.gitlab-ci.yml

image: golang:1.22

stages:
  - prepare
  - test
  - build
  - deploy
  - test-build
  - release

variables:
  GOPATH: "$CI_PROJECT_DIR/.gopath"
  GOFLAGS: -mod=readonly
  OPENAPI_JSON: ./public/api.json

.release-rules: &release-rules
  # rule to run job on a tag-reference which has the form number.number.number (semantic versioning)
  # or number.number.number-text (semantic versioning + release-name)
  # and where a Dockerfile exists
  - if: $CI_COMMIT_TAG =~ /^\d+[.]\d+[.]\d+$/ || $CI_COMMIT_TAG =~ /^\d+[.]\d+[.]\d+[-]\S+$/
    exists:
      - Dockerfile

.feature-rules: &feature-rules
  - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME =~ /^feat/ || $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME =~ /^fix/
    exists:
      - Dockerfile
cache:
  paths:
    - .gopath/
    - ui/assets_vfsdata.go
  key: default
  policy: pull

prepare:
  stage: prepare
  cache:
    policy: pull-push
  script:
    - mkdir -p .gopath
    - export GOPATH="$CI_PROJECT_DIR/.gopath"
    - go generate ./ui
    - go vet ./...
  rules: *feature-rules

test-all:
  stage: test
  services:
    - postgres:16
  variables:
    POSTGRES_DB: "tank"
    POSTGRES_USER: "tank"
    POSTGRES_PASSWORD: "aura"
    AURA_TANK_TEST_DB_TYPE: "postgres"
    AURA_TANK_TEST_DB_HOST: "postgres"
  script:
    - go run contrib/waitfor-tcp.go postgres:5432 30
    - go test -v $(go list ./... | grep -v api/docs) -coverprofile=coverage.out -covermode count
    - go get github.com/boumenot/gocover-cobertura
    - go run github.com/boumenot/gocover-cobertura < coverage.out > coverage.xml
  coverage: '/^coverage: (\d+.\d+)% of statements$/'
  artifacts:
    reports:
      coverage_report:
        coverage_format: cobertura
        path: coverage.xml
  rules: *feature-rules

build:
  stage: build
  script:
    # ensure dependencies are installed before running make
    - apt-get update && apt-get install -y make
    - make build
  rules: *feature-rules
  artifacts:
    paths:
      - tank

build-openapi-2-scheme:
  stage: build
  script:
    - make api-docs
  rules: *feature-rules
  artifacts:
    paths:
      - api/docs/swagger.yaml

build-openapi-3-scheme:
  stage: build
  image:
    name: openapitools/openapi-generator-cli:latest-release
  needs:
    - job: build-openapi-2-scheme
      artifacts: true
  script:
    - /usr/local/bin/docker-entrypoint.sh generate -i api/docs/swagger.yaml -o api/docs -g openapi --minimal-update
    - mkdir public
    - cp api/docs/openapi.json $OPENAPI_JSON
  rules: *feature-rules
  artifacts:
    paths:
      - $OPENAPI_JSON

deploy_spec:
  stage: deploy
  image: node:20-alpine
  before_script:
    - apk update
    - apk add nodejs npm lftp
    - node -v
    - npm i -g npm@latest
    - npm install swagger-ui-dist@3.52.5
  script:
    - cp -rp node_modules/swagger-ui-dist/* ./public
    - 'sed -i "s@.*url.*@url: \"api.json\",@" ./public/index.html'
    - echo "Deploying AURA Tank API Spec..."
    - lftp -c "set ftp:ssl-allow no; open -u $FTP_AURA_RADIO_USER,$FTP_AURA_RADIO_PWD $FTP_AURA_RADIO_HOST; mirror -Rnev ./public/ ./api.aura.radio/tank --ignore-time --parallel=10 --exclude-glob .git* --exclude .git/"
    - echo "AURA Tank API Spec successfully deployed."
  artifacts:
    paths:
      - public
    expire_in: 2 days
  rules:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
      when: always

docker:
  # Use the official docker image.
  image: docker:latest
  stage: build
  variables:
    # the name of the image without version
    AURA_IMAGE_NAME: "autoradio/tank"
  services:
    - docker:dind
  cache:
    paths:
      - .docker/cache
    key: default
    policy: pull-push
  before_script:
    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
  script:
    - |
      if [ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]
        then docker build -t $AURA_IMAGE_NAME -t $CI_REGISTRY_IMAGE:main .
        docker push $CI_REGISTRY_IMAGE:main 
      else
        docker build -t $AURA_IMAGE_NAME -t $CI_REGISTRY_IMAGE:$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME .
        docker push $CI_REGISTRY_IMAGE:$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME
      fi
  rules: *feature-rules

test-scheme:
  stage: test-build
  needs:
    - job: build-openapi-3-scheme
      artifacts: true
  image:
    name: schemathesis/schemathesis:stable
    entrypoint: [""]
  variables:
    POSTGRES_DB: tank
    POSTGRES_USER: tank
    POSTGRES_PASSWORD: aura
    TANK_DB_HOST: postgres
    TANK_PORT: "8040"
    # Enable per-build-network so that service aliases are also
    # usable in the service containers themselves.
    FF_NETWORK_PER_BUILD: "true"
    # https://stackoverflow.com/questions/71228282/could-not-resolve-host-when-trying-to-access-service-in-gitlab
    DOCKER_HOST: "tcp://docker:2375"
    DOCKER_TLS_CERTDIR: ""
  services:
    - name: postgres:16
      alias: postgres
    - name: $CI_REGISTRY_IMAGE:$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME
      entrypoint: ["/bin/bash"]
      command:
        - '-c'
        - |
          # make sure postgres is up before starting tank
          while true; do
            timeout 0.25 cat >/dev/null 2>&1 </dev/tcp/postgres/5432
            if [ "$?" = 124 ]; then break; fi
          done
          # disable authentication
          sed '/auth:/q' /etc/aura/tank.yaml | head -n-1 >/tmp/tank.yaml
          /usr/local/bin/tank --config /tmp/tank.yaml run --listen :"$TANK_PORT"
      alias: tank
  parallel:
    matrix:
      # see https://schemathesis.readthedocs.io/en/stable/cli.html#cmdoption-schemathesis-run-c
      - CHECKS: status_code_conformance
      - CHECKS: response_headers_conformance
      - CHECKS: response_schema_conformance
  script:
    - schemathesis run -c "$CHECKS" -b http://tank:"$TANK_PORT" --hypothesis-suppress-health-check too_slow $OPENAPI_JSON
  rules: *feature-rules
  allow_failure: true

docker-hub-push:
  # Use the official docker image.
  image: docker:latest
  stage: release
  variables:
    # the name of the image without version
    AURA_IMAGE_NAME: "autoradio/tank"
  services:
    - docker:dind
  before_script:
    # default repo is docker.io (aka docker hub)
    - docker login -u "$DOCKER_ID" -p "$DOCKER_HUB_AUTH"
  script:
    # every commit on main branch should build image as unstable
    # else it is from a tag (enforced by gitlab-ci rules)
    # hint: tags are references independent of branches
    - |
      if [ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]
        then docker build -t $AURA_IMAGE_NAME:main -t $AURA_IMAGE_NAME:main-$CI_COMMIT_SHORT_SHA .
        else docker build -t $AURA_IMAGE_NAME -t $AURA_IMAGE_NAME:$CI_COMMIT_TAG .
      fi
    # TODO: maybe isolate docker build and docker push
    - docker push "$AURA_IMAGE_NAME" --all-tags
  rules:
    - *release-rules
    # every commit on master/main branch should trigger a push to docker-hub as unstable without a release
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
      exists:
        - Dockerfile

trigger_aura_tests:
  stage: release
  needs: [docker-hub-push]
  trigger:
    project: aura/aura-tests
    branch: main
    strategy: depend
  rules:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH

release_job:
  stage: release
  needs:
    - docker-hub-push
  image: registry.gitlab.com/gitlab-org/release-cli:latest
  rules: *release-rules
  script:
    - echo "this will be a release when there is a tag, but tags should be protected to be only createable by maintainers."
  release:
    name: 'Release $CI_COMMIT_TAG'
    description: ./CHANGELOG.md
    tag_name: '$CI_COMMIT_TAG'
    ref: '$CI_COMMIT_TAG'