Lets say you've built $BUILD_IMAGE container image at the build step. I did it on a NodeJS based project but it will work with other technology as well.

check-openapi-contract:
  stage: test
  retry: 1
  timeout: 15m
  script:
    - docker run --name=my-container -d -i -p 8080:8080 --rm $BUILD_IMAGE npm start
    - bash -c 'while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:8080/swagger.json)" != "200" ]]; do sleep 5; done'
    - docker exec -i my-container curl http://localhost:8080/swagger.json -o ./swagger.json
    - docker exec -i my-container npx swagger-cli validate ./swagger.json

So what do we do? We start the server, then retrieve the swagger.json or openapi.json and leverage swagger-cli validate command to ensure our definition is valid and be notified if it is not. Nothing. More.

This article is a follow up of Continuous Deployment with Gitlab, Gitlab-CI and CleverCloud, you might want to read it first!

Nearly 1 year past, clever-tools is now a single binary (along with a native node extension) packaged by pkg, we can easily improve our CI/CD workflow now! Instead of :

deploy:clevercloud:
  image: node:6-wheezy
  stage: deploy
  only:
    - /master/
  script:
    - git remote add clever https://$CLEVER_TOKEN:$CLEVER_SECRET@push-par-clevercloud-customers.services.clever-cloud.com/app_YOUR_APPLICATION_ID.git
    - git push --verbose --force clever master 2>&1 | grep -e 'remote:' -e '->'

my .gitlab-ci.yml now contains

deploy:clevercloud:
  image: ubuntu
  stage: deploy
  only:
    - /master/
  script:
    - apt-get update && apt-get install -y curl
    - curl https://clever-tools.cellar.services.clever-cloud.com/releases/latest/clever-tools-latest_linux.tar.gz > clever-tools-latest_linux.tar.gz
    - tar -xvf clever-tools-latest_linux.tar.gz
    - ./clever login --token $CLEVER_TOKEN --secret $CLEVER_SECRET
    - rm -f .clever.json
    - ./clever link -a deploy $APP_ID
    - ./clever deploy -a deploy

Now my deploy job displays CleverCloud deployment logs, awesome right?

Currently Gitlab does not support artifact removal if you forgot to set an expires_in parameter.

I was not a huge fan of the current solutions so I made my own. Instead of looping through every job ids that might be yours we extract the job ids through the browser JavaScript console and use them inside our script below :

#!/bin/bash

# project_id, find it here: https://gitlab.com/[organization name]/[repository name]/edit inside the "General project settings" tab
project_id="3034900"

# token, find it here: https://gitlab.com/profile/personal_access_tokens
token="Lifg_azxDyRp8eyNFRfg"
server="gitlab.com"

# go to https://gitlab.com/[organization name]/[repository name]/-/jobs
# then open JavaScript console
# copy/paste => copy(_.uniq($('.ci-status').map((x, e) => /([0-9]+)/.exec(e.href)).toArray()).join(' '))
# press enter, and then copy the result here :
# repeat for every page you want
job_ids=(48875658 48874137 48873496 48872419)

for job_id in ${job_ids[@]};
do
 URL="https://$server/api/v4/projects/$project_id/jobs/$job_id/erase"
 echo "$URL"
 curl --request POST --header "PRIVATE-TOKEN:${token}" "$URL"
 echo "\n"
done

Who does not fight everyday to follow the least surprise/astonishment principle? I know I do and my last issue was related with Gitlab-CI.

I had to wait after each git push to discover if my .gitlab-ci.yml file was valid or not.

As usual, automation is the answer. Wouldn't it be awesome if we could run this:

gitlab-ci-validate-watch

And then edit our .gitlab-ci.yml until it's valid? That would be really awesome right?

Sadly at the time of writing Gitlab-CI documentation and API requires us to send our YAML file in stringified JSON format inside a content object to /api/v4/ci/lint api endpoint. Yep, that's a lot of hard work for such a simple task.

Fortunately we can leverage jq.node (it's like jq but WAY MORE powerful) for that along with watchexec!

If you do not have jq.node and watchexec installed it's never too late:

npm i jq.node -g
brew install watchexec

With these two I was able to write the following helpers (don't forget to add them inside your ~/.zshrc or equivalent):

function gitlab-ci-validate(){
  DATA=$(jq.node -r js-yaml -x 'jsYaml.safeLoad | thru(x => (JSON.stringify({content: JSON.stringify(x)})))' < .gitlab-ci.yml)
  curl -s --header "Content-Type: application/json" https://gitlab.com/api/v4/ci/lint --data $DATA | jq.node
}

function gitlab-ci-validate-watch(){
  watchexec --watch $(pwd)/.gitlab-ci.yml 'zsh -c "source ~/.zshrc && gitlab-ci-validate"'
}

gitlab-ci-validate
{
  "status": "invalid",
  "errors": [
    "jobs:update:db:script config should be a string or an array of strings"
  ]
}