# SPDX-FileCopyrightText: 2022-2024 Sarah Vaupel , Gregor Kleen # # SPDX-License-Identifier: AGPL-3.0-or-later ### IMPORTANT NOTICE ### # Our pipeline consists of static and dynamic parts. # # This file only contains the static parts of our pipeline. # Dynamic jobs are defined in .gitlab-ci/dynamic-ci.yml. # These are used as a template to generate jobs during the pipeline runtime. # # The marker "#dyn#" (without quotes) will be replaced by concrete values. # # TODO: documentation about dynamic stage ### # workflow: # rules: # - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH # - if: $CI_MERGE_REQUEST_ID # - if: $CI_COMMIT_TAG =~ /^v/ # - if: $CI_COMMIT_TAG =~ /^t/ # - if: $CI_COMMIT_TAG =~ /^d/ variables: IMAGE_BUILDER: quay.io/buildah/stable:latest default: image: name: ${CI_REGISTRY}/uniworx/containers/debian:12.5 entrypoint: [""] docker: platform: x86_64 artifacts: name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true stages: - prepare - frontend - backend - release # TODO dynamic:prepare: stage: prepare before_script: - apt-get -y update - apt-get -y install git script: - FRONTEND_IMAGE_VERSION=`git log docker/frontend/Dockerfile | grep '^commit' | wc --lines | tee frontend-image-version` - BACKEND_IMAGE_VERSION=`git log docker/backend/Dockerfile | grep '^commit' | wc --lines | tee backend-image-version` - cat .gitlab-ci/frontend.yml | .gitlab-ci/dynamci.pl FRONTEND_IMAGE_VERSION=${FRONTEND_IMAGE_VERSION} > frontend.yml - cat .gitlab-ci/backend.yml | .gitlab-ci/dynamci.pl BACKEND_IMAGE_VERSION=${BACKEND_IMAGE_VERSION} > backend.yml artifacts: paths: - frontend-image-version - backend-image-version - frontend.yml - backend.yml container:frontend: &container:frontend stage: prepare needs: - dynamic:prepare image: ${IMAGE_BUILDER} script: - FRONTEND_IMAGE_VERSION=`cat frontend-image-version` - buildah bud -t frontend/${CI_COMMIT_REF_SLUG}:${FRONTEND_IMAGE_VERSION} docker/frontend/Dockerfile - buildah push --creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" frontend/${CI_COMMIT_REF_SLUG}:${FRONTEND_IMAGE_VERSION} ${CI_REGISTRY_IMAGE}/frontend/${CI_COMMIT_REF_SLUG}:${FRONTEND_IMAGE_VERSION} rules: - changes: - docker/frontend/Dockerfile interruptible: false container:frontend:manual: <<: *container:frontend rules: - when: manual container:backend: &container:backend stage: prepare needs: - dynamic:prepare image: ${IMAGE_BUILDER} script: - BACKEND_IMAGE_VERSION=`cat backend-image-version` - buildah bud -t backend/${CI_COMMIT_REF_SLUG}:${BACKEND_IMAGE_VERSION} docker/backend/Dockerfile - buildah push --creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" backend/${CI_COMMIT_REF_SLUG}:${BACKEND_IMAGE_VERSION} ${CI_REGISTRY_IMAGE}/backend/${CI_COMMIT_REF_SLUG}:${BACKEND_IMAGE_VERSION} rules: - changes: - docker/backend/Dockerfile interruptible: false container:backend:manual: <<: *container:backend rules: - when: manual frontend: stage: frontend needs: - dynamic:prepare - job: container:frontend optional: true trigger: strategy: depend include: - artifact: frontend.yml job: dynamic:prepare backend: stage: backend needs: - dynamic:prepare - job: container:backend optional: true - frontend trigger: strategy: depend include: - artifact: frontend.yml job: dynamic:prepare # frontend dependencies: # stage: setup # cache: # - &npm-cache # key: default-npm # paths: &npm-paths # - node_modules/ # - .npm/ # - .npmrc # script: # - make node_modules # artifacts: # paths: *npm-paths # well-known: # stage: setup # script: # - make well-known # needs: # - job: frontend dependencies # artifacts: true # cache: # - &frontend-cache # key: default-frontend # paths: # - .well-known-cache # artifacts: # paths: # - well-known/ # - .well-known-cache/ # # TODO: cache is always uploaded even if up-to-date; prevent re-upload when up-to-date # backend dependencies: # stage: setup # cache: # - &stack-cache # key: default-stack # paths: # - .stack/ # - .stack-work/ # script: # - make backend-dependencies-prod # artifacts: # paths: # - .stack/ # - .stack-work/ # frontend build: # stage: build # cache: # - *frontend-cache # script: # - make frontend-build # needs: # - job: frontend dependencies # artifacts: true # - job: well-known # artifacts: true # artifacts: # paths: # - static/ # - config/webpack.yml # # TODO: .stack-work cache not working # backend build: # stage: build # cache: # - *stack-cache # script: # - make bin/uniworx # # - find .stack-work # # - cp $(stack path --dist-dir)/build/hlint/hlint bin/test-hlint # # - cp $(stack path --dist-dir)/build/yesod/yesod bin/test-yesod # needs: # - job: frontend dependencies # transitive # artifacts: false # - job: well-known # artifacts: true # - job: backend dependencies # artifacts: true # - job: frontend build # artifacts: true # artifacts: # paths: # - bin/ # resource_group: ram # # TODO: part of backend build; probably deprecated # # uniworxdb: # # stage: build # # script: # # - make bin/uniworxdb # # needs: # # # TODO: no frontend needed # # - job: frontend dependencies # transitive # # artifacts: false # # - job: frontend build # transitive # # artifacts: false # # artifacts: # # paths: # # - bin/uniworxdb # # TODO: part of backend build; probably deprecated # # TODO: rewrite # # uniworx:exe:uniworxload: # # stage: build # # script: # # - xzcat uniworx:lib:uniworx.nar.xz | nix-store --import # # - nix -L build -o result ".#uniworx:exe:uniworxload" # # - nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:exe:uniworxload.nar.xz # # needs: # # - job: frontend dependencies # transitive # # artifacts: false # # - job: frontend build # transitive # # artifacts: false # # artifacts: # # paths: # # - uniworx:exe:uniworxload.nar.xz # frontend lint: # stage: lint # script: # - make frontend-lint # cache: # - *frontend-cache # needs: # - job: frontend dependencies # artifacts: true # - job: well-known # TODO: is this really needed? # artifacts: true # backend lint: # stage: lint # cache: # - *stack-cache # script: # # TODO: - make backend-lint-dev # - make backend-lint-prod # needs: # - job: backend dependencies # artifacts: true # - job: backend build # artifacts: true # - job: frontend build # artifacts: true # - job: well-known # artifacts: true # frontend test: # stage: test # script: # - make frontend-test # cache: *frontend-cache # needs: # - job: frontend dependencies # artifacts: true # # TODO: configure report artifacts # backend test: # stage: test # script: # - make backend-test-prod # cache: *stack-cache # needs: # - job: well-known # artifacts: true # - job: frontend build # artifacts: true # - job: backend dependencies # artifacts: true # - job: backend build # artifacts: true # # TODO: configure report artifacts # # TODO: unify prod and test versions # # TODO: rewrite # container: # stage: container # script: # - xzcat uniworx:exe:uniworx.nar.xz | nix-store --import # - cp -pr --reflink=auto -L $(nix build --print-out-paths ".#uniworxDocker") uniworx.tar.gz # needs: # - job: frontend dependencies # transitive # artifacts: false # - job: frontend build # transitive # artifacts: false # - job: frontend test # sanity # artifacts: false # - job: backend test # sanity # artifacts: false # artifacts: # paths: # - uniworx.tar.gz # rules: &release-rules # - if: $CI_COMMIT_TAG =~ /^v/ # # TODO: rewrite # test container: # stage: container # script: # - xzcat uniworx:exe:uniworx.nar.xz | nix-store --import # - cp -pr --reflink=auto -L $(nix build --print-out-paths ".#uniworxTestDocker") uniworx.tar.gz # needs: # - job: frontend dependencies # transitive # artifacts: false # - job: frontend build # transitive # artifacts: false # - job: frontend test # sanity # artifacts: false # - job: backend test # sanity # artifacts: false # artifacts: # paths: # - uniworx.tar.gz # rules: &test-release-rules # - if: $CI_COMMIT_TAG =~ /^t/ # # TODO: unify prod and test versions # # TODO: rewrite # parse changelog: # stage: prepare release # needs: # - job: frontend dependencies # artifacts: true # rules: *release-rules # script: # - xzcat node-dependencies.nar.xz | nix-store --import # - nix -L run ".#jqChangelogJson" -- -r '.versions[0].version' > .current-version # - nix -L run ".#jqChangelogJson" -- -r '.versions[0].body' > .current-changelog.md # - echo "VERSION=$(cat .current-version)" >> build.env # artifacts: # reports: # dotenv: build.env # paths: # - .current-version # - .current-changelog.md # name: "changelog-${CI_COMMIT_SHORT_SHA}" # expire_in: "1 day" # # TODO: rewrite # parse test changelog: # stage: prepare release # needs: # - job: frontend dependencies # artifacts: true # rules: *test-release-rules # script: # - xzcat node-dependencies.nar.xz | nix-store --import # - nix -L run ".#jqChangelogJson" -- -r '.versions[0].version' > .current-version # - nix -L run ".#jqChangelogJson" -- -r '.versions[0].body' > .current-changelog.md # - echo "VERSION=$(cat .current-version)" >> build.env # artifacts: # reports: # dotenv: build.env # paths: # - .current-version # - .current-changelog.md # name: "changelog-${CI_COMMIT_SHORT_SHA}" # # TODO: unify prod and test versions # # TODO: rewrite # upload container: # variables: # GIT_STRATEGY: none # stage: release # image: quay.io/skopeo/stable:latest # script: # - skopeo --insecure-policy copy --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker-archive://$(pwd)/uniworx.tar.gz docker://${CI_REGISTRY_IMAGE}:${VERSION} # - skopeo --insecure-policy copy --src-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker://${CI_REGISTRY_IMAGE}:${VERSION} docker://${CI_REGISTRY_IMAGE}:latest # needs: # - job: frontend dependencies # transitive # artifacts: false # - job: frontend build # transitive # artifacts: false # - job: container # artifacts: true # - job: parse changelog # artifacts: true # - job: frontend test # sanity # artifacts: false # - job: backend test # sanity # artifacts: false # rules: *release-rules # # TODO: rewrite # upload test container: # variables: # GIT_STRATEGY: none # stage: release # image: quay.io/skopeo/stable:latest # script: # - skopeo --insecure-policy copy --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker-archive://$(pwd)/uniworx.tar.gz docker://${CI_REGISTRY}/fradrive/fradrive/test:${CI_COMMIT_REF_NAME} # - skopeo --insecure-policy copy --src-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker://${CI_REGISTRY}/fradrive/fradrive/test:${CI_COMMIT_REF_NAME} docker://${CI_REGISTRY}/fradrive/fradrive/test:latest # needs: # - job: frontend dependencies # transitive # artifacts: false # - job: frontend build # transitive # artifacts: false # - job: test container # artifacts: true # - job: parse test changelog # artifacts: true # - job: frontend test # sanity # artifacts: false # - job: backend test # sanity # artifacts: false # rules: *test-release-rules # # TODO: unify prod and test versions # # TODO: rewrite # release: # variables: # GIT_STRATEGY: none # stage: release # image: registry.gitlab.com/gitlab-org/release-cli:latest # rules: *release-rules # script: # - echo "Will create release ${VERSION}..." # release: # name: '$VERSION' # tag_name: '$CI_COMMIT_TAG' # description: .current-changelog.md # needs: # - job: frontend test # sanity # artifacts: false # - job: backend test # sanity # artifacts: false # - job: parse changelog # artifacts: true # retry: 0 # # TODO: rewrite # test release: # variables: # GIT_STRATEGY: none # stage: release # image: registry.gitlab.com/gitlab-org/release-cli:latest # rules: *test-release-rules # script: # - echo "Will create test release ${VERSION}-test..." # release: # name: "${VERSION}-test" # tag_name: '$CI_COMMIT_TAG' # description: .current-changelog.md # needs: # - job: frontend test # sanity # artifacts: false # - job: backend test # sanity # artifacts: false # - job: parse test changelog # artifacts: true # retry: 0