-
Notifications
You must be signed in to change notification settings - Fork 2
/
.gitlab-ci.yml
167 lines (149 loc) · 5.57 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
include:
# external
- project: 'omniverse/devplat/gitlab/templates/common/kit-extension'
file: 'modules/complete-pipeline.yml'
ref: v1_latest
# ==============================================================================================================
# More variables can be found in common.yml - here we put the ones controlling the jobs workflow
variables:
OSEC_NSPECT_ID: "NSPECT-96O5-S11L"
OSEC_CHECKMARX_ENABLED: 'false'
OSEC_GITLAB_SAST_ENABLED: 'false'
OSEC_PULSE_TRUFFLEHOG_ENABLED: 'false'
OSEC_OMNI_PULSE_ENABLED: 'false'
OSEC_README_ENABLED: 'false' # WARNING: Also have the init() function get_nspectid_from_repo_toml() in there...
ALLOW_PUBLISH_DOCS:
value: "true"
description: "Set to true to publish docs"
ALLOW_PUBLISH_TO_LAUNCHER:
value: "false"
description: "Set to true to for Kit apps that are published to the Launcher. That adds jobs for that."
ALLOW_PUBLISH_EXTENSIONS:
value: "true"
description: "Set to true to publish extension updates."
ALLOW_PUBLISH_CONTAINERS:
value: "false"
description: "Set to true to publish containers to NGC."
ALLOW_SECURITY_SCAN:
value: "false"
description: "Set to true to trigger a security scan as a child pipeline (non blocking)"
ALLOW_SCHEDULE_PIPELINE:
value: "true"
description: "Set to 'false' to disable schedule pipeline on a all jobs, useful to set it back on only some jobs."
ALLOW_TAG_PIPELINE:
value: "true"
description: "Set to 'false' to disable tag pipeline on a all push jobs."
RUN_EXTENSION_BENCHMARKS:
value: "false"
description: "Set to true to run benchmarks for kit extensions."
OMNI_CI_ENABLE_CXX_COVERAGE:
value: "false"
description: "Set to 'true' to enable C++ code coverage testing."
OMNI_CI_ENABLE_SANITIZERS:
value: "false"
description: "Set to 'true' to enable C++ sanitizer builds."
RUN_BUMP_VERSION:
value: "false"
description: "Set to true to run bump version. Only happens on schedule."
RUN_NIGHTLY_TESTS:
value: "false"
description: "Set to true to run nightly tests. Only happens on schedule."
RUN_DOCS_BUILD:
value: "true"
description: "Set to true to build omni docs. Only happens on schedule."
# ==============================================================================================================
.check-common:
stage: check
timeout: 20 minutes
interruptible: true
rules:
- if: $RUN_BUMP_VERSION == "true"
when: never
- !reference [.rules-workflow, rules]
.repo-artifacts:
artifacts:
when: always
expire_in: 2 weeks
paths:
- _repo/repo.log
- _repo/repolog*.txt
# ==============================================================================================================
# By default, all platforms (windows-x86_64, linux-x86_64) are published,
# but this can be changed in repo.toml config if necessary:
# [repo_publish_exts]
# platforms = ["linux-x86_64"]
verify-publish-extensions:
extends:
- .deploy-common
- .omni_nvks_runner_with_docker
script:
- ./repo.sh build --fetch-only -rd
- ./repo.sh publish_exts -a --from-package -c release --verify
- ./repo.sh publish_exts -a --from-package -c debug --verify
# - ./repo.sh ci publish_extensions
needs:
# We set all dependencies as optional just in case a platform is not needed,
# then the yml file can override both build/test on one platform and deploy will still work.
- job: build-windows-x86_64
artifacts: true
optional: false
- job: build-linux-x86_64
artifacts: true
optional: false
rules:
- if: $ALLOW_PUBLISH_EXTENSIONS != "true"
when: never
- if: $RUN_BUMP_VERSION == "true"
when: never
- !reference [.rules-push, rules]
# - !reference [.rules-version-changed, rules]
# ==============================================================================================================
# By default, all platforms (windows-x86_64, linux-x86_64) are published,
# but this can be changed in repo.toml config if necessary:
# [repo_publish_exts]
# platforms = ["linux-x86_64"]
publish-extensions:
extends:
- .deploy-common
- .omni_nvks_runner_with_docker
script:
- ./repo.sh build --fetch-only -rd
- ./repo.sh publish_exts -a --from-package -c release
- ./repo.sh publish_exts -a --from-package -c debug
# - ./repo.sh ci publish_extensions
needs:
# We set all dependencies as optional just in case a platform is not needed,
# then the yml file can override both build/test on one platform and deploy will still work.
- job: build-windows-x86_64
artifacts: true
optional: false
- job: build-linux-x86_64
artifacts: true
optional: false
rules:
- if: $ALLOW_PUBLISH_EXTENSIONS != "true"
when: never
- if: $RUN_BUMP_VERSION == "true"
when: never
- !reference [.rules-version-changed, rules]
- !reference [.rules-push-manual, rules]
# ==============================================================================================================
publish-docs:
rules:
- when: never
needs:
# ==============================================================================================================
publish-to-launcher:
rules:
- when: never
needs:
# ==============================================================================================================
release-new-version:
rules:
- when: never
# ==============================================================================================================
# update Kit SDK and extensions, merge master, typically done in daily branch
# set AUTOUPDATE_KIT=true for scheduled pipeline to run
autoupdate-kit:
rules:
- when: never