--- include: - project: funkwhale/ci file: /templates/pre-commit.yml - project: funkwhale/ci file: /templates/lychee.yml - project: funkwhale/ci file: /templates/ssh-agent.yml variables: PYTHONDONTWRITEBYTECODE: "true" PIP_CACHE_DIR: $CI_PROJECT_DIR/.cache/pip YARN_CACHE_FOLDER: $CI_PROJECT_DIR/.cache/yarn POETRY_VIRTUALENVS_IN_PROJECT: "true" .shared_variables: # Keep the git files permissions during job setup keep_git_files_permissions: &keep_git_files_permissions GIT_STRATEGY: clone GIT_DEPTH: "5" FF_DISABLE_UMASK_FOR_DOCKER_EXECUTOR: "true" .shared_caches: # Cache for front related jobs front_cache: &front_cache - key: front-yarn paths: [$YARN_CACHE_FOLDER] - key: prefix: front-node_modules files: [front/yarn.lock] paths: [front/node_modules] # Cache for api related jobs # Include the python version to prevent loosing caches in the test matrix api_cache: &api_cache - key: api-pip-$PYTHON_VERSION paths: [$PIP_CACHE_DIR] - key: prefix: api-venv-$PYTHON_VERSION files: [api/poetry.lock] paths: [api/.venv] # Cache for docs related jobs docs_cache: &docs_cache - key: docs-pip paths: [$PIP_CACHE_DIR] - key: prefix: docs-venv files: [docs/poetry.lock] paths: [docs/.venv] default: interruptible: true tags: - docker workflow: rules: # Run for any event on the default branches in the funkwhale namespace - if: > $CI_PROJECT_NAMESPACE == "funkwhale" && ( $CI_COMMIT_BRANCH =~ /(stable|develop)/ || $CI_COMMIT_TAG ) # Run for merge requests from any repo or branches - if: $CI_PIPELINE_SOURCE == "merge_request_event" stages: - review - lint - test - build - publish review_front: allow_failure: true stage: review needs: [] rules: - if: $CI_PIPELINE_SOURCE == "merge_request_event" when: manual image: $CI_REGISTRY/funkwhale/ci/node-python:18 variables: BASE_URL: /-/$CI_PROJECT_NAME/-/jobs/$CI_JOB_ID/artifacts/front-review/ VUE_APP_ROUTER_BASE_URL: /-/$CI_PROJECT_NAME/-/jobs/$CI_JOB_ID/artifacts/front-review/ VUE_APP_INSTANCE_URL: https://demo.funkwhale.audio NODE_ENV: review environment: name: review/front/$CI_COMMIT_REF_NAME url: http://$CI_PROJECT_NAMESPACE.pages.funkwhale.audio/-/$CI_PROJECT_NAME/-/jobs/$CI_JOB_ID/artifacts/front-review/index.html cache: *front_cache before_script: - mkdir front-review - cd front - yarn install --frozen-lockfile script: - yarn run build --base ./ - cp -r dist/* ../front-review artifacts: expire_in: 2 weeks paths: - front-review review_docs: allow_failure: true stage: review needs: [] rules: - if: $CI_PIPELINE_SOURCE == "merge_request_event" changes: [docs/**/*] image: $CI_REGISTRY/funkwhale/ci/python:3.11 variables: BUILD_PATH: "../docs-review" environment: name: review/docs/$CI_COMMIT_REF_NAME url: http://$CI_PROJECT_NAMESPACE.pages.funkwhale.audio/-/$CI_PROJECT_NAME/-/jobs/$CI_JOB_ID/artifacts/docs-review/index.html cache: *docs_cache before_script: - mkdir docs-review - cd docs - apt-get update - apt-get install -y graphviz git - poetry install - git switch develop && git pull - git switch stable && git pull - git switch $CI_COMMIT_BRANCH && git pull script: - poetry run python3 -m sphinx . $BUILD_PATH artifacts: expire_in: 2 weeks paths: - docs-review find_broken_links: extends: [.lychee] allow_failure: exit_codes: 2 script: - > lychee --cache --no-progress --exclude-all-private --exclude-mail --exclude 'demo\.funkwhale\.audio' --exclude 'nginx\.com' --exclude-path 'docs/_templates/' -- . || exit $? require_changelog: stage: lint needs: [] rules: # Don't run on merge request that mention NOCHANGELOG or renovate bot commits - if: > $CI_MERGE_REQUEST_TITLE =~ /NOCHANGELOG/ || $CI_COMMIT_AUTHOR == "Renovate Bot " when: never - if: $CI_PIPELINE_SOURCE == "merge_request_event" image: python:3.11 script: - git fetch origin "$CI_MERGE_REQUEST_TARGET_BRANCH_NAME" - git diff --name-only FETCH_HEAD | grep "changes/changelog.d/*" pre-commit: extends: [.pre-commit] lint_api: allow_failure: true stage: lint needs: [] rules: - if: $CI_COMMIT_BRANCH =~ /(stable|develop)/ - changes: [api/**/*] image: $CI_REGISTRY/funkwhale/ci/python-funkwhale-api:3.11 before_script: - cd api - make install script: - make lint lint_front: stage: lint needs: [] rules: - if: $CI_COMMIT_BRANCH =~ /(stable|develop)/ - changes: [front/**/*] image: $CI_REGISTRY/funkwhale/ci/node-python:18 cache: *front_cache before_script: - cd front - yarn install --frozen-lockfile script: - yarn lint --max-warnings 0 - yarn lint:tsc test_api: retry: 1 stage: test needs: - job: lint_api rules: - if: $CI_COMMIT_BRANCH =~ /(stable|develop)/ - changes: [api/**/*] image: $CI_REGISTRY/funkwhale/ci/python-funkwhale-api:$PYTHON_VERSION parallel: matrix: - PYTHON_VERSION: ["3.8", "3.9", "3.10", "3.11"] services: - postgres:15-alpine - redis:7-alpine cache: *api_cache variables: DATABASE_URL: "postgresql://postgres@postgres/postgres" FUNKWHALE_URL: "https://funkwhale.ci" DJANGO_SETTINGS_MODULE: config.settings.local POSTGRES_HOST_AUTH_METHOD: trust CACHE_URL: "redis://redis:6379/0" before_script: - cd api - poetry install script: - > poetry run pytest --junitxml=report.xml --cov --cov-config=pyproject.toml --cov-report=term-missing:skip-covered --cov-report=xml tests artifacts: expire_in: 2 weeks reports: junit: api/report.xml coverage_report: coverage_format: cobertura path: api/coverage.xml coverage: '/TOTAL\s*\d*\s*\d*\s*(\d*%)/' test_front: stage: test needs: - job: lint_front rules: # Disabled for now since no vitest dom emulation is providing # AudioContext, which is required for our HTML audio player - when: never - if: $CI_COMMIT_BRANCH =~ /(stable|develop)/ - changes: [front/**/*] image: $CI_REGISTRY/funkwhale/ci/node-python:18 cache: *front_cache before_script: - cd front - yarn install --frozen-lockfile script: - yarn test:unit artifacts: reports: junit: front/coverage/cobertura-coverage.xml build_api_schema: stage: build needs: - job: test_api optional: true rules: - if: $CI_COMMIT_BRANCH =~ /(stable|develop)/ - changes: [api/**/*] # Add build_docs rules because it depends on the build_api_schema artifact - changes: [docs/**/*] image: $CI_REGISTRY/funkwhale/ci/python-funkwhale-api:3.11 services: - postgres:15-alpine - redis:7-alpine cache: *api_cache variables: DATABASE_URL: "postgresql://postgres@postgres/postgres" FUNKWHALE_URL: "https://funkwhale.ci" DJANGO_SETTINGS_MODULE: config.settings.local POSTGRES_HOST_AUTH_METHOD: trust CACHE_URL: "redis://redis:6379/0" API_TYPE: "v1" before_script: - cd api - poetry install - poetry run funkwhale-manage migrate script: - poetry run funkwhale-manage spectacular --file ../docs/schema.yml artifacts: expire_in: 2 weeks paths: - docs/schema.yml build_docs: stage: build needs: - job: build_api_schema artifacts: true rules: - if: $CI_COMMIT_BRANCH =~ /(stable|develop)/ - changes: [docs/**/*] image: $CI_REGISTRY/funkwhale/ci/python:3.11 variables: BUILD_PATH: "../public" GIT_STRATEGY: clone GIT_DEPTH: 0 cache: *docs_cache before_script: - cd docs - apt-get update - apt-get install -y graphviz - poetry install - poetry run pip install --no-deps --editable ../api - git branch stable --track origin/stable || true - git branch develop --track origin/develop || true script: - ./build_docs.sh artifacts: expire_in: 2 weeks paths: - public build_front: stage: build needs: # The test_front job is currently disabled # - job: test_front - job: lint_front optional: true rules: - if: $CI_COMMIT_BRANCH =~ /(stable|develop)/ - changes: [front/**/*] image: $CI_REGISTRY/funkwhale/ci/node-python:18 variables: <<: *keep_git_files_permissions cache: *front_cache before_script: - cd front - yarn install --frozen-lockfile script: - yarn run build:deployment artifacts: name: front_${CI_COMMIT_REF_NAME} paths: - front/dist build_api: stage: build needs: - job: test_api optional: true rules: - if: $CI_COMMIT_BRANCH =~ /(stable|develop)/ - changes: [api/**/*] image: $CI_REGISTRY/funkwhale/ci/python:3.11 variables: <<: *keep_git_files_permissions script: - rm -rf api/tests - > if [[ -z "$CI_COMMIT_TAG" ]]; then ./scripts/set-api-build-metadata.sh $CI_COMMIT_SHORT_SHA; fi artifacts: name: api_${CI_COMMIT_REF_NAME} paths: - api deploy_docs: interruptible: false extends: .ssh-agent stage: publish needs: - job: build_docs artifacts: true rules: - if: $CI_COMMIT_BRANCH == "stable" image: $CI_REGISTRY/funkwhale/ci/python:3.11 script: - rsync -r -e "ssh -p 2282" $CI_PROJECT_DIR/public/ docs@docs.funkwhale.audio:/htdocs/ .docker: interruptible: false stage: build needs: - job: test_api optional: true - job: test_front optional: true image: $CI_REGISTRY/funkwhale/ci/docker parallel: matrix: - COMPONENT: ["api", "front"] services: - docker:20-dind variables: <<: *keep_git_files_permissions IMAGE_NAME: funkwhale/$COMPONENT IMAGE: $IMAGE_NAME:$CI_COMMIT_REF_NAME IMAGE_LATEST: $IMAGE_NAME:latest DOCKER_HOST: tcp://docker:2375/ DOCKER_DRIVER: overlay2 DOCKER_TLS_CERTDIR: "" BUILD_PLATFORMS: linux/amd64,linux/arm64,linux/arm/v7 tags: - multiarch before_script: - docker login -u $DOCKER_LOGIN -p $DOCKER_PASSWORD - > if [[ -z "$CI_COMMIT_TAG" ]]; then ./scripts/set-api-build-metadata.sh $CI_COMMIT_SHORT_SHA; fi cache: key: docker_public_${CI_COMMIT_REF_NAME} paths: - ~/.cargo docker_stable: extends: .docker rules: - if: $CI_COMMIT_TAG && $CI_COMMIT_REF_NAME =~ /^[0-9]+(.[0-9]+){1,2}$/ script: - ./docs/get-releases-json.py | scripts/is-docker-latest.py $CI_COMMIT_TAG - && export DOCKER_LATEST_TAG="-t $IMAGE_LATEST" || export DOCKER_LATEST_TAG=; - export major="$(echo $CI_COMMIT_REF_NAME | cut -d '.' -f 1)" - export minor="$(echo $CI_COMMIT_REF_NAME | cut -d '.' -f 1,2)" - cd $COMPONENT - docker buildx create --use --name A$CI_COMMIT_SHORT_SHA - docker buildx build --platform $BUILD_PLATFORMS --push -t $IMAGE $DOCKER_LATEST_TAG -t $IMAGE_NAME:$major -t $IMAGE_NAME:$minor . docker_unstable: extends: .docker rules: - if: $CI_COMMIT_TAG && $CI_COMMIT_REF_NAME !~ /^[0-9]+(.[0-9]+){1,2}$/ script: - cd $COMPONENT - docker buildx create --use --name A$CI_COMMIT_SHORT_SHA - docker buildx build --platform $BUILD_PLATFORMS --push -t $IMAGE . docker_dev: extends: .docker only: - develop@funkwhale/funkwhale - stable@funkwhale/funkwhale script: - cd $COMPONENT - docker buildx create --use --name A$CI_COMMIT_SHORT_SHA - docker buildx build --platform $BUILD_PLATFORMS --push -t $IMAGE .