From f1fff38400ecadae5691284377ac584e46107d84 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 10 Jun 2026 00:51:21 -0400 Subject: [PATCH] update gitlab file --- .gitlab-ci.yml | 84 +++++++++++++++++++++++++++++++++++--------------- 1 file changed, 60 insertions(+), 24 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0004465..85d4935 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -14,7 +14,8 @@ variables: # TEST STAGE # Runs on every push and merge request # ==================================== -unit_tests: + +api_tests: stage: test image: node:20-bookworm before_script: @@ -24,8 +25,41 @@ unit_tests: - npm run type-check - npm run test:api rules: - - if: $CI_PIPELINE_SOURCE == "merge_request_event" - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' + - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' + +marketplace_tests: + stage: test + image: node:20-bookworm + before_script: + - npm ci + script: + - npm run test:marketplace + rules: + - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' + - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' + +admin_tests: + stage: test + image: node:20-bookworm + before_script: + - npm ci + script: + - npm run test:admin + rules: + - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' + - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' + +dashboard_tests: + stage: test + image: node:20-bookworm + before_script: + - npm ci + script: + - npm run test:dashboard + rules: + - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' + - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' integration_tests: stage: test @@ -62,12 +96,13 @@ integration_tests: script: - npm run test:api:integration rules: - - if: $CI_PIPELINE_SOURCE == "merge_request_event" - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' + - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' # ==================================== # BUILD STAGE # ==================================== + build_image: stage: build image: docker:24 @@ -162,19 +197,19 @@ build_image: export ADMIN_INTERNAL_URL="${ADMIN_INTERNAL_URL:-http://admin:3002}" docker build \ - --build-arg API_INTERNAL_URL=$API_INTERNAL_URL \ - --build-arg DASHBOARD_INTERNAL_URL=$DASHBOARD_INTERNAL_URL \ - --build-arg ADMIN_INTERNAL_URL=$ADMIN_INTERNAL_URL \ - --build-arg NEXT_PUBLIC_API_URL=$NEXT_PUBLIC_API_URL \ - --build-arg NEXT_PUBLIC_MARKETPLACE_URL=$NEXT_PUBLIC_MARKETPLACE_URL \ - --build-arg NEXT_PUBLIC_DASHBOARD_URL=$NEXT_PUBLIC_DASHBOARD_URL \ - --build-arg NEXT_PUBLIC_ADMIN_URL=$NEXT_PUBLIC_ADMIN_URL \ - -t $DOCKER_IMAGE \ - -t $DOCKER_IMAGE_LATEST \ - -f $DOCKERFILE_PATH . + --build-arg API_INTERNAL_URL="$API_INTERNAL_URL" \ + --build-arg DASHBOARD_INTERNAL_URL="$DASHBOARD_INTERNAL_URL" \ + --build-arg ADMIN_INTERNAL_URL="$ADMIN_INTERNAL_URL" \ + --build-arg NEXT_PUBLIC_API_URL="$NEXT_PUBLIC_API_URL" \ + --build-arg NEXT_PUBLIC_MARKETPLACE_URL="$NEXT_PUBLIC_MARKETPLACE_URL" \ + --build-arg NEXT_PUBLIC_DASHBOARD_URL="$NEXT_PUBLIC_DASHBOARD_URL" \ + --build-arg NEXT_PUBLIC_ADMIN_URL="$NEXT_PUBLIC_ADMIN_URL" \ + -t "$DOCKER_IMAGE" \ + -t "$DOCKER_IMAGE_LATEST" \ + -f "$DOCKERFILE_PATH" . - echo "--- Pushing to Registry ---" - - docker push $DOCKER_IMAGE - - docker push $DOCKER_IMAGE_LATEST + - docker push "$DOCKER_IMAGE" + - docker push "$DOCKER_IMAGE_LATEST" rules: # On the default branch, always attempt the image build so missing registry # configuration fails loudly in before_script instead of skipping the job. @@ -184,6 +219,7 @@ build_image: # ==================================== # DEPLOY STAGE # ==================================== + deploy_to_vps: stage: deploy image: alpine:latest @@ -210,7 +246,7 @@ deploy_to_vps: - export DOCKER_IMAGE="$IMAGE_REPOSITORY:$CI_COMMIT_SHORT_SHA" - apk add --no-cache openssh-client # Load the SSH private key stored in the CI variable SSH_PRIVATE_KEY - - eval $(ssh-agent -s) + - eval "$(ssh-agent -s)" - | key_file="$(mktemp)" decoded_key_file="$(mktemp)" @@ -251,7 +287,7 @@ deploy_to_vps: trap - EXIT - mkdir -p ~/.ssh && chmod 700 ~/.ssh # Scan and trust the VPS host key (avoids manual known_hosts management) - - ssh-keyscan -H $VPS_IP >> ~/.ssh/known_hosts + - ssh-keyscan -H "$VPS_IP" >> ~/.ssh/known_hosts - chmod 644 ~/.ssh/known_hosts script: - echo "--- Deploying $DOCKER_IMAGE to VPS ---" @@ -259,16 +295,16 @@ deploy_to_vps: REGISTRY_PASSWORD_B64="$(printf '%s' "$REGISTRY_PASSWORD" | base64 | tr -d '\n')" echo "-- Syncing deployment assets --" - ssh $VPS_USER@$VPS_IP " + ssh "$VPS_USER@$VPS_IP" " set -e mkdir -p '$DEPLOY_ROOT/scripts' '$DEPLOY_ROOT/docker/pgmanage' '$DEPLOY_ROOT/docker/registry/auth' '$DEPLOY_ROOT/dynamic' " - scp docker-compose.production.yml docker-compose.portainer.production.yml docker-compose.registry.production.yml docker-compose.registry.local.yml traefik.yaml $VPS_USER@$VPS_IP:$DEPLOY_ROOT/ - scp scripts/docker-prod-common.sh scripts/docker-prod-deploy.sh scripts/docker-prod-up-registry.sh scripts/docker-registry-local-up.sh $VPS_USER@$VPS_IP:$DEPLOY_ROOT/scripts/ - scp docker/pgmanage/override.py $VPS_USER@$VPS_IP:$DEPLOY_ROOT/docker/pgmanage/ + scp docker-compose.production.yml docker-compose.portainer.production.yml docker-compose.registry.production.yml docker-compose.registry.local.yml traefik.yaml "$VPS_USER@$VPS_IP:$DEPLOY_ROOT/" + scp scripts/docker-prod-common.sh scripts/docker-prod-deploy.sh scripts/docker-prod-up-registry.sh scripts/docker-registry-local-up.sh "$VPS_USER@$VPS_IP:$DEPLOY_ROOT/scripts/" + scp docker/pgmanage/override.py "$VPS_USER@$VPS_IP:$DEPLOY_ROOT/docker/pgmanage/" echo "-- Running deploy script on VPS --" - ssh $VPS_USER@$VPS_IP " + ssh "$VPS_USER@$VPS_IP" " set -e cd '$DEPLOY_ROOT' APP_IMAGE='$IMAGE_REPOSITORY' \