.gitlab-ci.yml

default:
  image: "archlinux:latest"

stages:
  - lint
  - build
  - publish

shellcheck:
  stage: lint
  before_script:
    - pacman -Syu --needed --noconfirm shellcheck
  script:
    find . -iname "*.sh" -exec shellcheck {} +

shfmt:
  stage: lint
  before_script:
    - pacman -Syu --needed --noconfirm shfmt
  script:
    find . -iname "*.sh" -exec shfmt -i 2 -ci -d {} +

yapf:
  stage: lint
  before_script:
    - pacman -Syu --needed --noconfirm yapf
  script:
    find . -iname "*.py" -exec python3 -m yapf -d {} +

flake8:
  stage: lint
  before_script:
    - pacman -Syu --needed --noconfirm flake8
  script:
    find . -iname "*.py" -exec python3 -m flake8 {} +

validate-packer:
  stage: lint
  before_script:
    - pacman -Syu --needed --noconfirm packer
  script:
    - packer validate -var "iso_checksum_url=https://mirror.pkgbuild.com/iso/latest/sha1sums.txt" -except=vagrant-cloud vagrant.json
    - packer validate local.json
    - packer validate cloud.json

build:cloud-qemu:
  stage: build
  tags:
    - secure-kvm
  before_script:
    - pacman -Syu --needed --noconfirm packer qemu-headless
  script:
    - packer build -parallel-builds=1 -var 'headless=true' -var 'write_zeroes=yes' -except=sign cloud.json
  artifacts:
    name: "cloud-qemu"
    paths:
      - "release/Arch-Linux-x86_64-cloudimg-*.img"
    expire_in: 2d
  resource_group: vm-build

build:vagrant-qemu:
  stage: build
  tags:
    - secure-kvm
  before_script:
    - pacman -Syu --needed --noconfirm packer qemu-headless
  script:
    - packer build -parallel-builds=1 -var 'headless=true' -var 'write_zeroes=yes' -only=qemu local.json
  artifacts:
    paths:
      - "Arch-Linux-x86_64-libvirt-*.box"
    expire_in: 3h
  resource_group: vm-build

build:vagrant-virtualbox:
  stage: build
  tags:
    - secure-virtualbox
  before_script:
    - pacman -Syu --needed --noconfirm packer virtualbox
  script:
    - packer build -parallel-builds=1 -var 'headless=true' -var 'write_zeroes=yes' -only=virtualbox-iso local.json
  artifacts:
    paths:
      - "Arch-Linux-x86_64-virtualbox-*.box"
    expire_in: 3h
  resource_group: vm-build

publish:
  stage: publish
  tags:
    - secure-kvm
    - secure-virtualbox
  before_script:
    - pacman -Syu --needed --noconfirm qemu-headless virtualbox packer
  script:
    - packer build -force -parallel-builds=1 -var "vagrant_cloud_token=$VAGRANT_API_TOKEN" -var 'headless=true' -var 'write_zeroes=yes' -except=vmware-iso vagrant.json
  only:
    refs:
      - release
    variables:
      - $SCHEDULED_PUBLISH == "TRUE"
  resource_group: vm-build