# commit_sha 文件记录上一次成功流水线的commit sha,用于定时计划检测是否有新代码提交,有就执行流水线,没有就终止流水线 cache: # 不同的分支采用不同的 cache,防止分支之间相互影响 key: "${CI_COMMIT_REF_SLUG}_commit_sha" paths: - commit_sha policy: pull # 将打包&发送apk包邮件job 和代码分析job 并行执行 stages: - build&analyze - oss-upload&send-email - ci_sonar_mail # 阻止了 合并请求 或 push(分支和标签)的流水线。 最后的 when: always 规则运行所有其他流水线类型,包括定时计划流水线。 workflow: rules: - if: '$CI_PIPELINE_SOURCE == "push"' when: always - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' when: never - when: always before_script: # 检查是否存在 commit_sha 文件 - if [ -f commit_sha ]; then cat commit_sha; else echo "0000000" > commit_sha; fi - export BEFORE_COMMIT_SHA=$(cat commit_sha) # 比较commit sha ,若与上一次成功流水线的commit sha 相同,则退出流水线 - if [ "$CI_COMMIT_SHA" == "$BEFORE_COMMIT_SHA" ] && [ "$CI_PIPELINE_SOURCE" != "web" ]; then exit 137; fi # 使用 .post 阶段使作业在流水线的末尾运行。.post 始终是流水线的最后阶段。 change_commit: tags: - offline-test stage: .post # 此job 跳过拉取git代码 variables: GIT_STRATEGY: none script: # 更新 commit_sha - if [ "$CI_COMMIT_SHA" != "$BEFORE_COMMIT_SHA" ]; then echo $CI_COMMIT_SHA > commit_sha; fi cache: # 不同的分支采用不同的 cache,防止分支之间相互影响 key: "${CI_COMMIT_REF_SLUG}_commit_sha" paths: - commit_sha policy: pull-push allow_failure: exit_codes: 137 android_build: tags: # - local-runner - offline-test stage: build&analyze image: hub.shanqu.cc/library/ci-android:jdk11-sdk31-33 resource_group: android_build variables: GIT_SUBMODULE_STRATEGY: recursive KUBERNETES_CPU_LIMIT: "10" script: - export GRADLE_USER_HOME=/home/gitlab-runner/ci-build-cache/$CI_PROJECT_PATH/.gradle - chmod +x ./gradlew - ./scripts/jenkins_build.sh -c #设置打包后的产物,用于job之间共享 artifacts: paths: - app/build/tmp/*.apk expire_in: 48 hrs # 指定附件上载后保存的时间24h,默认永久在Gitlab保存 allow_failure: exit_codes: 137 only: - dev - dev-5.28.0 # 代码检查 sonarqube_analysis: tags: - offline-test stage: build&analyze image: sonarsource/sonar-scanner-cli:latest dependencies: [] #禁止传递来的artifact script: ## 获取项目的一级组和二级组和项目名作为projectKey,例如projectKey=platform-backend-eci-monitor - group=`echo $CI_PROJECT_PATH | sed 's#/#-#g'` - sonar-scanner -Dsonar.host.url=http://sonarqube-server.sonarqube:9000/ -Dsonar.login=be43de7264ce4c4766eb0c020373c3e74e6df257 -Dsonar.jacoco.reportPaths=target/jacoco.exec -Dsonar.projectKey=$group -Dsonar.projectName=$CI_PROJECT_PATH -Dsonar.sourceEncoding=UTF-8 -Dsonar.exclusions=**/vendor/**,**/errcode/** -Dsonar.gitlab.project_id=$CI_PROJECT_ID -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.ci_merge_request_iid=$CI_MERGE_REQUEST_IID -Dsonar.gitlab.merge_request_discussion=true -Dsonar.java.binaries=. -Dsonar.branch.name=$CI_COMMIT_REF_NAME allow_failure: exit_codes: 137 only: - dev - dev-5.28.0 ## 发送简易检测结果报告 send_sonar_report: tags: - offline-test stage: ci_sonar_mail image: hub.shanqu.cc/library/docker:latest # 此job 跳过拉取git代码 variables: GIT_STRATEGY: none script: - group=`echo $CI_PROJECT_PATH | sed 's#/#-#g'` - docker run -e PROJECTKEY=$group -e EMAIL=$GITLAB_USER_EMAIL -e BRANCH=$CI_COMMIT_REF_NAME --name send-email --rm hub.shanqu.cc/platform/send-sonar-report:latest allow_failure: exit_codes: 137 only: - dev - dev-5.28.0 oss-upload&send-email: tags: - rancher-k8s stage: oss-upload&send-email image: hub.shanqu.cc/devops/android-apk-oss-upload:latest variables: GIT_STRATEGY: none VAULT_ADDR: https://vault.shanqu.cc # 固定值 VAULT_SECRET_PATH: prod/devops/android-apk-oss-upload # 固定值 VAULT_ROLE: android-apk-oss-upload # 固定值 ENDPOINT: "oss-cn-shenzhen-internal.aliyuncs.com" # 固定值 BUCKET: "shanqu" # 固定值 FILE_PATH: "app/build/tmp/" # APK 存放路径 Email_To_List: $EMAIL_TO_LIST # 邮件接受人列表 Email_Title: "光环助手 $CI_COMMIT_BRANCH" # 邮件标题 PIPELINE_ID: $CI_PIPELINE_ID # 流水线id COMMIT_BRANCH: $CI_COMMIT_BRANCH # 提交分支 MAIL_MESSAGE: "[$CI_COMMIT_AUTHOR] $CI_COMMIT_MESSAGE" needs: - job: android_build artifacts: true script: ### 绑定上传参数 ### - export OSS_PATH="release/dev/${CI_PROJECT_NAME}/$(date "+%Y/%m/%d")" ### 开启上传 ### - /usr/local/bin/python /upload.py ### 发送邮件 - /usr/local/bin/python /ci-android-mail.py only: - dev - dev-5.28.0