# This config lists the jobs that will be run on omnibus-gitlab project in # dev.gitlab.org. ############# # Templates # ############# .default_rules: rules: - if: '$SKIP_JOB_REGEX && $CI_JOB_NAME =~ $SKIP_JOB_REGEX' when: never .skip_release_jobs: rules: - if: '$SKIP_RELEASE == "true"' when: never .package-artifacts: &package-artifacts when: always expire_in: 1 day paths: - pkg/ .package-artifacts-release: &package-artifacts-release <<: *package-artifacts expire_in: 7 days .cache-paths: - cache - gems - assets_cache - node_modules .branch-cache: &branch-cache key: "${CI_JOB_NAME}-${BUILDER_IMAGE_REVISION}-${CACHE_EDITION}${CACHE_KEY_SUFFIX}" paths: !reference [.cache-paths] policy: $CACHE_POLICY .tag-cache: &tag-cache # Use the same cache key as branch builds, by manually appending `-branch` substring. key: "${CI_JOB_NAME}-branch-${BUILDER_IMAGE_REVISION}-${CACHE_EDITION}${CACHE_KEY_SUFFIX}" paths: !reference [.cache-paths] policy: $CACHE_POLICY .branch_template: &branch_build stage: package script: - support/import_gpg_secrets.sh - !reference [.build-package] # Run package size checks on nightlies. The job will create alerts, so we # don't need it to fail and block the pipeline. Hence the `|| true`. - if [ -n "$NIGHTLY" ]; then bundle exec rake check:package_size || true; fi tags: !reference [.distribution-amd64-tags] artifacts: !reference [.package-artifacts] needs: - job: fetch-assets optional: true - job: generate-facts optional: true artifacts: true cache: !reference [.branch-cache] retry: 1 rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /_(NIGHTLY|BRANCH)_BUILD_PIPELINE$/' .fips_branch_template: &fips_branch_build extends: .branch_template variables: USE_SYSTEM_SSL: "true" rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE == "EE_NIGHTLY_BUILD_PIPELINE"' - if: '$PIPELINE_TYPE == "EE_BRANCH_BUILD_PIPELINE"' when: manual allow_failure: true .arm64_branch_template: &arm64_branch_build extends: .branch_template tags: !reference [.distribution-arm64-tags] .rpi_branch_template: &rpi_branch_build extends: .branch_template variables: NO_SOURCEMAPS: "true" tags: !reference [.distribution-armhf-tags] retry: 1 rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE == "CE_BRANCH_BUILD_PIPELINE"' - if: '$PIPELINE_TYPE == "CE_NIGHTLY_BUILD_PIPELINE"' - if: '$PIPELINE_TYPE == "EE_BRANCH_BUILD_PIPELINE" && $CI_PIPELINE_SOURCE == "parent_pipeline"' .tag_template: &tag_build stage: package script: # Always compile assets for auto-deploy builds, # this is done for auto-deploy builds # so that we do not have to wait for the compile assets job # in the gitlab-ee pipeline. # # NOTE (rspeicher): Checking `$AUTO_DEPLOY_COMPILE_ASSETS` as a feature flag # See https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/5805 - | if [ -n "$AUTO_DEPLOY_COMPILE_ASSETS" ] && echo $CI_COMMIT_TAG | grep -P -q "$AUTO_DEPLOY_TAG_REGEX"; then echo "Setting COMPILE_ASSETS env variable for auto-deploy" export COMPILE_ASSETS='true'; fi - support/import_gpg_secrets.sh - bundle exec rake cache:populate - bundle exec rake cache:restore - bundle exec rake release:package - bundle exec rake cache:bundle - bundle exec rake build:component_shas tags: !reference [.distribution-amd64-tags] artifacts: !reference [.package-artifacts-release] needs: - job: fetch-assets optional: true - job: generate-facts optional: true artifacts: true cache: !reference [.tag-cache] retry: 1 rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /_(RC|TAG)_BUILD_PIPELINE$/' .fips_tag_template: &fips_tag_build extends: .tag_template variables: USE_SYSTEM_SSL: "true" rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/' .arm64_tag_template: &arm64_tag_build extends: .tag_template tags: !reference [.distribution-arm64-tags] .rpi_tag_template: &rpi_tag_build extends: .tag_template variables: NO_SOURCEMAPS: "true" tags: !reference [.distribution-armhf-tags] rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /^CE_(RC|TAG)_BUILD_PIPELINE$/' ### This stage is used for uploading packages ### 1. To a staging package repository ### 2. Always ran on dev.gitlab.org .staging_upload_template: &staging_upload stage: staging_upload image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_22.04:${BUILDER_IMAGE_REVISION}" variables: INCLUDE_PACKAGECLOUD: "true" script: - if [[ "${USE_SYSTEM_SSL}" == "true" ]]; then export STAGING_REPO=${FIPS_STAGING_REPO}; fi - bundle exec rake repository:upload:staging[$STAGING_REPO] cache: !reference [.tag-cache] retry: 2 tags: - ${PACKAGE_PROMOTION_RUNNER_TAG} rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] - if: '$PIPELINE_TYPE =~ /_(RC|TAG)_BUILD_PIPELINE$/' .fips_staging_upload_template: &fips_staging_upload extends: .staging_upload_template variables: USE_SYSTEM_SSL: "true" INCLUDE_PACKAGECLOUD: "true" rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/' - if: '$PIPELINE_TYPE == "EE_NIGHTLY_BUILD_PIPELINE"' .staging_upload_with_deployment_template: &staging_upload_with_deployment extends: .staging_upload_template script: - bundle exec rake repository:upload:staging[$STAGING_REPO] - if [ -n "$DEPLOYER_TRIGGER_TOKEN" ]; then bundle exec rake gitlab_com:deployer; fi ### This stage is ran only on tag: ### 1. It is a manual action ### 2. It will upload the package to public, user facing repositories ### 3. Only ran on dev.gitlab.org .production_release_template: &production_release stage: package-and-image-release image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_22.04:${BUILDER_IMAGE_REVISION}" variables: INCLUDE_PACKAGECLOUD: "true" script: - bundle exec rake repository:upload:production retry: 2 cache: !reference [.tag-cache] tags: - ${PACKAGE_PROMOTION_RUNNER_TAG} rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] - if: '$PIPELINE_TYPE =~ /_(RC|TAG)_BUILD_PIPELINE$/' when: manual .fips_release_template: &fips_release extends: .production_release_template variables: USE_SYSTEM_SSL: "true" INCLUDE_PACKAGECLOUD: "true" rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] - if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/' when: manual .raspbian_release_template: &raspbian_release extends: .production_release_template variables: RASPBERRY_REPO: "raspberry-pi2" INCLUDE_PACKAGECLOUD: "true" retry: 2 rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] - if: '$PIPELINE_TYPE =~ /^CE_(RC|TAG)_BUILD_PIPELINE$/' when: manual .aws_ami_build: &aws_ami_build stage: package-and-image-release image: "${BUILDER_IMAGE_REGISTRY}/debian_packer:${BUILDER_IMAGE_REVISION}" script: # aws-sdk gem gives priority to environment variables over config file. So, using correct values for those variables. - export AWS_ACCESS_KEY_ID=$AWS_AMI_ACCESS_KEY_ID - export AWS_SECRET_ACCESS_KEY=$AWS_AMI_SECRET_ACCESS_KEY - bundle exec rake aws:ami:create tags: !reference [.distribution-amd64-tags] cache: !reference [.tag-cache] artifacts: paths: - support/packer/manifests needs: - Ubuntu-20.04 retry: 1 rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] - if: '$PIPELINE_TYPE =~ /_TAG_BUILD_PIPELINE$/' when: manual .aws_marketplace_release: &aws_marketplace_release image: "${BUILDER_IMAGE_REGISTRY}/distribution_ci_tools:${BUILDER_IMAGE_REVISION}" stage: aws-marketplace-release script: - export AWS_ACCESS_KEY_ID=$AWS_AMI_ACCESS_KEY_ID - export AWS_SECRET_ACCESS_KEY=$AWS_AMI_SECRET_ACCESS_KEY - bundle exec rake aws:marketplace:release rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] - if: '$PIPELINE_TYPE == "EE_TAG_BUILD_PIPELINE"' ########################### # Branch pipeline # ########################### # fetch-assets job from .gitlab-ci.yml file runs here # generate-assets job from .gitlab-ci.yml file runs here Ubuntu-20.04-branch: image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_20.04:${BUILDER_IMAGE_REVISION}" extends: .branch_template Ubuntu-22.04-branch: image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_22.04:${BUILDER_IMAGE_REVISION}" extends: .branch_template rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /_(NIGHTLY|BRANCH)_BUILD_PIPELINE$/' - if: '$PIPELINE_TYPE =~ /TRIGGERED_(CE|EE)_PIPELINE/' - if: '$PIPELINE_TYPE == "TRIGGER_CACHE_UPDATE_PIPELINE"' Ubuntu-24.04-branch: image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_24.04:${BUILDER_IMAGE_REVISION}" extends: .branch_template Debian-10-branch: image: "${BUILDER_IMAGE_REGISTRY}/debian_10:${BUILDER_IMAGE_REVISION}" extends: .branch_template Debian-10-arm64-branch: image: "${BUILDER_IMAGE_REGISTRY}/debian_10_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_branch_template Debian-11-branch: image: "${BUILDER_IMAGE_REGISTRY}/debian_11:${BUILDER_IMAGE_REVISION}" extends: .branch_template Debian-11-arm64-branch: image: "${BUILDER_IMAGE_REGISTRY}/debian_11_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_branch_template Debian-12-branch: image: "${BUILDER_IMAGE_REGISTRY}/debian_12:${BUILDER_IMAGE_REVISION}" extends: .branch_template Debian-12-arm64-branch: image: "${BUILDER_IMAGE_REGISTRY}/debian_12_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_branch_template Ubuntu-20.04-arm64-branch: image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_20.04_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_branch_template Ubuntu-22.04-arm64-branch: image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_22.04_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_branch_template rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /_(NIGHTLY|BRANCH)_BUILD_PIPELINE$/' - if: '$PIPELINE_TYPE =~ /TRIGGERED_(CE|EE)_PIPELINE/' # TODO: When multi-arch images are built by default, make this an # automatic job when: manual allow_failure: true Ubuntu-24.04-arm64-branch: image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_24.04_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_branch_template CentOS-7-branch: image: "${BUILDER_IMAGE_REGISTRY}/centos_7:${BUILDER_IMAGE_REVISION}" extends: .branch_template AlmaLinux-8-branch: image: "${BUILDER_IMAGE_REGISTRY}/almalinux_8:${BUILDER_IMAGE_REVISION}" extends: .branch_template AlmaLinux-8-arm64-branch: image: "${BUILDER_IMAGE_REGISTRY}/almalinux_8_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_branch_template AlmaLinux-9-branch: image: "${BUILDER_IMAGE_REGISTRY}/almalinux_9:${BUILDER_IMAGE_REVISION}" extends: .branch_template AlmaLinux-9-arm64-branch: image: "${BUILDER_IMAGE_REGISTRY}/almalinux_9_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_branch_template OpenSUSE-15.5-branch: image: "${BUILDER_IMAGE_REGISTRY}/opensuse_15.5:${BUILDER_IMAGE_REVISION}" extends: .branch_template OpenSUSE-15.5-arm64-branch: image: "${BUILDER_IMAGE_REGISTRY}/opensuse_15.5_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_branch_template AmazonLinux-2-branch: image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2:${BUILDER_IMAGE_REVISION}" extends: .branch_template AmazonLinux-2-arm64-branch: image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_branch_template AmazonLinux-2023-branch: image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2023:${BUILDER_IMAGE_REVISION}" extends: .branch_template AmazonLinux-2023-arm64-branch: image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2023_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_branch_template SLES-12.5-branch: image: "${DEV_BUILDER_IMAGE_REGISTRY}/sles_12sp5:${BUILDER_IMAGE_REVISION}" extends: .branch_template variables: DOCKER_AUTH_CONFIG: $DEV_BUILDER_DOCKER_AUTH_CONFIG rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /EE_(NIGHTLY|BRANCH)_BUILD_PIPELINE$/' SLES-15.2-branch: image: "${DEV_BUILDER_IMAGE_REGISTRY}/sles_15sp2:${BUILDER_IMAGE_REVISION}" extends: .branch_template variables: DOCKER_AUTH_CONFIG: $DEV_BUILDER_DOCKER_AUTH_CONFIG rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /EE_(NIGHTLY|BRANCH)_BUILD_PIPELINE$/' AmazonLinux-2-fips-branch: image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2_fips:${BUILDER_IMAGE_REVISION}" extends: .fips_branch_template AlmaLinux-8-fips-branch: image: "${BUILDER_IMAGE_REGISTRY}/almalinux_8_fips:${BUILDER_IMAGE_REVISION}" extends: .fips_branch_template Ubuntu-20.04-fips-branch: image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_20.04_fips:${BUILDER_IMAGE_REVISION}" extends: .fips_branch_template rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE == "EE_NIGHTLY_BUILD_PIPELINE"' - if: '$PIPELINE_TYPE == "EE_BRANCH_BUILD_PIPELINE"' when: manual allow_failure: true - if: '$PIPELINE_TYPE =~ /TRIGGERED_(CE|EE)_PIPELINE/' when: manual allow_failure: true Docker-branch: extends: .docker_job stage: image script: - bundle exec rake docker:build:image - bundle exec rake docker:push:staging - bundle exec rake docker:push:nightly tags: !reference [.distribution-amd64-tags] cache: !reference [.branch-cache] needs: - job: Ubuntu-22.04-branch artifacts: false - job: generate-facts optional: true artifacts: true retry: 1 rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /_(NIGHTLY|BRANCH)_BUILD_PIPELINE$/' - if: '$PIPELINE_TYPE =~ /TRIGGERED_(CE|EE)_PIPELINE/' - if: '$PIPELINE_TYPE == "TRIGGER_CACHE_UPDATE_PIPELINE"' QA-branch: extends: .docker_job stage: image variables: QA_SCREENSHOTS_DIR: $CI_PROJECT_DIR/screenshots script: # For downstream users like JiHu to retain original behavior - if [ "$BUILD_GITLAB_QA_IMAGE" == "true" ]; then bundle exec rake qa:build; bundle exec rake qa:push:nightly; bundle exec rake qa:push:staging; else bundle exec rake qa:copy:nightly; fi artifacts: when: on_failure expire_in: 7d paths: - screenshots/ tags: !reference [.distribution-amd64-tags] cache: !reference [.branch-cache] needs: - job: Ubuntu-22.04-branch artifacts: false - job: generate-facts optional: true artifacts: true retry: 1 rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /_(NIGHTLY|BRANCH)_BUILD_PIPELINE$/' Raspberry-Pi-2-Buster-branch: image: "${BUILDER_IMAGE_REGISTRY}/rpi_10:${BUILDER_IMAGE_REVISION}" extends: .rpi_branch_template Raspberry-Pi-2-Bullseye-branch: image: "${BUILDER_IMAGE_REGISTRY}/rpi_11:${BUILDER_IMAGE_REVISION}" extends: .rpi_branch_template Raspberry-Pi-2-Bookworm-branch: image: "${BUILDER_IMAGE_REGISTRY}/rpi_12:${BUILDER_IMAGE_REVISION}" extends: .rpi_branch_template ############################ # Release pipeline # ############################ # fetch-assets job from .gitlab-ci.yml file runs here Ubuntu-20.04: image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_20.04:${BUILDER_IMAGE_REVISION}" stage: package extends: .tag_template rules: - !reference [.default_rules, rules] # Also build for auto-deploy tags - if: '$PIPELINE_TYPE =~ /(_RC|_TAG|AUTO_DEPLOY)_BUILD_PIPELINE$/' Ubuntu-22.04: image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_22.04:${BUILDER_IMAGE_REVISION}" stage: package extends: .tag_template rules: - !reference [.default_rules, rules] # Also build for auto-deploy tags - if: '$PIPELINE_TYPE =~ /(_RC|_TAG|AUTO_DEPLOY)_BUILD_PIPELINE$/' ## Build the docker image for QA ## This is necessary for the deployment ## pipeline so it must happen before ## the upload and deploy stage for GitLab.com Docker-QA: extends: .docker_job stage: image script: - bundle exec rake qa:build - bundle exec rake qa:push:staging cache: !reference [.tag-cache] tags: !reference [.distribution-amd64-tags] needs: - job: generate-facts optional: true artifacts: true retry: 1 rules: - !reference [.default_rules, rules] # For downstream users like JiHu to retain original behavior - if: '$BUILD_GITLAB_QA_IMAGE != "true"' when: never - if: '$PIPELINE_TYPE =~ /(_RC|_TAG)_BUILD_PIPELINE$/' ########################################################### ## Upload and deploy to staging or preprod for GitLab.com ## * Regular tagged releases are deployed to staging ## * Regular patch releases, RCs and tags that are ## not auto-deploys are deployed to ## $PATCH_DEPLOY_ENVIRONMENT, set in CI vars ## ## Ubuntu 22.04: used for all omnibus installation Ubuntu-20.04-staging: extends: .staging_upload_with_deployment_template needs: - job: Ubuntu-20.04 optional: true - job: Ubuntu-20.04-branch optional: true rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /(_RC|_TAG|AUTO_DEPLOY|NIGHTLY)_BUILD_PIPELINE$/' Ubuntu-22.04-staging: extends: .staging_upload_template needs: - job: Ubuntu-22.04 optional: true - job: Ubuntu-22.04-branch optional: true rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /(_RC|_TAG|AUTO_DEPLOY|NIGHTLY)_BUILD_PIPELINE$/' Ubuntu-22.04-arm64-staging: extends: .staging_upload_template needs: - job: Ubuntu-22.04-arm64 optional: true - job: Ubuntu-22.04-arm64-branch optional: true rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /(_RC|_TAG|NIGHTLY)_BUILD_PIPELINE$/' ### Package builds Debian-10: image: "${BUILDER_IMAGE_REGISTRY}/debian_10:${BUILDER_IMAGE_REVISION}" extends: .tag_template Debian-10-arm64: image: "${BUILDER_IMAGE_REGISTRY}/debian_10_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_tag_template Debian-11: image: "${BUILDER_IMAGE_REGISTRY}/debian_11:${BUILDER_IMAGE_REVISION}" extends: .tag_template Debian-11-arm64: image: "${BUILDER_IMAGE_REGISTRY}/debian_11_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_tag_template Debian-12: image: "${BUILDER_IMAGE_REGISTRY}/debian_12:${BUILDER_IMAGE_REVISION}" extends: .tag_template Debian-12-arm64: image: "${BUILDER_IMAGE_REGISTRY}/debian_12_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_tag_template Ubuntu-24.04: image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_24.04:${BUILDER_IMAGE_REVISION}" extends: .tag_template Ubuntu-20.04-arm64: image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_20.04_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_tag_template Ubuntu-22.04-arm64: image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_22.04_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_tag_template Ubuntu-24.04-arm64: image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_24.04_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_tag_template CentOS-7: image: "${BUILDER_IMAGE_REGISTRY}/centos_7:${BUILDER_IMAGE_REVISION}" extends: .tag_template AlmaLinux-8: image: "${BUILDER_IMAGE_REGISTRY}/almalinux_8:${BUILDER_IMAGE_REVISION}" extends: .tag_template AlmaLinux-8-arm64: image: "${BUILDER_IMAGE_REGISTRY}/almalinux_8_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_tag_template AlmaLinux-9: image: "${BUILDER_IMAGE_REGISTRY}/almalinux_9:${BUILDER_IMAGE_REVISION}" extends: .tag_template AlmaLinux-9-arm64: image: "${BUILDER_IMAGE_REGISTRY}/almalinux_9_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_tag_template OpenSUSE-15.5: image: "${BUILDER_IMAGE_REGISTRY}/opensuse_15.5:${BUILDER_IMAGE_REVISION}" extends: .tag_template OpenSUSE-15.5-arm64: image: "${BUILDER_IMAGE_REGISTRY}/opensuse_15.5_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_tag_template AmazonLinux-2: image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2:${BUILDER_IMAGE_REVISION}" extends: .tag_template AmazonLinux-2-arm64: image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_tag_template AmazonLinux-2023: image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2023:${BUILDER_IMAGE_REVISION}" extends: .tag_template AmazonLinux-2023-arm64: image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2023_arm64:${BUILDER_IMAGE_REVISION}" extends: .arm64_tag_template SLES-12.5: image: "${BUILDER_IMAGE_REGISTRY}/sles_12sp5:${BUILDER_IMAGE_REVISION}" extends: .tag_template rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/' SLES-15.2: image: "${BUILDER_IMAGE_REGISTRY}/sles_15sp2:${BUILDER_IMAGE_REVISION}" extends: .tag_template rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/' AmazonLinux-2-fips: image: "${BUILDER_IMAGE_REGISTRY}/amazonlinux_2_fips:${BUILDER_IMAGE_REVISION}" extends: .fips_tag_template AlmaLinux-8-fips: image: "${BUILDER_IMAGE_REGISTRY}/almalinux_8_fips:${BUILDER_IMAGE_REVISION}" extends: .fips_tag_template Ubuntu-20.04-fips: image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_20.04_fips:${BUILDER_IMAGE_REVISION}" extends: .fips_tag_template Docker: extends: .docker_job stage: image script: - bundle exec rake docker:build:image - bundle exec rake docker:push:staging tags: !reference [.distribution-amd64-tags] cache: !reference [.tag-cache] needs: - job: Ubuntu-22.04 artifacts: false - job: generate-facts optional: true artifacts: true retry: 1 rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /(_RC|_TAG|AUTO_DEPLOY)_BUILD_PIPELINE$/' ### Staging uploads Debian-10-staging: extends: .staging_upload_template needs: - job: Debian-10 optional: true - job: Debian-10-branch optional: true Debian-10-arm64-staging: extends: .staging_upload_template needs: - job: Debian-10-arm64 optional: true - job: Debian-10-arm64-branch optional: true Debian-11-staging: extends: .staging_upload_template needs: - job: Debian-11 optional: true - job: Debian-11-branch optional: true Debian-11-arm64-staging: extends: .staging_upload_template needs: - job: Debian-11-arm64 optional: true - job: Debian-11-arm64-branch optional: true Debian-12-staging: extends: .staging_upload_template needs: - job: Debian-12 optional: true - job: Debian-12-branch optional: true Debian-12-arm64-staging: extends: .staging_upload_template needs: - job: Debian-12-arm64 optional: true - job: Debian-12-arm64-branch optional: true Ubuntu-24.04-staging: extends: .staging_upload_template needs: - job: Ubuntu-24.04 optional: true - job: Ubuntu-24.04-branch optional: true Ubuntu-20.04-arm64-staging: extends: .staging_upload_template needs: - job: Ubuntu-20.04-arm64 optional: true - job: Ubuntu-20.04-arm64-branch optional: true Ubuntu-24.04-arm64-staging: extends: .staging_upload_template needs: - job: Ubuntu-24.04-arm64 optional: true - job: Ubuntu-24.04-arm64-branch optional: true CentOS-7-staging: extends: .staging_upload_template needs: - job: CentOS-7 optional: true - job: CentOS-7-branch optional: true AlmaLinux-8-staging: extends: .staging_upload_template needs: - job: AlmaLinux-8 optional: true - job: AlmaLinux-8-branch optional: true AlmaLinux-8-arm64-staging: extends: .staging_upload_template needs: - job: AlmaLinux-8-arm64 optional: true - job: AlmaLinux-8-arm64-branch optional: true AlmaLinux-9-staging: extends: .staging_upload_template needs: - job: AlmaLinux-9 optional: true - job: AlmaLinux-9-branch optional: true AlmaLinux-9-arm64-staging: extends: .staging_upload_template needs: - job: AlmaLinux-9-arm64 optional: true - job: AlmaLinux-9-arm64-branch optional: true OpenSUSE-15.5-staging: extends: .staging_upload_template needs: - job: OpenSUSE-15.5 optional: true - job: OpenSUSE-15.5-branch optional: true OpenSUSE-15.5-arm64-staging: extends: .staging_upload_template needs: - job: OpenSUSE-15.5-arm64 optional: true - job: OpenSUSE-15.5-arm64-branch optional: true AmazonLinux-2-staging: extends: .staging_upload_template needs: - job: AmazonLinux-2 optional: true - job: AmazonLinux-2-branch optional: true AmazonLinux-2-arm64-staging: extends: .staging_upload_template needs: - job: AmazonLinux-2-arm64 optional: true - job: AmazonLinux-2-arm64-branch optional: true AmazonLinux-2023-staging: extends: .staging_upload_template needs: - job: AmazonLinux-2023 optional: true - job: AmazonLinux-2023-branch optional: true AmazonLinux-2023-arm64-staging: extends: .staging_upload_template needs: - job: AmazonLinux-2023-arm64 optional: true - job: AmazonLinux-2023-arm64-branch optional: true SLES-12.5-staging: extends: .staging_upload_template needs: - job: SLES-12.5 optional: true - job: SLES-12.5-branch optional: true rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/' SLES-15.2-staging: extends: .staging_upload_template needs: - job: SLES-15.2 optional: true - job: SLES-15.2-branch optional: true rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/' AmazonLinux-2-fips-staging: extends: .fips_staging_upload_template needs: - job: AmazonLinux-2-fips optional: true - job: AmazonLinux-2-fips-branch optional: true AlmaLinux-8-fips-staging: extends: .fips_staging_upload_template needs: - job: AlmaLinux-8-fips optional: true - job: AlmaLinux-8-fips-branch optional: true Ubuntu-20.04-fips-staging: extends: .fips_staging_upload_template needs: - job: Ubuntu-20.04-fips optional: true - job: Ubuntu-20.04-fips-branch optional: true ### Package releases Ubuntu-20.04-release: extends: .production_release_template needs: - Ubuntu-20.04 Ubuntu-22.04-release: extends: .production_release_template needs: - Ubuntu-22.04 Ubuntu-24.04-release: extends: .production_release_template needs: - Ubuntu-24.04 Ubuntu-20.04-arm64-release: extends: .production_release_template needs: - Ubuntu-20.04-arm64 Ubuntu-22.04-arm64-release: extends: .production_release_template needs: - Ubuntu-22.04-arm64 Ubuntu-24.04-arm64-release: extends: .production_release_template needs: - Ubuntu-24.04-arm64 Debian-10-release: extends: .production_release_template needs: - Debian-10 Debian-10-arm64-release: extends: .production_release_template needs: - Debian-10-arm64 Debian-11-release: extends: .production_release_template needs: - Debian-11 Debian-11-arm64-release: extends: .production_release_template needs: - Debian-11-arm64 Debian-12-release: extends: .production_release_template needs: - Debian-12 Debian-12-arm64-release: extends: .production_release_template needs: - Debian-12-arm64 CentOS-7-release: extends: .production_release_template needs: - CentOS-7 AlmaLinux-8-release: extends: .production_release_template needs: - AlmaLinux-8 AlmaLinux-8-arm64-release: extends: .production_release_template needs: - AlmaLinux-8-arm64 AlmaLinux-9-release: extends: .production_release_template needs: - AlmaLinux-9 AlmaLinux-9-arm64-release: extends: .production_release_template needs: - AlmaLinux-9-arm64 OpenSUSE-15.5-release: extends: .production_release_template needs: - OpenSUSE-15.5 OpenSUSE-15.5-arm64-release: extends: .production_release_template needs: - OpenSUSE-15.5-arm64 AmazonLinux-2-release: extends: .production_release_template needs: - AmazonLinux-2 AmazonLinux-2-arm64-release: extends: .production_release_template needs: - AmazonLinux-2-arm64 AmazonLinux-2023-release: extends: .production_release_template needs: - AmazonLinux-2023 AmazonLinux-2023-arm64-release: extends: .production_release_template needs: - AmazonLinux-2023-arm64 SLES-12.5-release: extends: .production_release_template needs: - SLES-12.5 rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] - if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/' when: manual SLES-15.2-release: extends: .production_release_template needs: - SLES-15.2 rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] - if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/' when: manual AmazonLinux-2-fips-release: extends: .fips_release_template needs: - AmazonLinux-2-fips AlmaLinux-8-fips-release: extends: .fips_release_template needs: - AlmaLinux-8-fips Ubuntu-20.04-fips-release: extends: .fips_release_template needs: - Ubuntu-20.04-fips Docker-Release: extends: .docker_job stage: package-and-image-release script: - bundle exec rake release:docker cache: !reference [.tag-cache] needs: - Docker - job: generate-facts optional: true artifacts: true rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] - if: '$PIPELINE_TYPE =~ /_(RC|TAG)_BUILD_PIPELINE$/' when: manual tags: !reference [.distribution-amd64-tags] AWS: extends: .aws_ami_build AWS-ARM64: extends: .aws_ami_build variables: AWS_ARCHITECTURE: 'arm64' AWS-Ultimate: extends: .aws_ami_build variables: AWS_RELEASE_TYPE: "ultimate" rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] - if: '$PIPELINE_TYPE == "EE_TAG_BUILD_PIPELINE"' when: manual AWS-Premium: extends: .aws_ami_build variables: AWS_RELEASE_TYPE: "premium" rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] - if: '$PIPELINE_TYPE == "EE_TAG_BUILD_PIPELINE"' when: manual QA-Tag: extends: .docker_job stage: qa-release variables: QA_SCREENSHOTS_DIR: $CI_PROJECT_DIR/screenshots script: - bundle exec rake release:qa artifacts: when: on_failure expire_in: 7d paths: - screenshots/ tags: !reference [.distribution-amd64-tags] cache: !reference [.tag-cache] needs: - job: generate-facts optional: true artifacts: true retry: 1 rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] # For downstream users like JiHu to retain original behavior - if: '$BUILD_GITLAB_QA_IMAGE != "true"' when: never - if: '$PIPELINE_TYPE =~ /_(RC|TAG)_BUILD_PIPELINE$/' when: manual allow_failure: true license-upload: stage: metrics image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_22.04:${BUILDER_IMAGE_REVISION}" script: - bundle exec rake license:upload tags: !reference [.distribution-amd64-tags] cache: !reference [.tag-cache] needs: - Ubuntu-22.04 allow_failure: true rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] - if: '$PIPELINE_TYPE =~ /_(RC|TAG)_BUILD_PIPELINE$/' when: manual manifest-upload: stage: metrics image: "${BUILDER_IMAGE_REGISTRY}/ubuntu_22.04:${BUILDER_IMAGE_REVISION}" script: - bundle exec rake manifest:upload tags: !reference [.distribution-amd64-tags] cache: !reference [.tag-cache] needs: - Ubuntu-22.04 allow_failure: true rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] - if: '$PIPELINE_TYPE =~ /_(RC|TAG)_BUILD_PIPELINE$/' when: manual RAT-Tag: stage: qa image: "dev.gitlab.org:5005/cookbooks/gitlab-omnibus-builder/ubuntu_22.04:${BUILDER_IMAGE_REVISION}" script: - bundle exec rake qa:rat:tag cache: !reference [.tag-cache] needs: - Ubuntu-22.04 allow_failure: true rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /^EE_(RC|TAG)_BUILD_PIPELINE$/' Raspberry-Pi-2-Buster: extends: .rpi_tag_template image: "${BUILDER_IMAGE_REGISTRY}/rpi_10:${BUILDER_IMAGE_REVISION}" Raspberry-Pi-2-Bullseye: extends: .rpi_tag_template image: "${BUILDER_IMAGE_REGISTRY}/rpi_11:${BUILDER_IMAGE_REVISION}" Raspberry-Pi-2-Buster-release: extends: .raspbian_release_template needs: - Raspberry-Pi-2-Buster Raspberry-Pi-2-Bullseye-release: extends: .raspbian_release_template needs: - Raspberry-Pi-2-Bullseye AWS-CE-Release: variables: AWS_LISTING_NAME: "GitLab Community Edition" extends: .aws_marketplace_release needs: - AWS rules: - !reference [.default_rules, rules] - !reference [.skip_release_jobs, rules] - if: '$PIPELINE_TYPE == "CE_TAG_BUILD_PIPELINE"' AWS-EE-Ultimate-Release: variables: AWS_LISTING_NAME: "GitLab Ultimate" extends: .aws_marketplace_release needs: - AWS-Ultimate AWS-EE-Premium-Release: variables: AWS_LISTING_NAME: "GitLab Premium" extends: .aws_marketplace_release needs: - AWS-Premium check-packages: stage: verify trigger: include: '/gitlab-ci-config/check-packages.yml' rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /_TAG_BUILD_PIPELINE$/' create-gitlab-release: stage: package-and-image-release image: "${BUILDER_IMAGE_REGISTRY}/distribution_ci_tools:${BUILDER_IMAGE_REVISION}" needs: - job: AWS artifacts: true - job: AWS-ARM64 artifacts: true - job: AWS-Premium artifacts: true optional: true - job: AWS-Ultimate artifacts: true optional: true script: - bundle exec rake release:print_details | tee release_info.txt release: name: "GitLab ${GITLAB_EDITION} ${CI_COMMIT_TAG}" tag_name: $CI_COMMIT_TAG description: './release_info.txt' allow_failure: true rules: - !reference [.default_rules, rules] - if: '$PIPELINE_TYPE =~ /(CE|EE)_TAG_BUILD_PIPELINE$/'