# SPDX-FileCopyrightText: 2022 Gregor Kleen ,Sarah Vaupel # # SPDX-License-Identifier: AGPL-3.0-or-later workflow: rules: - if: '$CI_PIPELINE_SOURCE == "push"' when: always - when: never default: image: name: registry.gitlab.com/fradrive/fradrive/nix-unstable:0.1.0 variables: NIX_PATH: "nixpkgs=http://nixos.org/channels/nixos-21.05/nixexprs.tar.xz" AWS_SHARED_CREDENTIALS_FILE: "/etc/aws/credentials" TRANSFER_METER_FREQUENCY: "2s" stages: - frontend:build - backend:build - test - docker - prepare release - release node dependencies: stage: frontend:build script: - source .gitlab-ci/construct-flake-url.sh - nix -L build -o result "${FLAKE}#uniworxNodeDependencies" - nix-store --export $(nix-store -qR result) | xz -T0 -2 > node-dependencies.nar.xz before_script: &nix-before - mkdir -p /etc/nix - install -m 0644 .gitlab-ci/nix-bootstrap.conf /etc/nix/nix.conf - .gitlab-ci/write-minio-creds.sh - .gitlab-ci/make-minio-bucket.sh - cp -pr --reflink=auto -L .gitlab-ci/upload-to-cache.sh /etc/nix/upload-to-cache.sh - install -m 0644 .gitlab-ci/nix.conf /etc/nix/nix.conf - git config --global init.defaultBranch master - install -v -m 0700 -d ~/.ssh - install -v -T -m 0644 "${SSH_KNOWN_HOSTS}" ~/.ssh/known_hosts - install -v -T -m 0400 "${SSH_DEPLOY_KEY}" ~/.ssh/deploy && echo "IdentityFile ~/.ssh/deploy" >> ~/.ssh/config; - install -v -T -m 0644 "${FONTAWESOME_NPM_AUTH_FILE}" /etc/fontawesome-token - | if [ -n "${REGISTRY_AUTHFILE}" ]; then mkdir -p ~/.docker install -v -T -m 0400 "${REGISTRY_AUTHFILE}" ~/.docker/config.json fi artifacts: paths: - node-dependencies.nar.xz name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true well known: stage: frontend:build script: - xzcat node-dependencies.nar.xz | nix-store --import - source .gitlab-ci/construct-flake-url.sh - nix -L build -o result "${FLAKE}#uniworxWellKnown" - nix-store --export $(nix-store -qR result) | xz -T0 -2 > well-known.nar.xz before_script: *nix-before needs: - job: node dependencies artifacts: true artifacts: paths: - well-known.nar.xz name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true frontend: stage: frontend:build script: - xzcat node-dependencies.nar.xz | nix-store --import - xzcat well-known.nar.xz | nix-store --import - source .gitlab-ci/construct-flake-url.sh - nix -L build -o result "${FLAKE}#uniworxFrontend" - nix-store --export $(nix-store -qR result) | xz -T0 -2 > frontend.nar.xz before_script: *nix-before needs: - job: node dependencies artifacts: true - job: well known artifacts: true artifacts: paths: - frontend.nar.xz name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true uniworx:lib:uniworx: stage: backend:build script: - xzcat frontend.nar.xz | nix-store --import - source .gitlab-ci/construct-flake-url.sh - nix -L build -o result "${FLAKE}#uniworx:lib:uniworx" - nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:lib:uniworx.nar.xz before_script: *nix-before needs: - job: node dependencies # transitive artifacts: false - job: well known # transitive artifacts: false - job: frontend artifacts: true artifacts: paths: - uniworx:lib:uniworx.nar.xz name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true uniworx:exe:uniworx: stage: backend:build script: - xzcat uniworx:lib:uniworx.nar.xz | nix-store --import - source .gitlab-ci/construct-flake-url.sh - nix -L build -o result "${FLAKE}#uniworx:exe:uniworx" - nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:exe:uniworx.nar.xz before_script: *nix-before needs: - job: node dependencies # transitive artifacts: false - job: well known # transitive artifacts: false - job: frontend # tranitive artifacts: false - job: uniworx:lib:uniworx artifacts: true artifacts: paths: - uniworx:exe:uniworx.nar.xz name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true uniworx:exe:uniworxdb: stage: backend:build script: - xzcat uniworx:lib:uniworx.nar.xz | nix-store --import - source .gitlab-ci/construct-flake-url.sh - nix -L build -o result "${FLAKE}#uniworx:exe:uniworxdb" - nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:exe:uniworxdb.nar.xz before_script: *nix-before needs: - job: node dependencies # transitive artifacts: false - job: well known # transitive artifacts: false - job: frontend # tranitive artifacts: false - job: uniworx:lib:uniworx artifacts: true artifacts: paths: - uniworx:exe:uniworxdb.nar.xz name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true uniworx:exe:uniworxload: stage: backend:build script: - xzcat uniworx:lib:uniworx.nar.xz | nix-store --import - source .gitlab-ci/construct-flake-url.sh - nix -L build -o result "${FLAKE}#uniworx:exe:uniworxload" - nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:exe:uniworxload.nar.xz before_script: *nix-before needs: - job: node dependencies # transitive artifacts: false - job: well known # transitive artifacts: false - job: frontend # tranitive artifacts: false - job: uniworx:lib:uniworx artifacts: true artifacts: paths: - uniworx:exe:uniworxload.nar.xz name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true check: stage: test script: - xzcat frontend.nar.xz | nix-store --import - xzcat uniworx:lib:uniworx.nar.xz | nix-store --import - source .gitlab-ci/construct-flake-url.sh - nix -L flake check ${FLAKE} before_script: *nix-before needs: - job: node dependencies # transitive artifacts: false - job: well known # transitive artifacts: false - job: frontend artifacts: true - job: uniworx:lib:uniworx artifacts: true retry: 2 interruptible: true # demo docker: # stage: docker # script: # - xzcat uniworx:exe:uniworx.nar.xz | nix-store --import # - xzcat uniworx:exe:uniworxdb.nar.xz | nix-store --import # - source .gitlab-ci/construct-flake-url.sh # - nix -L build -o result "${FLAKE}#uniworxDemoDocker" # - cp -pr --reflink=auto -L result uniworx-demo.tar.gz # before_script: *nix-before # needs: # - job: node dependencies # transitive # artifacts: false # - job: well known # transitive # artifacts: false # - job: frontend # tranitive # artifacts: false # - job: uniworx:lib:uniworx # transitive # artifacts: false # - job: uniworx:exe:uniworx # artifacts: true # - job: uniworx:exe:uniworxdb # artifacts: true # - job: check # sanity # artifacts: false # artifacts: # paths: # - uniworx-demo.tar.gz # name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" # expire_in: "1 day" # retry: 2 # interruptible: true # rules: # - if: $CI_COMMIT_REF_NAME =~ /^v[0-9].*/ # when: manual # allow_failure: true docker: stage: docker script: - xzcat uniworx:exe:uniworx.nar.xz | nix-store --import - source .gitlab-ci/construct-flake-url.sh - nix -L build -o result "${FLAKE}#uniworxDocker" - cp -pr --reflink=auto -L result uniworx.tar.gz before_script: *nix-before needs: - job: node dependencies # transitive artifacts: false - job: well known # transitive artifacts: false - job: frontend # tranitive artifacts: false - job: uniworx:lib:uniworx # transitive artifacts: false - job: uniworx:exe:uniworx artifacts: true - job: check # sanity artifacts: false artifacts: paths: - uniworx.tar.gz name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true rules: - if: $CI_COMMIT_REF_NAME =~ /^v[0-9].*/ when: manual allow_failure: true parse changelog: stage: prepare release needs: - job: node dependencies artifacts: true rules: - if: $CI_COMMIT_REF_NAME =~ /^v[0-9].*/ when: on_success before_script: *nix-before script: - xzcat node-dependencies.nar.xz | nix-store --import - source .gitlab-ci/construct-flake-url.sh - nix -L run "${FLAKE}#jqChangelogJson" -- -r '.versions[0].version' > .current-version - nix -L run "${FLAKE}#jqChangelogJson" -- -r '.versions[0].body' > .current-changelog.md - echo "VERSION=$(cat .current-version)" >> build.env artifacts: reports: dotenv: build.env paths: - .current-version - .current-changelog.md name: "changelog-${CI_COMMIT_SHORT_SHA}" expire_in: "1 day" retry: 2 interruptible: true upload docker: stage: docker script: - xzcat uniworx:exe:uniworx.nar.xz | nix-store --import - source .gitlab-ci/construct-flake-url.sh - nix -L run "${FLAKE}#pushUniworxDocker" before_script: *nix-before needs: - job: node dependencies # transitive artifacts: false - job: well known # transitive artifacts: false - job: frontend # tranitive artifacts: false - job: uniworx:lib:uniworx # transitive artifacts: false - job: uniworx:exe:uniworx artifacts: true - job: check # sanity artifacts: false rules: - if: $CI_COMMIT_REF_NAME =~ /^v[0-9].*/ when: on_success # upload demo docker: # stage: docker # script: # - xzcat uniworx:exe:uniworx.nar.xz | nix-store --import # - xzcat uniworx:exe:uniworxdb.nar.xz | nix-store --import # - source .gitlab-ci/construct-flake-url.sh # - nix -L run "${FLAKE}#pushUniworxDemoDocker" # before_script: *nix-before # needs: # - job: node dependencies # transitive # artifacts: false # - job: well known # transitive # artifacts: false # - job: frontend # tranitive # artifacts: false # - job: uniworx:lib:uniworx # transitive # artifacts: false # - job: uniworx:exe:uniworx # artifacts: true # - job: uniworx:exe:uniworxdb # artifacts: true # - job: check # sanity # artifacts: false # rules: # - if: $CI_COMMIT_REF_NAME =~ /^v[0-9].*/ # when: on_success release: variables: GIT_STRATEGY: none stage: release image: registry.gitlab.com/gitlab-org/release-cli:latest rules: - if: $CI_COMMIT_REF_NAME =~ /^v[0-9].*/ when: on_success script: - release-cli create --name "${VERSION}" --tag-name $CI_COMMIT_TAG --description .current-changelog.md needs: - job: check # sanity artifacts: false - job: parse changelog artifacts: true