-
Notifications
You must be signed in to change notification settings - Fork 24
Expand file tree
/
Copy path.gitlab-ci.yml
More file actions
125 lines (106 loc) · 3.72 KB
/
.gitlab-ci.yml
File metadata and controls
125 lines (106 loc) · 3.72 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
include:
- "deploy/gitlab/**.yml"
default:
image: "${HARBOR_REGISTRY}/${HARBOR_PROJECT}/nl-wallet-app-builder-ci-base:${BUILD_TAG}"
variables:
CACHE_COMPRESSION_LEVEL: "fastest"
FF_USE_FASTZIP: "true"
CARGO_INCREMENTAL: 0
CARGO_PROFILE_TEST_DEBUG: "line-tables-only"
APP_BUILD_OFFSET: 861
BUILD_TAG: 260505-42f482a5
HSM_CLIENT_TAG: "b68ed1d0"
BUNDLE_DEPLOYMENT: "true"
BUNDLE_RETRY: 10
DO_NOT_TRACK: "true"
PYTHONUNBUFFERED: 1
# Kubernetes is used to deploy, but also to access our secrets for various services.
# By default it uses the GitLab CI variables, but can be overridden using the variables repo.
# Note this dual uses requires the secrets to live in the k8s environment that is also used for CI testing.
.env-k8s:
environment:
name: ${K8S_CLUSTER}
action: access
kubernetes:
namespace: ${K8S_NAMESPACE}
.env-macos-runner:
image: tahoe-wallet:0.3.5
tags:
- macos
.default-branch:
rules:
- if: $CI_PIPELINE_SOURCE == "schedule" || $CI_PIPELINE_SOURCE == "parent_pipeline"
when: never
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
variables:
CACHE_POLICY: pull-push
.default-branch-manual:
rules:
- if: $CI_PIPELINE_SOURCE == "schedule" || $CI_PIPELINE_SOURCE == "parent_pipeline"
when: never
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
variables:
CACHE_POLICY: pull-push
when: manual
# jobs that have "when: manual" in rules are non optional in Gitlab CI/CD
allow_failure: true
.merge-request:
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
interruptible: true
variables:
CACHE_POLICY: pull
.merge-request-manual:
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
interruptible: true
variables:
CACHE_POLICY: pull
when: manual
# jobs that have "when: manual" in rules are non optional in Gitlab CI/CD
allow_failure: true
.default-or-merge-request:
rules:
- !reference [.default-branch, rules]
- !reference [.merge-request, rules]
.default-or-merge-request-manual:
rules:
- !reference [.default-branch, rules]
- !reference [.merge-request-manual, rules]
.on-schedule-automation:
rules:
- if: $SCHEDULED == "automation" && $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
- if: $SCHEDULED == "automation" && $CI_PIPELINE_SOURCE == "parent_pipeline"
.on-schedule-trigger-scan:
rules:
- if: $SCHEDULED == "trigger-scan" && $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
- if: $SCHEDULED == "trigger-scan" && $CI_PIPELINE_SOURCE == "parent_pipeline"
.on-schedule-scan:
rules:
- if: $SCHEDULED == "scan" && $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
- if: $SCHEDULED == "scan" && $CI_PIPELINE_SOURCE == "parent_pipeline"
.on-schedule-rust-features-check:
rules:
- if:
$SCHEDULED == "rust-features-check" && $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH ==
$CI_DEFAULT_BRANCH
- if: $SCHEDULED == "rust-features-check" && $CI_PIPELINE_SOURCE == "parent_pipeline"
.on-schedule-nightly-performance-test:
rules:
- if: $SCHEDULED == "performance" && $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
- if: $SCHEDULED == "performance" && $CI_PIPELINE_SOURCE == "parent_pipeline"
.on-mock-build:
rules:
- if: $CI_PIPELINE_SOURCE == "parent_pipeline" && $BUILD == "mock"
.on-demo-build:
rules:
- if: $CI_PIPELINE_SOURCE == "parent_pipeline" && $BUILD == "demo"
.ruby-cache:
cache:
key: ruby-${CI_COMMIT_REF_SLUG}
paths:
- "vendor/bundle"
.ruby-cache-macos:
extends: .ruby-cache
cache:
key: ruby-macos-${CI_COMMIT_REF_SLUG}