This repository has been archived by the owner on Sep 1, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
105 lines (99 loc) · 3.18 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
---
variables:
FF_USE_FASTZIP: 'true'
ARTIFACT_COMPRESSION_LEVEL: fastest
CACHE_COMPRESSION_LEVEL: fastest
GIT_DEPTH: '1'
RENOVATE_ENDPOINT: $CI_API_V4_URL
RENOVATE_PLATFORM: gitlab
CI_RENOVATE_IMAGE: ghcr.io/renovatebot/renovate:38.59.2@sha256:43a32c54fe9a67fa6da72733c3fa38c836ccb8190fff7479681942f0e2683e15
CI_ALPINE_IMAGE: alpine:3.20.2
FLUX_VERSION: 2.3.0
KUBE_VERSION: 1.30.2
stages: [🏗️build, 👀diff]
🚧renovate:
stage: 🏗️build
image: $CI_RENOVATE_IMAGE
cache:
key: ${CI_COMMIT_REF_SLUG}-renovate
paths: [renovate/cache/renovate/repository/]
script:
- renovate-config-validator $RENOVATE_CONFIG_VALIDATOR_EXTRA_FLAGS
- renovate --autodiscover
rules:
- if: $CI_PIPELINE_SOURCE == "schedule"
.diff_job:
stage: 👀diff
image: $CI_ALPINE_IMAGE
before_script:
- echo "@edge https://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories
- |
apk add --no-cache \
git \
bash \
kubectl@edge=$KUBE_VERSION-r0 \
flux@edge=$FLUX_VERSION-r0 \
kustomize@edge \
helm@edge \
pipx@edge
- pipx ensurepath && source ~/.bashrc
- pipx install flux-local
script:
- git fetch origin $CI_DEFAULT_BRANCH
- |
flux-local diff $RESOURCE -A \
--path ./kube/flux/ \
--branch-orig $CI_DEFAULT_BRANCH \
--output-file diff_$RESOURCE.patch
artifacts:
paths: [diff_$RESOURCE.patch]
expire_in: 1 days
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
👀flux-diff-helmrelease:
extends: .diff_job
variables:
RESOURCE: helmrelease
👀flux-diff-kustomization:
extends: .diff_job
variables:
RESOURCE: kustomization
💬comment:
stage: 👀diff
image: $CI_ALPINE_IMAGE
before_script: [apk add --no-cache curl jq]
script:
- |
# Loop through each resource
for RESOURCE in helmrelease kustomization; do
# Check if the diff file is not empty
if [ -n "$(cat diff_$RESOURCE.patch)" ]; then
# Create a comment
echo -e "<details><summary>$RESOURCE diff for $CI_COMMIT_SHORT_SHA:</summary>\n\n\`\`\`diff\n$(cat diff_$RESOURCE.patch)\n\`\`\`</details>" > diff_$RESOURCE.patch.md
comment=$(cat diff_$RESOURCE.patch.md)
json_data=$(jq -n --arg comment "$comment" '{body: $comment}')
# Post the comment to the merge request
curl --show-error -so ./log_comment_diff_$RESOURCE.json \
--request POST \
--header "PRIVATE-TOKEN: $ROBOT_TOKEN" \
--header "Content-Type: application/json" \
-d "$json_data" \
--url "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/merge_requests/${CI_MERGE_REQUEST_IID}/notes"
else
echo "No diff to comment for $RESOURCE"
fi
done
needs:
- job: 👀flux-diff-helmrelease
artifacts: true
- job: 👀flux-diff-kustomization
artifacts: true
artifacts:
paths:
- diff_helmrelease.patch.md
- diff_kustomization.patch.md
- log_comment_diff_helmrelease.json
- log_comment_diff_kustomization.json
expire_in: 1 days
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"