-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.gitlab-ci.yml
More file actions
80 lines (73 loc) · 2.29 KB
/
.gitlab-ci.yml
File metadata and controls
80 lines (73 loc) · 2.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
stages:
- test
- bump_version
- build
- deploy
default:
image: "python:3.13-alpine"
cache:
key: "$CI_COMMIT_REF_SLUG" # This makes the cache branch-specific
paths:
- .cache/pip
- venv/ # Cache the virtual environment to reuse installed packages
before_script:
- apk update && apk upgrade
- apk add git openssh-client
- python -V # Print out python version for debugging
- pip install virtualenv
- virtualenv venv
- source venv/bin/activate
- 'which ssh-agent || apk add openssh-client'
- git config --global user.email ${GITLAB_USER_EMAIL}
- git config --global user.name ${GITLAB_USER_NAME}
- python3 --version
- pip3 install pip --upgrade
- pip3 install twine --upgrade
- pip3 install build --upgrade
- pip3 install wheel --upgrade
- pip3 install Commitizen --upgrade
variables: # Change pip's cache directory to be inside the project directory since we can only cache local items.
PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip"
analysis:
stage: test
before_script:
- pip3 install bandit
script:
- bandit -r clientcentral/
bump_version:
stage: bump_version
only:
- master
variables:
GIT_SSH_COMMAND: 'ssh -o StrictHostKeyChecking=no'
script:
- eval $(ssh-agent -s)
- ssh-add <(echo "$DEPLOY_PRIVATE_KEY")
- mkdir -p ~/.ssh
- 'echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
- git remote set-url origin [email protected]:SWAT/clientcentral-api-python.git
- git fetch --tags
- git checkout master # Ensure we're on the master branch
- git reset --hard origin/master # Ensure the local branch matches the remote
- git pull origin master # Ensure the local branch is up-to-date
- git tag
# Run the bump and generate changelog
- cz bump --yes --changelog --changelog-to-stdout
# Extract the version from the new tag created by cz
- TAG=$(git describe --tags --abbrev=0)
# Push changes and the new tag
- git push origin master
- git push origin $TAG
# Optionally, print the new tag for debugging/logging
#- echo "New version: $TAG"
build:
stage: build
script:
- python -m build
deploy:
stage: deploy
only:
- master
script:
- twine check dist/*
- twine upload --non-interactive -u "__token__" -p "$PYPI_API_TOKEN" dist/*