# image: node:18
#
variables:
GIT_DEPTH: 0
DEPLOY_PID: "649"
# Value must be the deploy project id
DEPLOYMENT_TRIGGER_TOKEN: "glptt-c4145ab70634cdbb509d4eafec72c51df82bd290"
# Value must be the deployment project pipeline trigger token, found/created at PROJECT > SETTINGS > CI/CD > Pipeline triggers
# Best to place this variable in Project >> Settings >> CI/CD >> Variables
SSH_CLONE_URL: 'git@code.vereign.com:gaiax/ocm/ocm-engine.git'
# Value must be the project ssh clone url
RUNNER_TAG: 'amd64-docker'
# Value must be the runner label/tag for the runner which will execute these jobs
PIPELINE_TRIGGERED: "no"
# Needed for pipeline automation
###
### ADD HELPERS
####
include:
- project: 'helpers/ci-helpers'
file:
- 'builds.yml'
- 'registries.yml'
- project: 'gaiax/helpers/mono-helpers'
file:
- 'builds/registries.yml'
- 'builds/builds.yml'
- 'projects/chart-trigger.yml'
- 'projects/notifiers.yml'
- 'deployments/triggers.yml'
stages:
# - helm-branch-check
- lint
- test
- build
- release
- docker
- registries
- helm
- deploy-test
- deploy-stage
- deploy-prod
.distributed:
cache:
- key:
files:
- yarn.lock
paths:
- '.yarn-cache/'
before_script:
- yarn install --cache-folder .yarn-cache --prefer-offline --frozen-lockfile
##
### Lint microservices
##
lint-agent:
image: node:18
extends: .distributed
tags:
- amd64-docker
stage: lint
rules:
- if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/agent/*
- apps/agent/deployment/*
- apps/agent/src/*
- apps/agent/src/app/*
- if: '$CI_COMMIT_TAG'
script:
- yarn nx run agent:lint --parallel=3
lint-attestation-manager:
image: node:18
extends: .distributed
tags:
- amd64-docker
stage: lint
rules:
- if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/attestation-manager/*
- apps/attestation-manager/deployment/*
- apps/attestation-manager/src/*
- apps/attestation-manager/src/app/*
- if: '$CI_COMMIT_TAG'
script:
- yarn nx run attestation-manager:lint --parallel=3
lint-connection-manager:
image: node:18
extends: .distributed
tags:
- amd64-docker
stage: lint
rules:
- if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/connection-manager/*
- apps/connection-manager/deployment/*
- apps/connection-manager/src/*
- apps/connection-manager/src/app/*
- if: '$CI_COMMIT_TAG'
script:
- yarn nx run connection-manager:lint --parallel=3
lint-gateway:
image: node:18
extends: .distributed
tags:
- amd64-docker
stage: lint
rules:
- if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/gateway/*
- apps/gateway/deployment/*
- apps/gateway/src/*
- apps/gateway/src/app/*
- if: '$CI_COMMIT_TAG'
script:
- yarn nx run gateway:lint --parallel=3
lint-proof-manager:
image: node:18
extends: .distributed
tags:
- amd64-docker
stage: lint
rules:
- if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/proof-manager/*
- apps/proof-manager/deployment/*
- apps/proof-manager/src/*
- apps/proof-manager/src/app/*
- if: '$CI_COMMIT_TAG'
script:
- yarn nx run proof-manager:lint --parallel=3
##
### Test microservices
##
test-agent:
image: node:18
extends: .distributed
tags:
- amd64-docker
rules:
- if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/agent/*
- apps/agent/deployment/*
- apps/agent/src/*
- apps/agent/src/app/*
- if: '$CI_COMMIT_TAG'
stage: test
script:
- yarn nx run agent:test --configuration=ci --parallel=3
test-attestation-manager:
image: node:18
extends: .distributed
tags:
- amd64-docker
rules:
- if: '$PIPELINE_TRIGGERED != "yes"'
changes:
- apps/attestation-manager/*
- apps/attestation-manager/deployment/*
- apps/attestation-manager/src/*
- apps/attestation-manager/src/app/*
- if: '$CI_COMMIT_TAG'
stage: test
script:
- yarn nx run attestation-manager:test --configuration=ci --parallel=3
test-connection-manager:
image: node:18
extends: .distributed
tags:
- amd64-docker
rules:
- if: '$PIPELINE_TRIGGERED != "yes"'
changes:
- apps/connection-manager/*
- apps/connection-manager/deployment/*
- apps/connection-manager/src/*
- apps/connection-manager/src/app/*
- if: '$CI_COMMIT_TAG'
stage: test
script:
- yarn nx run connection-manager:test --configuration=ci --parallel=3
test-gateway:
image: node:18
extends: .distributed
tags:
- amd64-docker
rules:
- if: '$PIPELINE_TRIGGERED != "yes"'
changes:
- apps/gateway/*
- apps/gateway/deployment/*
- apps/gateway/src/*
- apps/gateway/src/app/*
- if: '$CI_COMMIT_TAG'
stage: test
script:
- yarn nx run gateway:test --configuration=ci --parallel=3
test-proof-manager:
image: node:18
extends: .distributed
tags:
- amd64-docker
rules:
- if: '$PIPELINE_TRIGGERED != "yes"'
changes:
- apps/proof-manager/*
- apps/proof-manager/deployment/*
- apps/proof-manager/src/*
- apps/proof-manager/src/app/*
- if: '$CI_COMMIT_TAG'
stage: test
script:
- yarn nx run proof-manager:test --configuration=ci --parallel=3
##
### Bare microservice build
##
build-agent:
image: node:18
extends: .distributed
rules:
- if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/agent/*
- apps/agent/deployment/*
- apps/agent/src/*
- apps/agent/src/app/*
- if: '$CI_COMMIT_TAG'
tags:
- amd64-docker
stage: build
script:
# parallel is a CPU core count
- yarn nx run agent:build:production --parallel=3
artifacts:
paths:
- ./dist
- ./package.json
- ./yarn.lock
expire_in: 1 day
build-attestation-manager:
image: node:18
extends: .distributed
rules:
- if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/attestation-manager/*
- apps/attestation-manager/deployment/*
- apps/attestation-manager/src/*
- apps/attestation-manager/src/app/*
- if: '$CI_COMMIT_TAG'
tags:
- amd64-docker
stage: build
script:
# parallel is a CPU core count
- yarn nx run attestation-manager:build:production --parallel=3
artifacts:
paths:
- ./dist
- ./package.json
- ./yarn.lock
expire_in: 1 day
build-connection-manager:
image: node:18
extends: .distributed
rules:
- if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/connection-manager/*
- apps/connection-manager/deployment/*
- apps/connection-manager/src/*
- apps/connection-manager/src/app/*
- if: '$CI_COMMIT_TAG'
tags:
- amd64-docker
stage: build
script:
# parallel is a CPU core count
- yarn nx run connection-manager:build:production --parallel=3
artifacts:
paths:
- ./dist
- ./package.json
- ./yarn.lock
expire_in: 1 day
build-gateway:
image: node:18
extends: .distributed
rules:
- if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/gateway/*
- apps/gateway/deployment/*
- apps/gateway/src/*
- apps/gateway/src/app/*
- if: '$CI_COMMIT_TAG'
tags:
- amd64-docker
stage: build
script:
# parallel is a CPU core count
- yarn nx run gateway:build:production --parallel=3
artifacts:
paths:
- ./dist
- ./package.json
- ./yarn.lock
expire_in: 1 day
build-proof-manager:
image: node:18
extends: .distributed
rules:
- if: '$PIPELINE_TRIGGERED != "yes" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/proof-manager/*
- apps/proof-manager/deployment/*
- apps/proof-manager/src/*
- apps/proof-manager/src/app/*
- if: '$CI_COMMIT_TAG'
tags:
- amd64-docker
stage: build
script:
# parallel is a CPU core count
- yarn nx run proof-manager:build:production --parallel=3
artifacts:
paths:
- ./dist
- ./package.json
- ./yarn.lock
expire_in: 1 day
##
### Docker build microservices
##
docker-agent:
extends: .docker-build
stage: docker
variables:
APP: agent
rules:
- if: '$PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/agent/*
- apps/agent/deployment/*
- apps/agent/src/*
- apps/agent/src/app/*
- if: '$CI_COMMIT_TAG'
docker-attestation-manager:
extends: .docker-build
stage: docker
variables:
APP: attestation-manager
rules:
- if: '$PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/attestation-manager/*
- apps/attestation-manager/deployment/*
- apps/attestation-manager/src/*
- apps/attestation-manager/src/app/*
- if: '$CI_COMMIT_TAG'
docker-connection-manager:
extends: .docker-build
stage: docker
variables:
APP: connection-manager
rules:
- if: '$PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/connection-manager/*
- apps/connection-manager/deployment/*
- apps/connection-manager/src/*
- apps/connection-manager/src/app/*
- if: '$CI_COMMIT_TAG'
docker-gateway:
extends: .docker-build
stage: docker
variables:
APP: gateway
rules:
- if: '$PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/gateway/*
- apps/gateway/deployment/*
- apps/gateway/src/*
- apps/gateway/src/app/*
- if: '$CI_COMMIT_TAG'
docker-proof-manager:
extends: .docker-build
stage: docker
variables:
APP: proof-manager
rules:
- if: '$PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/proof-manager/*
- apps/proof-manager/deployment/*
- apps/proof-manager/src/*
- apps/proof-manager/src/app/*
- if: '$CI_COMMIT_TAG'
##
### Push to registries
##
google-image-agent:
extends: .cloud
stage: registries
variables:
APP: agent
rules:
- if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/agent/*
- apps/agent/deployment/*
- apps/agent/src/*
- apps/agent/src/app/*
- if: '$CI_COMMIT_TAG'
google-image-attestation-manager:
extends: .cloud
stage: registries
variables:
APP: attestation-manager
rules:
- if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/attestation-manager/*
- apps/attestation-manager/deployment/*
- apps/attestation-manager/src/*
- apps/attestation-manager/src/app/*
- if: '$CI_COMMIT_TAG'
google-image-connection-manager:
extends: .cloud
stage: registries
variables:
APP: connection-manager
rules:
- if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/connection-manager/*
- apps/connection-manager/deployment/*
- apps/connection-manager/src/*
- apps/connection-manager/src/app/*
- if: '$CI_COMMIT_TAG'
google-image-gateway:
extends: .cloud
stage: registries
variables:
APP: gateway
rules:
- if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/gateway/*
- apps/gateway/deployment/*
- apps/gateway/src/*
- apps/gateway/src/app/*
- if: '$CI_COMMIT_TAG'
google-image-proof-manager:
extends: .cloud
stage: registries
variables:
APP: proof-manager
rules:
- if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/proof-manager/*
- apps/proof-manager/deployment/*
- apps/proof-manager/src/*
- apps/proof-manager/src/app/*
- if: '$CI_COMMIT_TAG'
##
### Configure helm
##
agent:
extends: .chart-trigger-agent
stage: helm
rules:
- if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/agent/*
- apps/agent/deployment/*
- apps/agent/src/*
- apps/agent/src/app/*
- if: '$CI_COMMIT_TAG'
attestation-manager:
extends: .chart-trigger-attestation-manager
stage: helm
rules:
- if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/attestation-manager/*
- apps/attestation-manager/deployment/*
- apps/attestation-manager/src/*
- apps/attestation-manager/src/app/*
- if: '$CI_COMMIT_TAG'
connection-manager:
extends: .chart-trigger-connection-manager
stage: helm
rules:
- if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/connection-manager/*
- apps/connection-manager/deployment/*
- apps/connection-manager/src/*
- apps/connection-manager/src/app/*
- if: '$CI_COMMIT_TAG'
gateway:
extends: .chart-trigger-gateway
stage: helm
rules:
- if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/gateway/*
- apps/gateway/deployment/*
- apps/gateway/src/*
- apps/gateway/src/app/*
- if: '$CI_COMMIT_TAG'
proof-manager:
extends: .chart-trigger-proof-manager
stage: helm
rules:
- if: '$CI_COMMIT_TAG == null && $PIPELINE_TRIGGERED == "no" && $CI_PIPELINE_SOURCE != "merge_request_event"'
changes:
- apps/proof-manager/*
- apps/proof-manager/deployment/*
- apps/proof-manager/src/*
- apps/proof-manager/src/app/*
- if: '$CI_COMMIT_TAG'
##
### Deploy automatically on Test Environment
##
agent-test ocm:
stage: deploy-test
extends: .test-agent-ocm-one
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "agent" && $CI_PIPELINE_SOURCE != "merge_request_event"'
when: manual
agent-test ocm-two:
stage: deploy-test
extends: .test-agent-ocm-two
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "agent" && $CI_PIPELINE_SOURCE != "merge_request_event"'
when: manual
attestation-manager-test ocm:
stage: deploy-test
extends: .test-attestation-manager-ocm-one
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "attestation-manager" && $CI_PIPELINE_SOURCE != "merge_request_event"'
when: manual
attestation-manager-test ocm-two:
stage: deploy-test
extends: .test-attestation-manager-ocm-two
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "attestation-manager" && $CI_PIPELINE_SOURCE != "merge_request_event"'
when: manual
connection-manager-test ocm:
stage: deploy-test
extends: .test-connection-manager-ocm-one
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "connection-manager" && $CI_PIPELINE_SOURCE != "merge_request_event"'
when: manual
connection-manager-test ocm-two:
stage: deploy-test
extends: .test-connection-manager-ocm-two
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "connection-manager" && $CI_PIPELINE_SOURCE != "merge_request_event"'
when: manual
gateway-test ocm:
stage: deploy-test
extends: .test-gateway-ocm-one
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "gateway" && $CI_PIPELINE_SOURCE != "merge_request_event"'
when: manual
gateway-test ocm-two:
stage: deploy-test
extends: .test-gateway-ocm-two
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "gateway" && $CI_PIPELINE_SOURCE != "merge_request_event"'
when: manual
proof-manager-test ocm:
stage: deploy-test
extends: .test-proof-manager-ocm-one
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "proof-manager" && $CI_PIPELINE_SOURCE != "merge_request_event"'
when: manual
proof-manager-test ocm-two:
stage: deploy-test
extends: .test-proof-manager-ocm-two
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "proof-manager" && $CI_PIPELINE_SOURCE != "merge_request_event"'
when: manual
##
### Deploy on prod
##
agent-prod ocm:
stage: deploy-prod
extends: .prod-agent-ocm-one
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "agent" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
when: manual
agent-prod ocm-two:
stage: deploy-prod
extends: .prod-agent-ocm-two
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "agent" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
when: manual
attestation-manager-prod ocm:
stage: deploy-prod
extends: .prod-attestation-manager-ocm-one
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "attestation-manager" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
when: manual
attestation-manager-prod ocm-two:
stage: deploy-prod
extends: .prod-attestation-manager-ocm-two
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "attestation-manager" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
when: manual
connection-manager-prod ocm:
stage: deploy-prod
extends: .prod-connection-manager-ocm-one
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "connection-manager" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
when: manual
connection-manager-prod ocm-two:
stage: deploy-prod
extends: .prod-connection-manager-ocm-two
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "connection-manager" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
when: manual
gateway-prod ocm:
stage: deploy-prod
extends: .prod-gateway-ocm-one
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "gateway" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
when: manual
gateway-prod ocm-two:
stage: deploy-prod
extends: .prod-gateway-ocm-two
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "gateway" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
when: manual
proof-manager-prod ocm:
stage: deploy-prod
extends: .prod-proof-manager-ocm-one
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "proof-manager" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
when: manual
proof-manager-prod ocm-two:
stage: deploy-prod
extends: .prod-proof-manager-ocm-two
rules:
- if: '$PIPELINE_TRIGGERED == "yes" && $APP == "proof-manager" && $CI_PIPELINE_SOURCE != "merge_request_event" && $MAIN_PROD == "yes" && $GITLAB_USER_LOGIN =~ $AUTORIZED_USERS'
when: manual
##
### Deploy manual on Stage Environment
##
# deploy agent stage:
# stage: deploy-stage
# only:
# refs:
# - master
# - tags
# changes:
# - apps/agent/*
# tags:
# - amd64-docker
# script:
# - echo "create docker file under agent/deployment/ci"
# when: manual
# deploy engine stage:
# stage: deploy-stage
# only:
# refs:
# - master
# - tags
# changes:
# - apps/engine/*
# tags:
# - amd64-docker
# script:
# - echo "create docker file under agent/deployment/ci"
# when: manual
# ##
# ### Deploy manual on Prod Environment
# ##
# deploy agent prod:
# stage: deploy-prod
# only:
# refs:
# - tags
# changes:
# - apps/engine/*
# tags:
# - amd64-docker
# script:
# - echo "create docker file under agent/deployment/ci"
# when: manual
# deploy engine prod:
# stage: deploy-prod
# only:
# refs:
# - tags
# changes:
# - apps/engine/*
# tags:
# - amd64-docker
# script:
# - echo "create docker file under agent/deployment/ci"
# when: manual
##
### Commit Linters and Changelog steps
##
commit lint:
image: node:18
extends: .distributed
stage: lint
tags:
- amd64-docker
script:
- echo "${CI_MERGE_REQUEST_TITLE}" | npx commitlint
rules:
- if: $CI_PIPELINE_SOURCE == 'merge_request_event' && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == 'main'
changelog:
image: node:18
extends: .distributed
stage: release
tags:
- amd64-docker
script:
- npx semantic-release
rules:
- if: '$PIPELINE_TRIGGERED != "yes" && $CI_COMMIT_BRANCH == "main"'