image: docker.io/rust:slim-bookworm services: - name: docker.io/groonga/pgroonga:latest-alpine-12-slim alias: postgres - name: docker.io/redis:7-alpine alias: redis workflow: rules: - if: $CI_PROJECT_PATH == 'firefish/firefish' when: always - if: $CI_MERGE_REQUEST_PROJECT_PATH == 'firefish/firefish' when: always - when: never cache: paths: - node_modules # - /usr/local/cargo/registry/index # - /usr/local/cargo/registry/cache - target/debug/deps - target/debug/build stages: - test - build - dependency variables: POSTGRES_DB: 'firefish_db' POSTGRES_USER: 'firefish' POSTGRES_PASSWORD: 'password' POSTGRES_HOST_AUTH_METHOD: 'trust' DEBIAN_FRONTEND: 'noninteractive' CARGO_PROFILE_DEV_OPT_LEVEL: '0' CARGO_PROFILE_DEV_LTO: 'off' CARGO_PROFILE_DEV_DEBUG: 'none' default: before_script: - apt-get update && apt-get -y upgrade - apt-get -y --no-install-recommends install curl - curl -fsSL 'https://deb.nodesource.com/setup_18.x' | bash - - apt-get install -y --no-install-recommends build-essential clang mold python3 perl nodejs postgresql-client - corepack enable - corepack prepare pnpm@latest --activate - cp .config/ci.yml .config/default.yml - cp ci/cargo/config.toml /usr/local/cargo/config.toml - export PGPASSWORD="${POSTGRES_PASSWORD}" - psql --host postgres --user "${POSTGRES_USER}" --dbname "${POSTGRES_DB}" --command 'CREATE EXTENSION pgroonga' build_test: stage: test rules: - if: $CI_PIPELINE_SOURCE == 'push' || $CI_PIPELINE_SOURCE == 'merge_request_event' changes: paths: - packages/**/* - scripts/**/* - locales/**/* - package.json - pnpm-lock.yaml - Cargo.toml - Cargo.lock script: - pnpm install --frozen-lockfile - pnpm run build:debug - pnpm run migrate container_image_build: stage: build image: docker.io/debian:bookworm-slim services: [] rules: - if: $CI_COMMIT_BRANCH == 'develop' changes: paths: - packages/**/* - locales/**/* - scripts/copy-assets.mjs - package.json - pnpm-lock.yaml - Cargo.toml - Cargo.lock - Dockerfile - .dockerignore before_script: - apt-get update && apt-get -y upgrade - apt-get install -y --no-install-recommends buildah ca-certificates fuse-overlayfs - buildah login --username "${CI_REGISTRY_USER}" --password "${CI_REGISTRY_PASSWORD}" "${CI_REGISTRY}" - export IMAGE_TAG="${CI_REGISTRY}/${CI_PROJECT_PATH}/develop:not-for-production" script: - buildah build --isolation chroot --device /dev/fuse:rw --security-opt seccomp=unconfined --security-opt apparmor=unconfined --cap-add all --tag "${IMAGE_TAG}" --platform linux/amd64 . - buildah inspect "${IMAGE_TAG}" - buildah push "${IMAGE_TAG}" cargo_unit_test: stage: test rules: - if: $CI_PIPELINE_SOURCE == 'merge_request_event' || $CI_COMMIT_BRANCH == 'develop' changes: paths: - packages/backend-rs/**/* - packages/macro-rs/**/* - Cargo.toml - Cargo.lock - if: $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == 'main' when: never script: - cargo check --features napi - pnpm install --frozen-lockfile - mkdir packages/backend-rs/built - cp packages/backend-rs/index.js packages/backend-rs/built/index.js - cp packages/backend-rs/index.d.ts packages/backend-rs/built/index.d.ts - pnpm --filter='!backend-rs' run build:debug - cargo test cargo_clippy: stage: test rules: - if: $CI_PIPELINE_SOURCE == 'merge_request_event' changes: paths: - packages/backend-rs/**/* - packages/macro-rs/**/* - Cargo.toml - Cargo.lock - if: $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == 'main' when: never script: - cargo clippy -- -D warnings renovate: stage: dependency image: name: docker.io/renovate/renovate:37-slim entrypoint: [""] rules: - if: $RENOVATE && $CI_PIPELINE_SOURCE == 'schedule' services: [] before_script: [] script: - renovate --platform gitlab --token "${API_TOKEN}" --endpoint "${CI_SERVER_URL}/api/v4" "${CI_PROJECT_PATH}"