stages: - test - deploy testCommit: stage: test image: node:latest services: - postgres:15 - redis variables: POSTGRES_PASSWORD: ci script: - apt-get update && apt-get install -y git wget curl build-essential python3 - cp .config/ci.yml .config/default.yml - corepack enable - corepack prepare pnpm@latest --activate - git submodule update --init - pnpm install --frozen-lockfile - pnpm run build - pnpm run migrate cache: key: test policy: pull-push when: on_success paths: - node_modules/ - packages/*/node_modules/ only: - develop - merge_requests - stable getImageTag: stage: deploy image: ubuntu:latest script: - apt-get update && apt-get install -y jq - | if test -n "$CI_COMMIT_TAG"; then tag="$CI_COMMIT_TAG" elif test "$CI_COMMIT_BRANCH" == "stable"; then tag="latest" elif test "$CI_COMMIT_BRANCH" == "develop"; then tag="develop" else tag="$CI_COMMIT_BRANCH" fi version=$(cat package.json | jq -r '.version') - echo "REGISTRY_PUSH_TAG=$tag" >> build.env - echo "REGISTRY_PUSH_VERSION=$version" >> build.env artifacts: reports: dotenv: build.env only: - stable - develop buildDocker: stage: deploy needs: - job: getImageTag artifacts: true parallel: matrix: - ARCH: amd64 - ARCH: arm64 tags: - ${ARCH} image: name: gcr.io/kaniko-project/executor:debug entrypoint: [""] script: - >- /kaniko/executor --context "${CI_PROJECT_DIR}" --dockerfile "${CI_PROJECT_DIR}/Dockerfile" --destination "${CI_REGISTRY_IMAGE}:${REGISTRY_PUSH_VERSION}-${ARCH}" only: - stable - develop mergeManifests: stage: deploy needs: - job: buildDocker artifacts: false - job: getImageTag artifacts: true tags: - docker image: name: mplatform/manifest-tool:alpine entrypoint: [""] script: - >- manifest-tool --username=${CI_REGISTRY_USER} --password=${CI_REGISTRY_PASSWORD} push from-args --platforms linux/amd64,linux/arm64 --tags ${REGISTRY_PUSH_VERSION} --template ${CI_REGISTRY_IMAGE}:${REGISTRY_PUSH_VERSION}-ARCH --target ${CI_REGISTRY_IMAGE}:${REGISTRY_PUSH_TAG} only: - stable - develop include: - template: Jobs/Dependency-Scanning.latest.gitlab-ci.yml - template: Jobs/License-Scanning.latest.gitlab-ci.yml - template: Jobs/SAST.latest.gitlab-ci.yml - template: Jobs/Secret-Detection.latest.gitlab-ci.yml