https://github.com/ICIJ/datashare
Tip revision: 975161819dd47b084893e555c4992dabf282a620 authored by Pierre Romera on 04 July 2024, 10:04:08 UTC
[release] 17.1.1
[release] 17.1.1
Tip revision: 9751618
config.yml
version: 2.1
parameters:
publish_backend_doc:
type: boolean
default: false
jobs:
build_back:
docker:
- image: cimg/openjdk:17.0.11
- image: docker.elastic.co/elasticsearch/elasticsearch:7.9.1
environment:
- "discovery.type=single-node"
- "cluster.name=datashare"
- "ES_JAVA_OPTS=-Xms256m -Xmx256m"
name: elasticsearch
- image: redis:4.0.1-alpine
name: redis
- image: postgres:11.2
name: postgres
environment:
POSTGRES_USER: dstest
POSTGRES_PASSWORD: test
POSTGRES_DB: dstest
- image: rabbitmq:3
name: rabbitmq
environment:
RABBITMQ_DEFAULT_USER: admin
RABBITMQ_DEFAULT_PASS: admin
- image: adobe/s3mock:latest
name: s3mock
working_directory: /tmp/datashare
environment:
MAVEN_OPTS: "-Xms512m -Xmx512m -Xss10M"
steps:
- checkout
# Download and cache dependencies
- restore_cache:
keys:
- v1-dependencies-{{ checksum "pom.xml" }}
- run:
name: create a bootstrap datashare DB for jooq code generation
command: |
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ buster-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
wget --no-check-certificate --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
sudo apt-get update
sudo apt-get install -y postgresql-client-11
PGPASSWORD=test psql -h postgres -U dstest dstest -c "CREATE DATABASE datashare_liquibase;"
- run:
name: Configure GPG private key for signing project artifacts in OSS Sonatype
shell: /bin/bash
command: |
echo ${RELEASES_GPG_PRIV_BASE64} | base64 --decode | gpg --batch --no-tty --import --yes
- run: sudo apt-get install -y tesseract-ocr-eng
- run: mvn validate
- run: mvn -s .circleci/maven-release-settings.xml -pl commons-test -am install
- run: mvn -pl datashare-db liquibase:update
- run: mvn test
- run:
name: make install for app and corenlp modules
command: mvn -s .circleci/maven-release-settings.xml -pl datashare-app -pl datashare-nlp-corenlp -am install -Dmaven.test.skip=true
- run: mvn -pl datashare-dist package
- run:
name: acceptance test for embedded mode
command: |
VERSION=$(head pom.xml | grep '<version>[0-9.]\+' | sed 's/<version>\([0-9.]\+\)<\/version>/\1/g' | tr -d '[:space:]')
DS_ELASTICSEARCH_DATA_PATH=$HOME java -cp datashare-dist/target/datashare-dist-${VERSION}-all.jar org.icij.datashare.text.indexing.elasticsearch.EsEmbeddedServer -- 5
- save_cache:
paths:
- ~/.m2
key: v1-dependencies-{{ checksum "pom.xml" }}
publish_doc:
docker:
- image: cimg/openjdk:17.0.11
- image: docker.elastic.co/elasticsearch/elasticsearch:7.9.1
environment:
- "discovery.type=single-node"
- "cluster.name=datashare"
- "ES_JAVA_OPTS=-Xms256m -Xmx256m"
name: elasticsearch
- image: postgres:11.2
name: postgres
environment:
POSTGRES_USER: dstest
POSTGRES_DB: dstest
POSTGRES_PASSWORD: test
working_directory: ~/datashare
environment:
MAVEN_OPTS: "-Xms512m -Xmx512m -Xss10M"
steps:
- checkout
- restore_cache:
keys:
- v1-dependencies-{{ checksum "pom.xml" }}
- run:
name: Prepare SSH directory
command: |
mkdir -p ~/.ssh
chmod 700 ~/.ssh
- add_ssh_keys:
fingerprints:
# This deploy key has read-write permission on ICIJ/datashare-docs repository
# @see https://app.circleci.com/settings/project/github/ICIJ/datashare/ssh
# @see https://github.com/ICIJ/datashare-docs/settings/keys
- "d0:5d:4a:ba:8a:55:2e:1f:6f:ad:57:c5:e0:21:ce:34"
- run:
name: Configure Git identity
command: |
git config --global user.name $CIRCLE_USERNAME
git config --global user.email "engineering@icij.org"
- run:
name: Checkout Datashare Doc repository
command: |
ssh-keyscan github.com >> ~/.ssh/known_hosts
git clone git@github.com:ICIJ/datashare-docs.git ~/datashare-docs
- run:
name: Make dist without frontend
command: mvn -pl datashare-dist package
- run:
name: Populate apigen index
command: ./doc/apigen/populate_apigen.sh
- run:
name: Launch datashare apigen
command: ./doc/apigen/datashare_for_apigen.sh
background: true
- run:
name: Install apigen
command: |
sudo apt-get update
sudo apt-get install -y python3-pip
sudo pip3 install fluent-http-apigen
- run:
name: Run apigen
command: apigen datashare-app/src/main/java/org/icij/datashare/web/*Resource.java > ~/datashare-docs/developers/backend/api.md
- run:
name: Install postgres
command: |
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ buster-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
wget --no-check-certificate --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
sudo apt-get update
sudo apt-get install -y postgresql-client-11
- run:
name: Generate db doc
environment:
PGDB: datashare_liquibase
PGUSER: dstest
PGPASSWORD: test
command: |
echo "postgres:5432:$PGDB:$PGUSER:$PGPASSWORD" > ~/.pgpass && chmod 600 ~/.pgpass
createdb -U $PGUSER -h postgres $PGDB
mvn -pl commons-test -am install
mvn -pl datashare-db liquibase:update
./datashare-db/scr/build_db_doc.sh > ~/datashare-docs/developers/backend/database.md
- run:
name: Add/Commit changes to the doc
command: |
git -C ~/datashare-docs add -A
git -C ~/datashare-docs commit -am "doc: update backend documentation [${CIRCLE_SHA1}]" || true
- run:
name: Push changes to the doc
command: git -C ~/datashare-docs push origin main
package_back:
docker:
- image: cimg/openjdk:17.0.11
working_directory: /tmp/datashare
environment:
MAVEN_OPTS: "-Xms512m -Xmx512m -Xss10M"
steps:
- attach_workspace:
at: /tmp/datashare-client
- checkout
- restore_cache:
keys:
- v1-dependencies-{{ checksum "pom.xml" }}
- run:
name: make app link to front
command: cp -R /tmp/datashare-client/dist /tmp/datashare/app
- run:
name: make dist including frontend
command: mvn -pl datashare-dist package
- run:
name: make tarball for non debian linux
command: |
cp /tmp/datashare/datashare-dist/src/main/deb/bin/datashare /tmp/datashare/datashare-dist/target
cd /tmp/datashare/datashare-dist/target
tar cvzf datashare-dist-${CIRCLE_TAG}.tgz datashare datashare-dist-${CIRCLE_TAG}-all.jar
- persist_to_workspace:
root: /tmp/datashare
paths:
- datashare-dist
deploy_back:
docker:
- image: cimg/openjdk:17.0.11
working_directory: /tmp
steps:
- attach_workspace:
at: /tmp/datashare
- run:
name: deploy datashare dist and es mappings/settings jar to github release
command: |
upload_url=$(curl -X POST -s -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $GITHUB_TOKEN" -d "{\"tag_name\":\"${CIRCLE_TAG}\", \"name\":\"${CIRCLE_TAG}\",\"body\":\"release ${CIRCLE_TAG}\"}" "https://api.github.com/repos/ICIJ/datashare/releases" | jq -r '.upload_url')
upload_url="${upload_url%\{*}"
echo "uploading asset to release url: $upload_url"
curl -X POST -s -m 120 -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/java-archive" --data-binary "@/tmp/datashare/datashare-dist/target/datashare-dist-${CIRCLE_TAG}-all.jar" "$upload_url?name=datashare-dist-${CIRCLE_TAG}-all.jar&label=datashare-dist-${CIRCLE_TAG}-all.jar"
curl -X POST -s -m 120 -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/java-archive" --data-binary "@/tmp/datashare/datashare-dist/target/datashare-dist-${CIRCLE_TAG}-back.jar" "$upload_url?name=datashare-dist-${CIRCLE_TAG}.jar&label=datashare-dist-${CIRCLE_TAG}.jar"
curl -X POST -s -m 120 -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/json" --data-binary "@/tmp/datashare/datashare-index/src/main/resources/datashare_index_mappings.json" "$upload_url?name=datashare_index_mappings.json&label=datashare_index_mappings.json"
curl -X POST -s -m 120 -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/json" --data-binary "@/tmp/datashare/datashare-index/src/main/resources/datashare_index_settings.json" "$upload_url?name=datashare_index_settings.json&label=datashare_index_settings.json"
curl -X POST -s -m 120 -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/json" --data-binary "@/tmp/datashare/datashare-index/src/main/resources/datashare_index_settings_windows.json" "$upload_url?name=datashare_index_settings_windows.json&label=datashare_index_settings_windows.json"
build_front:
resource_class: large
docker:
- image: cimg/node:18.19
- image: docker.elastic.co/elasticsearch/elasticsearch:7.9.1
environment:
- "discovery.type=single-node"
- "cluster.name=datashare"
- "ES_JAVA_OPTS=-Xms256m -Xmx256m"
- "http.cors.enabled=true"
- "http.cors.allow-origin=*"
- "http.cors.allow-methods=OPTIONS, HEAD, GET, POST, PUT, DELETE"
name: elasticsearch
working_directory: /tmp
steps:
- attach_workspace:
at: /tmp/datashare
- run:
name: adds_ssh_dir
command: |
mkdir -p ~/.ssh
chmod 700 ~/.ssh
- add_ssh_keys:
fingerprints:
- "b3:e6:7c:f3:86:9e:e9:88:d1:cf:22:8c:97:3e:93:54"
- run:
name: clone
command: |
ssh-keyscan github.com >> ~/.ssh/known_hosts
git clone git@github.com:ICIJ/datashare-client.git
- run:
name: release client on GitHub
command: |
upload_url=$(curl -X POST -s -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $GITHUB_TOKEN" -d "{ \"tag_name\": \"${CIRCLE_TAG}\", \"target_commitish\": \"main\", \"name\": \"${CIRCLE_TAG}\", \"body\": \"Released by Circle CI\", \"draft\": false, \"prerelease\": false }" "https://api.github.com/repos/ICIJ/datashare-client/releases")
echo $upload_url > /tmp/datashare-client/datashare-client.url
- run:
name: checkout tag
command: |
cd datashare-client
git pull origin main --tags
git checkout ${CIRCLE_TAG}
- restore_cache:
keys:
- dependency-cache-{{ checksum "/tmp/datashare-client/package.json" }}
- dependency-cache-
- run:
name: make install
command: |
cd /tmp/datashare-client
make install
- save_cache:
key: dependency-cache-{{ checksum "/tmp/datashare-client/package.json" }}
paths:
- /tmp/datashare-client/node_modules
- run:
name: run tests
command: |
cd /tmp/datashare-client
yarn test:unit --silent --minWorkers 1 --maxWorkers 2
- run:
name: build the from for distribution
command: |
cd /tmp/datashare-client
make dist
- persist_to_workspace:
root: /tmp/datashare-client
paths:
- dist
- datashare-client.url
deploy_front:
docker:
- image: cimg/node:18.19
working_directory: /tmp
steps:
- attach_workspace:
at: /tmp/datashare
- run:
name: deploy datashare-client dist to github release
command: |
cd /tmp/datashare/dist
tar czf ../datashare-client-${CIRCLE_TAG}.tgz .
zip -r ../datashare-client-${CIRCLE_TAG}.zip .
upload_url=$(cat /tmp/datashare/datashare-client.url | jq -r '.upload_url')
if [ "$upload_url" = "null" ]; then
upload_url=$(curl -s -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/ICIJ/datashare-client/releases/tags/${CIRCLE_TAG}" | jq -r '.upload_url')
fi
upload_url="${upload_url%\{*}"
echo "uploading asset to release url: $upload_url"
curl -X POST -s -m 120 -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/zip" --data-binary "@/tmp/datashare/datashare-client-${CIRCLE_TAG}.zip" "$upload_url?name=datashare-client-${CIRCLE_TAG}.zip&label=datashare-client-${CIRCLE_TAG}.zip"
curl -X POST -s -m 120 -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/gzip" --data-binary "@/tmp/datashare/datashare-client-${CIRCLE_TAG}.tgz" "$upload_url?name=datashare-client-${CIRCLE_TAG}.tgz&label=datashare-client-${CIRCLE_TAG}.tgz"
build_docker:
docker:
- image: docker:20.10.22-git
working_directory: /tmp
steps:
- attach_workspace:
at: /tmp/datashare
- setup_remote_docker
- run:
name: Login to Docker hub
command: |
docker login -u ${DOCKER_USER} -p ${DOCKER_PASS}
- run:
name: Install tonistiigi/binfmt support for additional platforms
command: |
docker run --privileged --rm tonistiigi/binfmt --install all
- run:
name: Build and push the image for several platform
command: |
cd /tmp/datashare/datashare-dist/target/datashare-dist-$CIRCLE_TAG-docker/
docker buildx create --use
docker buildx build \
--platform linux/amd64,linux/arm64 \
-t icij/datashare:${CIRCLE_TAG} \
--push .
build_installers:
resource_class: large
docker:
- image: cimg/rust:1.77.1
working_directory: /tmp
steps:
- attach_workspace:
at: /tmp/datashare
- restore_cache:
keys:
- cargo-cache
- run:
name: Install dependencies
command: |
sudo apt-get update && sudo apt install -y nsis cpio jq imagemagick icnsutils libxml2-dev
wget https://nsis.sourceforge.io/mediawiki/images/c/c9/Inetc.zip && unzip Inetc.zip && sudo cp Plugins/x86-unicode/INetC.dll /usr/share/nsis/Plugins/x86-unicode/ && echo "cp INetC.dll done"
wget https://nsis.sourceforge.io/mediawiki/images/7/7f/EnVar_plugin.zip && unzip EnVar_plugin.zip && sudo cp Plugins/x86-unicode/EnVar.dll /usr/share/nsis/Plugins/x86-unicode && echo "cp EnVar.dll done"
wget https://github.com/ICIJ/bomutils/archive/refs/heads/master.zip && unzip master.zip && cd bomutils-master && make && sudo make install
wget https://github.com/mackyle/xar/archive/refs/tags/xar-1.6.1.tar.gz && tar -zxf xar-1.6.1.tar.gz && cd xar-xar-1.6.1/xar && sed -i 's/OpenSSL_add_all_ciphers/OPENSSL_init_crypto/g' configure.ac && ./autogen.sh && make && sudo make install
wget https://nsis.sourceforge.io/mediawiki/images/9/9d/Untgz.zip && unzip Untgz.zip && sudo cp untgz/untgz.dll /usr/share/nsis/Plugins/ && echo "cp untgz.dll done"
cargo install apple-codesign
- save_cache:
key: cargo-cache
paths:
- $HOME/.cargo
- run:
name: Adds SSH directory
command: |
mkdir -p ~/.ssh
chmod 700 ~/.ssh
- add_ssh_keys:
fingerprints:
- "b3:e6:7c:f3:86:9e:e9:88:d1:cf:22:8c:97:3e:93:54"
- run:
name: Configure Git identity
command: |
git config --global user.name $CIRCLE_USERNAME
git config --global user.email "engineering@icij.org"
- run:
name: Checkout
command: |
ssh-keyscan github.com >> ~/.ssh/known_hosts
git clone git@github.com:ICIJ/datashare-installer.git
- run:
name: Build Mac installer
command: |
cd /tmp/datashare-installer/mac
make VERSION=${CIRCLE_TAG} all
- run:
name: Build Windows installer
command: |
cd /tmp/datashare-installer/windows
make VERSION=${CIRCLE_TAG} all
- run:
name: Build Linux installer
command: |
cd /tmp/datashare-installer/linux
make VERSION=${CIRCLE_TAG} all
- run:
name: Populate VERSION.txt file
command: echo $CIRCLE_TAG > /tmp/datashare-installer/VERSION.txt
- run:
name: Commit version changes
command: |
git -C /tmp/datashare-installer/ commit -am "build: bump to ${CIRCLE_SHA1}" || true
- run:
name: Push changes
command: git -C /tmp/datashare-installer/ push origin main
- run:
name: Create git tag
command: |
curl -s -H "Authorization: token $GITHUB_TOKEN" -d "{\"tag_name\":\"${CIRCLE_TAG}\", \"name\":\"${CIRCLE_TAG}\",\"body\":\"release ${CIRCLE_TAG}\",\"prerelease\":true}" "https://api.github.com/repos/ICIJ/datashare-installer/releases"
- run:
name: Deploy installers on github
command: |
cd /tmp/datashare-installer
./deploy.sh ${CIRCLE_TAG}
upload_url=$(curl -s -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/ICIJ/datashare-installer/releases/tags/${CIRCLE_TAG}" | jq -r '.upload_url')
upload_url="${upload_url%\{*}"
curl -X POST -s -m 120 -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/vnd.debian.binary-package" --data-binary "@/tmp/datashare/datashare-dist/target/datashare-dist-${CIRCLE_TAG}.deb" "$upload_url?name=datashare-${CIRCLE_TAG}.deb&label=datashare-${CIRCLE_TAG}.deb"
curl -X POST -s -m 120 -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/gzip" --data-binary "@/tmp/datashare/datashare-dist/target/datashare-dist-${CIRCLE_TAG}.tgz" "$upload_url?name=datashare-${CIRCLE_TAG}.tgz&label=datashare-${CIRCLE_TAG}.tgz"
deploy_datashare_tasks:
docker:
- image: cimg/openjdk:17.0.11
- image: redis:4.0.1-alpine
name: redis
- image: rabbitmq:3
name: rabbitmq
environment:
RABBITMQ_DEFAULT_USER: admin
RABBITMQ_DEFAULT_PASS: admin
environment:
MAVEN_OPTS: "-Xms512m -Xmx512m -Xss10M"
steps:
- checkout
- run:
name: Configure GPG private key for signing project artifacts in OSS Sonatype
shell: /bin/bash
command: |
echo ${RELEASES_GPG_PRIV_BASE64} | base64 --decode | gpg --batch --no-tty --import --yes
- run:
name: Build and deploy datashare-tasks
command: mvn -s .circleci/maven-release-settings.xml -pl datashare-tasks -am deploy
deploy_datashare_api:
docker:
- image: cimg/openjdk:17.0.11
- image: adobe/s3mock:latest
name: s3mock
environment:
MAVEN_OPTS: "-Xms512m -Xmx512m -Xss10M"
steps:
- checkout
- run:
name: Configure GPG private key for signing project artifacts in OSS Sonatype
shell: /bin/bash
command: |
echo ${RELEASES_GPG_PRIV_BASE64} | base64 --decode | gpg --batch --no-tty --import --yes
- run:
name: Build and deploy datashare-api
command: mvn -s .circleci/maven-release-settings.xml -pl datashare-api -am deploy
deploy_datashare_cli:
docker:
- image: cimg/openjdk:17.0.11
environment:
MAVEN_OPTS: "-Xms512m -Xmx512m -Xss10M"
steps:
- checkout
- run:
name: Configure GPG private key for signing project artifacts in OSS Sonatype
shell: /bin/bash
command: |
echo ${RELEASES_GPG_PRIV_BASE64} | base64 --decode | gpg --batch --no-tty --import --yes
- run:
name: Build and deploy datashare-cli
command: mvn -s .circleci/maven-release-settings.xml -pl datashare-cli -am deploy
workflows:
version: 2
build_workflow:
when:
not: << pipeline.parameters.publish_backend_doc >>
jobs:
- build_back:
filters:
tags:
only: /.*/
- package_back:
requires:
- build_back
- build_front
filters:
tags:
only: /^[0-9]+\..*/
branches:
ignore: /.*/
- deploy_back:
requires:
- package_back
filters:
tags:
only: /^[0-9]+\..*/
branches:
ignore: /.*/
- build_front:
requires:
- build_back
filters:
tags:
only: /^[0-9]+\..*/
branches:
ignore: /.*/
- deploy_front:
requires:
- build_front
filters:
tags:
only: /^[0-9]+\..*/
branches:
ignore: /.*/
- build_docker:
requires:
- package_back
filters:
tags:
only: /^[0-9]+\..*/
branches:
ignore: /.*/
- build_installers:
requires:
- build_docker
filters:
tags:
only: /^[0-9]+\..*/
branches:
ignore: /.*/
- deploy_datashare_tasks:
filters:
tags:
only: /^datashare-tasks\/[0-9]+\..*/
branches:
ignore: /.*/
- deploy_datashare_api:
filters:
tags:
only: /^datashare-api\/[0-9]+\..*/
branches:
ignore: /.*/
- deploy_datashare_cli:
filters:
tags:
only: /^datashare-cli\/[0-9]+\..*/
branches:
ignore: /.*/