executor:v1.22.0-debug
entrypoint: [""]
before_script:
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d '\n')\"},\"$CI_DEPENDENCY_PROXY_SERVER\":{\"auth\":\"$(printf "%s:%s" ${CI_DEPENDENCY_PROXY_USER} "${CI_DEPENDENCY_PROXY_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
extends: .full-matrix
script:
# we also enable two less-than-stable features (`--use-new-run` and `--snapshot-mode=redo`) purely for performance
- /kaniko/executor
--image-fs-extract-retry 5
--build-arg REGISTRY=${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}
--context "${CI_PROJECT_DIR}"
--cache
--cache-repo ${CI_REGISTRY_IMAGE}/cache
--use-new-run
--snapshot-mode=redo
--skip-unused-stages
--dockerfile "${CI_PROJECT_DIR}/dockerfiles/${OS}.dockerfile"
--build-arg LLVM=${LLVM}
--build-arg JOBS=4
--target prebuilt
--no-push-cache
--destination "${CI_REGISTRY_IMAGE}/ci/prebuilt:${CI_COMMIT_SHA}-${OS}-llvm-${LLVM}"
test:
stage: test
needs: ["build-prebuilt"] # we should make this better once https://gitlab.com/gitlab-org/gitlab/-/issues/423553 gets resolved
extends: .full-matrix
image: ${CI_REGISTRY_IMAGE}/ci/prebuilt:${CI_COMMIT_SHA}-${OS}-llvm-${LLVM}
variables:
GIT_STRATEGY: none
script:
- cd /norman/build
- CTEST_OUTPUT_ON_FAILURE=1 ninja test
after_script:
- > # save output on failure
if [ $CI_JOB_STATUS == 'failed' ]; then
rm -rf "${CI_PROJECT_DIR}/output"
cp -r /norman/build/test "${CI_PROJECT_DIR}/output"
fi
artifacts:
when: on_failure
paths:
- output
expire_in: 1 week
format:
stage: test
needs:
- job: "build-base"
parallel:
matrix:
- OS: ubuntu-22.04
LLVM: 12
image: ${CI_REGISTRY_IMAGE}/ci/base:${CI_COMMIT_SHA}-ubuntu-22.04-llvm-12
script:
- find src -iname '*.cpp' -or -iname '*.h' -print | xargs clang-format-12 --dry-run --Werror
publish:
stage: publish
# we want to wait until the full "test" stage completes successfully before publishing, so no "needs:" here
variables:
GIT_STRATEGY: none
only:
refs:
- main
extends: .full-matrix
image:
name: gcr.io/go-containerregistry/crane:debug
entrypoint: [""]
before_script:
- crane auth login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
script:
- crane cp "${CI_REGISTRY_IMAGE}/ci/prebuilt:${CI_COMMIT_SHA}-${OS}-llvm-${LLVM}" "${CI_REGISTRY_IMAGE}:${OS}-llvm-${LLVM}"
publish-latest:
stage: publish
# we want to wait until the full "test" stage completes successfully before publishing, so no "needs:" here
variables:
GIT_STRATEGY: none
only:
refs:
- main
image:
name: gcr.io/go-containerregistry/crane:debug
entrypoint: [""]
before_script:
- crane auth login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
script:
- crane cp "${CI_REGISTRY_IMAGE}/ci/prebuilt:${CI_COMMIT_SHA}-ubuntu-22.04-llvm-12" "${CI_REGISTRY_IMAGE}:latest"