Configure CI to build and publish Debian packages

.gitlab-ci.yml

@@ -0,0 +1,150 @@
+---
+stages:
+  - tests
+  - build
+  - upload
+  - release
+  - publish
+
+tests:
+  image: docker.io/brenard/python-pre-commit:latest
+  stage: tests
+  script:
+    - pre-commit run --all-files
+
+build:debian12:
+  image: docker.io/brenard/debian-python-deb:debian12
+  stage: build
+  rules:
+    - if: $CI_COMMIT_TAG
+  before_script:
+    - ./build.sh --install-build-deps-only -x
+  script:
+    - >
+      if [ "$GITLAB_CI" == "true" ]; then
+        ./build.sh -x --purge-sources-directory
+      else
+        ./build.sh -x
+      fi
+  artifacts:
+    paths:
+      - dist/*
+
+build:debian11:
+  image: docker.io/brenard/debian-python-deb:debian11
+  stage: build
+  rules:
+    - if: $CI_COMMIT_TAG
+  before_script:
+    - ./build.sh --install-build-deps-only -x
+  script:
+    - >
+      if [ "$GITLAB_CI" == "true" ]; then
+        ./build.sh -x --purge-sources-directory
+      else
+        ./build.sh -x
+      fi
+  artifacts:
+    paths:
+      - dist/*
+
+build:debian10:
+  image: docker.io/brenard/debian-python-deb:debian10
+  stage: build
+  rules:
+    - if: $CI_COMMIT_TAG
+  before_script:
+    - ./build.sh --install-build-deps-only -x
+  script:
+    - >
+      if [ "$GITLAB_CI" == "true" ]; then
+        ./build.sh -x --purge-sources-directory
+      else
+        ./build.sh -x
+      fi
+  artifacts:
+    paths:
+      - dist/*
+
+upload:
+  stage: upload
+  image:
+    name: docker.io/alpine
+  needs:
+    - "build:debian12"
+    - "build:debian11"
+    - "build:debian10"
+  rules:
+    - if: $CI_COMMIT_TAG
+  before_script:
+    - apk update
+    - apk add bash curl
+  script:
+    - bash -x .gitlab/upload.sh
+  artifacts:
+    paths:
+      - dist/release-notes.md
+      - dist/release-files.txt
+
+release:
+  stage: release
+  image: docker.io/alpine
+  needs:
+    - "upload"
+  rules:
+    - if: $CI_COMMIT_TAG
+  before_script:
+    - apk update
+    - apk add bash curl jo
+    - |
+      curl --location \
+        --output /usr/local/bin/release-cli \
+        "https://gitlab.com/api/v4/projects/gitlab-org%2Frelease-cli/packages/generic/release-cli/latest/release-cli-linux-amd64"
+    - chmod +x /usr/local/bin/release-cli
+  script:
+    - bash -x .gitlab/release.sh
+
+publish:debian12:
+  image:
+    name: docker.io/brenard/aptly-publish:latest
+    entrypoint: ["/bin/sh", "-c"]
+  stage: publish
+  script:
+    - echo "Publish packages for Debian Bookworm (12) on Easter-eggs APT repository..."
+    - aptly-publish
+  needs:
+    - "build:debian12"
+    - job: "release"
+      artifacts: false
+  rules:
+    - if: $CI_COMMIT_TAG
+
+publish:debian11:
+  image:
+    name: docker.io/brenard/aptly-publish:latest
+    entrypoint: ["/bin/sh", "-c"]
+  stage: publish
+  script:
+    - echo "Publish packages for Debian Bullseye (11) on Easter-eggs APT repository..."
+    - aptly-publish
+  needs:
+    - "build:debian11"
+    - job: "release"
+      artifacts: false
+  rules:
+    - if: $CI_COMMIT_TAG
+
+publish:debian10:
+  image:
+    name: docker.io/brenard/aptly-publish:latest
+    entrypoint: ["/bin/sh", "-c"]
+  stage: publish
+  script:
+    - echo "Publish packages for Debian Buster (10) on Easter-eggs APT repository..."
+    - aptly-publish
+  needs:
+    - "build:debian10"
+    - job: "release"
+      artifacts: false
+  rules:
+    - if: $CI_COMMIT_TAG

.gitlab/release.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+# vim: shiftwidth=4 tabstop=4 expandtab
+
+echo "Creating a release for $CI_COMMIT_TAG"
+
+cd "$( dirname "$0" )/../dist" || { echo "dist directory not found"; exit 1; }
+[[ -f release-files.txt ]] || { echo "release-files.txt file is missing"; exit 1; }
+for var in CI_API_V4_URL CI_PROJECT_ID CI_PROJECT_NAME CI_JOB_TOKEN CI_COMMIT_TAG CI_COMMIT_SHA; do
+    [[ -n "${!var}" ]] || { echo "$var variable is missing"; exit 1; }
+done
+
+PACKAGE_REGISTRY_URL="${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/${CI_PROJECT_NAME}/${CI_COMMIT_TAG}"
+args=(
+    create
+    --name "$CI_COMMIT_TAG"
+    --description release-notes.md
+    --tag-name "$CI_COMMIT_TAG"
+    --ref "$CI_COMMIT_SHA"
+)
+while read -r file; do
+    args+=(
+        --assets-link
+        "$( jo name="$file" url="${PACKAGE_REGISTRY_URL}/$file" link_type=package )"
+    )
+done < release-files.txt
+
+release-cli "${args[@]}"

.gitlab/upload.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+# vim: shiftwidth=4 tabstop=4 expandtab
+
+cd "$( dirname "$0" )/../dist" || { echo "dist directory not found"; exit 1; }
+for var in CI_API_V4_URL CI_PROJECT_ID CI_JOB_TOKEN CI_PROJECT_NAME CI_COMMIT_TAG; do
+    [[ -n "${!var}" ]] || { echo "$var variable is missing"; exit 1; }
+done
+
+
+rm -f release-files.txt
+touch release-files.txt
+
+PACKAGE_REGISTRY_URL="${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/${CI_PROJECT_NAME}/${CI_COMMIT_TAG}"
+echo "Upload debian built packages to Gitlab package registry (${PACKAGE_REGISTRY_URL}):"
+for file in *.deb; do
+    # The filename can contain only lowercase letters (a-z), uppercase letter (A-Z), numbers (0-9),
+    # dots (.), hyphens (-), or underscores (_).
+    filename=$( tr '~' '_' <<< "$file" | tr '+' '_' | sed 's/[^a-zA-Z0-9\.\_\-]//g' )
+    echo -n " - Upload '$file' as '$filename'..."
+    if ! output=$(
+        curl -v --fail-with-body \
+            --header "JOB-TOKEN: $CI_JOB_TOKEN" \
+            --upload-file "$file" \
+            "${PACKAGE_REGISTRY_URL}/${filename}" 2>&1
+    ); then
+        echo
+        # shellcheck disable=SC2001
+        echo -e "   => Fail to upload '$file' as '$filename':\n$( sed 's/^/      /' <<< "$output" )"
+        exit 1
+    fi
+    echo " done."
+    echo "$filename" >> release-files.txt
+done
+echo "done."

.yamllint.yml

@@ -0,0 +1,7 @@
+---
+extends: default
+
+rules:
+  line-length:
+    max: 100
+    level: warning