-
Notifications
You must be signed in to change notification settings - Fork 1
/
.gitlab-ci.yml
244 lines (225 loc) · 7.79 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
stages:
- build
- merge
- deploy
- sonarqube-check
#======================================================
# Initial vuepress build
#======================================================
vuepress-netlify-build:
stage: build
image: node:18-buster
variables:
# Use TLS https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#tls-enabled
# this ensure all submodules are initiazlied correctly
GIT_SUBMODULE_STRATEGY: recursive
# Lets optimize the node_modules + vuepress cache
cache:
- key:
files:
- package-lock.json
paths:
- node_modules
- .vuepress/.cache
# The main script
script:
# NPM ci, is a more consistent varient of npm install
- npm ci
# Setup _redirect file inside netlify-dist
- cd netlify-dist/ ; ./_redirects_build.sh ; cd ..
# Setupdist dir, and setup netlify assets
- mkdir -p ./dist
- cp -ar netlify-dist/* ./dist/
# Let do the build
- npm run build
# Lets add some build info for debugging
- echo "$CI_COMMIT_SHORT_SHA" > ./dist/_commit.txt
- echo "$CI_COMMIT_SHORT_SHA" > ./dist/v3/_commit.txt
artifacts:
paths:
- dist/
# Package can get abit too big,
# so lets quickly discard it if possible
expire_in: 24 hour
#======================================================
# Asset merging template
#======================================================
# We use gitlab to do thedist assert merges, this allow deployments to not
# disrupt previously loaded pages, as the incremental hashes should "still work"
#
# We also injects robots.txt for the relevent envrionment
.merge-template:
stage: merge
image: node:18-buster
variables:
# Use TLS https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#tls-enabled
# Disable the git submodule, as its not needed
GIT_SUBMODULE_STRATEGY: none
before_script:
- git config --global user.email "devops@uilicious.com"
- git config --global user.name "Gitlab CI/CD Automation"
script:
# Lets move/rename the current build
- mv dist new_build
# Clone the historical build
- git clone --branch "$MERGE_BRANCH" $GITLAB_MERGE_URL_WITH_AUTH dist
# Lets setup the cleanup script
# See: https://stackoverflow.com/questions/65441034/removing-versions-of-files-older-than-90-days-in-git
- echo "#!/bin/bash" > dist/.git-cleanup.sh
- echo "day=$(date --date "$1" +"%Y-%m-%d")" >> dist/.git-cleanup.sh
- echo "git ls-files | while read path" >> dist/.git-cleanup.sh
- echo "do" >> dist/.git-cleanup.sh
- echo ' if [ "$(git log --since \"$day\" -- $path)" == "" ]; then' >> dist/.git-cleanup.sh
- echo ' rm "$path"' >> dist/.git-cleanup.sh
- echo " fi" >> dist/.git-cleanup.sh
- echo "done" >> dist/.git-cleanup.sh
- chmod +x dist/.git-cleanup.sh;
# Trigger the cleanup script (with 90 days)
- cd dist/; ./.git-cleanup.sh "90 days ago"; cd ..;
# Enforce robots.txt for anything but prd
- 'if [ "$MERGE_BRANCH" != "prd" ]; then echo "User-agent: *" > dist/robots.txt; echo "Disallow: /" >> dist/robots.txt; fi'
- 'if [ "$MERGE_BRANCH" == "prd" ]; then echo "User-agent: *" > dist/robots.txt; echo "Allow: /" >> dist/robots.txt; fi'
# Merge them together
- cp -a ./new_build/* ./dist/
# And push it up gitlab
- cd dist; git add -A .; git commit -am "[automated] build merge for $CI_COMMIT_SHORT_SHA - $CI_JOB_URL"; git push; cd ..;
artifacts:
paths:
- dist/
# Package can get abit too big,
# so lets quickly discard it if possible
expire_in: 24 hour
#======================================================
# Asset merging
#======================================================
# Just setup robots.txt, for preview sites
preview-merge:
stage: merge
image: node:18-buster
script:
- 'echo "User-agent: *" > dist/robots.txt;'
- 'echo "Disallow: /" >> dist/robots.txt;'
artifacts:
paths:
- dist/
# Package can get abit too big,
# so lets quickly discard it if possible
expire_in: 24 hour
except:
- main
# Lets merge with previously deployed assets
stg-merge:
extends: .merge-template
variables:
MERGE_BRANCH: stg
only:
- main
prd-merge:
extends: .merge-template
variables:
MERGE_BRANCH: prd
only:
- main
# Trigger manually
when: manual
#======================================================
# Netlify deployment templates
#======================================================
# Gitlab MATRIX does not work reliably with multistage pipeline
# Despites what said here : https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82734/diffs
.netlifydist-preview-deploy:
stage: deploy
image: uilicious/netlify-cli:8
variables:
# Disable the git submodule, as its not needed
GIT_SUBMODULE_STRATEGY: none
script:
# for some reason the latest versions of netlify cannot be installed in our gitlab CI/CD runners reliably
- cd dist && netlify deploy --dir=. --functions=./netlify/functions --auth "$NETLIFY_DEVOPS_DEPLOY_KEY" --site "$NETLIFY_SITE_KEY"
# Gitlab MATRIX does not work reliably with multistage pipeline
# Despites what said here : https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82734/diffs
.netlifydist-prod-deploy:
stage: deploy
image: uilicious/netlify-cli:8
variables:
# Disable the git submodule, as its not needed
GIT_SUBMODULE_STRATEGY: none
script:
# for some reason the latest versions of netlify cannot be installed in our gitlab CI/CD runners reliably
- cd dist && netlify deploy --dir=. --functions=./netlify/functions --auth "$NETLIFY_DEVOPS_DEPLOY_KEY" --site "$NETLIFY_SITE_KEY" --prod
#======================================================
# Netlify deployments
#======================================================
# Netlify deploy to our "stg" environment
stg-env-deploy:
extends: .netlifydist-prod-deploy
variables:
NETLIFY_SITE_KEY: "${NETLIFY_DEV_SITEID}"
needs:
- stg-merge
only:
- main
# Netlify deploy to our "prd" environment
prd-env-deploy:
extends: .netlifydist-prod-deploy
variables:
NETLIFY_SITE_KEY: "${NETLIFY_PRD_SITEID}"
needs:
- prd-merge
only:
- main
# Netlify deploy preview (for all other branches)
preview-env-deploy:
extends: .netlifydist-preview-deploy
variables:
NETLIFY_SITE_KEY: "${NETLIFY_DEV_SITEID}"
needs:
- preview-merge
except:
- main
- sonarqube_integration
#======================================================
# Sonarqube integration
#======================================================
sonarqube-build:
stage: build
image:
name: uilicious/internal-alpine-base:latest
entrypoint: [""]
variables:
GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
script:
- cp -r .vuepress/ vuepress/
artifacts:
paths:
- vuepress/
expire_in: 24 hour
allow_failure: true
only:
- sonarqube_integration
- merge_requests
- master
- main
- dev
sonarqube-check:
stage: sonarqube-check
needs: [sonarqube-build]
image:
name: sonarsource/sonar-scanner-cli:5.0
entrypoint: [""]
variables:
SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task
cache:
key: "${CI_JOB_NAME}"
paths:
- .sonar/cache
script:
- sonar-scanner
allow_failure: true
only:
- sonarqube_integration
- merge_requests
- master
- main
- dev