variables:
BASE_HREF: nshmp
GITLAB_TOKEN: '${CI_JOB_TOKEN}'
IMAGE_NAME: ${CODE_REGISTRY_IMAGE}/${CI_PROJECT_NAME}:${ENVIRONMENT}-${CI_COMMIT_SHORT_SHA}
UPSTREAM_PATH: ghsc/nshmp/nshmp-apps
image: ${CI_REGISTRY}/devops/images/usgs/node:20
# Do not run for merge requests
workflow:
rules:
- if: $CI_COMMIT_TAG
- if: $CI_COMMIT_BRANCH
stages:
- init
- build
- image
- security
- test
- e2e
- deploy
default:
tags:
- dev
####
# Environment Templates
####
##
# Rule for development environment
##
.development-env: &development-env
if: >
$CI_PROJECT_PATH != $UPSTREAM_PATH
|| (
$CI_PROJECT_PATH == $UPSTREAM_PATH
&& (
$CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
&& $CI_COMMIT_BRANCH != 'production'
&& $CI_COMMIT_TAG == null
)
)
variables:
ENVIRONMENT: development
##
# Rule for staging environment
##
.staging-env: &staging-env
if: >
$CI_PROJECT_PATH == $UPSTREAM_PATH
&& $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
variables:
ENVIRONMENT: staging
##
# Rule for production envrionment
##
.production-env: &production-env
if: >
$CI_PROJECT_PATH == $UPSTREAM_PATH
&& ( $CI_COMMIT_TAG && $CI_COMMIT_TAG != '' )
variables:
ENVIRONMENT: production
####
# Docker Templates
####
##
# Docker in Docker
##
.dind:
image: ${CI_REGISTRY}/devops/images/docker:20
services:
- alias: docker
name: ${CI_REGISTRY}/devops/images/docker:20-dind
variables:
DOCKER_DRIVER: overlay2
##
# Build Docker image and push to registry.
#
# Pushes to internal registry for all branches and Docker registry
# on default upstream and production upstream branches.
##
.docker-build:
extends:
- .dind
rules:
- *development-env
- *staging-env
- *production-env
script:
- BUILD_ARGS='';
- |
for arg in ${DOCKER_BUILD_ARGS}; do
BUILD_ARGS="${BUILD_ARGS} --build-arg ${arg}";
done
- |
docker build \
${BUILD_ARGS} \
--pull \
--tag "${CODE_REGISTRY_IMAGE}/${CI_PROJECT_NAME}:${IMAGE_TAG}" \
--file "${CI_PROJECT_DIR}/${DOCKERFILE}" \
"${CI_PROJECT_DIR}/.";
- docker push "${CODE_REGISTRY_IMAGE}/${CI_PROJECT_NAME}:${IMAGE_TAG}";
- latest_image_name="${CODE_REGISTRY_IMAGE}/${CI_PROJECT_NAME}:${ENVIRONMENT}-latest";
- docker tag "${CODE_REGISTRY_IMAGE}/${CI_PROJECT_NAME}:${IMAGE_TAG}" "${latest_image_name}";
- docker push "${latest_image_name}";
- if [[
${CI_COMMIT_REF_SLUG} == "${CI_DEFAULT_BRANCH}" ||
${CI_COMMIT_REF_SLUG} == "production" ||
-n "${CI_COMMIT_TAG}"
]]; then
docker tag "${latest_image_name}" "usgs/${CI_PROJECT_NAME}:${ENVIRONMENT}-latest";
docker push "usgs/${CI_PROJECT_NAME}:${ENVIRONMENT}-latest";
if [[
${CI_COMMIT_REF_SLUG} == "${CI_DEFAULT_BRANCH}" &&
"${CI_PROJECT_PATH}" == "${UPSTREAM_PATH}"
]]; then
docker tag "usgs/${CI_PROJECT_NAME}:${ENVIRONMENT}-latest" "usgs/${CI_PROJECT_NAME}:latest";
docker push "usgs/${CI_PROJECT_NAME}:latest";
fi
fi
- |
printf "
--------
Image Name - %s:%s
--------
" "${CI_PROJECT_NAME}" "${IMAGE_TAG}";
variables:
DOCKERFILE: Dockerfile
IMAGE_TAG: ${ENVIRONMENT}-${CI_COMMIT_SHORT_SHA}
####
# Stage: init
####
Init:
artifacts:
paths:
- node_modules
script:
- npm ci
stage: init
####
# Stage: Build
####
Build Project:
artifacts:
paths:
- dist
needs:
- Init
script:
- npm run build:prod
stage: build
####
# Stage: Image
####
Build Image:
extends:
- .docker-build
needs:
- Build Project
stage: image
tags:
- build
variables:
DOCKER_BUILD_ARGS: |
BUILD_IMAGE=${CI_REGISTRY}/devops/images/usgs/node:20
FROM_IMAGE=${CI_REGISTRY}/devops/images/usgs/nginx:latest
USE_DIST=true
####
# Stage: Security
####
NPM Audit:
allow_failure: true
needs: []
script:
- npm audit
stage: security
####
# Stage: Test
####
Lint:
needs:
- Init
script:
- npm run lint
stage: test
tags:
- nshmp
Unit Tests:
artifacts:
paths:
- coverage/nshmp-apps
reports:
junit: junit.xml
needs:
- Init
script:
- npm test
stage: test
####
# Stage: End to End tests
####
End to End Tests:
artifacts:
paths:
- dist/cypress
expire_in: 7 days
image: ${DOCKER_HUB_IMAGE_MIRROR}cypress/base:16.14.0
needs: []
retry: 2
rules:
- <<: *development-env
when: manual
allow_failure: true
- <<: *staging-env
allow_failure: true
- <<: *production-env
allow_failure: true
parallel:
matrix:
- SPEC: dashboard
- SPEC: dev/dashboard
- SPEC: dev/math
- SPEC: gmm/distance
- SPEC: gmm/magnitude
- SPEC: gmm/spectra
- SPEC: hazard/disagg
- SPEC: hazard/dynamic
- SPEC: hazard/static
- SPEC: services
- SPEC: source/data
- SPEC: source/mfd
script:
- npm i
- npm run cy:run:ci -- --spec "${INT_DIR}/${SPEC}/**/*"
stage: e2e
timeout: 3h
variables:
INT_DIR: projects/nshmp-apps/cypress/integration
####
# Stage: deploy
####
Trigger AWS Deployment:
rules:
- <<: *development-env
when: manual
- *staging-env
- *production-env
script:
- |
if [ "${ENVIRONMENT}" == 'production' ]; then
REF="production";
fi
- |
curl --request POST \
--form token=${NSHMP_CDK_TRIGGER_TOKEN} \
--form ref=${REF} \
--form "variables[TRIGGER_DESCRIPTION]=Deploy nshmp-apps to ${ENVIRONMENT}" \
--form "variables[ENVIRONMENT]=${ENVIRONMENT}" \
--form "variables[NSHMP_APPS_IMAGE]=${IMAGE_NAME}" \
--form "variables[SOURCE_PROJECT_NAME]=${CI_PROJECT_NAME}" \
"https://${PRIVATE_GITLAB}/api/v4/projects/${NSHMP_CDK_PROJECT_ID}/trigger/pipeline"
stage: deploy
variables:
REF: main
UPSTREAM_PATH: ghsc/nshmp/nshmp-apps
pages:
artifacts:
paths:
- public
image: ${DEVOPS_REGISTRY}usgs/node:20
rules:
- if: >
$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH
&& $CI_PROJECT_PATH == $UPSTREAM_PATH
script:
- npm run compodoc:build
- mv compodoc public
stage: deploy