479 lines
13 KiB
YAML
479 lines
13 KiB
YAML
# SPDX-FileCopyrightText: 2022-2024 Sarah Vaupel <sarah.vaupel@uniworx.de>, Gregor Kleen <gregor@kleen.consulting>
|
|
#
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
### IMPORTANT NOTICE ###
|
|
# Our pipeline consists of static and dynamic parts.
|
|
#
|
|
# This file only contains the static parts of our pipeline.
|
|
# Dynamic jobs are defined in .gitlab-ci/dynamic-ci.yml.
|
|
# These are used as a template to generate jobs during the pipeline runtime.
|
|
#
|
|
# The marker "#dyn#" (without quotes) will be replaced by concrete values.
|
|
#
|
|
# TODO: documentation about dynamic stage
|
|
###
|
|
|
|
|
|
# workflow:
|
|
# rules:
|
|
# - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
|
|
# - if: $CI_MERGE_REQUEST_ID
|
|
# - if: $CI_COMMIT_TAG =~ /^v/
|
|
# - if: $CI_COMMIT_TAG =~ /^t/
|
|
# - if: $CI_COMMIT_TAG =~ /^d/
|
|
|
|
|
|
variables:
|
|
IMAGE_BUILDER: quay.io/buildah/stable:latest
|
|
|
|
|
|
default:
|
|
image:
|
|
name: ${CI_REGISTRY}/uniworx/containers/debian:12.5
|
|
entrypoint: [""]
|
|
docker:
|
|
platform: x86_64
|
|
artifacts:
|
|
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
|
|
expire_in: "1 day"
|
|
retry: 2
|
|
interruptible: true
|
|
|
|
|
|
stages:
|
|
- prepare
|
|
- frontend
|
|
- backend
|
|
- release # TODO
|
|
|
|
|
|
dynamic:prepare:
|
|
stage: prepare
|
|
before_script:
|
|
- apt-get -y update
|
|
- apt-get -y install git
|
|
script:
|
|
- FRONTEND_IMAGE_VERSION=`git log docker/frontend/Dockerfile | grep '^commit' | wc --lines | tee frontend-image-version`
|
|
- BACKEND_IMAGE_VERSION=`git log docker/backend/Dockerfile | grep '^commit' | wc --lines | tee backend-image-version`
|
|
- cat .gitlab-ci/frontend.yml | .gitlab-ci/dynamci.pl FRONTEND_IMAGE_VERSION=${FRONTEND_IMAGE_VERSION} > frontend.yml
|
|
- cat .gitlab-ci/backend.yml | .gitlab-ci/dynamci.pl BACKEND_IMAGE_VERSION=${BACKEND_IMAGE_VERSION} > backend.yml
|
|
artifacts:
|
|
paths:
|
|
- frontend-image-version
|
|
- backend-image-version
|
|
- frontend.yml
|
|
- backend.yml
|
|
|
|
container:frontend: &container-frontend
|
|
stage: prepare
|
|
needs:
|
|
- dynamic:prepare
|
|
image: ${IMAGE_BUILDER}
|
|
script:
|
|
- FRONTEND_IMAGE_VERSION=`cat frontend-image-version`
|
|
- buildah bud -t frontend/${CI_COMMIT_REF_SLUG}:${FRONTEND_IMAGE_VERSION} docker/frontend/Dockerfile
|
|
- buildah push --creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" frontend/${CI_COMMIT_REF_SLUG}:${FRONTEND_IMAGE_VERSION} ${CI_REGISTRY_IMAGE}/frontend/${CI_COMMIT_REF_SLUG}:${FRONTEND_IMAGE_VERSION}
|
|
rules:
|
|
- changes:
|
|
- docker/frontend/Dockerfile
|
|
interruptible: false
|
|
container:frontend:manual:
|
|
<<: *container-frontend
|
|
rules:
|
|
- when: manual
|
|
|
|
container:backend: &container-backend
|
|
stage: prepare
|
|
needs:
|
|
- dynamic:prepare
|
|
image: ${IMAGE_BUILDER}
|
|
script:
|
|
- BACKEND_IMAGE_VERSION=`cat backend-image-version`
|
|
- buildah bud -t backend/${CI_COMMIT_REF_SLUG}:${BACKEND_IMAGE_VERSION} docker/backend/Dockerfile
|
|
- buildah push --creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" backend/${CI_COMMIT_REF_SLUG}:${BACKEND_IMAGE_VERSION} ${CI_REGISTRY_IMAGE}/backend/${CI_COMMIT_REF_SLUG}:${BACKEND_IMAGE_VERSION}
|
|
rules:
|
|
- changes:
|
|
- docker/backend/Dockerfile
|
|
interruptible: false
|
|
container:backend:manual:
|
|
<<: *container-backend
|
|
rules:
|
|
- when: manual
|
|
|
|
|
|
frontend:
|
|
stage: frontend
|
|
needs:
|
|
- dynamic:prepare
|
|
- job: container:frontend
|
|
optional: true
|
|
trigger:
|
|
strategy: depend
|
|
include:
|
|
- artifact: frontend.yml
|
|
job: dynamic:prepare
|
|
|
|
backend:
|
|
stage: backend
|
|
needs:
|
|
- dynamic:prepare
|
|
- job: container:backend
|
|
optional: true
|
|
- frontend
|
|
trigger:
|
|
strategy: depend
|
|
include:
|
|
- artifact: frontend.yml
|
|
job: dynamic:prepare
|
|
|
|
|
|
# frontend dependencies:
|
|
# stage: setup
|
|
# cache:
|
|
# - &npm-cache
|
|
# key: default-npm
|
|
# paths: &npm-paths
|
|
# - node_modules/
|
|
# - .npm/
|
|
# - .npmrc
|
|
# script:
|
|
# - make node_modules
|
|
# artifacts:
|
|
# paths: *npm-paths
|
|
|
|
# well-known:
|
|
# stage: setup
|
|
# script:
|
|
# - make well-known
|
|
# needs:
|
|
# - job: frontend dependencies
|
|
# artifacts: true
|
|
# cache:
|
|
# - &frontend-cache
|
|
# key: default-frontend
|
|
# paths:
|
|
# - .well-known-cache
|
|
# artifacts:
|
|
# paths:
|
|
# - well-known/
|
|
# - .well-known-cache/
|
|
|
|
# # TODO: cache is always uploaded even if up-to-date; prevent re-upload when up-to-date
|
|
# backend dependencies:
|
|
# stage: setup
|
|
# cache:
|
|
# - &stack-cache
|
|
# key: default-stack
|
|
# paths:
|
|
# - .stack/
|
|
# - .stack-work/
|
|
# script:
|
|
# - make backend-dependencies-prod
|
|
# artifacts:
|
|
# paths:
|
|
# - .stack/
|
|
# - .stack-work/
|
|
|
|
# frontend build:
|
|
# stage: build
|
|
# cache:
|
|
# - *frontend-cache
|
|
# script:
|
|
# - make frontend-build
|
|
# needs:
|
|
# - job: frontend dependencies
|
|
# artifacts: true
|
|
# - job: well-known
|
|
# artifacts: true
|
|
# artifacts:
|
|
# paths:
|
|
# - static/
|
|
# - config/webpack.yml
|
|
|
|
# # TODO: .stack-work cache not working
|
|
# backend build:
|
|
# stage: build
|
|
# cache:
|
|
# - *stack-cache
|
|
# script:
|
|
# - make bin/uniworx
|
|
# # - find .stack-work
|
|
# # - cp $(stack path --dist-dir)/build/hlint/hlint bin/test-hlint
|
|
# # - cp $(stack path --dist-dir)/build/yesod/yesod bin/test-yesod
|
|
# needs:
|
|
# - job: frontend dependencies # transitive
|
|
# artifacts: false
|
|
# - job: well-known
|
|
# artifacts: true
|
|
# - job: backend dependencies
|
|
# artifacts: true
|
|
# - job: frontend build
|
|
# artifacts: true
|
|
# artifacts:
|
|
# paths:
|
|
# - bin/
|
|
# resource_group: ram
|
|
|
|
# # TODO: part of backend build; probably deprecated
|
|
# # uniworxdb:
|
|
# # stage: build
|
|
# # script:
|
|
# # - make bin/uniworxdb
|
|
# # needs:
|
|
# # # TODO: no frontend needed
|
|
# # - job: frontend dependencies # transitive
|
|
# # artifacts: false
|
|
# # - job: frontend build # transitive
|
|
# # artifacts: false
|
|
# # artifacts:
|
|
# # paths:
|
|
# # - bin/uniworxdb
|
|
|
|
# # TODO: part of backend build; probably deprecated
|
|
# # TODO: rewrite
|
|
# # uniworx:exe:uniworxload:
|
|
# # stage: build
|
|
# # script:
|
|
# # - xzcat uniworx:lib:uniworx.nar.xz | nix-store --import
|
|
# # - nix -L build -o result ".#uniworx:exe:uniworxload"
|
|
# # - nix-store --export $(nix-store -qR result) | xz -T0 -2 > uniworx:exe:uniworxload.nar.xz
|
|
# # needs:
|
|
# # - job: frontend dependencies # transitive
|
|
# # artifacts: false
|
|
# # - job: frontend build # transitive
|
|
# # artifacts: false
|
|
# # artifacts:
|
|
# # paths:
|
|
# # - uniworx:exe:uniworxload.nar.xz
|
|
|
|
# frontend lint:
|
|
# stage: lint
|
|
# script:
|
|
# - make frontend-lint
|
|
# cache:
|
|
# - *frontend-cache
|
|
# needs:
|
|
# - job: frontend dependencies
|
|
# artifacts: true
|
|
# - job: well-known # TODO: is this really needed?
|
|
# artifacts: true
|
|
|
|
# backend lint:
|
|
# stage: lint
|
|
# cache:
|
|
# - *stack-cache
|
|
# script:
|
|
# # TODO: - make backend-lint-dev
|
|
# - make backend-lint-prod
|
|
# needs:
|
|
# - job: backend dependencies
|
|
# artifacts: true
|
|
# - job: backend build
|
|
# artifacts: true
|
|
# - job: frontend build
|
|
# artifacts: true
|
|
# - job: well-known
|
|
# artifacts: true
|
|
|
|
# frontend test:
|
|
# stage: test
|
|
# script:
|
|
# - make frontend-test
|
|
# cache: *frontend-cache
|
|
# needs:
|
|
# - job: frontend dependencies
|
|
# artifacts: true
|
|
# # TODO: configure report artifacts
|
|
|
|
# backend test:
|
|
# stage: test
|
|
# script:
|
|
# - make backend-test-prod
|
|
# cache: *stack-cache
|
|
# needs:
|
|
# - job: well-known
|
|
# artifacts: true
|
|
# - job: frontend build
|
|
# artifacts: true
|
|
# - job: backend dependencies
|
|
# artifacts: true
|
|
# - job: backend build
|
|
# artifacts: true
|
|
# # TODO: configure report artifacts
|
|
|
|
# # TODO: unify prod and test versions
|
|
# # TODO: rewrite
|
|
# container:
|
|
# stage: container
|
|
# script:
|
|
# - xzcat uniworx:exe:uniworx.nar.xz | nix-store --import
|
|
# - cp -pr --reflink=auto -L $(nix build --print-out-paths ".#uniworxDocker") uniworx.tar.gz
|
|
# needs:
|
|
# - job: frontend dependencies # transitive
|
|
# artifacts: false
|
|
# - job: frontend build # transitive
|
|
# artifacts: false
|
|
# - job: frontend test # sanity
|
|
# artifacts: false
|
|
# - job: backend test # sanity
|
|
# artifacts: false
|
|
# artifacts:
|
|
# paths:
|
|
# - uniworx.tar.gz
|
|
# rules: &release-rules
|
|
# - if: $CI_COMMIT_TAG =~ /^v/
|
|
# # TODO: rewrite
|
|
# test container:
|
|
# stage: container
|
|
# script:
|
|
# - xzcat uniworx:exe:uniworx.nar.xz | nix-store --import
|
|
# - cp -pr --reflink=auto -L $(nix build --print-out-paths ".#uniworxTestDocker") uniworx.tar.gz
|
|
# needs:
|
|
# - job: frontend dependencies # transitive
|
|
# artifacts: false
|
|
# - job: frontend build # transitive
|
|
# artifacts: false
|
|
# - job: frontend test # sanity
|
|
# artifacts: false
|
|
# - job: backend test # sanity
|
|
# artifacts: false
|
|
# artifacts:
|
|
# paths:
|
|
# - uniworx.tar.gz
|
|
# rules: &test-release-rules
|
|
# - if: $CI_COMMIT_TAG =~ /^t/
|
|
|
|
# # TODO: unify prod and test versions
|
|
# # TODO: rewrite
|
|
# parse changelog:
|
|
# stage: prepare release
|
|
# needs:
|
|
# - job: frontend dependencies
|
|
# artifacts: true
|
|
# rules: *release-rules
|
|
# script:
|
|
# - xzcat node-dependencies.nar.xz | nix-store --import
|
|
# - nix -L run ".#jqChangelogJson" -- -r '.versions[0].version' > .current-version
|
|
# - nix -L run ".#jqChangelogJson" -- -r '.versions[0].body' > .current-changelog.md
|
|
# - echo "VERSION=$(cat .current-version)" >> build.env
|
|
# artifacts:
|
|
# reports:
|
|
# dotenv: build.env
|
|
# paths:
|
|
# - .current-version
|
|
# - .current-changelog.md
|
|
# name: "changelog-${CI_COMMIT_SHORT_SHA}"
|
|
# expire_in: "1 day"
|
|
# # TODO: rewrite
|
|
# parse test changelog:
|
|
# stage: prepare release
|
|
# needs:
|
|
# - job: frontend dependencies
|
|
# artifacts: true
|
|
# rules: *test-release-rules
|
|
# script:
|
|
# - xzcat node-dependencies.nar.xz | nix-store --import
|
|
# - nix -L run ".#jqChangelogJson" -- -r '.versions[0].version' > .current-version
|
|
# - nix -L run ".#jqChangelogJson" -- -r '.versions[0].body' > .current-changelog.md
|
|
# - echo "VERSION=$(cat .current-version)" >> build.env
|
|
# artifacts:
|
|
# reports:
|
|
# dotenv: build.env
|
|
# paths:
|
|
# - .current-version
|
|
# - .current-changelog.md
|
|
# name: "changelog-${CI_COMMIT_SHORT_SHA}"
|
|
|
|
# # TODO: unify prod and test versions
|
|
# # TODO: rewrite
|
|
# upload container:
|
|
# variables:
|
|
# GIT_STRATEGY: none
|
|
# stage: release
|
|
# image: quay.io/skopeo/stable:latest
|
|
# script:
|
|
# - skopeo --insecure-policy copy --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker-archive://$(pwd)/uniworx.tar.gz docker://${CI_REGISTRY_IMAGE}:${VERSION}
|
|
# - skopeo --insecure-policy copy --src-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker://${CI_REGISTRY_IMAGE}:${VERSION} docker://${CI_REGISTRY_IMAGE}:latest
|
|
# needs:
|
|
# - job: frontend dependencies # transitive
|
|
# artifacts: false
|
|
# - job: frontend build # transitive
|
|
# artifacts: false
|
|
# - job: container
|
|
# artifacts: true
|
|
# - job: parse changelog
|
|
# artifacts: true
|
|
# - job: frontend test # sanity
|
|
# artifacts: false
|
|
# - job: backend test # sanity
|
|
# artifacts: false
|
|
# rules: *release-rules
|
|
# # TODO: rewrite
|
|
# upload test container:
|
|
# variables:
|
|
# GIT_STRATEGY: none
|
|
# stage: release
|
|
# image: quay.io/skopeo/stable:latest
|
|
# script:
|
|
# - skopeo --insecure-policy copy --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker-archive://$(pwd)/uniworx.tar.gz docker://${CI_REGISTRY}/fradrive/fradrive/test:${CI_COMMIT_REF_NAME}
|
|
# - skopeo --insecure-policy copy --src-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" --dest-creds "${CI_REGISTRY_USER}:${CI_JOB_TOKEN}" docker://${CI_REGISTRY}/fradrive/fradrive/test:${CI_COMMIT_REF_NAME} docker://${CI_REGISTRY}/fradrive/fradrive/test:latest
|
|
# needs:
|
|
# - job: frontend dependencies # transitive
|
|
# artifacts: false
|
|
# - job: frontend build # transitive
|
|
# artifacts: false
|
|
# - job: test container
|
|
# artifacts: true
|
|
# - job: parse test changelog
|
|
# artifacts: true
|
|
# - job: frontend test # sanity
|
|
# artifacts: false
|
|
# - job: backend test # sanity
|
|
# artifacts: false
|
|
# rules: *test-release-rules
|
|
|
|
# # TODO: unify prod and test versions
|
|
# # TODO: rewrite
|
|
# release:
|
|
# variables:
|
|
# GIT_STRATEGY: none
|
|
# stage: release
|
|
# image: registry.gitlab.com/gitlab-org/release-cli:latest
|
|
# rules: *release-rules
|
|
# script:
|
|
# - echo "Will create release ${VERSION}..."
|
|
# release:
|
|
# name: '$VERSION'
|
|
# tag_name: '$CI_COMMIT_TAG'
|
|
# description: .current-changelog.md
|
|
# needs:
|
|
# - job: frontend test # sanity
|
|
# artifacts: false
|
|
# - job: backend test # sanity
|
|
# artifacts: false
|
|
# - job: parse changelog
|
|
# artifacts: true
|
|
# retry: 0
|
|
# # TODO: rewrite
|
|
# test release:
|
|
# variables:
|
|
# GIT_STRATEGY: none
|
|
# stage: release
|
|
# image: registry.gitlab.com/gitlab-org/release-cli:latest
|
|
# rules: *test-release-rules
|
|
# script:
|
|
# - echo "Will create test release ${VERSION}-test..."
|
|
# release:
|
|
# name: "${VERSION}-test"
|
|
# tag_name: '$CI_COMMIT_TAG'
|
|
# description: .current-changelog.md
|
|
# needs:
|
|
# - job: frontend test # sanity
|
|
# artifacts: false
|
|
# - job: backend test # sanity
|
|
# artifacts: false
|
|
# - job: parse test changelog
|
|
# artifacts: true
|
|
# retry: 0
|