-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy path.gitlab-ci.yml
201 lines (183 loc) · 7.14 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
default:
image: python:3.6
# Change pip's cache directory to be inside the project directory since we can
# only cache local items.
variables:
PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip"
BUILD_VERSION: "$CI_COMMIT_BRANCH"
BUILD_ID: "$CI_PIPELINE_ID"
RELEASE_VERSION: "$BUILD_VERSION.$BUILD_ID"
FORCE_BUILD: "false"
FORCE_PROVENANCE: "false"
# Pip's cache doesn't store the python packages
# https://pip.pypa.io/en/stable/reference/pip_install/#caching
#
# If you want to also cache the installed packages, you have to install
# them in a virtualenv and cache it as well.
cache:
paths:
- .cache/pip
- venv/
- venv-prov/
- venv-centos/
stages:
- build
- generate-provenance
build-windows:
stage: build
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
- if: $CI_COMMIT_BRANCH =~ /v1.*/
- if: $CI_COMMIT_BRANCH == "master"
- if: $FORCE_BUILD == "true"
before_script:
# - choco install python --version=3.7.9 -y
# - $env:PATH+=";C:\Python37;C:\Python37\Scripts"
# - python -m pip install pipenv
# - pipenv update
- $Env:PATH += ";C:\Users\vmware\AppData\Local\Programs\Python\Python38\Scripts\"
- $Env:path
script:
- echo "Build Windows package - RELEASE_VERSION=$Env:RELEASE_VERSION"
- $Env:WINDOWS_PACKAGE="VMware-NSX-Migration-for-VMware-Cloud-Director-$Env:RELEASE_VERSION.zip"
- echo "WINDOWS_PACKAGE=$Env:WINDOWS_PACKAGE"
- pyinstaller src\vcdNSXMigrator.spec
- Copy-Item -Path "C:\Program Files\OpenSSL-Win64\bin\*" -Destination "dist\vcdNSXMigrator" -PassThru -Recurse
- Compress-Archive -Path dist\vcdNSXMigrator -DestinationPath $Env:WINDOWS_PACKAGE
tags:
- windows
artifacts:
name: "$Env:CI_JOB_NAME-binaries"
paths:
- VMware-NSX-Migration-for-VMware-Cloud-Director-*.zip
build-ubuntu:
stage: build
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
- if: $CI_COMMIT_BRANCH =~ /v1.*/
- if: $CI_COMMIT_BRANCH == "master"
- if: $FORCE_BUILD == "true"
before_script:
- python --version
- pip install virtualenv
- virtualenv venv
- source venv/bin/activate
- python --version
- pip install -r ./requirements_build.txt
- pip install -r ./src/requirements.txt
- pip install pycrypto
script:
- echo "Build Linux package - RELEASE_VERSION=$RELEASE_VERSION"
- export LINUX_PACKAGE="VMware-NSX-Migration-for-VMware-Cloud-Director-$RELEASE_VERSION-Ubuntu.tar.gz"
- echo "LINUX_PACKAGE=$LINUX_PACKAGE"
- python -m PyInstaller src/vcdNSXMigrator.spec
- tar -czvf $LINUX_PACKAGE -C dist/ .
tags:
- linux
artifacts:
name: "$CI_JOB_NAME-binaries"
paths:
- VMware-NSX-Migration-for-VMware-Cloud-Director-*.tar.gz
build-centos:
image: centos/python-36-centos7:latest
stage: build
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
- if: $CI_COMMIT_BRANCH =~ /v1.*/
- if: $CI_COMMIT_BRANCH == "master"
- if: $FORCE_BUILD == "true"
before_script:
- python --version
- pip install virtualenv
- python3 -m virtualenv venvnew
- source venvnew/bin/activate
- python --version
- pip install -r ./requirements_build.txt
- pip install -r ./src/requirements.txt
- pip install pycrypto
script:
- echo "Build Linux package - RELEASE_VERSION=$RELEASE_VERSION"
- export LINUX_PACKAGE="VMware-NSX-Migration-for-VMware-Cloud-Director-$RELEASE_VERSION-Centos.tar.gz"
- echo "LINUX_PACKAGE=$LINUX_PACKAGE"
- python -m PyInstaller src/vcdNSXMigrator.spec
- tar -czvf $LINUX_PACKAGE -C dist/ .
tags:
- centos
artifacts:
name: "$CI_JOB_NAME-binaries"
paths:
- VMware-NSX-Migration-for-VMware-Cloud-Director-*.tar.gz
provenance:
stage: generate-provenance
rules:
- if: $CI_COMMIT_BRANCH =~ /v1.*/
- if: $FORCE_PROVENANCE == "true"
before_script:
# Prepare Python virtualenv
- python --version
- pip install virtualenv
- virtualenv venv-prov
- source venv-prov/bin/activate
- pip install -r ./provenanceData/requirements.txt
# Download the SRP CLI which we use to create source provenance
- mkdir /srp-tools
- wget --quiet --output-document /srp-tools/srp https://artifactory.eng.vmware.com/artifactory/helix-docker-local/cli/srpcli/0.2.20220610114718-f3587c2-16.1/linux/srp
- chmod +x /srp-tools/srp
- /srp-tools/srp --version
script:
# create local auth configuration using variables from the CICD
- /srp-tools/srp config auth --client-id=${SRP_CLIENT_ID} --client-secret=${SRP_CLIENT_SECRET}
# force an update to the srpcli
- /srp-tools/srp update --yes
# Start SRP provenance generation and submission
- export CURRENT_TIME_STRING=`date +%Y%m%d%H%M%S`
- export OBJ_UID="uid.obj.build.gitlab(namespace='${CI_PROJECT_NAMESPACE}',project='${CI_PROJECT_NAME}',pipeline_id='${CI_PIPELINE_ID}')"
- export PROVENANCE_FRAGMENT_UID="uid.mtd.provenance_2_5.fragment(obj_uid=${OBJ_UID},revision='${CURRENT_TIME_STRING}')"
- echo "SRP_UID=${OBJ_UID}"
- echo "PROVENANCE_FRAGMENT_UID=${PROVENANCE_FRAGMENT_UID}"
# This app pulls dependencies from a gitlab project with private access. In order to do that, you must put
# credentials into the ~/.netrc file as described in
# https://gitlab.eng.vmware.com/srp/helix/core/srpclient/-/blob/main/README.md#development-environment-setup
- echo "machine gitlab.eng.vmware.com login $CI_REGISTRY_USER password $CI_REGISTRY_PASSWORD" > ~/.netrc
# RUN srp cli command to generate basic source provenance for this git clone
- mkdir -p provenance
- |
/srp-tools/srp provenance source \
--scm-type git \
--name "VMware NSX Migration for VMware Cloud Director" \
--path ./ \
--saveto ./provenance/source.json \
--comp-uid "$OBJ_UID" \
--build-number "$BUILD_ID" \
--version $BUILD_VERSION \
--all-ephemeral true \
--build-type release
- echo "------------------ SOURCE PROVENANCE -----------------------------------"
- cat ./provenance/source.json
- echo "------------------------------------------------------------------------"
- echo "Fetching all dependencies under the observer"
- python ./provenanceData/generateProvenanceData.py
- mv ./provenanceData/network_provenance_data.json ./provenance/network.json
- echo "------------------ NETWORK PROVENANCE ---------------------------------"
- cat ./provenance/network.json
- echo "-----------------------------------------------------------------------"
# merge the source and network provenance documents
- |
/srp-tools/srp provenance merge \
--source ./provenance/source.json \
--network ./provenance/network.json \
--saveto ./provenance/merged.json
- echo "------------------ MERGED PROVENANCE ----------------------------------"
- cat ./provenance/merged.json
- echo "-----------------------------------------------------------------------"
# submit the merged provenance to SRP
- |
/srp-tools/srp metadata submit \
--uid "$PROVENANCE_FRAGMENT_UID" \
--path ./provenance/merged.json
tags:
- linux
artifacts:
name: "$CI_JOB_NAME-provenance"
paths:
- ./provenance/merged.json