stages: - setup - audit - lint - test - publish - deploy - cleanup install: image: node:14 stage: setup only: - pushes script: - npm ci artifacts: paths: - node_modules expire_in: 1 week audit: image: python:3.12.9 stage: audit allow_failure: true only: - pushes needs: [] before_script: - pip install poetry==2.0.1 - poetry config virtualenvs.create false - poetry install --no-interaction --no-ansi script: - safety check test: image: python:3.12.9 stage: test only: - pushes needs: [] services: - postgres:12 variables: POSTGRES_DB: ci POSTGRES_USER: postgres POSTGRES_PASSWORD: postgres DATABASE_URL: "postgresql://postgres:postgres@postgres:5432/$POSTGRES_DB" DB_HOST: postgres before_script: - pip install poetry==2.0.1 - poetry config virtualenvs.create false - poetry install --no-interaction --no-ansi script: - python manage.py migrate --noinput - python manage.py createdefaultadmin - python manage.py test lint:py: image: python:3.12.9 stage: lint only: - pushes needs: [] script: - pip install black==22.3.0 - black --check . lint:js: image: node:14 stage: lint only: - pushes needs: ["install"] script: - npm run lint:js lint:md: image: node:14 stage: lint only: - pushes needs: ["install"] script: - npm run lint:md publish: image: docker:25-cli stage: publish needs: ["test", "lint:py", "lint:js", "lint:md"] services: - docker:25-dind only: - develop - master script: - docker info - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY - docker build . -t "$IMAGE_NAME" - docker push "$IMAGE_NAME" deploy:dev: image: docker:25-cli stage: deploy only: - develop environment: name: dev url: http://api.dev.sahkoinsinoorikilta.fi variables: DOCKER_HOST: $DEV_CI_DOCKER_HOST DOCKER_TLS_VERIFY: 1 before_script: - mkdir -p ~/.docker - echo "$DEV_TLSCACERT" > ~/.docker/ca.pem - echo "$DEV_TLSCERT" > ~/.docker/cert.pem - echo "$DEV_TLSKEY" > ~/.docker/key.pem - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY script: - docker stack deploy --with-registry-auth -c stack-compose-dev.yml "$SERVICE_NAME" after_script: - docker logout "$CI_REGISTRY" deploy:production: stage: deploy image: docker:25-cli only: - master environment: name: production url: https://api.sahkoinsinoorikilta.fi when: manual variables: DOCKER_HOST: $CI_DOCKER_HOST DOCKER_TLS_VERIFY: 1 before_script: - mkdir -p ~/.docker - echo "$TLSCACERT" > ~/.docker/ca.pem - echo "$TLSCERT" > ~/.docker/cert.pem - echo "$TLSKEY" > ~/.docker/key.pem - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY script: - docker stack deploy --with-registry-auth -c stack-compose.yml "$SERVICE_NAME" after_script: - docker logout "$CI_REGISTRY" docker_prune:dev: image: docker:stable stage: cleanup only: - schedules environment: name: dev url: http://api.dev.sahkoinsinoorikilta.fi variables: DOCKER_HOST: $DEV_CI_DOCKER_HOST DOCKER_TLS_VERIFY: 1 before_script: - mkdir -p ~/.docker - echo "$DEV_TLSCACERT" > ~/.docker/ca.pem - echo "$DEV_TLSCERT" > ~/.docker/cert.pem - echo "$DEV_TLSKEY" > ~/.docker/key.pem - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY script: - docker system prune after_script: - docker logout "$CI_REGISTRY" docker_prune:prod: image: docker:stable stage: cleanup only: - schedules environment: name: production url: https://api.sahkoinsinoorikilta.fi variables: DOCKER_HOST: $CI_DOCKER_HOST DOCKER_TLS_VERIFY: 1 before_script: - mkdir -p ~/.docker - echo "$TLSCACERT" > ~/.docker/ca.pem - echo "$TLSCERT" > ~/.docker/cert.pem - echo "$TLSKEY" > ~/.docker/key.pem - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY script: - docker system prune after_script: - docker logout "$CI_REGISTRY"