--- include: - project: funkwhale/ci file: /templates/pre-commit.yml - project: funkwhale/ci file: /templates/lychee.yml variables: PYTHONDONTWRITEBYTECODE: "true" PIP_CACHE_DIR: $CI_PROJECT_DIR/.cache/pip YARN_CACHE_FOLDER: $CI_PROJECT_DIR/.cache/yarn .shared_variables: # Keep the git files permissions during job setup keep_git_files_permissions: &keep_git_files_permissions GIT_STRATEGY: clone GIT_DEPTH: "5" FF_DISABLE_UMASK_FOR_DOCKER_EXECUTOR: "true" default: tags: - docker workflow: rules: # Run for any event on the default branches in the funkwhale namespace - if: > $CI_PROJECT_NAMESPACE == "funkwhale" && ( $CI_COMMIT_BRANCH =~ /(stable|develop)/ || $CI_COMMIT_TAG ) # Run for merge requests from any repo or branches - if: $CI_PIPELINE_SOURCE == "merge_request_event" stages: - review - lint - test - build - publish review_front: interruptible: true allow_failure: true stage: review rules: - if: $CI_PIPELINE_SOURCE == "merge_request_event" when: manual image: $CI_REGISTRY/funkwhale/ci/node-python:18 variables: BASE_URL: /-/$CI_PROJECT_NAME/-/jobs/$CI_JOB_ID/artifacts/front-review/ VUE_APP_ROUTER_BASE_URL: /-/$CI_PROJECT_NAME/-/jobs/$CI_JOB_ID/artifacts/front-review/ VUE_APP_INSTANCE_URL: https://demo.funkwhale.audio NODE_ENV: review environment: name: review/front/$CI_COMMIT_REF_NAME url: http://$CI_PROJECT_NAMESPACE.pages.funkwhale.audio/-/$CI_PROJECT_NAME/-/jobs/$CI_JOB_ID/artifacts/front-review/index.html cache: paths: [$YARN_CACHE_FOLDER] before_script: - mkdir front-review - cd front - yarn install --frozen-lockfile script: - yarn run build --base ./ - cp -r dist/* ../front-review artifacts: expire_in: 2 weeks paths: - front-review review_docs: interruptible: true allow_failure: true stage: review rules: - if: $CI_PIPELINE_SOURCE == "merge_request_event" changes: [docs/**/*] image: $CI_REGISTRY/funkwhale/ci/python:3.11 variables: BUILD_PATH: "../docs-review" environment: name: review/docs/$CI_COMMIT_REF_NAME url: http://$CI_PROJECT_NAMESPACE.pages.funkwhale.audio/-/$CI_PROJECT_NAME/-/jobs/$CI_JOB_ID/artifacts/docs-review/index.html cache: key: "$CI_PROJECT_ID__sphinx" paths: [$PIP_CACHE_DIR] before_script: - mkdir docs-review - cd docs - apt-get update - apt-get install -y graphviz git - poetry install - git switch develop && git pull - git switch stable && git pull - git switch $CI_COMMIT_BRANCH && git pull script: - poetry run python3 -m sphinx . $BUILD_PATH artifacts: expire_in: 2 weeks paths: - docs-review find_broken_links: extends: [.lychee] allow_failure: exit_codes: 2 script: - > lychee --cache --no-progress --exclude-all-private --exclude-mail --exclude 'demo\.funkwhale\.audio' --exclude 'nginx\.com' --exclude-path 'docs/_templates/' -- . || exit $? require_changelog: interruptible: true stage: lint rules: # Don't run on merge request that mention NOCHANGELOG or renovate bot commits - if: > $CI_MERGE_REQUEST_TITLE =~ /NOCHANGELOG/ || $CI_COMMIT_AUTHOR == "Renovate Bot " when: never - if: $CI_PIPELINE_SOURCE == "merge_request_event" image: python:3.11 script: - git fetch origin "$CI_MERGE_REQUEST_TARGET_BRANCH_NAME" - git diff --name-only FETCH_HEAD | grep "changes/changelog.d/*" pre-commit: extends: [.pre-commit] lint_api: interruptible: true allow_failure: true stage: lint image: $CI_REGISTRY/funkwhale/ci/python-funkwhale-api:3.11 before_script: - cd api - make install script: - make lint lint_front: interruptible: true stage: lint rules: - if: $CI_COMMIT_BRANCH =~ /(stable|develop)/ - changes: [front/**/*] image: $CI_REGISTRY/funkwhale/ci/node-python:18 cache: paths: [$YARN_CACHE_FOLDER] before_script: - cd front - yarn install --frozen-lockfile script: - yarn lint --max-warnings 0 - yarn lint:tsc test_api: interruptible: true retry: 1 stage: test rules: - if: $CI_COMMIT_BRANCH =~ /(stable|develop)/ - changes: [api/**/*] image: $CI_REGISTRY/funkwhale/ci/python-funkwhale-api:$PYTHON_VERSION parallel: matrix: - PYTHON_VERSION: ["3.8", "3.9", "3.10", "3.11"] services: - postgres:15-alpine - redis:7-alpine cache: paths: ["$PIP_CACHE_DIR"] variables: DATABASE_URL: "postgresql://postgres@postgres/postgres" FUNKWHALE_URL: "https://funkwhale.ci" DJANGO_SETTINGS_MODULE: config.settings.local POSTGRES_HOST_AUTH_METHOD: trust CACHE_URL: "redis://redis:6379/0" before_script: - cd api - poetry install script: - > poetry run pytest --junitxml=report.xml --cov --cov-config=pyproject.toml --cov-report=term-missing:skip-covered --cov-report=xml tests artifacts: expire_in: 2 weeks reports: junit: api/report.xml coverage_report: coverage_format: cobertura path: api/coverage.xml coverage: '/TOTAL\s*\d*\s*\d*\s*(\d*%)/' test_front: interruptible: true stage: test rules: # Disabled for now since no vitest dom emulation is providing # AudioContext, which is required for our HTML audio player - when: never - if: $CI_COMMIT_BRANCH =~ /(stable|develop)/ - changes: [front/**/*] image: $CI_REGISTRY/funkwhale/ci/node-python:18 cache: paths: [$YARN_CACHE_FOLDER] before_script: - cd front - yarn install --frozen-lockfile script: - yarn test:unit artifacts: reports: junit: front/coverage/cobertura-coverage.xml build_api_schema: stage: build rules: - if: $CI_COMMIT_BRANCH =~ /(stable|develop)/ - changes: [api/**/*] image: $CI_REGISTRY/funkwhale/ci/python-funkwhale-api:3.11 services: - postgres:15-alpine - redis:7-alpine cache: key: "$CI_PROJECT_ID__pip_cache" paths: - "$PIP_CACHE_DIR" variables: DATABASE_URL: "postgresql://postgres@postgres/postgres" FUNKWHALE_URL: "https://funkwhale.ci" DJANGO_SETTINGS_MODULE: config.settings.local POSTGRES_HOST_AUTH_METHOD: trust CACHE_URL: "redis://redis:6379/0" API_TYPE: "v1" before_script: - cd api - poetry install - poetry run funkwhale-manage migrate script: - poetry run funkwhale-manage spectacular --file ../docs/schema.yml artifacts: expire_in: 2 weeks paths: - docs/schema.yml build_docs: stage: build image: python:3.11 needs: - job: build_api_schema artifacts: true variables: BUILD_PATH: "../public" GIT_STRATEGY: clone GIT_DEPTH: 0 before_script: - cd docs - apt-get update - apt-get install -y graphviz - pip install poetry - poetry install - git branch stable --track origin/stable || true - git branch develop --track origin/develop || true script: - ./build_docs.sh cache: key: "$CI_PROJECT_ID__sphinx" paths: - "$PIP_CACHE_DIR" artifacts: expire_in: 2 weeks paths: - public rules: - if: $CI_COMMIT_BRANCH == "stable" || $CI_COMMIT_BRANCH == "develop" when: always - changes: - docs/**/* when: always build_front: stage: build image: $CI_REGISTRY/funkwhale/ci/node-python:18 variables: <<: *keep_git_files_permissions cache: paths: [$YARN_CACHE_FOLDER] before_script: - cd front - yarn install --frozen-lockfile script: - yarn run build:deployment artifacts: name: front_${CI_COMMIT_REF_NAME} paths: - front/dist build_api: stage: build image: $CI_REGISTRY/funkwhale/ci/python:3.11 variables: <<: *keep_git_files_permissions script: - rm -rf api/tests - > if [[ "$CI_COMMIT_REF_NAME" =~ ^develop|stable$ ]]; then ./scripts/set-api-build-metadata.sh $CI_COMMIT_SHORT_SHA; fi artifacts: name: api_${CI_COMMIT_REF_NAME} paths: - api deploy_docs: stage: publish image: alpine needs: - job: build_docs artifacts: true before_script: - apk add openssh-client rsync - mkdir -p ~/.ssh - echo "$SSH_KNOWN_HOSTS" >> ~/.ssh/known_hosts - chmod 644 ~/.ssh/known_hosts - eval `ssh-agent -s` - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - script: - rsync -r -e "ssh -p 2282" $CI_PROJECT_DIR/public/ docs@docs.funkwhale.audio:/htdocs/ only: - stable .docker_publish: stage: publish image: egon0/docker-with-buildx-and-git:bash parallel: matrix: - COMPONENT: ["api", "front"] variables: <<: *keep_git_files_permissions IMAGE_NAME: funkwhale/$COMPONENT IMAGE: $IMAGE_NAME:$CI_COMMIT_REF_NAME IMAGE_LATEST: $IMAGE_NAME:latest DOCKER_HOST: tcp://docker:2375/ DOCKER_DRIVER: overlay2 DOCKER_TLS_CERTDIR: "" BUILD_PLATFORMS: linux/amd64,linux/arm64,linux/arm/v7 tags: - multiarch services: - docker:20-dind before_script: - docker login -u $DOCKER_LOGIN -p $DOCKER_PASSWORD cache: key: docker_public_${CI_COMMIT_REF_NAME} paths: - ~/.cargo docker_stable: extends: .docker_publish rules: - if: $CI_COMMIT_TAG && $CI_COMMIT_REF_NAME =~ /^[0-9]+(.[0-9]+){1,2}$/ script: - ./docs/get-releases-json.py | scripts/is-docker-latest.py $CI_COMMIT_TAG - && export DOCKER_LATEST_TAG="-t $IMAGE_LATEST" || export DOCKER_LATEST_TAG=; - export major="$(echo $CI_COMMIT_REF_NAME | cut -d '.' -f 1)" - export minor="$(echo $CI_COMMIT_REF_NAME | cut -d '.' -f 1,2)" - cd $COMPONENT - docker buildx create --use --name A$CI_COMMIT_SHORT_SHA - docker buildx build --platform $BUILD_PLATFORMS --push -t $IMAGE $DOCKER_LATEST_TAG -t $IMAGE_NAME:$major -t $IMAGE_NAME:$minor . docker_unstable: extends: .docker_publish rules: - if: $CI_COMMIT_TAG && $CI_COMMIT_REF_NAME !~ /^[0-9]+(.[0-9]+){1,2}$/ script: - cd $COMPONENT - docker buildx create --use --name A$CI_COMMIT_SHORT_SHA - docker buildx build --platform $BUILD_PLATFORMS --push -t $IMAGE . docker_dev: extends: .docker_publish only: - develop@funkwhale/funkwhale - stable@funkwhale/funkwhale script: - cd $COMPONENT - docker buildx create --use --name A$CI_COMMIT_SHORT_SHA - docker buildx build --platform $BUILD_PLATFORMS --push -t $IMAGE .