.gitlab-ci.yml 5.73 KB
Newer Older
1
image: node:16.13.2
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
2
3

stages:
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
4
5
6
  - init
  - check
  - build
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
7
  - images
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
8
  - deploy
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
9

10
11
12
13
14
15
16
### https://docs.gitlab.com/ee/ci/merge_request_pipelines/index.html#excluding-certain-jobs
.only-default: &only-default
  only:
    - master
    - merge_requests
    - tags

17
before_script:
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
18
19
20
21
22
23
  # - echo "$NM_B2B_PEM" > /tmp/client.pem
  # - echo "$NM_B2B_PEM_KEY" > /tmp/client.key.pem
  # - export B2B_CERT=/tmp/client.pem
  # - export B2B_CERT_KEY=/tmp/client.key.pem
  # - export B2B_CERT_PASSPHRASE=$NM_B2B_PASSPHRASE
  # - export B2B_CERT_FORMAT=pem
24
  - export YARN_CACHE_FOLDER=".yarn-cache"
25
  - export FME_COMMIT_REF="${CI_COMMIT_SHA:0:8}"
26

BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
27
bootstrap:
28
  <<: *only-default
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
29
  stage: init
30
  cache:
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
31
32
33
    key:
      files:
        - yarn.lock
34
    paths:
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
35
      - .yarn-cache/*
36
  artifacts:
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
37
    name: '$CI_PIPELINE_ID-bootstrap'
38
    expire_in: 2 hours
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
39
40
41
42
    paths:
      - node_modules/*
      - packages/*/node_modules/*
      - packages/*/dist/*
43
      - packages/*/esm/*
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
44
45
  script:
    # Install dependencies
46
    - yarn install --frozen-lockfile
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
47
48
49
50
    # Bootstrap the repo
    - yarn bootstrap

typecheck:
51
  <<: *only-default
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
52
53
54
55
56
57
58
59
  stage: check
  needs:
    - job: bootstrap
      artifacts: true
  script:
    - yarn typecheck:ci

test:
60
  <<: *only-default
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
61
62
63
64
  stage: check
  needs:
    - job: bootstrap
      artifacts: true
65
66
67
68
69
70
71
72
73
74
75
76
  services:
    - name: postgres:10-alpine
      alias: pgsql
  variables:
    # These are used by the pgsql service container
    POSTGRES_USER: fme
    POSTGRES_DB: fme
    POSTGRES_PASSWORD: fmefmefme
    # and these are used by the test suite
    PGUSER: fme
    PGPASSWORD: fmefmefme
    PGHOST: pgsql
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
77
78
  artifacts:
    name: test-report
79
    reports:
80
      junit: reports/junit.xml
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
81
82
83
84
    when: always
    expire_in: '6mos'
    expose_as: 'Test coverage report'
    paths:
85
      - reports/coverage/
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
86
87
  script:
    - yarn test:ci
88
    - cp -R coverage/lcov-report reports/coverage
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
89

90
91
92
93
94
95
graphql-schema:
  stage: check
  allow_failure: true
  script:
    ## Force colored output
    - export FORCE_COLOR=1
96
    - yarn global add @graphql-inspector/cli@2 apollo
97
98
99
100
101
102
103
104
105
106
107
108
109
    - yarn --silent gql:schema-diff
  dependencies: []
  only:
    refs:
      - merge_requests
    changes:
      - packages/graphql.server/schema.graphql

graphql-validation:
  stage: check
  script:
    ## Force colored output
    - export FORCE_COLOR=1
110
    - yarn global add @graphql-inspector/cli@2 apollo
111
112
113
114
115
116
117
118
119
120
    - yarn --silent gql:validate-client
  dependencies: []
  only:
    refs:
      - merge_requests
    changes:
      - packages/graphql.server/schema.graphql
      - packages/frontend/__gql_documents__/**/*
      - packages/frontend/gql_manifest.json

BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
121
122
build:
  stage: build
123
  <<: *only-default
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
124
125
126
127
128
129
  needs:
    - job: bootstrap
      artifacts: true
  artifacts:
    name: '$CI_PIPELINE_ID-packages'
    expire_in: 2 hours
130
    paths:
131
132
133
134
      - packages/*/package.json
      - packages/*/yarn.lock
      - packages/*/pk/*
      - packages/*/dist/*
135
      - packages/*/esm/*
136
      - build.json
137
  script:
138
    - yarn build
139
140
    # Copy yarn lockfile to projets that will be dockerized
    - node scripts/injectYarnLockfile.js
141
    # Pack dependencies to .tgz to have a proper docker cache
142
    - node scripts/pack-deps.js
143

144
docker_images:
145
146
  stage: images
  image: docker:git
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
147
148
149
150
  needs:
    - job: build
      artifacts: true
    - job: typecheck
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
151
      artifacts: false
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
152
    - job: test
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
153
      artifacts: false
154
155
156
157
158
159
160
161
162
163
  rules:
    # Run on tags
    - if: '$CI_COMMIT_TAG'
    # Run on master
    - if: '$CI_COMMIT_BRANCH == "master"'
    # Run on the `Run pipeline button`
    - if: '$CI_PIPELINE_SOURCE == "web"'
    # Run on request on merge requests
    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
      when: manual
164
      allow_failure: true
165
  services:
166
    - docker:dind
167
168
  script:
    - apk --no-cache add nodejs
BERET Benjamin DGAC/CRNA-E's avatar
Echo ?    
BERET Benjamin DGAC/CRNA-E committed
169
    - echo $CI_REGISTRY_IMAGE
170
    - echo $CI_COMMIT_REF_NAME
171
    - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $CI_REGISTRY
172
173
    - node scripts/buildDockerImages.js
    - exit 0
174

175
security:
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
176
  stage: check
177
  <<: *only-default
178
179
180
  script:
    - yarn global add yarn-audit-html
    - yarn security:gen-audit
181
182
183
184
185
    # yarn audit exit code depends on the severity of the found vuln
    # This changes the exit code to only be > 0 when vuln with severities
    # MODERATE (4), HIGH (8), or CRITICAL (16) are found
    # 16 + 8 + 4 = 28
    - /bin/bash -c 'yarn audit --level moderate --groups dependencies; [[ $? -ge 4 ]] && exit 1 || exit 0'
186
  allow_failure: true
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
187
  dependencies: []
188
189
190
191
192
193
194
195
196
  artifacts:
    name: security-audit
    untracked: true
    when: always
    expire_in: '6mos'
    expose_as: 'JavaScript dependancy analysis'
    paths:
      - reports/yarn-audit.html

BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
197
198
199
200
deploy:
  stage: deploy
  image: alpine
  before_script:
201
202
    - apk update
    - apk --no-cache add curl jq
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
203
  only:
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
204
    - master@4ME/4ME
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
205
  script:
206
    - curl -s -X POST -F token=$DEPLOY_TOKEN -F ref=master https://gitlab.asap.dsna.fr/api/v4/projects/313/trigger/pipeline | jq
207
  dependencies: []
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
208

BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
209
210
211
212
213
214
215
216
217
218
219
220
221
###
### Website generation
###
pages:
  stage: init
  only:
    - master@4ME/4ME
  artifacts:
    paths:
      - public
  script:
    - cp -R website/gitlab-pages ./public

BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
222
4me-atm_com:
223
  stage: deploy
224
  cache: {}
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
225
226
  variables:
    # Take variables from gitlab defined variables, redefine them with the right name
BERET Benjamin DGAC/CRNA-E's avatar
Fix CI    
BERET Benjamin DGAC/CRNA-E committed
227
228
229
    AWS_ACCESS_KEY_ID: $S3_AWS_ACCESS_KEY
    AWS_SECRET_ACCESS_KEY: $S3_AWS_SECRET_KEY
    AWS_DEFAULT_REGION: eu-west-3
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
230
  only:
231
    - master@4ME/4ME
232
233
234
  needs:
    - job: bootstrap
      artifacts: true
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
235
  script:
236
    - apt-get update -yy && apt-get install -y awscli
237
238
239
240
241
    # Build dataset-explorer
    - cd packages/dataset-explorer
    - yarn build
    # Build docusaurus website
    - cd ../../website
BERET Benjamin DGAC/CRNA-E's avatar
BERET Benjamin DGAC/CRNA-E committed
242
243
    - yarn
    - yarn build
244
    # Import dataset-explorer into docusaurus build folder
245
    - mv ../packages/dataset-explorer/out build/4ME/dataset-explorer
246
    # Upload to S3
247
    - aws s3 sync build/4ME/ s3://4me-atm.com/ --delete