diff --git a/.dockerignore b/.dockerignore index 08cf84fe..05c5d668 100644 --- a/.dockerignore +++ b/.dockerignore @@ -6,6 +6,7 @@ docker-compose.yml # git & gitlab related .git/ +.github/ .gitlab/ .gitignore .gitlab-ci.yml diff --git a/.github/NOT-MAINTAINED.md b/.github/NOT-MAINTAINED.md new file mode 100644 index 00000000..74622529 --- /dev/null +++ b/.github/NOT-MAINTAINED.md @@ -0,0 +1,4 @@ +I've decided to recover these from the git history, Even though they won't be used or maintained, +I did a lot of learning to create them. Might as well just keep them for reference. -Zed + +#fishsticks diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml new file mode 100644 index 00000000..b2efb520 --- /dev/null +++ b/.github/workflows/docker-build.yml @@ -0,0 +1,89 @@ +# yamllint disable rule:line-length +--- +name: Build Docker Images + +on: # yamllint disable-line rule:truthy + push: + branches: + - master + - dev + workflow_dispatch: + +jobs: + build: + name: Build Docker Images + runs-on: ubuntu-latest + outputs: + date: ${{ steps.date.outputs.date }} + tag: ${{ steps.branch.outputs.tag }} + version: ${{ steps.version.outputs.version }} + + steps: + - name: Check out repository + uses: actions/checkout@v2 + + - name: Set up QEMU + id: qemu + uses: docker/setup-qemu-action@v1 + with: + image: tonistiigi/binfmt:latest + platforms: all + + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v1 + + - name: Log in to GitHub Container Registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GHCR_PAT }} + + # - name: Login to Docker Hub + # if: github.event_name != 'pull_request' + # uses: docker/login-action@v1 + # with: + # username: ${{ secrets.DOCKER_USERNAME }} + # password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Get current date + id: date + run: echo "::set-output name=date::$(date +"%Y-%m-%dT%H:%M:%SZ")" + + - name: Get Crafty version + id: version + run: | + MAJOR=$(cat app/config/version.json | jq '.major' ) + MINOR=$(cat app/config/version.json | jq '.minor' ) + SUB=$(cat app/config/version.json | jq '.sub' ) + META=$(cat app/config/version.json | jq -r '.meta' ) + echo "::set-output name=version::$MAJOR.$MINOR.$SUB-$META" + + - name: Get branch tag + id: branch + run: | + if [[ "${{ github.ref }}" == "refs/heads/master" ]]; then + echo "::set-output name=tag::latest" + else + echo "::set-output name=tag::$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///g')" + fi + + - name: Build and push Docker image + uses: docker/build-push-action@v2 + with: + context: . + file: ./Dockerfile + platforms: linux/arm64,linux/amd64 + push: ${{ github.event_name != 'pull_request' }} + cache-from: type=registry,ref=${{ github.repository }}:${{ steps.branch.outputs.tag }} + cache-to: type=inline + build-args: | + BUILD_DATE=${{ steps.date.outputs.date }} + BUILD_REF=${{ github.sha }} + CRAFTY_VER=${{ steps.version.outputs.version }} + tags: | + ghcr.io/${{ github.repository }}:${{ steps.branch.outputs.tag }} + +# {{ GITHUB_REPOSITORY }}:${{ steps.branch.outputs.tag }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 00000000..2a19c79e --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,37 @@ +# yamllint disable rule:line-length +--- +name: Lint + +on: [push, pull_request] # yamllint disable-line rule:truthy + +jobs: + lint: + name: Lint + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Set up Python + uses: actions/setup-python@v3 + with: + python-version: "3.9" + cache: "pip" + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install pylint black yamllint + if [ -f requirements.txt ]; then pip install -r requirements.txt; fi + + - name: Run pylint + run: | + pylint --output-format=text $(find -type f -name "*.py" ! -path "**/.venv/**" ! -path "**/app/migrations/**") | tee /tmp/pylint.txt + echo "pylint score: $(cat /tmp/pylint.txt | grep -oP 'Your code has been rated at \K[0-9]*\.?[0-9]*')" + + - name: Run black + run: black --check --diff . + + - name: Lint YAML files + run: yamllint . diff --git a/.github/workflows/pyinstaller-build.yml b/.github/workflows/pyinstaller-build.yml new file mode 100644 index 00000000..d32245f8 --- /dev/null +++ b/.github/workflows/pyinstaller-build.yml @@ -0,0 +1,72 @@ +# yamllint disable rule:line-length +--- +name: Build pyinstaller apps + +on: # yamllint disable-line rule:truthy + push: + branches: + - master + - dev + workflow_dispatch: + +jobs: + build: + name: Build Packages + runs-on: ${{ matrix.os }} + strategy: + matrix: + include: + - os: macos-latest + TARGET: macos + CMD_BUILD: | + pyinstaller -F main.py --name "crafty4" \ + --distpath . \ + --hidden-import cryptography \ + --hidden-import cffi \ + --hidden-import apscheduler \ + --collect-all tzlocal \ + --collect-all tzdata \ + --collect-all pytz \ + --collect-all six + chmod +x crafty4 + tar --exclude='./app/classes/' -cvzf crafty4.tar.gz crafty4 app/ + OUT_FILE_NAME: crafty4.tar.gz + + - os: windows-latest + TARGET: windows + CMD_BUILD: | + pyinstaller -F main.py --name "crafty4" ` + --distpath . ` + --icon app\frontend\static\assets\images\Crafty_4-0_Logo_square.ico ` + --hidden-import cryptography ` + --hidden-import cffi ` + --hidden-import apscheduler ` + --collect-all tzlocal ` + --collect-all tzdata ` + --collect-all pytz ` + --collect-all six + OUT_FILE_NAME: | + crafty4.exe + app/ + !app/classes/**/* + + steps: + - uses: actions/checkout@v3 + - name: Set up Python + uses: actions/setup-python@v3 + with: + python-version: "3.10" + cache: "pip" + - name: Install Dependencies + run: | + python -m pip install --upgrade pip + pip install pyinstaller + pip install -r requirements.txt + - name: Build with pyinstaller for ${{matrix.TARGET}} + run: ${{matrix.CMD_BUILD}} + + - name: "Upload Artifact" + uses: actions/upload-artifact@v3 + with: + name: crafty4-${{matrix.TARGET}} + path: ${{ matrix.OUT_FILE_NAME}} diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 5cc58af4..4ec9ed84 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,7 +1,6 @@ # Crafty Controller 4.0 - Lint & Build Pipes # [Maintainer: Zedifus(https://gitlab.com/Zedifus)] ################################################### -# yamllint disable rule:line-length --- stages: - lint @@ -13,263 +12,13 @@ variables: DOCKER_HOST: tcp://docker:2376 DOCKER_TLS_CERTDIR: "/certs" -yamllint: - stage: lint - image: registry.gitlab.com/pipeline-components/yamllint:latest - tags: - - docker - rules: - - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' - - if: "$CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS" - when: never - script: - - yamllint . - -jsonlint: - stage: lint - image: registry.gitlab.com/pipeline-components/jsonlint:latest - tags: - - docker - rules: - - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' - - if: "$CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS" - when: never - script: - - | - find . -not -path './.git/*' -name '*.json' -type f -print0 | - parallel --will-cite -k -0 -n1 jsonlint -q - -black: - stage: lint - image: registry.gitlab.com/pipeline-components/black:latest - tags: - - docker - rules: - - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' - - if: "$CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS" - when: never - script: - - black --check --verbose -- . - -pylint: - stage: lint - image: registry.gitlab.com/pipeline-components/pylint:latest - tags: - - docker - rules: - - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' - - if: "$CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS" - when: never - # before_script: - # - mkdir -p public/badges public/lint - # - echo undefined > public/badges/$CI_JOB_NAME.score - script: - # - pylint --exit-zero --output-format=text $(find -type f -name "*.py" ! -path "**/.venv/**" ! -path "**/app/migrations/**") | tee /tmp/pylint.txt - # - sed -n 's/^Your code has been rated at \([-0-9.]*\)\/.*/\1/p' /tmp/pylint.txt > public/badges/$CI_JOB_NAME.score - - pylint --exit-zero --output-format=pylint_gitlab.GitlabCodeClimateReporter $(find -type f -name "*.py" ! -path "**/.venv/**" ! -path "**/app/migrations/**") > codeclimate.json - # after_script: - # - anybadge --overwrite --label $CI_JOB_NAME --value=$(cat public/badges/$CI_JOB_NAME.score) --file=public/badges/$CI_JOB_NAME.svg 4=red 6=orange 8=yellow 10=green - # - | - # echo "Your score is: $(cat public/badges/$CI_JOB_NAME.score)" - # Removed lint badge generation until public release - artifacts: - paths: - - public - reports: - codequality: codeclimate.json - when: always - -docker-build-dev: - image: docker:latest - services: - - name: docker:dind - stage: dev-deployment - tags: - - docker_priv - rules: - - if: $CI_COMMIT_BRANCH == 'dev' - environment: - name: development - before_script: - - | - apk --no-cache add jq - MAJOR=$(cat app/config/version.json | jq '.major' ) - MINOR=$(cat app/config/version.json | jq '.minor' ) - SUB=$(cat app/config/version.json | jq '.sub' ) - META=$(cat app/config/version.json | jq -r '.meta' ) - - | - apk --no-cache add curl - latest_tag=$(curl -s https://api.github.com/repos/docker/buildx/releases/latest | sed -Ene '/^ *"tag_name": *"(v.+)",$/s//\1/p') - echo "Using buildx version $latest_tag" - curl -sSLo docker-buildx "https://github.com/docker/buildx/releases/download/$latest_tag/buildx-$latest_tag.linux-amd64" - chmod a+x docker-buildx - mkdir -p ~/.docker/cli-plugins - mv docker-buildx ~/.docker/cli-plugins/docker-buildx - docker version - - docker run --rm --privileged aptman/qus -- -r - - docker run --rm --privileged aptman/qus -s -- -p aarch64 x86_64 - - echo $CI_BUILD_TOKEN | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY - script: - - | - tag=":$CI_COMMIT_REF_SLUG" - VERSION="${MAJOR}.${MINOR}.${SUB}-${META}" - - | - echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag" - echo "Crafty Version: $VERSION" - - docker context create tls-environment - - docker buildx create --name zedBuilder --use tls-environment - - docker buildx build - --cache-from type=registry,ref="$CI_REGISTRY_IMAGE${tag}" - --build-arg BUILDKIT_INLINE_CACHE=1 - --build-arg "BUILD_DATE=$(date +"%Y-%m-%dT%H:%M:%SZ")" - --build-arg "BUILD_REF=${CI_COMMIT_SHA}" - --build-arg "CRAFTY_VER=${VERSION}" - --tag "$CI_REGISTRY_IMAGE${tag}" - --platform linux/arm64/v8,linux/amd64 - --push . - after_script: - - | - docker buildx rm zedBuilder && echo "Successfully Stopped builder instance" || echo "Failed to stop builder instance." - docker context rm tls-environment || true - echo "Please review multi-arch manifests are present:" - docker buildx imagetools inspect "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG" - -docker-build-prod: - image: docker:latest - services: - - name: docker:dind - stage: prod-deployment - tags: - - docker_priv - rules: - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH - environment: - name: production - before_script: - - | - apk --no-cache add jq - MAJOR=$(cat app/config/version.json | jq '.major' ) - MINOR=$(cat app/config/version.json | jq '.minor' ) - SUB=$(cat app/config/version.json | jq '.sub' ) - META=$(cat app/config/version.json | jq -r '.meta' ) - - | - apk --no-cache add curl - latest_tag=$(curl -s https://api.github.com/repos/docker/buildx/releases/latest | sed -Ene '/^ *"tag_name": *"(v.+)",$/s//\1/p') - echo "Using buildx version $latest_tag" - curl -sSLo docker-buildx "https://github.com/docker/buildx/releases/download/$latest_tag/buildx-$latest_tag.linux-amd64" - chmod a+x docker-buildx - mkdir -p ~/.docker/cli-plugins - mv docker-buildx ~/.docker/cli-plugins/docker-buildx - docker version - - docker run --rm --privileged aptman/qus -- -r - - docker run --rm --privileged aptman/qus -s -- -p aarch64 x86_64 - - echo $CI_BUILD_TOKEN | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY - script: - - | - tag="" - VERSION="${MAJOR}.${MINOR}.${SUB}-${META}" - - | - echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag" - echo "Crafty Version: $VERSION" - - docker context create tls-environment - - docker buildx create --name zedBuilder --use tls-environment - - docker buildx build - --cache-from type=registry,ref="$CI_REGISTRY_IMAGE${tag}" - --build-arg BUILDKIT_INLINE_CACHE=1 - --build-arg "BUILD_DATE=$(date +"%Y-%m-%dT%H:%M:%SZ")" - --build-arg "BUILD_REF=${CI_COMMIT_SHA}" - --build-arg "CRAFTY_VER=${VERSION}" - --tag "$CI_REGISTRY_IMAGE${tag}" - --platform linux/arm64/v8,linux/amd64 - --push . - after_script: - - | - docker buildx rm zedBuilder && echo "Successfully Stopped builder instance" || echo "Failed to stop builder instance." - docker context rm tls-environment || true - echo "Please review multi-arch manifests are present:" - docker buildx imagetools inspect "$CI_REGISTRY_IMAGE${tag}" - -win-dev-build: - stage: dev-deployment - tags: - - win64 - cache: - paths: - - .venv/ - rules: - - if: "$CI_COMMIT_BRANCH == 'dev'" - environment: - name: development - script: - - | - $ErrorActionPreference = "Stop" - py -m venv .venv - .venv\Scripts\activate.ps1 - pip install pyinstaller - pip install -r requirements.txt - - pyinstaller -F main.py - --distpath . - --icon app\frontend\static\assets\images\Crafty_4-0_Logo_square.ico - --name "crafty_commander" - --paths .venv\Lib\site-packages - --hidden-import cryptography - --hidden-import cffi - --hidden-import apscheduler - --collect-all tzlocal - --collect-all tzdata - --collect-all pytz - --collect-all six - - # Download latest: - # | https://gitlab.com/crafty-controller/crafty-4/-/jobs/artifacts/dev/download?job=win-dev-build - artifacts: - name: "crafty-${CI_RUNNER_TAGS}-${CI_COMMIT_BRANCH}_${CI_COMMIT_SHORT_SHA}" - paths: - - app\ - - .\crafty_commander.exe - exclude: - - app\classes\**\* - -win-prod-build: - stage: prod-deployment - tags: - - win64 - cache: - paths: - - .venv/ - rules: - - if: "$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH" - environment: - name: production - script: - - | - $ErrorActionPreference = "Stop" - py -m venv .venv - .venv\Scripts\activate.ps1 - pip install pyinstaller - pip install -r requirements.txt - - pyinstaller -F main.py - --distpath . - --icon app\frontend\static\assets\images\Crafty_4-0_Logo_square.ico - --name "crafty_commander" - --paths .venv\Lib\site-packages - --hidden-import cryptography - --hidden-import cffi - --hidden-import apscheduler - --collect-all tzlocal - --collect-all tzdata - --collect-all pytz - --collect-all six - - # Download latest: - # | https://gitlab.com/crafty-controller/crafty-4/-/jobs/artifacts/master/download?job=win-prod-build - artifacts: - name: "crafty-${CI_RUNNER_TAGS}-${CI_COMMIT_BRANCH}_${CI_COMMIT_SHORT_SHA}" - paths: - - app\ - - .\crafty_commander.exe - exclude: - - app\classes\**\* +include: + - local: .gitlab/lint.yml + - local: .gitlab/docker-build.yml + - local: .gitlab/windows-build.yml + - template: Security/Dependency-Scanning.gitlab-ci.yml + - template: Security/SAST.gitlab-ci.yml + - template: Security/Secret-Detection.gitlab-ci.yml sast: variables: @@ -277,24 +26,7 @@ sast: SAST_BANDIT_EXCLUDED_PATHS: "'*/migrations/*, */vendors/*'" SAST_EXCLUDED_ANALYZERS: semgrep stage: test - tags: - - docker secret_detection: variables: SECRET_DETECTION_EXCLUDED_PATHS: migrations, vendors - tags: - - docker - -gemnasium-dependency_scanning: - tags: - - docker - -gemnasium-python-dependency_scanning: - tags: - - docker - -include: - - template: Security/Dependency-Scanning.gitlab-ci.yml - - template: Security/SAST.gitlab-ci.yml - - template: Security/Secret-Detection.gitlab-ci.yml diff --git a/.gitlab/docker-build.yml b/.gitlab/docker-build.yml new file mode 100644 index 00000000..49725030 --- /dev/null +++ b/.gitlab/docker-build.yml @@ -0,0 +1,111 @@ +# yamllint disable rule:line-length +--- +docker-build-dev: + image: docker:latest + services: + - name: docker:dind + stage: dev-deployment + tags: + - docker_priv + rules: + - if: $CI_COMMIT_BRANCH == 'dev' + environment: + name: development + before_script: + - | + apk --no-cache add jq + MAJOR=$(cat app/config/version.json | jq '.major' ) + MINOR=$(cat app/config/version.json | jq '.minor' ) + SUB=$(cat app/config/version.json | jq '.sub' ) + META=$(cat app/config/version.json | jq -r '.meta' ) + - | + apk --no-cache add curl + latest_tag=$(curl -s https://api.github.com/repos/docker/buildx/releases/latest | sed -Ene '/^ *"tag_name": *"(v.+)",$/s//\1/p') + echo "Using buildx version $latest_tag" + curl -sSLo docker-buildx "https://github.com/docker/buildx/releases/download/$latest_tag/buildx-$latest_tag.linux-amd64" + chmod a+x docker-buildx + mkdir -p ~/.docker/cli-plugins + mv docker-buildx ~/.docker/cli-plugins/docker-buildx + docker version + - docker run --rm --privileged aptman/qus -- -r + - docker run --rm --privileged aptman/qus -s -- -p aarch64 x86_64 + - echo $CI_BUILD_TOKEN | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY + script: + - | + tag=":$CI_COMMIT_REF_SLUG" + VERSION="${MAJOR}.${MINOR}.${SUB}-${META}" + - | + echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag" + echo "Crafty Version: $VERSION" + - docker context create tls-environment + - docker buildx create --name zedBuilder --use tls-environment + - docker buildx build + --cache-from type=registry,ref="$CI_REGISTRY_IMAGE${tag}" + --build-arg BUILDKIT_INLINE_CACHE=1 + --build-arg "BUILD_DATE=$(date +"%Y-%m-%dT%H:%M:%SZ")" + --build-arg "BUILD_REF=${CI_COMMIT_SHA}" + --build-arg "CRAFTY_VER=${VERSION}" + --tag "$CI_REGISTRY_IMAGE${tag}" + --platform linux/arm64/v8,linux/amd64 + --push . + after_script: + - | + docker buildx rm zedBuilder && echo "Successfully Stopped builder instance" || echo "Failed to stop builder instance." + docker context rm tls-environment || true + echo "Please review multi-arch manifests are present:" + docker buildx imagetools inspect "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG" + +docker-build-prod: + image: docker:latest + services: + - name: docker:dind + stage: prod-deployment + tags: + - docker_priv + rules: + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + environment: + name: production + before_script: + - | + apk --no-cache add jq + MAJOR=$(cat app/config/version.json | jq '.major' ) + MINOR=$(cat app/config/version.json | jq '.minor' ) + SUB=$(cat app/config/version.json | jq '.sub' ) + META=$(cat app/config/version.json | jq -r '.meta' ) + - | + apk --no-cache add curl + latest_tag=$(curl -s https://api.github.com/repos/docker/buildx/releases/latest | sed -Ene '/^ *"tag_name": *"(v.+)",$/s//\1/p') + echo "Using buildx version $latest_tag" + curl -sSLo docker-buildx "https://github.com/docker/buildx/releases/download/$latest_tag/buildx-$latest_tag.linux-amd64" + chmod a+x docker-buildx + mkdir -p ~/.docker/cli-plugins + mv docker-buildx ~/.docker/cli-plugins/docker-buildx + docker version + - docker run --rm --privileged aptman/qus -- -r + - docker run --rm --privileged aptman/qus -s -- -p aarch64 x86_64 + - echo $CI_BUILD_TOKEN | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY + script: + - | + tag="" + VERSION="${MAJOR}.${MINOR}.${SUB}-${META}" + - | + echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag" + echo "Crafty Version: $VERSION" + - docker context create tls-environment + - docker buildx create --name zedBuilder --use tls-environment + - docker buildx build + --cache-from type=registry,ref="$CI_REGISTRY_IMAGE${tag}" + --build-arg BUILDKIT_INLINE_CACHE=1 + --build-arg "BUILD_DATE=$(date +"%Y-%m-%dT%H:%M:%SZ")" + --build-arg "BUILD_REF=${CI_COMMIT_SHA}" + --build-arg "CRAFTY_VER=${VERSION}" + --tag "$CI_REGISTRY_IMAGE${tag}" + --platform linux/arm64/v8,linux/amd64 + --push . + after_script: + - | + docker buildx rm zedBuilder && echo "Successfully Stopped builder instance" || echo "Failed to stop builder instance." + docker context rm tls-environment || true + echo "Please review multi-arch manifests are present:" + docker buildx imagetools inspect "$CI_REGISTRY_IMAGE${tag}" diff --git a/.gitlab/lint.yml b/.gitlab/lint.yml new file mode 100644 index 00000000..1143c295 --- /dev/null +++ b/.gitlab/lint.yml @@ -0,0 +1,70 @@ +# yamllint disable rule:line-length +--- +# YAML Linting [https://yamllint.readthedocs.io/en/latest/] +yamllint: + stage: lint + image: registry.gitlab.com/pipeline-components/yamllint:latest + tags: + - docker + rules: + - if: "$CODE_QUALITY_DISABLED" + when: never + - if: "$CI_COMMIT_TAG || $CI_COMMIT_BRANCH" + script: + - yamllint . + +# JSON Linting [https://github.com/zaach/jsonlint] +jsonlint: + stage: lint + image: registry.gitlab.com/pipeline-components/jsonlint:latest + tags: + - docker + rules: + - if: "$CODE_QUALITY_DISABLED" + when: never + - if: "$CI_COMMIT_TAG || $CI_COMMIT_BRANCH" + script: + - | + find . -not -path './.git/*' -name '*.json' -type f -print0 | + parallel --will-cite -k -0 -n1 jsonlint -q + +# Code Format Checking [https://black.readthedocs.io/en/stable/] +black: + stage: lint + image: registry.gitlab.com/pipeline-components/black:latest + tags: + - docker + rules: + - if: "$CODE_QUALITY_DISABLED" + when: never + - if: "$CI_COMMIT_TAG || $CI_COMMIT_BRANCH" + script: + - black --check --verbose -- . + +# Code Climate/Quality Checking [https://pylint.pycqa.org/en/latest/] +pylint: + stage: lint + image: registry.gitlab.com/pipeline-components/pylint:latest + tags: + - docker + rules: + - if: "$CODE_QUALITY_DISABLED" + when: never + - if: "$CI_COMMIT_TAG || $CI_COMMIT_BRANCH" + before_script: + - mkdir -p public/badges public/lint + - echo undefined > public/badges/$CI_JOB_NAME.score + script: + - pylint --exit-zero --output-format=text $(find -type f -name "*.py" ! -path "**/.venv/**" ! -path "**/app/migrations/**") | tee /tmp/pylint.txt + - sed -n 's/^Your code has been rated at \([-0-9.]*\)\/.*/\1/p' /tmp/pylint.txt > public/badges/$CI_JOB_NAME.score + - pylint --exit-zero --output-format=pylint_gitlab.GitlabCodeClimateReporter $(find -type f -name "*.py" ! -path "**/.venv/**" ! -path "**/app/migrations/**") > codeclimate.json + after_script: + - anybadge --overwrite --label $CI_JOB_NAME --value=$(cat public/badges/$CI_JOB_NAME.score) --file=public/badges/$CI_JOB_NAME.svg 4=red 6=orange 8=yellow 10=green + - | + echo "Your score is: $(cat public/badges/$CI_JOB_NAME.score)" + artifacts: + paths: + - public + reports: + codequality: codeclimate.json + when: always diff --git a/.gitlab/windows-build.yml b/.gitlab/windows-build.yml new file mode 100644 index 00000000..1487155f --- /dev/null +++ b/.gitlab/windows-build.yml @@ -0,0 +1,83 @@ +# yamllint disable rule:line-length +--- +win-dev-build: + stage: dev-deployment + tags: + - win64 + cache: + paths: + - .venv/ + rules: + - if: "$CI_COMMIT_BRANCH == 'dev'" + environment: + name: development + script: + - | + $ErrorActionPreference = "Stop" + py -m venv .venv + .venv\Scripts\activate.ps1 + pip install pyinstaller + pip install -r requirements.txt + - pyinstaller -F main.py + --distpath . + --icon app\frontend\static\assets\images\Crafty_4-0_Logo_square.ico + --name "crafty_commander" + --paths .venv\Lib\site-packages + --hidden-import cryptography + --hidden-import cffi + --hidden-import apscheduler + --collect-all tzlocal + --collect-all tzdata + --collect-all pytz + --collect-all six + + # Download latest: + # | https://gitlab.com/crafty-controller/crafty-4/-/jobs/artifacts/dev/download?job=win-dev-build + artifacts: + name: "crafty-${CI_RUNNER_TAGS}-${CI_COMMIT_BRANCH}_${CI_COMMIT_SHORT_SHA}" + paths: + - app\ + - .\crafty_commander.exe + exclude: + - app\classes\**\* + +win-prod-build: + stage: prod-deployment + tags: + - win64 + cache: + paths: + - .venv/ + rules: + - if: "$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH" + environment: + name: production + script: + - | + $ErrorActionPreference = "Stop" + py -m venv .venv + .venv\Scripts\activate.ps1 + pip install pyinstaller + pip install -r requirements.txt + - pyinstaller -F main.py + --distpath . + --icon app\frontend\static\assets\images\Crafty_4-0_Logo_square.ico + --name "crafty_commander" + --paths .venv\Lib\site-packages + --hidden-import cryptography + --hidden-import cffi + --hidden-import apscheduler + --collect-all tzlocal + --collect-all tzdata + --collect-all pytz + --collect-all six + + # Download latest: + # | https://gitlab.com/crafty-controller/crafty-4/-/jobs/artifacts/master/download?job=win-prod-build + artifacts: + name: "crafty-${CI_RUNNER_TAGS}-${CI_COMMIT_BRANCH}_${CI_COMMIT_SHORT_SHA}" + paths: + - app\ + - .\crafty_commander.exe + exclude: + - app\classes\**\*