.gitlab-ci.yml

variables:
  SERVER_USER: deployer
  POSTGRES_DB: immersion-db
  POSTGRES_USER: immersion
  POSTGRES_PASSWORD: pg_password
  POSTGRES_PORT: 5432
  POSTGRES_HOST_AUTH_METHOD: trust
  TEST_DATABASE_URL: postgresql://$POSTGRES_USER:$POSTGRES_PASSWORD@postgres:$POSTGRES_PORT/$POSTGRES_DB
  STORAGE_ROOT_RELATIVE: /back/storage

image: node:16.15-buster

stages:
  - test
  - deploy

validations:
  resource_group: ci
  stage: test
  before_script:
    - corepack enable
    - corepack prepare pnpm@8.0.0 --activate
    - pnpm config set store-dir .pnpm-store
  services:
    - name: postgis/postgis:13-master
      alias: postgres
  cache:
    key:
      files:
        - pnpm-lock.yaml
    paths:
      - .pnpm-store
  script:
    - pnpm install --frozen-lockfile --ignore-scripts
    - STORAGE_FULL_PATH=$(pwd)$STORAGE_ROOT_RELATIVE
    - mkdir -p $STORAGE_FULL_PATH/tmp/
    - NODE_ENV=test DATABASE_URL=$TEST_DATABASE_URL pnpm back db:up
    - DATABASE_URL=$TEST_DATABASE_URL STORAGE_ROOT=$STORAGE_FULL_PATH pnpm back test:integration
    - STORAGE_ROOT=$STORAGE_FULL_PATH pnpm fullcheck --concurrency=2

#sonarqube-check:
#  stage: test
#  image:
#    name: sonarsource/sonar-scanner-cli:latest
#  variables:
#    SONAR_TOKEN: "${SONAR_TOKEN}"
#    SONAR_HOST_URL: "https://sonarqube.beta.pole-emploi.fr"
#    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
#    GIT_DEPTH: 0 # Tells git to fetch all the branches of the project, required by the analysis task
#  cache:
#    key: ${CI_JOB_NAME}
#    paths:
#      - .sonar/cache
#  script:
#    - npm install typescript
#    - sonar-scanner -Dsonar.qualitygate.wait=true -Dsonar.projectKey=immersion-facile -Dsonar.scm.disabled=true
#  allow_failure: true
#  only:
#    - dev

deploy_on_dev:
  resource_group: ci
  cache: []
  only:
    - dev
  image: alpine:latest
  stage: deploy
  environment:
    name: dev
  script:
    - chmod og= $DEPLOYER_ID_RSA_DEV
    - echo $SERVER_USER
    - apk update && apk add openssh-client
    - scp -i $DEPLOYER_ID_RSA_DEV -o StrictHostKeyChecking=no $SECRETS $SERVER_USER@$DEPLOYER_SERVER_IP_DEV:/home/docker/immersion-facile-dev/.env.secrets
    - scp -i $DEPLOYER_ID_RSA_DEV -o StrictHostKeyChecking=no $VARIABLES $SERVER_USER@$DEPLOYER_SERVER_IP_DEV:/home/docker/immersion-facile-dev/.env.variables
    - ssh -i $DEPLOYER_ID_RSA_DEV -o StrictHostKeyChecking=no $SERVER_USER@$DEPLOYER_SERVER_IP_DEV "cd /home/docker/immersion-facile-dev &&
      chmod 600 .env.secrets;
      chmod 600 .env.variables;

      git checkout dev &&
      git fetch origin dev &&
      git reset --hard origin/dev;
      retVal=\$?;
      if [ \$retVal -ne 0 ]; then
      echo \"FATAL:Source code fetch failed. Aborting.\";
      exit \$retVal;
      fi;

      touch .env &&
      chmod 600 .env &&
      cat .env.variables <(echo) .env.secrets <(echo) > .env &&
      grep 'VITE_' .env > ./front/.env &&
      rm -f .env.variables .env.secrets;

      docker-compose build &&
      docker-compose -f docker-compose.yml -f docker-compose.logging-loki-plugin.yml down --remove-orphans &&
      docker-compose -f docker-compose.yml -f docker-compose.logging-loki-plugin.yml up -d;

      retVal=\$?;
      if [ \$retVal -ne 0 ]; then
      echo \"FATAL ERROR Docker image creation and server restart failed. Aborting.\";
      exit \$retVal;
      fi;

      echo \"Waiting 2m ...\";
      sleep 120;
      echo \"Checking server health...\";
      curl --fail --output /dev/null http://localhost:80/api/"

deploy_on_staging:
  resource_group: ci
  cache: []
  only:
    - staging
  image: alpine:latest
  stage: deploy
  environment:
    name: staging
  script:
    - chmod og= $DEPLOYER_ID_RSA_DEV
    - echo $SERVER_USER
    - apk update && apk add openssh-client
    - scp -i $DEPLOYER_ID_RSA_DEV -o StrictHostKeyChecking=no $SECRETS $SERVER_USER@$DEPLOYER_SERVER_IP_DEV:/home/docker/immersion-facile-staging/.env.secrets
    - scp -i $DEPLOYER_ID_RSA_DEV -o StrictHostKeyChecking=no $VARIABLES $SERVER_USER@$DEPLOYER_SERVER_IP_DEV:/home/docker/immersion-facile-staging/.env.variables
    - ssh -i $DEPLOYER_ID_RSA_DEV -o StrictHostKeyChecking=no $SERVER_USER@$DEPLOYER_SERVER_IP_DEV "cd /home/docker/immersion-facile-staging &&
      chmod 600 .env.secrets;
      chmod 600 .env.variables;

      git checkout staging &&
      git fetch origin staging &&
      git reset --hard origin/staging;
      retVal=\$?;
      if [ \$retVal -ne 0 ]; then
      echo \"FATAL:Source code fetch failed. Aborting.\";
      exit \$retVal;
      fi;

      touch .env &&
      chmod 600 .env &&
      cat .env.variables <(echo) .env.secrets <(echo) > .env &&
      grep 'VITE_' .env > ./front/.env &&
      rm -f .env.variables .env.secrets;

      docker-compose build &&
      docker-compose -f docker-compose.yml -f docker-compose.logging-loki-plugin.yml down --remove-orphans &&
      docker-compose -f docker-compose.yml -f docker-compose.logging-loki-plugin.yml up -d;

      retVal=\$?;
      if [ \$retVal -ne 0 ]; then
      echo \"FATAL ERROR Docker image creation and server restart failed. Aborting.\";
      exit \$retVal;
      fi;

      echo \"Waiting 2m ...\";
      sleep 120;
      echo \"Checking server health...\";
      curl --fail --output /dev/null http://localhost:3000/api/"

#deploy_on_prod:
#  resource_group: ci
#  cache: []
#  only:
#    - main
#  image: alpine:latest
#  stage: deploy
#  environment:
#    name: prod
#  script:
#    - chmod og= $DEPLOYER_PRIVATE_KEY
#    - echo $SERVER_USER
#    - apk update && apk add openssh-client
#    - scp -i $DEPLOYER_PRIVATE_KEY -o StrictHostKeyChecking=no $SECRETS $SERVER_USER@$DEPLOYER_SERVER_IP:/home/docker/immersion-facile/.env.secrets
#    - scp -i $DEPLOYER_PRIVATE_KEY -o StrictHostKeyChecking=no $VARIABLES $SERVER_USER@$DEPLOYER_SERVER_IP:/home/docker/immersion-facile/.env.variables
#    - ssh -i $DEPLOYER_PRIVATE_KEY -o StrictHostKeyChecking=no $SERVER_USER@$DEPLOYER_SERVER_IP "cd /home/docker/immersion-facile &&
#      chmod 600 .env.secrets;
#      chmod 600 .env.variables;
#
#      git checkout main &&
#      git fetch origin main &&
#      git reset --hard origin/main;
#      retVal=\$?;
#      if [ \$retVal -ne 0 ]; then
#      echo \"FATAL:Source code fetch failed. Aborting.\";
#      exit \$retVal;
#      fi;
#
#      touch .env &&
#      chmod 600 .env &&
#      cat .env.variables <(echo) .env.secrets <(echo) > .env &&
#      grep 'VITE_' .env > ./front/.env &&
#      rm -f .env.variables .env.secrets;
#
#      docker-compose build &&
#      docker-compose -f docker-compose.yml -f docker-compose.logging-loki-plugin.yml down --remove-orphans &&
#      docker-compose -f docker-compose.yml -f docker-compose.logging-loki-plugin.yml up -d;
#
#      retVal=\$?;
#      if [ \$retVal -ne 0 ]; then
#      echo \"FATAL ERROR Docker image creation and server restart failed. Aborting.\";
#      exit \$retVal;
#      fi;
#
#      echo \"Waiting 2m ...\";
#      sleep 120;
#      echo \"Checking server health...\";
#      curl --fail --output /dev/null http://localhost:80/api/"

notify-staging-deployed:
  resource_group: ci
  image: alpine:latest
  only:
    - staging
  stage: deploy
  needs:
    - deploy_on_staging
  before_script:
    - apk add --update curl && rm -rf /var/cache/apk/*
  script:
    - curl --header "Content-Type:application/json" -d '{"username":"Gitlab deployer", "content":"La STAGING a été déployée https://staging.immersion-facile.beta.gouv.fr.\nEst-ce que le CHANGELOG est à jour ? ici -> https://www.notion.so/gip-inclusion/CHANGELOG-3831ee7ed3ba48e6bd29aac47c0a7f78"}' $DISCORD_WEBHOOK_STAGING_DEPLOYED
#notify-prod-deployed:
#  resource_group: ci
#  image: alpine:latest
#  only:
#    - main
#  stage: deploy
#  needs:
#    - deploy_on_prod
#  before_script:
#    - apk add --update curl && rm -rf /var/cache/apk/*
#  script:
#    - curl --header "Content-Type:application/json" -d '{"username":"Gitlab deployer", "content":"La PRODUCTION a été déployée https://immersion-facile.beta.gouv.fr.\nEst-ce que le CHANGELOG est à jour ? ici -> https://www.notion.so/gip-inclusion/CHANGELOG-3831ee7ed3ba48e6bd29aac47c0a7f78"}' $DISCORD_WEBHOOK_PROD_DEPLOYED