Initial version

Author: Marc Rooding

Dockerfile

@@ -0,0 +1,15 @@
+FROM python:3.7
+
+RUN apt-get -y upgrade && \
+    apt-get -y install git && \
+    apt-get clean
+
+WORKDIR /version-update
+
+COPY /requirements.txt .
+
+RUN pip install -r requirements.txt
+
+COPY /version-update.py .
+
+CMD ["python", "/version-update.py"]

README.md

@@ -0,0 +1,105 @@
+# gitlab-semantic-versioning
+
+Docker image that can be used to automatically version projects using semantic versioning. 
+
+Visit [semver.org](https://semver.org/) to read more about semantic versioning.
+
+## How is the version determined?
+
+Versions are being maintained using git tags.
+
+If no git tag is available, the first version update will result in version 1.0.0.
+If git tags are available, it will determine whether to do a major, minor, or patch update based on specific merge request labels. The `bump-minor` and `bump-major` labels exist to do either a minor or major bump. If a merge request has no labels attached, it will perform a patch update by default.
+
+## Prerequisites
+
+### Group labels
+
+As stated above, the version update workflow relies on merge request labels to determine the new version. The `bump-minor` and `bump-major` labels have been set as global GitLab labels. However, global labels only propogate to groups created after setting a global label. When adding a global label, they [do not automatically propogate to existing groups](https://gitlab.com/gitlab-org/gitlab-ce/issues/12707).
+
+If you cannot select the specified labels in your merge request, your group was most likely created before the global labels were defined. Please follow [this guide to setup group-specific labels](https://docs.gitlab.com/ee/user/project/labels.html) 
+
+### API token and group
+
+To extract the labels from merge requests, we need an API token to access the Gitlab API. Unfortunately, [GitLab doesn't yet support non-user specific access tokens](https://gitlab.com/gitlab-org/gitlab-ee/issues/756). 
+
+Ask your GitLab administrator to add a dummy user `${group_name}_npa` to GitLab with access only to your project group. Log in with this user, and create a [personal access token](https://gitlab.wbaa.pl.ing.net/profile/personal_access_tokens) with api scope access.
+
+Copy the generated API token and keep it available for the next section.
+
+### Group-level variables
+
+The NPA username and token need to be injected into the version-update container as environment variables. For this, we'll use group-level variables. 
+
+Go to your group's variables section under `Settings` -> `CI / CD`.
+
+Add the following variables:
+
+| Key             | Value                                                                |
+|-----------------|----------------------------------------------------------------------|
+| NPA_USERNAME    | The name of the NPA user created for your group: `${group_name}_npa` |
+| NPA_PASSWORD    | The personal access token with API scope generated for the NPA user  |
+
+## Pipeline configuration
+
+The pipeline configuration below will:
+1. Generate a unique version tag based on git describe
+2. Update the version for every build on the `master` branch.
+3. Tag the docker image built with the updated version as `latest` only for `tag` builds.
+
+This pipeline omits steps for building the  project and pushing the resulting Docker image to the registry.
+
+```
+stages:
+  - generate-env-vars
+  - version
+  - tag-latest
+
+variables:
+  IMAGE_NAME: $CI_REGISTRY/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME
+
+generate-env-vars:
+  stage: generate-env-vars
+  script:
+    - TAG=$(git describe --tags --always)
+    - echo "export TAG=$TAG" > .variables
+    - echo "export IMAGE=$IMAGE_NAME:$TAG" >> .variables
+    - cat .variables
+  artifacts:
+    paths:
+    - .variables
+
+version:
+  stage: version
+  image: mrooding/gitlab-semantic-versioning:1.0.0
+  script:
+    - python3 /version-update/version-update.py
+  only:
+   - master
+
+tag-latest:
+  stage: tag-latest
+  image: docker:18.06.1-ce
+  before_script:
+    - source .variables
+  script:
+    - docker pull $IMAGE
+    - docker tag $IMAGE $IMAGE_NAME:latest
+    - docker push $IMAGE_NAME:latest
+  only:
+    - tag
+```
+
+## Merge request instructions
+
+### Squash commits when merge request is accepted
+
+The new version will be determined based on the commit message. GitLab will automatically format a merge request commit message if the 'Squash commits when merge request is accepted` checkbox is checked during merge request creation.
+
+This workflow relies on that commit message format and will fail the pipeline if it cannot extract the merge request id from the commit message. 
+
+Unfortunately, GitLab [doesn't yet allow for setting the checkbox to checked by default](https://gitlab.com/gitlab-org/gitlab-ce/issues/27956). Until implemented, make sure to manually check the squash option upon creation.
+
+### Add a label to indicate a minor or major update
+
+As described above, if you want to perform a minor or major update, don't forget to add the appropriate label to your merge request.

requirements.txt

@@ -0,0 +1,2 @@
+semver==2.8.1
+python-gitlab==1.6.0

version-update.py

@@ -0,0 +1,89 @@
+#!/usr/bin/env python3
+import os
+import re
+import sys
+import semver
+import subprocess
+import gitlab
+
+def git(*args):
+    return subprocess.check_output(["git"] + list(args))
+
+def verify_env_var_presence(name):
+    if name not in os.environ:
+        raise Exception(f"Expected the following environment variable to be set: {name}")
+
+def extract_gitlab_url_from_project_url():
+    project_url = os.environ['CI_PROJECT_URL']
+    project_path = os.environ['CI_PROJECT_PATH']
+
+    return project_url.split(f"/{project_path}", 1)[0]
+
+def extract_merge_request_id_from_commit():
+    message = git("log", "-1", "--pretty=%B")
+    matches = re.search(r'(\S*\/\S*!)(\d)', message.decode("utf-8"), re.M|re.I)
+    
+    if matches == None:
+        raise Exception(f"Unable to extract merge request from commit message: {message}")
+
+    return matches.group(2)
+
+def retrieve_labels_from_merge_request(merge_request_id):
+    project_id = os.environ['CI_PROJECT_ID']
+    gitlab_private_token = os.environ['NPA_PASSWORD']
+
+    gl = gitlab.Gitlab(extract_gitlab_url_from_project_url(), private_token=gitlab_private_token)
+    gl.auth()
+
+    project = gl.projects.get(project_id)
+    merge_request = project.mergerequests.get(merge_request_id)
+
+    return merge_request.labels
+
+def bump(latest):
+    merge_request_id = extract_merge_request_id_from_commit()
+    labels = retrieve_labels_from_merge_request(merge_request_id)
+
+    if "bump-minor" in labels:
+        return semver.bump_minor(latest)
+    elif "bump-major" in labels:
+        return semver.bump_major(latest)
+    else:
+        return semver.bump_patch(latest)
+
+def tag_repo(tag):
+    repository_url = os.environ["CI_REPOSITORY_URL"]
+    username = os.environ["NPA_USERNAME"]
+    password = os.environ["NPA_PASSWORD"]
+
+    push_url = re.sub(r'([a-z]+://)[^@]*(@.*)', rf'\g<1>{username}:{password}\g<2>', repository_url)
+
+    git("remote", "set-url", "--push", "origin", push_url)
+    git("tag", tag)
+    git("push", "origin", tag)        
+
+def main():
+    env_list = ["CI_REPOSITORY_URL", "CI_PROJECT_ID", "CI_PROJECT_URL", "CI_PROJECT_PATH", "NPA_USERNAME", "NPA_PASSWORD"]
+    [verify_env_var_presence(e) for e in env_list]
+
+    try:
+        latest = git("describe", "--tags").decode().strip()
+    except subprocess.CalledProcessError:
+        # Default to version 1.0.0 if no tags are available
+        version = "1.0.0"
+    else:
+        # Skip already tagged commits
+        if '-' not in latest:
+            print(latest)
+            return 0
+
+        version = bump(latest)
+
+    tag_repo(version)
+    print(version)
+
+    return 0
+
+
+if __name__ == "__main__":
+    sys.exit(main())