openstream/.gitlab-ci.yml at master · magenta-aps/openstream · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
# SPDX-FileCopyrightText: 2025 Magenta ApS <https://magenta.dk>
# SPDX-License-Identifier: AGPL-3.0-only

include:
  - project: labs/salt-automation
    ref: master
    file:
      - /gitlab-ci-templates/common/rules.v1.yml
      - /gitlab-ci-templates/common/docker-build-meta.v2.yml
      - /gitlab-ci-templates/common/config-updater-meta.v1.yml
      - /gitlab-ci-templates/common/saltbert.v1.yml

stages:
  - lint
  - test
  - build
  - release

variables:
  DOCKERFILE: $CI_PROJECT_DIR/backend/docker/Dockerfile
  IMAGE_SHA: ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA}
  RELEASE_IMAGE: magentaaps/openstream
  RELEASE_IMAGE_TAG: ${RELEASE_IMAGE}:${CI_COMMIT_TAG}
  RELEASE_IMAGE_LATEST: ${RELEASE_IMAGE}:latest
  CONTEXT: $CI_PROJECT_DIR/backend
  FRONTEND_DOCKERFILE: $CI_PROJECT_DIR/frontend/Dockerfile
  FRONTEND_IMAGE_SHA: ${CI_REGISTRY_IMAGE}:frontend-${CI_COMMIT_SHA}
  FRONTEND_RELEASE_IMAGE: magentaaps/openstream-frontend
  FRONTEND_RELEASE_IMAGE_TAG: ${FRONTEND_RELEASE_IMAGE}:${CI_COMMIT_TAG}
  FRONTEND_RELEASE_IMAGE_LATEST: ${FRONTEND_RELEASE_IMAGE}:latest
  FRONTEND_CONTEXT: $CI_PROJECT_DIR/frontend
  POLLING_DOCKERFILE: $CI_PROJECT_DIR/polling-server/Dockerfile
  POLLING_IMAGE_SHA: ${CI_REGISTRY_IMAGE}:polling-${CI_COMMIT_SHA}
  POLLING_RELEASE_IMAGE: magentaaps/openstream-polling
  POLLING_RELEASE_IMAGE_TAG: ${POLLING_RELEASE_IMAGE}:${CI_COMMIT_TAG}
  POLLING_RELEASE_IMAGE_LATEST: ${POLLING_RELEASE_IMAGE}:latest
  POLLING_CONTEXT: $CI_PROJECT_DIR/polling-server

#############
#  Linting  #
#############

# Linting base template
.lint-default: &lint-default
  stage: lint
  image: python:3.13-alpine  # Default Python image for Python linting

# Lint Python with Black
Lint Python:
  <<: *lint-default
  before_script:
    - pip3 install black==25.1.0 # keep version synchronized with version in requirements-dev.txt
  script:
    - black --version
    - cd $CI_PROJECT_DIR/backend && black --check --diff .

Lint REUSE compliance:
  extends: .lint-default
  image:
    name: fsfe/reuse:latest
    entrypoint: [""]
  script:
    - reuse lint

#############
#  Testing  #
#############

Django Tests:
  stage: test
  image: python:3.13
  cache:
    key:
      files:
        - backend/poetry.lock
    paths:
      - $CI_PROJECT_DIR/backend/.venv/
      - $CI_PROJECT_DIR/backend/.cache/pypoetry/
  variables:
    # Ensure the code is checked out in case included templates set GIT_STRATEGY: none
    GIT_STRATEGY: "fetch"
    ENV: "development"
    POETRY_VERSION: "2.1.4"
    POETRY_VIRTUALENVS_IN_PROJECT: "true"
    POETRY_NO_INTERACTION: "1"
    DJANGO_SECRET_KEY: django-insecure-7^ebk@&28nd-(#&crllcdn)u1=frq7669thh)eb591vb)^bw(8
  before_script:
    - apt install -y curl
    - curl -sSL https://install.python-poetry.org | python3 - --version $POETRY_VERSION
    - export PATH="$PATH:/root/.local/bin"
    - cd $CI_PROJECT_DIR/backend && poetry install --no-root
  script:
    - cd $CI_PROJECT_DIR/backend && poetry run python openstream/manage.py test

# Test Frontend
Test Frontend:
  stage: test
  image: node:20-alpine
  script:
    - cd $CI_PROJECT_DIR/frontend && npm ci --legacy-peer-deps && npm run build

###########
#  Build  #
###########

Build app image:
  extends: .build-docker
  variables:
    CONTEXT: $CI_PROJECT_DIR/backend
  # Minimize unnecessary builds, specified because the extended template sets needs to []
  needs: [Lint Python, Django Tests]

Build Frontend image:
  extends: .build-docker
  variables:
    DOCKERFILE: $FRONTEND_DOCKERFILE
    CONTEXT: $FRONTEND_CONTEXT
    IMAGE_SHA: $FRONTEND_IMAGE_SHA
    TARGET: production
  needs: [Test Frontend]

Build Polling Server image:
  extends: .build-docker
  variables:
    DOCKERFILE: $POLLING_DOCKERFILE
    CONTEXT: $POLLING_CONTEXT
    IMAGE_SHA: $POLLING_IMAGE_SHA
    TARGET: runner
  # Polling server doesn't have frontend tests dependency; build when backend is ready
  needs: [Build app image]

#############
#  Release  #
#############

.release-default: &release-default
  stage: release
  image: alpine
  variables:
    GIT_STRATEGY: none  # We do not need the source code
  before_script: [apk add skopeo]

Release versioned tag:
  <<: *release-default
  extends: [.rules:semver-all]
  script:
    - skopeo copy --src-creds=${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD}
      --dest-creds=${RELEASE_REGISTRY_USER}:${RELEASE_REGISTRY_PASSWORD}
      "docker://${IMAGE_SHA}"
      "docker://${RELEASE_IMAGE_TAG}"

Release latest tag:
  <<: *release-default
  extends: [.rules:semver-core]
  script:
    - skopeo copy --src-creds=${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD}
      --dest-creds=${RELEASE_REGISTRY_USER}:${RELEASE_REGISTRY_PASSWORD}
      "docker://${IMAGE_SHA}"
      "docker://${RELEASE_IMAGE_LATEST}"

Release Frontend versioned tag:
  <<: *release-default
  extends: [.rules:semver-all]
  script:
    - skopeo copy --src-creds=${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD}
      --dest-creds=${RELEASE_REGISTRY_USER}:${RELEASE_REGISTRY_PASSWORD}
      "docker://${FRONTEND_IMAGE_SHA}"
      "docker://${FRONTEND_RELEASE_IMAGE_TAG}"

Release Frontend latest tag:
  <<: *release-default
  extends: [.rules:semver-core]
  script:
    - skopeo copy --src-creds=${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD}
      --dest-creds=${RELEASE_REGISTRY_USER}:${RELEASE_REGISTRY_PASSWORD}
      "docker://${FRONTEND_IMAGE_SHA}"
      "docker://${FRONTEND_RELEASE_IMAGE_LATEST}"

Release Polling Server versioned tag:
  <<: *release-default
  extends: [.rules:semver-all]
  script:
    - skopeo copy --src-creds=${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD}
      --dest-creds=${RELEASE_REGISTRY_USER}:${RELEASE_REGISTRY_PASSWORD}
      "docker://${POLLING_IMAGE_SHA}"
      "docker://${POLLING_RELEASE_IMAGE_TAG}"

Release Polling Server latest tag:
  <<: *release-default
  extends: [.rules:semver-core]
  script:
    - skopeo copy --src-creds=${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD}
      --dest-creds=${RELEASE_REGISTRY_USER}:${RELEASE_REGISTRY_PASSWORD}
      "docker://${POLLING_IMAGE_SHA}"
      "docker://${POLLING_RELEASE_IMAGE_LATEST}"