include:
- project: gitlab-ci-cd/general
ref: main
file: '/mixins.yml'
- project: gitlab-ci-cd/drupal
ref: main
file: '/support-staging.yml'
rules:
- if: '$STAGING != "no"'
- project: gitlab-ci-cd/drupal
ref: main
file: '/no-staging.yml'
rules:
- if: '$STAGING == "no"'
Debug:
stage: execute
tags:
- default
script:
- set
rules:
- if: '$LAKEDROPS_DEBUG == "1"'
.wait:
script:
- while [ ! -f /tmp/foo.txt ]; do echo "waiting..."; sleep 1; done
# See https://docs.gitlab.com/ee/ci/yaml/#retrywhen
.retry-for-system-issues: &retry-for-system-issues
retry:
max: 2
when:
- runner_system_failure
- stuck_or_timeout_failure
.cache_paths: &cache_paths
paths:
- .docker-init/
- assets/
- drush/
- files/
- keys/
- recipes/
- settings/
- vendor/
- web/core/
- web/libraries/
- web/modules/contrib/
- web/profiles/contrib/
- web/sites/
- web/themes/contrib/
- .ahoy.yml
- .env
- docker-compose.yml
.artifact_paths_prod: &artifact_paths_prod
paths:
- apache/
- config/
- drush/
- keys/
- recipes/
- vendor/
- web/
- .env
- composer.json
- composer.lock
exclude:
- .git/
- vendor/**/.git/**/*
- web/**/.git/**/*
.artifact_paths_prod_ng: &artifact_paths_prod_ng
paths:
- .docker-init/
- apache/
- nginx/
- backup/
- crontabs/
- drush/drush.yml
- recipes/
- settings/
- tests/mailpitout.yml
- mailpit/mailpitout.yml
- web/sites
- docker-compose.yml
.artifact_paths: &artifact_paths
paths:
- .docker-init/
- apache/
- assets/
- config/
- drush/
- files/
- keys/
- recipes/
- settings/
- tests/
- vendor/
- web/
- .ahoy.yml
- .env
- .phpcsignore
- composer.*
- docker-compose.yml
exclude:
- .git/
- vendor/**/.git/**/*
- web/**/.git/**/*
.cache_default: &cache_default
key: build-${COMPOSE_PROJECT_NAME}
<<: *cache_paths
.cache_prod: &cache_prod
key: build-prod-${COMPOSE_PROJECT_NAME}
<<: *cache_paths
.cache_prod_ng: &cache_prod_ng
key: build-prod-ng-${COMPOSE_PROJECT_NAME}
<<: *cache_paths
.import_db_default: &import_db_default
stage: prepare
tags:
- default
image: registry.lakedrops.com/docker/gitlab-drupal-ci/php-${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION}
cache: {}
variables:
GIT_STRATEGY: none
script:
- docker cp ${PROJECT_NAME}.sql ${COMPOSE_PROJECT_NAME}-php-1:/var/www/html
- drush -y sql:drop
- drush sql:query --file=../${PROJECT_NAME}.sql
- drush cr
- if [[ "${SKIPCONFIGIMPORT}" == "no" ]]; then drush -y config-import; fi
- ${UPDATE_DB_COMMAND}
- drush cr
.prerequisites:
stage: .pre
tags:
- default
image: registry.lakedrops.com/docker/gitlab-drupal-ci/php-${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION}
cache: {}
variables:
GIT_STRATEGY: none
script: |
INCLUDELAKEDROPSTESTS="no"
INCLUDEGITLABTESTS="no"
DBREQUIRED="no"
DBUPDREQUIRED="no"
TESTSDISABLED="no"
GITLABTESTSDISABLED="no"
if [[ "$DISABLE_GITLAB_CI_TESTS" == "1" ]]; then
GITLABTESTSDISABLED="yes"
fi
if [[ "$DISABLE_CI_TESTS" == "1" ]]; then
TESTSDISABLED="yes"
GITLABTESTSDISABLED="yes"
elif [[ "$CI_COMMIT_MESSAGE" == *"release into main"* ]]; then
TESTSDISABLED="yes"
GITLABTESTSDISABLED="yes"
elif [[ "$CI_COMMIT_MESSAGE" == *"Merge branch 'release' into 'main'"* ]]; then
TESTSDISABLED="yes"
GITLABTESTSDISABLED="yes"
elif [[ "$CI_COMMIT_MESSAGE" == *"Merge branch 'develop' into 'main'"* ]]; then
TESTSDISABLED="yes"
GITLABTESTSDISABLED="yes"
elif [[ "$DISABLE_CI_TEST_BACKSTOP" == "1" && "$DISABLE_CI_TEST_CYPRESSE2E" == "1" ]]; then
echo "DB not required"
elif [[ "$CI_COMMIT_REF_NAME" == "main" ]]; then
DBREQUIRED="yes"
elif [[ "$CI_COMMIT_MESSAGE" == *"[PULL_DB]"* ]]; then
DBREQUIRED="yes"
elif [[ "$PULL_DB" == "yes" ]]; then
DBREQUIRED="yes"
else
ID=$(docker container ls --all -q -f name=^${COMPOSE_PROJECT_NAME}-mariadb-1$)
if [[ ! -n ${ID} ]]; then
DBREQUIRED="yes"
else
docker start ${COMPOSE_PROJECT_NAME}-mariadb-1
sleep 3
rm /tmp/test.log >/dev/null 2>&1 || true
docker exec -i ${COMPOSE_PROJECT_NAME}-mariadb-1 mysql -u drupal --password=drupal -e "show tables;" drupal >/tmp/test.log 2>&1
EC=0
grep "users_data" /tmp/test.log || EC=$?
if [[ $EC -ne 0 ]]; then
DBREQUIRED="yes"
else
DBUPDREQUIRED="yes"
fi
rm /tmp/test.log >/dev/null 2>&1 || true
fi
fi
INITIALINSTALL="no"
if [[ "$CI_COMMIT_MESSAGE" == *"[INITIAL_INSTALL]"* ]]; then
INITIALINSTALL="yes"
elif [[ "$INITIAL_INSTALL" == "yes" ]]; then
INITIALINSTALL="yes"
fi
if [[ "$INITIALINSTALL" == "yes" ]]; then
TESTSDISABLED="yes"
GITLABTESTSDISABLED="yes"
fi
DEPLOYSCRIPT="drupal-deploy"
if [[ "$INITIALINSTALL" == "yes" ]]; then
DEPLOYSCRIPT="drupal-config"
fi
RESETLOCALE="no"
if [[ "$CI_COMMIT_MESSAGE" == *"[RESET_LOCALE]"* ]]; then
RESETLOCALE="yes"
elif [[ "$RESET_LOCALE" == "yes" ]]; then
RESETLOCALE="yes"
fi
VERSIONPATTERN=$(date +"cd-%Y-%m-%d-%H-%M")
SKIPCONFIGIMPORT="no"
if [[ "$CI_COMMIT_MESSAGE" == *"[SKIP_CONFIG_IMPORT]"* ]]; then
SKIPCONFIGIMPORT="yes"
fi
if [[ "$DISABLE_CONFIG_IMPORT" == "1" ]]; then
SKIPCONFIGIMPORT="yes"
fi
if [[ "$TESTSDISABLED" == "no" ]]; then
INCLUDELAKEDROPSTESTS="yes"
fi
if [[ "$GITLABTESTSDISABLED" == "no" ]]; then
INCLUDEGITLABTESTS="yes"
fi
DISABLENODEACCESSREBUILD="no"
if [[ "$DISABLE_NODE_ACCESS_REBUILD" == "1" ]]; then
DISABLENODEACCESSREBUILD="yes"
fi
echo "DBREQUIRED=${DBREQUIRED}" >> validation.env
echo "DBUPDREQUIRED=${DBUPDREQUIRED}" >> validation.env
echo "DEPLOYSCRIPT=${DEPLOYSCRIPT}" >> validation.env
echo "DISABLENODEACCESSREBUILD=${DISABLENODEACCESSREBUILD}" >> validation.env
echo "GITLABTESTSDISABLED=${GITLABTESTSDISABLED}" >> validation.env
echo "INCLUDEGITLABTESTS=${INCLUDEGITLABTESTS}" >> validation.env
echo "INCLUDELAKEDROPSTESTS=${INCLUDELAKEDROPSTESTS}" >> validation.env
echo "INITIALINSTALL=${INITIALINSTALL}" >> validation.env
echo "RESETLOCALE=${RESETLOCALE}" >> validation.env
echo "SKIPCONFIGIMPORT=${SKIPCONFIGIMPORT}" >> validation.env
echo "TESTSDISABLED=${TESTSDISABLED}" >> validation.env
echo "VERSIONPATTERN=${VERSIONPATTERN}" >> validation.env
cat validation.env
before_script: !reference [.prepareaccess, before_script]
except:
refs:
- tags
variables:
- $CI_COMMIT_MESSAGE =~ /^Merge tag /i
- $CI_COMMIT_MESSAGE =~ /^Merge branch 'cc-/i
- $CI_COMMIT_MESSAGE =~ /Merging develop into main for collected config/i
- $CAE
- $CAE_NG_CONFIG_DIR
- $TRIGGERTASK
artifacts:
reports:
dotenv: validation.env
.sanitychecks:
stage: .pre
tags:
- default
image: registry.lakedrops.com/docker/gitlab-drupal-ci/php-${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION}
cache: {}
script:
- if [[ -f 'config/default/sync/crowdsec.settings.yml' ]]; then echo "The crowdsec config entity should be moved into a config split."; exit 1; fi
- if [[ $(grep -c ' crowdsec:' config/default/sync/core.extension.yml) -eq 1 ]]; then echo "CrowdSec should not be enabled in core extension, move it to config split instead"; exit 2; fi
except:
refs:
- tags
variables:
- $CI_COMMIT_MESSAGE =~ /^Merge tag /i
- $CI_COMMIT_MESSAGE =~ /^Merge branch 'cc-/i
- $CI_COMMIT_MESSAGE =~ /Merging develop into main for collected config/i
- $CAE
- $CAE_NG_CONFIG_DIR
- $TRIGGERTASK
.build-prod:
stage: buildprod
tags:
- default
<<: *retry-for-system-issues
image: registry.lakedrops.com/docker/gitlab-drupal-ci/php-${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION}
cache:
<<: *cache_prod
policy: pull-push
before_script:
- !reference [.prepareaccess, before_script]
- !reference [.preparecomposerplugins, before_script]
script:
- /usr/local/bin/update-env
- composer install --no-interaction --no-progress --no-dev --optimize-autoloader
- composer show --path drupal/core-vendor-hardening >/dev/null 2>&1 || composer require --update-no-dev --no-interaction --no-progress --optimize-autoloader drupal/core-vendor-hardening
artifacts:
name: build-prod
when: always
<<: *artifact_paths_prod
.build-prod-ng:
stage: build
tags:
- default
<<: *retry-for-system-issues
image: registry.lakedrops.com/docker/gitlab-drupal-ci/php-${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION}
cache:
<<: *cache_prod_ng
policy: pull-push
rules:
- if: '$DISABLE_DEPLOYMENT_LOCAL != "1"'
before_script:
- !reference [.prepareaccess, before_script]
- !reference [.preparecomposerplugins, before_script]
variables:
LAKEDROPS_BUILD_NG: 'yes'
COMPOSE_PROJECT_NAME: drupal_$COMPOSE_PROJECT_NAME
script:
- composer show --path lakedrops/drupal-environment >/dev/null 2>&1 || composer require --update-no-dev --no-interaction --no-progress --optimize-autoloader lakedrops/drupal-environment
- composer show --path lakedrops/docker4drupal >/dev/null 2>&1 || composer require --update-no-dev --no-interaction --no-progress --optimize-autoloader lakedrops/docker4drupal
- composer lakedrops:config
- composer lakedrops:docker4drupal
artifacts:
name: build-prod-ng
when: always
<<: *artifact_paths_prod_ng
.build:
stage: build
tags:
- default
<<: *retry-for-system-issues
image: registry.lakedrops.com/docker/gitlab-drupal-ci/php-${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION}
cache:
<<: *cache_default
policy: pull-push
before_script:
- !reference [.prepareaccess, before_script]
- !reference [.preparecomposerplugins, before_script]
script:
# Run the following twice to ensure new patches get applied.
- composer install --no-interaction --no-progress --optimize-autoloader
- composer install --no-interaction --no-progress --optimize-autoloader
- composer lakedrops:scaffold --no-interaction
- composer lakedrops:docker4drupal --no-interaction
- docker compose pull --quiet
- docker compose up -d --force-recreate --remove-orphans
- mkdir -p files/default/files/css
- mkdir -p files/default/files/js
- mkdir -p files/default/files/languages
- mkdir -p files/default/files/translations
- chmod -R ugo+w files/default/files/
# Prepare log directory for tests.
- dc exec -u root php mkdir -p /tmp/logs
- dc exec -u root php rm -rf /tmp/logs/*
- dc exec -u root php chmod oug+w /tmp/logs
artifacts:
name: build
when: always
<<: *artifact_paths
rules:
- if: '$TESTSDISABLED == "no"'
.theme:
stage: build
tags:
- default
<<: *retry-for-system-issues
image: registry.lakedrops.com/docker/gitlab-drupal-ci/php-${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION}
cache:
key: theme-node-modules-${COMPOSE_PROJECT_NAME}
paths:
- ${THEME_CSS_PATH}/node_modules
policy: pull-push
variables:
GIT_STRATEGY: none
before_script:
- cd ${THEME_BASE_PATH}
script:
- if [[ -d "${THEME_CSS_PATH}" ]]; then rm -rf "${THEME_CSS_PATH}"; fi
- mkdir -p "${THEME_CSS_PATH}"
- docker run --name=${COMPOSE_PROJECT_NAME}-node -id -v $(php /usr/local/bin/volume.php) -w ${PWD} ${THEME_BUILD_NODE_IMG}
- docker exec ${COMPOSE_PROJECT_NAME}-node npm install --no-save
- docker exec -e NODE_ENV=production ${COMPOSE_PROJECT_NAME}-node ${THEME_BUILD_COMMAND}
after_script:
- docker rm -f ${COMPOSE_PROJECT_NAME}-node || EC=$?
artifacts:
name: css
when: always
paths:
- $THEME_CSS_PATH
dependencies:
- 'Build Prod Site'
rules:
- if: '$THEME_BUILD == "yes"'
.dumpdb:
stage: build
tags:
- ansible
variables:
GIT_STRATEGY: none
script:
- if [[ -f ${PWD}/${PROJECT_NAME}.sql ]]; then rm ${PWD}/${PROJECT_NAME}.sql; fi
- ascr drupal-dump-db ${CI_PROJECT_PATH} ${PWD}/${PROJECT_NAME}.sql main
cache: {}
dependencies: []
artifacts:
name: dbdump
when: always
paths:
- ${PROJECT_NAME}.sql
rules:
- if: '$DISABLE_DEPLOYMENT != "0"'
when: never
- if: '$DISABLE_DEPLOYMENT_LOCAL != "1"'
when: never
- if: '$DBREQUIRED == "no"'
when: never
- if: '$INITIALINSTALL == "yes"'
when: never
- if: '$TESTSDISABLED == "yes"'
when: never
- if: '$LOCALDBFILE != "none"'
when: never
- if: '$DISABLE_CI_TESTS != "1"'
.dumpdbNG:
stage: build
tags:
- deploylocal
variables:
GIT_STRATEGY: none
script:
- if [[ -f ${PWD}/${PROJECT_NAME}.sql ]]; then rm ${PWD}/${PROJECT_NAME}.sql; fi
- docker compose --project-name drupal_${PROJECT_NAME}_main exec php drush sql:dump --result-file=/var/backups/mysql/${PROJECT_NAME}.sql
- cp /data/main/files/db/${PROJECT_NAME}.sql .
cache: {}
dependencies: []
artifacts:
name: dbdump
when: always
paths:
- ${PROJECT_NAME}.sql
rules:
- if: '$DISABLE_DEPLOYMENT != "0"'
when: never
- if: '$DISABLE_DEPLOYMENT_LOCAL != "0"'
when: never
- if: '$DBREQUIRED == "no"'
when: never
- if: '$INITIALINSTALL == "yes"'
when: never
- if: '$TESTSDISABLED == "yes"'
when: never
- if: '$LOCALDBFILE != "none"'
when: never
- if: '$DISABLE_CI_TESTS != "1"'
.importdb:
<<: *import_db_default
rules:
- if: '$DISABLE_DEPLOYMENT != "0"'
when: never
- if: '$DISABLE_DEPLOYMENT_LOCAL != "1"'
when: never
- if: '$DBREQUIRED == "no"'
when: never
- if: '$INITIALINSTALL == "yes"'
when: never
- if: '$TESTSDISABLED == "yes"'
when: never
- if: '$LOCALDBFILE != "none"'
when: never
- if: '$DISABLE_CI_TESTS != "1"'
dependencies:
- 'Build Site'
- 'Download DB'
.importdbNG:
<<: *import_db_default
rules:
- if: '$DISABLE_DEPLOYMENT != "0"'
when: never
- if: '$DISABLE_DEPLOYMENT_LOCAL != "0"'
when: never
- if: '$DBREQUIRED == "no"'
when: never
- if: '$INITIALINSTALL == "yes"'
when: never
- if: '$TESTSDISABLED == "yes"'
when: never
- if: '$LOCALDBFILE != "none"'
when: never
- if: '$DISABLE_CI_TESTS != "1"'
dependencies:
- 'Build Site'
- 'Download DB NG'
.importdbLocal:
<<: *import_db_default
variables:
GIT_STRATEGY: fetch
before_script:
- cp ${LOCALDBFILE} ${PROJECT_NAME}.sql.gz
- gunzip ${PROJECT_NAME}.sql.gz
rules:
- if: '$DBREQUIRED == "no"'
when: never
- if: '$TESTSDISABLED == "yes"'
when: never
- if: '$LOCALDBFILE == "none"'
when: never
- if: '$DISABLE_CI_TESTS != "1"'
dependencies:
- 'Build Site'
.updatedb:
stage: prepare
tags:
- default
image: registry.lakedrops.com/docker/gitlab-drupal-ci/php-${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION}
cache: {}
variables:
GIT_STRATEGY: none
script:
- drush cr
- if [[ "${SKIPCONFIGIMPORT}" == "no" ]]; then drush -y config-import; fi
- ${UPDATE_DB_COMMAND}
- drush cr
rules:
- if: '$DBREQUIRED == "yes"'
when: never
- if: '$DBUPDREQUIRED == "no"'
when: never
- if: '$INITIALINSTALL == "yes"'
when: never
- if: '$TESTSDISABLED == "yes"'
when: never
- if: '$DISABLE_CI_TESTS != "1"'
dependencies:
- 'Build Site'
.deploy:
stage: deploy
tags:
- ansible
variables:
GIT_STRATEGY: none
script:
- ascr $DEPLOYSCRIPT $HOST_NAME $SITE_NAME --extra-vars="SKIP_CONFIG_IMPORT=${SKIPCONFIGIMPORT}" ${CAE}
cache: {}
rules:
- if: '$DISABLE_DEPLOYMENT != "0"'
when: never
- if: '$DISABLE_DEPLOYMENT_LOCAL != "1"'
when: never
- when: on_success
dependencies:
- 'Build Theme'
.deployartefact:
stage: deploy
tags:
- ansible
variables:
GIT_STRATEGY: none
script:
- ascr $DEPLOYSCRIPT $HOST_NAME $SITE_NAME --extra-vars="DRUPAL_ARTEFACT_SRC=${PWD}" --extra-vars="SKIP_CONFIG_IMPORT=${SKIPCONFIGIMPORT}" ${CAE}
cache: {}
rules:
- if: '$DISABLE_DEPLOYMENT != "0"'
when: never
- if: '$DISABLE_DEPLOYMENT_LOCAL != "1"'
when: never
- when: on_success
dependencies:
- 'Build Prod Site'
- 'Build Theme'
.deployartefact-ng:
stage: deploy
tags:
- deploylocal
image: registry.lakedrops.com/docker/gitlab-drupal-ci/php-${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION}
cache: {}
variables:
GIT_STRATEGY: none
COMPOSE_PROJECT_NAME: drupal_$COMPOSE_PROJECT_NAME
before_script: !reference [.prepareaccess, before_script]
script:
- mkdir -p /data/${CI_COMMIT_REF_NAME}/app
- mkdir -p /data/${CI_COMMIT_REF_NAME}/db
- mkdir -p /data/${CI_COMMIT_REF_NAME}/files/public/translations
- mkdir -p /data/${CI_COMMIT_REF_NAME}/files/private
- mkdir -p /data/${CI_COMMIT_REF_NAME}/files/db
- mkdir -p /data/${CI_COMMIT_REF_NAME}/redis
- if [[ -f nginx/in-vhost.conf ]]; then mkdir -p /data/${CI_COMMIT_REF_NAME}/in/public; mkdir -p /data/${CI_COMMIT_REF_NAME}/in/storage; chown -R 1500:1500 /data/${CI_COMMIT_REF_NAME}/in/public; chown -R 1500:1500 /data/${CI_COMMIT_REF_NAME}/in/storage; fi
- cd /data/${CI_COMMIT_REF_NAME}/files/public
- if [[ ! -L config ]]; then ln -s /var/www/html/config/default config; fi
- cd -
- cd /data/${CI_COMMIT_REF_NAME}/app
- INITIAL="no"
- rm /tmp/test.log >/dev/null 2>&1 || true
- touch /tmp/test.log
- if [[ -f docker-compose.yml ]]; then docker compose exec -i mariadb mysql -u drupal --password=drupal -e "show tables;" drupal >/tmp/test.log 2>&1; fi
- EC=0
- grep "users_data" /tmp/test.log || EC=$?
- if [[ $EC -ne 0 ]]; then INITIAL="yes"; fi
- rm /tmp/test.log >/dev/null 2>&1 || true
- if [[ "$INITIAL" == "no" ]]; then drush -y sset system.maintenance_mode 1 || drush cr && drush -y sset system.maintenance_mode 1; fi
- cd -
- cd web/sites/default
- rm files
- rm private
- ln -s /data/default/public files
- ln -s /data/default/private private
- cd -
- rsync -rlDzq --delete ./ /data/${CI_COMMIT_REF_NAME}/app
- cd /data/${CI_COMMIT_REF_NAME}/app
- GATEWAYIP=$(docker inspect traefik | jq -r '.[0].NetworkSettings.Networks."traefik-public".Gateway')
- PROXYIP=$(docker inspect traefik | jq -r '.[0].NetworkSettings.Networks."traefik-public".IPAddress')
- sed -i "s/TRAEFIK-IP-PLACEHOLDER/${GATEWAYIP}/g" docker-compose.yml
- sed -i "s/TRAEFIK-IP-PLACEHOLDER/${PROXYIP}/g" settings/default/settings.docker.php
- rmdir crontabs >/dev/null 2>&1 || true
- if [[ -d /data/${CI_COMMIT_REF_NAME}/app/backup ]]; then mkdir -p /data/${CI_COMMIT_REF_NAME}/backup/ssh || true; fi
- if [[ -d /data/${CI_COMMIT_REF_NAME}/app/backup ]]; then echo "BORG_PASSPHRASE=${BORG_PASSPHRASE}" >/data/${CI_COMMIT_REF_NAME}/backup/.env || true; fi
- if [[ -d /data/${CI_COMMIT_REF_NAME}/app/backup ]]; then echo "${BORG_SSH_KEY}" >/data/${CI_COMMIT_REF_NAME}/backup/ssh/id_rsa || true; fi
- if [[ -d /data/${CI_COMMIT_REF_NAME}/app/backup ]]; then echo "StrictHostKeyChecking no" >/data/${CI_COMMIT_REF_NAME}/backup/ssh/config || true; fi
- docker compose pull --quiet
- docker compose up -d --force-recreate --remove-orphans
- docker compose exec -u root php chown -R www-data:www-data .
- docker compose exec -u root php chown -R www-data:www-data /data
- docker compose exec -u root php chmod -R ug-w .
- docker compose exec -u root php chmod -R ug+w /data
- docker compose exec -u root php bash -c 'chmod -R ug+w web/sites/*/files'
- docker compose exec -u root php bash -c 'chmod -R ug+w web/sites/*/private'
- docker compose exec -u root php bash -c 'chmod 444 /data/*/*/.htaccess >/dev/null 2>&1 || true'
- docker compose exec -u root borgmatic chmod -R go-w-r-x /root/.ssh || true
- docker compose cp /wait php:/wait
- if [[ "$WAIT_HOSTS" != "none" ]]; then docker compose exec -e WAIT_HOSTS="${WAIT_HOSTS}" -it php /wait; fi
- if [[ ! -d /data/${CI_COMMIT_REF_NAME}/backup/config/security ]]; then docker compose exec -u root borgmatic borgmatic init --encryption repokey || true; fi
- if [[ -f ./crontabs/jobs.ini ]]; then docker compose exec -u root php chown -R www-data:www-data /var/backups/mysql || true; fi
- if [[ "$INITIAL" == "no" ]]; then drush -y cache-rebuild; fi
- if [[ "$INITIAL" == "no" ]] && [[ "${SKIPCONFIGIMPORT}" == "no" ]]; then drush -y config-import; fi
- if [[ "$INITIAL" == "no" ]]; then ${UPDATE_DB_COMMAND}; fi
- if [[ "$INITIAL" == "no" ]] && [[ "${DISABLENODEACCESSREBUILD}" == "no" ]]; then drush -y php:eval "node_access_rebuild();"; fi
- if [[ "$INITIAL" == "no" ]]; then drush -y deploy:hook; fi
- if [[ "$INITIAL" == "no" ]]; then drush -y sset system.maintenance_mode 0; fi
- if [[ "$INITIAL" == "no" ]]; then drush -y cache-rebuild; fi
- if [[ "$INITIAL" == "yes" ]]; then sleep 10; ${INITIAL_SETUP_COMMAND}; fi
- docker compose exec -u root php mkdir -p /data/default/public/cae
- docker compose exec -u root php chown -R www-data:www-data /data/default/public/cae
- if [[ -d ./crontabs ]]; then docker compose restart cron || true; fi
rules:
- if: '$DISABLE_DEPLOYMENT != "0"'
when: never
- if: '$CI_COMMIT_BRANCH != "main" && $ENFORCE_DEPLOYMENT != "1"'
when: never
- if: '$DISABLE_DEPLOYMENT_LOCAL != "1"'
when: on_success
dependencies:
- 'Build Prod Site'
- 'Build Prod Site NG'
- 'Build Theme'
.createrelease:
extends: '.merge'
variables:
SOURCE_BRANCH: develop
only:
variables:
- $CI_COMMIT_MESSAGE =~ /CREATE_RELEASE/
refs:
- develop
except:
refs:
- tags
variables:
- $CI_COMMIT_MESSAGE =~ /^Merge tag /i
- $CAE
- $CAE_NG_CONFIG_DIR
- $CHECKUPDATES
- $TRIGGERTASK
.check4update:
stage: build
tags:
- default
image: registry.lakedrops.com/docker/gitlab-drupal-ci/php-${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION}
cache: {}
before_script:
- !reference [.prepareaccess, before_script]
- !reference [.preparecomposerplugins, before_script]
script:
- DOINSTALL=0
- DOUPDATE=0
- rm /tmp/test.log >/dev/null 2>&1 || true
- EC=0
- if [[ ! -f composer.lock ]]; then DOINSTALL=1; fi
- if [[ $DOINSTALL -eq 1 ]]; then mkdir -p config/default/sync; fi
- if [[ $DOINSTALL -eq 1 ]]; then touch config/default/sync/.gitkeep; fi
- if [[ $DOINSTALL -eq 1 ]]; then composer install --no-interaction --no-progress --no-dev; fi
- if [[ $DOINSTALL -eq 1 ]]; then git add * >/dev/null 2>&1 || true; fi
- if [[ $DOINSTALL -eq 1 ]]; then echo "Initial installation" >/tmp/test.log; fi
- if [[ $DOINSTALL -eq 0 ]]; then composer update --with-all-dependencies --no-interaction --no-progress --no-dev --dry-run $NAMESPACES_CHECK_UPDATE >/tmp/test.log 2>&1 || EC=$?; fi
- if [[ $EC -ne 0 ]]; then cat /tmp/test.log; exit 1; fi
- EC=0
- grep "Nothing to modify in lock file" /tmp/test.log || EC=$?
- if [[ $EC -ne 0 ]]; then DOUPDATE=1; fi
- rm /tmp/test.log >/dev/null 2>&1 || true
- if [[ $DOUPDATE -eq 0 ]]; then exit 0; fi
- composer update --with-all-dependencies --no-interaction --no-progress --no-dev --optimize-autoloader
only:
variables:
- $CHECKUPDATES
refs:
- develop
artifacts:
name: check4updates
when: always
paths:
- composer.json
- composer.lock
.check4updatecommit:
stage: postprocess
tags:
- default
image: registry.lakedrops.com/docker/gitlab-drupal-ci/php-${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION}
cache: {}
needs:
- job: Check 4 Updates
artifacts: true
- job: Check 4 Security Vulnerability Advisories
optional: true
- job: Check 4 Outdated Packages
optional: true
before_script:
- !reference [.prepareaccess, before_script]
- !reference [.preparecomposerplugins, before_script]
script:
- git status >/tmp/test.log 2>&1
- EC=0
- grep "nothing to commit, working tree clean" /tmp/test.log || EC=$?
- if [[ $EC -eq 0 ]]; then exit 0; fi
- EC=0
- grep "composer.lock" /tmp/test.log || EC=$?
- if [[ $EC -ne 0 ]]; then exit 0; fi
- COMMITFLAGS="[SKIP_check4security] [SKIP_check4outdated]"
- if [[ "${SKIPRELEASE}" != "yes" ]]; then COMMITFLAGS="${COMMITFLAGS} [CREATE_RELEASE]"; fi
- if [[ "${USELIVEDB}" == "yes" ]]; then COMMITFLAGS="${COMMITFLAGS} [PULL_DB]"; fi
- git remote rm origin
- git remote add origin git@${CI_SERVER_HOST}:$CI_PROJECT_PATH.git
- git add composer.json
- git add composer.lock
- git -c user.email=gitlab-runner@lakedrops.com -c user.name=GitLabCI commit -m "Updates recognized automatically ${COMMITFLAGS}"
- git push origin HEAD:$CI_COMMIT_REF_NAME
only:
variables:
- $CHECKUPDATES
refs:
- develop
.check4security:
stage: build
tags:
- default
image: registry.lakedrops.com/docker/gitlab-drupal-ci/php-${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION}
cache: {}
needs:
- job: Check 4 Updates
artifacts: true
optional: true
- job: Build Prod Site
artifacts: true
optional: true
- job: Build Prod Site NG
artifacts: true
optional: true
- job: Build Site
artifacts: true
optional: true
before_script:
- !reference [.prepareaccess, before_script]
- !reference [.preparecomposerplugins, before_script]
script:
- composer update --with-all-dependencies --no-interaction --no-progress --no-dev
- composer diagnose --no-interaction || true
- composer audit --no-dev --locked --format=table
rules:
- if: '$CI_COMMIT_MESSAGE =~ /SKIP_check4security/ && $CHECKUPDATES != "yes"'
when: never
- if: $CI_COMMIT_MESSAGE =~ /^Merge branch 'develop' into 'main'/
when: never
- if: $CI_COMMIT_MESSAGE =~ /^Merge branch 'release' into 'main'/
when: never
- if: '$IGNORE_COMPOSER_AUDIT == "0"'
when: always
- when: never
.check4outdated:
stage: build
tags:
- default
image: registry.lakedrops.com/docker/gitlab-drupal-ci/php-${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION}
cache: {}
needs:
- job: Check 4 Updates
artifacts: true
optional: true
- job: Build Prod Site
artifacts: true
optional: true
- job: Build Prod Site NG
artifacts: true
optional: true
- job: Build Site
artifacts: true
optional: true
before_script:
- !reference [.prepareaccess, before_script]
- !reference [.preparecomposerplugins, before_script]
script:
- composer update --with-all-dependencies --no-interaction --no-progress --no-dev
- composer outdated --minor-only --strict --no-interaction $OUTDATED_EXTRAS
- composer outdated --patch-only --strict --no-interaction $OUTDATED_EXTRAS
rules:
- if: '$CI_COMMIT_MESSAGE =~ /SKIP_check4outdated/ && $CHECKUPDATES != "yes"'
when: never
- if: $CI_COMMIT_MESSAGE =~ /^Merge branch 'develop' into 'main'/
when: never
- if: $CI_COMMIT_MESSAGE =~ /^Merge branch 'release' into 'main'/
when: never
- if: '$IGNORE_COMPOSER_EXTENDED_AUDIT == "0"'
when: always
- when: never
.shutdowndockerproject:
stage: finalize
tags:
- default
<<: *retry-for-system-issues
image: registry.lakedrops.com/docker/gitlab-drupal-ci/php-${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION}
cache:
<<: *cache_default
policy: pull
script:
- docker compose down
dependencies:
- 'Build Site'