chore(gitlab-ci): use make in pipeline

.gitignore

@@ -34,6 +34,7 @@ test.log
 *.dump-splices
 /.stack-work.lock
 /.npmrc
+/.npm/
 /config/webpack.yml
 tunnel.log
 /static

.gitlab-ci.yml

@@ -1,4 +1,4 @@
-# SPDX-FileCopyrightText: 2022-2023 Sarah Vaupel <sarah.vaupel@uniworx.de>, Gregor Kleen <gregor@kleen.consulting>
+# SPDX-FileCopyrightText: 2022-2024 Sarah Vaupel <sarah.vaupel@uniworx.de>, Gregor Kleen <gregor@kleen.consulting>
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
 
@@ -8,13 +8,14 @@
 #     - if: $CI_MERGE_REQUEST_ID
 #     - if: $CI_COMMIT_TAG =~ /^v/
 #     - if: $CI_COMMIT_TAG =~ /^t/
+#     - if: $CI_COMMIT_TAG =~ /^d/
 
 default:
   image:
     name: registry.uniworx.de/uniworx/containers/nix-attic:latest
 
 variables:
-  NIX_PATH: "nixpkgs=http://nixos.org/channels/nixos-21.05/nixexprs.tar.xz"
+  NIX_PATH: "nixpkgs=http://nixos.org/channels/nixos-23.11/nixexprs.tar.xz"
   AWS_SHARED_CREDENTIALS_FILE: "/etc/aws/credentials"
 
   TRANSFER_METER_FREQUENCY: "2s"
@@ -24,18 +25,24 @@ variables:
     extra-trusted-public-keys = hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=
 
 stages:
-  - frontend:build
-  - backend:build
+  - setup
+  - lint
+  - build
   - test
-  - container:build
+  - container
   - prepare release
   - release
 
-node dependencies:
-  stage: frontend:build
+node modules:
+  stage: setup
+  cache:
+    - &npm-cache
+      key: default-npm
+      paths:
+        - .npm
+        - node_modules
   script:
-    - nix -L build -o result ".#uniworxNodeDependencies"
-    - nix-store --export $(nix-store -qR result) | xz -T0 -2 > node-dependencies.nar.xz
+    - "nix shell .#gnumake .#gup .#nodejs_21 --command make node_modules"
   before_script: &nix-before
     - git config --global init.defaultBranch master
     - install -v -m 0700 -d ~/.ssh
@@ -45,113 +52,100 @@ node dependencies:
     - install -v -T -m 0644 "${NIX_NETRC}" /etc/nix/netrc
   artifacts:
     paths:
-      - node-dependencies.nar.xz
+      - node_modules/
     name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
     expire_in: "1 day"
   retry: 2
   interruptible: true
 
-well known:
-  stage: frontend:build
+frontend lint:
+  stage: lint
   script:
-    - xzcat node-dependencies.nar.xz | nix-store --import
-    - nix -L build -o result ".#uniworxWellKnown"
-    - nix-store --export $(nix-store -qR result) | xz -T0 -2 > well-known.nar.xz
+    - "nix shell .#gnumake .#gup .#nodejs_21 --command make frontend-lint"
   before_script: *nix-before
   needs:
-    - job: node dependencies
+    - job: node modules
       artifacts: true
+  retry: 2
+  interruptible: true
+
+frontend build:
+  stage: build
+  cache:
+    - &frontend-cache
+      key: default-frontend
+      paths:
+        - .well-known-cache
+  script:
+    - "nix shell .#gnumake .#gup .#nodejs_21 --command make frontend-build"
+  before_script: *nix-before
+  needs:
+    - job: node modules
+      artifacts: true
+    - job: frontend lint # pipeline performance
+      artifacts: false
   artifacts:
     paths:
-      - well-known.nar.xz
+      - static/
+      - well-known/
+      - config/webpack.yml
     name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
     expire_in: "1 day"
   retry: 2
   interruptible: true
 
-frontend:
-  stage: frontend:build
+backend lint:
+  stage: lint
   script:
-    - xzcat node-dependencies.nar.xz | nix-store --import
-    - xzcat well-known.nar.xz | nix-store --import
-    - nix -L build -o result ".#uniworxFrontend"
-    - nix-store --export $(nix-store -qR result) | xz -T0 -2 > frontend.nar.xz
+    - "nix shell .#gnumake .#coreutils .#stack --command make CI=1 backend-lint"
   before_script: *nix-before
-  needs:
-    - job: node dependencies
-      artifacts: true
-    - job: well known
-      artifacts: true
-  artifacts:
-    paths:
-      - frontend.nar.xz
-    name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
-    expire_in: "1 day"
   retry: 2
   interruptible: true
 
-uniworx:lib:uniworx:
-  stage: backend:build
-  script:
-    - xzcat frontend.nar.xz | nix-store --import
-    - nix -L build -o result ".#uniworx:lib:uniworx"
-    - nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:lib:uniworx.nar.xz
-  before_script: *nix-before
-  needs:
-    - job: node dependencies # transitive
-      artifacts: false
-    - job: well known # transitive
-      artifacts: false
-    - job: frontend
-      artifacts: true
-  artifacts:
-    paths:
-      - uniworx:lib:uniworx.nar.xz
-    name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
-    expire_in: "1 day"
-  retry: 2
-  interruptible: true
+backend build:
+  stage: build
+  cache:
+    - &stack-cache
+      key: default-stack
+      paths:
+        - .stack/
+        - .stack-work/
 
-uniworx:exe:uniworx:
-  stage: backend:build
   script:
-    - xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
-    - nix -L build -o result ".#uniworx:exe:uniworx"
-    - nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:exe:uniworx.nar.xz
+    - "nix shell .#gnumake .#coreutils .#stack --command make CI=1 backend-build"
+    - cp $(stack path --dist-dir)/build/hlint/hlint bin/test-hlint
+    - cp $(stack path --dist-dir)/build/yesod/yesod bin/test-yesod
   before_script: *nix-before
   needs:
-    - job: node dependencies # transitive
+    - job: node modules # transitive
       artifacts: false
-    - job: well known # transitive
+    - job: frontend lint # transitive
       artifacts: false
-    - job: frontend # tranitive
-      artifacts: false
-    - job: uniworx:lib:uniworx
+    - job: frontend build
       artifacts: true
+    - job: backend lint # pipeline performance
+      artifacts: false
   artifacts:
     paths:
-      - uniworx:exe:uniworx.nar.xz
+      - bin/
     name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
     expire_in: "1 day"
   retry: 2
   interruptible: true
+  resource_group: ram
 
 uniworx:exe:uniworxdb:
-  stage: backend:build
+  stage: build
   script:
     - xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
     - nix -L build -o result ".#uniworx:exe:uniworxdb"
     - nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:exe:uniworxdb.nar.xz
   before_script: *nix-before
   needs:
-    - job: node dependencies # transitive
+    - job: node modules # transitive
       artifacts: false
-    - job: well known # transitive
+    - job: frontend build # transitive
       artifacts: false
-    - job: frontend # tranitive
-      artifacts: false
-    - job: uniworx:lib:uniworx
-      artifacts: true
   artifacts:
     paths:
       - uniworx:exe:uniworxdb.nar.xz
@@ -161,21 +155,17 @@ uniworx:exe:uniworxdb:
   interruptible: true
 
 uniworx:exe:uniworxload:
-  stage: backend:build
+  stage: build
   script:
     - xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
     - nix -L build -o result ".#uniworx:exe:uniworxload"
     - nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:exe:uniworxload.nar.xz
   before_script: *nix-before
   needs:
-    - job: node dependencies # transitive
+    - job: node modules # transitive
       artifacts: false
-    - job: well known # transitive
+    - job: frontend build # transitive
       artifacts: false
-    - job: frontend # tranitive
-      artifacts: false
-    - job: uniworx:lib:uniworx
-      artifacts: true
   artifacts:
     paths:
       - uniworx:exe:uniworxload.nar.xz
@@ -192,34 +182,24 @@ check:
     - nix -L flake check .
   before_script: *nix-before
   needs:
-    - job: node dependencies # transitive
+    - job: node modules # transitive
       artifacts: false
-    - job: well known # transitive
-      artifacts: false
-    - job: frontend
-      artifacts: true
-    - job: uniworx:lib:uniworx
+    - job: frontend build
       artifacts: true
   retry: 2
   interruptible: true
 
 container:
-  stage: container:build
+  stage: container
   script:
     - xzcat uniworx:exe:uniworx.nar.xz | nix-store --import
     - cp -pr --reflink=auto -L $(nix build --print-out-paths  ".#uniworxDocker") uniworx.tar.gz
   before_script: *nix-before
   needs:
-    - job: node dependencies # transitive
+    - job: node modules # transitive
       artifacts: false
-    - job: well known # transitive
+    - job: frontend build # transitive
       artifacts: false
-    - job: frontend # tranitive
-      artifacts: false
-    - job: uniworx:lib:uniworx # transitive
-      artifacts: false
-    - job: uniworx:exe:uniworx
-      artifacts: true
     - job: check # sanity
       artifacts: false
   artifacts:
@@ -232,22 +212,16 @@ container:
   rules: &release-rules
     - if: $CI_COMMIT_TAG =~ /^v/
 test container:
-  stage: container:build
+  stage: container
   script:
     - xzcat uniworx:exe:uniworx.nar.xz | nix-store --import
     - cp -pr --reflink=auto -L $(nix build --print-out-paths  ".#uniworxTestDocker") uniworx.tar.gz
   before_script: *nix-before
   needs:
-    - job: node dependencies # transitive
+    - job: node modules # transitive
       artifacts: false
-    - job: well known # transitive
+    - job: frontend build # transitive
       artifacts: false
-    - job: frontend # tranitive
-      artifacts: false
-    - job: uniworx:lib:uniworx # transitive
-      artifacts: false
-    - job: uniworx:exe:uniworx
-      artifacts: true
     - job: check # sanity
       artifacts: false
   artifacts:
@@ -263,7 +237,7 @@ test container:
 parse changelog:
   stage: prepare release
   needs:
-    - job: node dependencies
+    - job: node modules
       artifacts: true
   rules: *release-rules
   before_script: *nix-before
@@ -285,7 +259,7 @@ parse changelog:
 parse test changelog:
   stage: prepare release
   needs:
-    - job: node dependencies
+    - job: node modules
       artifacts: true
   rules: *test-release-rules
   before_script: *nix-before
@@ -314,15 +288,9 @@ upload container:
     - skopeo --insecure-policy copy --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker-archive://$(pwd)/uniworx.tar.gz docker://${CI_REGISTRY_IMAGE}:${VERSION}
     - skopeo --insecure-policy copy --src-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker://${CI_REGISTRY_IMAGE}:${VERSION} docker://${CI_REGISTRY_IMAGE}:latest
   needs:
-    - job: node dependencies # transitive
+    - job: node modules # transitive
       artifacts: false
-    - job: well known # transitive
-      artifacts: false
-    - job: frontend # tranitive
-      artifacts: false
-    - job: uniworx:lib:uniworx # transitive
-      artifacts: false
-    - job: uniworx:exe:uniworx # transitive
+    - job: frontend build # transitive
       artifacts: false
     - job: container
       artifacts: true
@@ -341,15 +309,9 @@ upload test container:
     - skopeo --insecure-policy copy --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker-archive://$(pwd)/uniworx.tar.gz docker://${CI_REGISTRY}/fradrive/fradrive/test:${CI_COMMIT_REF_NAME}
     - skopeo --insecure-policy copy --src-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker://${CI_REGISTRY}/fradrive/fradrive/test:${CI_COMMIT_REF_NAME} docker://${CI_REGISTRY}/fradrive/fradrive/test:latest
   needs:
-    - job: node dependencies # transitive
+    - job: node modules # transitive
       artifacts: false
-    - job: well known # transitive
-      artifacts: false
-    - job: frontend # tranitive
-      artifacts: false
-    - job: uniworx:lib:uniworx # transitive
-      artifacts: false
-    - job: uniworx:exe:uniworx # transitive
+    - job: frontend build # transitive
       artifacts: false
     - job: test container
       artifacts: true