.gitlab-ci.yml

---
stages:
  - pre-build
  - test
  - build
  - deploy-beta
  - deploy-staging
  - deploy-production


image: circleci/openjdk:11-jdk-browsers


# Disable the Gradle daemon for Continuous Integration servers as correctness
# is usually a priority over speed in CI environments. Using a fresh
# runtime for each build is more reliable since the runtime is completely
# isolated from any previous builds.
variables:
  GRADLE_OPTS: "-Dorg.gradle.daemon=false"
  GRADLE_USER_HOME: $CI_PROJECT_DIR/.gradle
  SERVICE_NAME: faidare-cards
  JAR_PATH: "backend/build/libs/faidare.jar"
  GIT_DEPTH: 0
  IMAGE_TAG: $CI_COMMIT_REF_SLUG
  ELASTIC_VERSION: "7.13.2"
  DOCKER_OPTS: "--mtu=1450"

# Gradle cache for all jobs
# cache:
#   key: "$CI_COMMIT_REF_NAME"
#   paths:
#     - ".gradle"

# PRE-BUILD

build-loader-docker-image:
  image: registry.forgemia.inra.fr/urgi-is/docker-rare/docker-git:latest
  stage: pre-build
  services:
    - docker:20.10.6-dind
  script:
    # build the image
    - docker build -t registry.forgemia.inra.fr/urgi-is/docker-rare/faidare-loader:${IMAGE_TAG} .
    - docker build -t registry.forgemia.inra.fr/urgi-is/docker-rare/faidare-loader:latest .
    # Login before pushing the image
    - docker login registry.forgemia.inra.fr -u $CONTAINER_REGISTRY_USERNAME -p $CONTAINER_REGISTRY_TOKEN
    # push the built image
    - docker push registry.forgemia.inra.fr/urgi-is/docker-rare/faidare-loader:${IMAGE_TAG}
    # only push latest tag on master branch
    - if [ "${CI_DEFAULT_BRANCH}" == "${CI_COMMIT_REF_SLUG}" ] ; then docker push registry.forgemia.inra.fr/urgi-is/docker-rare/faidare-loader:latest ; fi;
  rules:
    - changes:
      - Dockerfile
      - scripts/*
      - backend/src/test/resources/fr/inra/urgi/faidare/repository/es/setup/index/*_mapping.json
      - backend/src/test/resources/fr/inra/urgi/faidare/repository/es/setup/index/settings.json
      - .gitlab-ci.yml
    - if: $CI_PIPELINE_SOURCE == "merge_request_event" || $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
  allow_failure: true

# TESTS
test-and-sonarqube:
  # image: circleci/openjdk:11-jdk-browsers
  stage: test
  tags:
    - openstack
  # the backend tests need an elasticsearch instance
  services:
    # even if that would be ideal
    # we can't just launch the service with just elasticsearch:6.3.1
    # because we need to pass some variables, but they are passed to _all_ containers
    # so they fail the start of other docker images like urgi/docker-browsers
    # the only solution is to override the entrypoint of the service and pass the arguments manually
    - name: docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION}
      alias: elasticsearch
      # discovery.type=single-node
      # single-node is necessary to start in development mode
      # so there will be no bootstrap checks that would fail on CI
      # especially the error regarding
      # `max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]`
      command: ["bin/elasticsearch", "-Ediscovery.type=single-node"]
  variables:
    # GRADLE_OPTS: "-Xms512m -Xmx8192m -XX:MaxMetaspaceSize=8192m -Dorg.gradle.daemon=false"
    # SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
    # GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
    ES_JAVA_OPTS: "-Xms2g -Xmx2g"
  # cache:
  #   key: "${CI_COMMIT_REF_NAME}"
  #   policy: pull-push
  #   paths:
  #     # - ".gradle"
  #     - .sonar/cache
  script:
    # - ls -lshR /builds/urgi-is/faidare/.gradle/wrapper/dists/gradle-7.4.1-bin/58kw26xllvsiedyf3nujyarhn
    - ./gradlew clean test 
    # jacocoTestReport -s sonarqube
  artifacts:
    reports:
      junit:
        - ./backend/build/test-results/test/TEST-*.xml
  rules:
    - if: $CI_PIPELINE_SOURCE == "merge_request_event" || $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
  interruptible: true
  allow_failure: false

# BUILD
build:
  tags:
    - openstack
  stage: build
  script:
    - ./gradlew assemble
  # cache:
  #   key: "${CI_COMMIT_REF_NAME}"
  #   policy: pull
  #   paths:
  #     - ".gradle"
  artifacts:
    paths:
      - "$JAR_PATH"
    expire_in: 1 week
  rules:
    - if: $CI_COMMIT_MESSAGE =~ /SKIP_DEPLOY/i
      when: never
    - if: $CI_PIPELINE_SOURCE == "merge_request_event" || $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
  interruptible: true

restart-config-server-openstack:
  tags:
    - openstack
  variables:
    SERVER_IP: ${SERVER_IP_OPENSTACK_DEV}
    SERVER_USER: ${SERVER_USER_OPENSTACK}
  stage: build
  script:
    - eval $(ssh-agent -s)
    - ssh-add <(echo "${SSH_PRIVATE_KEY}")
    - ssh -o StrictHostKeyChecking=no ${SERVER_USER}@${SERVER_IP} 'echo "Successfully connected on $(hostname)"'
    - ssh ${SERVER_USER}@${SERVER_IP} "sudo systemctl restart bootapp@config-server"
    - eval $(ssh-agent -k)
  allow_failure: true
  rules:
    - if: $CI_COMMIT_MESSAGE =~ /SKIP_DEPLOY/i
      when: never
    - if: $CI_PIPELINE_SOURCE == "merge_request_event" || $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH

# DEPLOY
.deploy-to-vm:
  # Hidden job which serves as template for executed jobs below.
  # See https://docs.gitlab.com/ee/ci/yaml/#anchors
  tags:
   - openstack
  retry: 2
  script:
    ## SSH initialization
    - eval $(ssh-agent -s)
    - ssh-add <(echo "${SSH_PRIVATE_KEY}")
    - ssh -o StrictHostKeyChecking=no ${SERVER_USER}@${SERVER_IP} 'echo "Successfully connected on $(hostname)"'
    # Copy jar
    - scp ${JAR_PATH} ${SERVER_USER}@${SERVER_IP}:/tmp/${SERVICE_NAME}-${ENV}.jar
    - ssh ${SERVER_USER}@${SERVER_IP} "sudo mv /tmp/${SERVICE_NAME}-${ENV}.jar /opt/bootapp/ ; sudo chown -R bootapp:bootapp /opt/bootapp/ ; sudo systemctl restart bootapp@${SERVICE_NAME}-${ENV}"
    - eval $(ssh-agent -k)
    - echo "Deploy done. Application should be available at http://${SERVER_IP}:${APP_PORT}/${CONTEXT_PATH}"
  rules:
    - changes:
      - .gitlab-ci.yml
      - backend/src/**/*
  allow_failure: false
  interruptible: false
  needs: ["build"]

deploy-to-beta:
  stage: deploy-beta
  extends: .deploy-to-vm
  variables:
    SERVER_USER: ${SERVER_USER_OPENSTACK}
    SERVER_IP: ${SERVER_IP_OPENSTACK_DEV}
    APP_PORT: ${BETA_FAIDARE_PORT}
    ENV: beta
    CONTEXT_PATH: faidare
  rules:
    - if: $CI_COMMIT_MESSAGE =~ /SKIP_DEPLOY/i
      when: never
    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
      when: always

deploy-to-staging-public:
  stage: deploy-staging
  extends: .deploy-to-vm
  variables:
    SERVER_USER: ${SERVER_USER_OPENSTACK}
    SERVER_IP: ${SERVER_IP_OPENSTACK_DEV}
    APP_PORT: ${STAGING_PUBLIC_FAIDARE_PORT}
    ENV: staging-public
    CONTEXT_PATH: faidare
  rules:
    - if: $CI_COMMIT_MESSAGE =~ /SKIP_DEPLOY/i
      when: never
    - if: $CI_PIPELINE_SOURCE == "merge_request_event" || $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
      when: manual

deploy-to-staging-private:
  stage: deploy-staging
  extends: .deploy-to-vm
  variables:
    SERVER_USER: ${SERVER_USER_OPENSTACK}
    SERVER_IP: ${SERVER_IP_OPENSTACK_DEV}
    APP_PORT: ${STAGING_PRIVATE_FAIDARE_PORT}
    ENV: staging-private
    CONTEXT_PATH: faidare-private
  rules:
    - if: $CI_COMMIT_MESSAGE =~ /SKIP_DEPLOY/i
      when: never
    - if: $CI_PIPELINE_SOURCE == "merge_request_event" || $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
      when: manual

deploy-to-prod-public:
  stage: deploy-production
  extends: .deploy-to-vm
  variables:
    SERVER_USER: ${SERVER_USER_OPENSTACK}
    SERVER_IP: ${SERVER_IP_OPENSTACK_PROD}
    APP_PORT: ${PROD_PUBLIC_FAIDARE_PORT}
    ENV: prod-public
    CONTEXT_PATH: faidare
  rules:
    - if: $CI_COMMIT_MESSAGE =~ /SKIP_DEPLOY/i
      when: never
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
      when: manual

deploy-to-prod-private:
  stage: deploy-production
  extends: .deploy-to-vm
  variables:
    SERVER_USER: ${SERVER_USER_OPENSTACK}
    SERVER_IP: ${SERVER_IP_OPENSTACK_PROD}
    APP_PORT: ${PROD_PRIVATE_FAIDARE_PORT}
    ENV: prod-private
    CONTEXT_PATH: faidare-private
  rules:
    - if: $CI_COMMIT_MESSAGE =~ /SKIP_DEPLOY/i
      when: never
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
      when: manual