# ============================================================================= # GitLab CI/CD Pipeline — STEAM Security Dashboard # ============================================================================= # # Pipeline stages: # 1. install — install dependencies for backend and frontend # 2. lint — run linters / static checks # 3. test — run backend (Jest) and frontend (react-scripts) tests # 4. build — produce the production frontend bundle # 5. deploy — restart services on the local machine (manual trigger) # # Executor: shell (runs directly on dashboard-dev using system Node.js) # ============================================================================= # --------------------------------------------------------------------------- # Global cache — speeds up repeated runs by reusing node_modules # --------------------------------------------------------------------------- cache: key: ${CI_COMMIT_REF_SLUG} paths: - node_modules/ - frontend/node_modules/ # --------------------------------------------------------------------------- # Stages run in order; jobs within a stage run in parallel # --------------------------------------------------------------------------- stages: - install - lint - test - build - deploy # ============================================================================= # STAGE 1: Install dependencies # ============================================================================= install-backend: stage: install script: - npm install artifacts: paths: - node_modules/ expire_in: 1 hour install-frontend: stage: install script: - cd frontend - npm install artifacts: paths: - frontend/node_modules/ expire_in: 1 hour # ============================================================================= # STAGE 2: Lint / static analysis # ============================================================================= lint-frontend: stage: lint needs: ["install-frontend"] script: - cd frontend - npx eslint src/ --max-warnings 0 allow_failure: true # non-blocking until the team cleans up existing warnings # ============================================================================= # STAGE 3: Tests # ============================================================================= test-backend: stage: test needs: ["install-backend"] script: - npx jest --ci --forceExit --detectOpenHandles backend/__tests__/ timeout: 5 minutes test-frontend: stage: test needs: ["install-frontend"] script: - cd frontend - CI=true npx react-scripts test --watchAll=false --ci --forceExit timeout: 5 minutes # ============================================================================= # STAGE 4: Build the production frontend bundle # ============================================================================= build-frontend: stage: build needs: ["install-frontend", "test-frontend"] script: - cd frontend - REACT_APP_API_BASE=/api REACT_APP_API_HOST="" npm run build artifacts: paths: - frontend/build/ expire_in: 7 days # ============================================================================= # STAGE 5: Deploy # ============================================================================= # Since the runner IS the app server (dashboard-dev), deploy just restarts # the services locally. No SSH needed. # # Manual trigger only, and only from the main/master branch. # ============================================================================= deploy: stage: deploy needs: ["build-frontend"] rules: - if: $CI_COMMIT_BRANCH == "main" || $CI_COMMIT_BRANCH == "master" when: manual environment: name: production script: - echo "Deploying on dashboard-dev..." - cd /home/cve-dashboard - git pull origin ${CI_COMMIT_BRANCH} - npm install - cd frontend && npm install && npm run build && cd .. - ./stop-servers.sh || true - ./start-servers.sh - echo "Deploy complete."