# ============================================================================= # GitLab CI/CD Pipeline — STEAM Security Dashboard # ============================================================================= # # Pipeline stages: # 1. install — install dependencies for backend and frontend # 2. lint — run linters / static checks # 3. test — run backend (Jest) and frontend (react-scripts) tests # 4. build — produce the production frontend bundle # 5. deploy — restart services on the local machine (manual trigger) # # Executor: shell (runs directly on dashboard-dev using system Node.js) # Uses cache (not artifacts) for node_modules to avoid upload size limits. # ============================================================================= # --------------------------------------------------------------------------- # Global cache — persists node_modules between pipeline runs on this runner # --------------------------------------------------------------------------- cache: key: ${CI_COMMIT_REF_SLUG} paths: - node_modules/ - frontend/node_modules/ # --------------------------------------------------------------------------- # Stages run in order; jobs within a stage run in parallel # --------------------------------------------------------------------------- stages: - install - lint - test - build - deploy # ============================================================================= # STAGE 1: Install dependencies # ============================================================================= install-backend: stage: install script: - npm install install-frontend: stage: install script: - cd frontend - npm install # ============================================================================= # STAGE 2: Lint / static analysis # ============================================================================= lint-frontend: stage: lint script: - cd frontend - npm install - npx eslint src/ --max-warnings 0 allow_failure: true # non-blocking until the team cleans up existing warnings # ============================================================================= # STAGE 3: Tests # ============================================================================= test-backend: stage: test script: - npm install - npx jest --ci --forceExit --detectOpenHandles backend/__tests__/ timeout: 5 minutes test-frontend: stage: test script: - cd frontend - npm install - CI=true npx react-scripts test --watchAll=false --ci --forceExit timeout: 5 minutes allow_failure: true # 2 test suites have pre-existing ESM/env issues — fix separately # ============================================================================= # STAGE 4: Build the production frontend bundle # ============================================================================= build-frontend: stage: build script: - cd frontend - npm install - REACT_APP_API_BASE=/api REACT_APP_API_HOST="" npm run build artifacts: paths: - frontend/build/ expire_in: 7 days # ============================================================================= # STAGE 5: Deploy # ============================================================================= # Since the runner IS the app server (dashboard-dev), deploy just restarts # the services locally. No SSH needed. # # Manual trigger only, and only from the main/master branch. # ============================================================================= deploy: stage: deploy rules: - if: $CI_COMMIT_BRANCH == "main" || $CI_COMMIT_BRANCH == "master" when: manual environment: name: production script: - echo "Deploying on dashboard-dev..." - cd /home/cve-dashboard - git pull origin ${CI_COMMIT_BRANCH} - npm install - cd frontend && npm install && npm run build && cd .. - ./stop-servers.sh || true - ./start-servers.sh - echo "Deploy complete."