From 210a36c07f3f85ace77b3b20a62197c5997779f6 Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Tue, 14 Feb 2023 12:59:12 +0100
Subject: [PATCH 01/15] added code-quality and test-coverage

---
 .gitlab-ci.yml | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 89db932..cc91de8 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,3 +1,6 @@
+include:
+  - template: Jobs/Code-Quality.gitlab-ci.yml
+
 cache:
   key: one-key-to-rule-them-all
 
@@ -179,6 +182,30 @@ test:archlinux:
     - pacman -Sy
     - pacman -U --noconfirm *.pkg.tar.zst
 
+code_quality:
+  rules:
+    - if: $CODE_QUALITY_DISABLED
+      when: never
+    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+
+test_coverage:
+  extends: test
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+  script:
+    - pip install pytest pytest-cov
+    - coverage run -m pytest
+    - coverage report
+    - coverage xml
+  coverage: '/(?i)total.*? (100(?:\.0+)?\%|[1-9]?\d(?:\.\d+)?\%)$/'
+  artifacts:
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: '**/coverage.xml'
+
 .deploy:
   rules:
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH

From 4972f00822beebd410379ebe1bc7ee0a809375f2 Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Tue, 14 Feb 2023 13:37:25 +0100
Subject: [PATCH 02/15] fixes

---
 .gitlab-ci.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index cc91de8..537ea96 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -191,12 +191,13 @@ code_quality:
 
 test_coverage:
   extends: test
+  allow_failure: true
   rules:
     - if: $CI_PIPELINE_SOURCE == "merge_request_event"
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
   script:
     - pip install pytest pytest-cov
-    - coverage run -m pytest
+    - coverage run -m pytest main.py
     - coverage report
     - coverage xml
   coverage: '/(?i)total.*? (100(?:\.0+)?\%|[1-9]?\d(?:\.\d+)?\%)$/'

From 1b9ebb48b10b73aa8e3f64c8d24d998a9bf37168 Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Tue, 14 Feb 2023 13:55:49 +0100
Subject: [PATCH 03/15] added secret detection

---
 .gitlab-ci.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 537ea96..8479291 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,5 +1,6 @@
 include:
   - template: Jobs/Code-Quality.gitlab-ci.yml
+  - template: Jobs/Secret-Detection.gitlab-ci.yml
 
 cache:
   key: one-key-to-rule-them-all
@@ -189,6 +190,13 @@ code_quality:
     - if: $CI_PIPELINE_SOURCE == "merge_request_event"
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
 
+secret_detection:
+  rules:
+    - if: $SECRET_DETECTION_DISABLED
+      when: never
+    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+
 test_coverage:
   extends: test
   allow_failure: true

From 938fc6bd600d8cc038aad1a8a632c17aca1f4182 Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Tue, 14 Feb 2023 14:50:21 +0100
Subject: [PATCH 04/15] added SAST

---
 .gitlab-ci.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 8479291..c11b5fe 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,6 +1,7 @@
 include:
   - template: Jobs/Code-Quality.gitlab-ci.yml
   - template: Jobs/Secret-Detection.gitlab-ci.yml
+  - template: Jobs/SAST.gitlab-ci.yml
 
 cache:
   key: one-key-to-rule-them-all
@@ -197,6 +198,13 @@ secret_detection:
     - if: $CI_PIPELINE_SOURCE == "merge_request_event"
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
 
+semgrep-sast:
+  rules:
+    - if: $SAST_DISABLED
+      when: never
+    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+
 test_coverage:
   extends: test
   allow_failure: true

From 7af2e02627dd7ee5d31412ba9d8f78058c7a9e1a Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Tue, 14 Feb 2023 15:14:19 +0100
Subject: [PATCH 05/15] improvements

---
 .gitlab-ci.yml | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index c11b5fe..92bf662 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -2,6 +2,7 @@ include:
   - template: Jobs/Code-Quality.gitlab-ci.yml
   - template: Jobs/Secret-Detection.gitlab-ci.yml
   - template: Jobs/SAST.gitlab-ci.yml
+  - template: Jobs/Container-Scanning.gitlab-ci.yml
 
 cache:
   key: one-key-to-rule-them-all
@@ -117,10 +118,11 @@ test:
     - openssl rsa -in app/cert/instance.private.pem -outform PEM -pubout -out app/cert/instance.public.pem
     - cd test
   script:
-    - pytest main.py
+    - python -m pytest main.py --junitxml=report.xml
   artifacts:
     reports:
       dotenv: version.env
+      junit: ['**/report.xml']
 
 .test:linux:
   stage: test
@@ -223,6 +225,14 @@ test_coverage:
         coverage_format: cobertura
         path: '**/coverage.xml'
 
+container_scanning:
+  dependencies: [ build:docker ]
+  rules:
+    - if: $CONTAINER_SCANNING_DISABLED
+      when: never
+    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+
 .deploy:
   rules:
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH

From 1d5d3b31fb749ab8534e5eeef2a99df6ef65d71b Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Tue, 14 Feb 2023 15:32:32 +0100
Subject: [PATCH 06/15] dependency scanning

---
 .gitlab-ci.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 92bf662..7b866e0 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -3,6 +3,7 @@ include:
   - template: Jobs/Secret-Detection.gitlab-ci.yml
   - template: Jobs/SAST.gitlab-ci.yml
   - template: Jobs/Container-Scanning.gitlab-ci.yml
+  - template: Jobs/Dependency-Scanning.gitlab-ci.yml
 
 cache:
   key: one-key-to-rule-them-all
@@ -233,6 +234,13 @@ container_scanning:
     - if: $CI_PIPELINE_SOURCE == "merge_request_event"
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
 
+dependency_scanning:
+  rules:
+    - if: $CONTAINER_SCANNING_DISABLED
+      when: never
+    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+
 .deploy:
   rules:
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH

From 7ccb254cbf3df7392bf8dd3be1e09bcf20e9d7c9 Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Tue, 14 Feb 2023 15:48:49 +0100
Subject: [PATCH 07/15] dependency scanning

---
 .gitlab-ci.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 7b866e0..ecd5f9d 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -234,9 +234,9 @@ container_scanning:
     - if: $CI_PIPELINE_SOURCE == "merge_request_event"
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
 
-dependency_scanning:
+gemnasium-python-dependency_scanning:
   rules:
-    - if: $CONTAINER_SCANNING_DISABLED
+    - if: $DEPENDENCY_SCANNING_DISABLED
       when: never
     - if: $CI_PIPELINE_SOURCE == "merge_request_event"
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH

From a7b4a4b6319e995b2bd5f820fa5eb36068e2ed95 Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Tue, 14 Feb 2023 16:00:04 +0100
Subject: [PATCH 08/15] requirements.txt updated

---
 requirements.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 39bbfb9..a1838b5 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,8 +1,8 @@
-fastapi==0.89.1
+fastapi==0.92.0
 uvicorn[standard]==0.20.0
 python-jose==3.3.0
 pycryptodome==3.17
 python-dateutil==2.8.2
-sqlalchemy==2.0.0
+sqlalchemy==2.0.3
 markdown==3.4.1
 python-dotenv==0.21.1

From 88c8fb98da6a76f3af4e183b2efbd12b5e630d38 Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Mon, 27 Feb 2023 08:18:07 +0100
Subject: [PATCH 09/15] added some notes about included database drivers in
 docker image

---
 README.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index a56ca7d..f8174f5 100644
--- a/README.md
+++ b/README.md
@@ -39,6 +39,8 @@ Docker-Images are available here:
 - [Docker-Hub](https://hub.docker.com/repository/docker/collinwebdesigns/fastapi-dls): `collinwebdesigns/fastapi-dls:latest`
 - [GitLab-Registry](https://git.collinwebdesigns.de/oscar.krause/fastapi-dls/container_registry): `registry.git.collinwebdesigns.de/oscar.krause/fastapi-dls/main:latest`
 
+The images include database drivers for `postgres`, `mysql`, `mariadb` and `sqlite`.
+
 **Run this on the Docker-Host**
 
 ```shell
@@ -388,9 +390,9 @@ After first success you have to replace `--issue` with `--renew`.
 every 4.8 hours. If network connectivity is lost, the loss of connectivity is detected during license renewal and the
 client has 19.2 hours in which to re-establish connectivity before its license expires.
 
-\*2 Always use `https`, since guest-drivers only support secure connections!
+\*3 Always use `https`, since guest-drivers only support secure connections!
 
-\*3 If you recreate instance keys you need to **recreate client-token for each guest**!
+\*4 If you recreate instance keys you need to **recreate client-token for each guest**!
 
 # Setup (Client)
 

From 4ef041bb5458fbf7a9d3aee1f3dbd12f691e06a1 Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Tue, 28 Feb 2023 13:08:34 +0100
Subject: [PATCH 10/15] styling

---
 README.md | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index f8174f5..add9f24 100644
--- a/README.md
+++ b/README.md
@@ -400,9 +400,14 @@ client has 19.2 hours in which to re-establish connectivity before its license e
 
 Successfully tested with this package versions:
 
-- `14.3` (Linux-Host: `510.108.03`, Linux-Guest: `510.108.03`, Windows-Guest: `513.91`)
-- `14.4` (Linux-Host: `510.108.03`, Linux-Guest: `510.108.03`, Windows-Guest: `514.08`)
-- `15.0` (Linux-Host: `525.60.12`, Linux-Guest: `525.60.13`, Windows-Guest: `527.41`)
+| vGPU Suftware | vGPU Manager | Linux Driver | Windows Driver | Release Date  |
+|---------------|--------------|--------------|----------------|---------------|
+| `15.1`        | `525.85.07`  | `525.85.05`  | `528.24`       | January 2023  |
+| `15.0`        | `525.60.12`  | `525.60.13`  | `527.41`       | December 2022 |
+| `14.4`        | `510.108.03` | `510.108.03` | `514.08`       | December 2022 |
+| `14.3`        | `510.108.03` | `510.108.03` | `513.91`       | November 2022 |
+
+- https://docs.nvidia.com/grid/index.html
 
 ## Linux
 

From 71795cc7a27bf87a2abb4bcfc5518c8f6795727a Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Mon, 20 Mar 2023 08:07:24 +0100
Subject: [PATCH 11/15] di improvements

---
 .gitlab-ci.yml | 76 ++++++++++++++++++++++----------------------------
 version.env    |  1 -
 2 files changed, 33 insertions(+), 44 deletions(-)
 delete mode 100644 version.env

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index ecd5f9d..e211808 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -20,26 +20,30 @@ build:docker:
     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
   tags: [ docker ]
   before_script:
-    - echo "COMMIT=${CI_COMMIT_SHA}" >> version.env  # COMMIT=`git rev-parse HEAD`
+    - echo -e "VERSION=$CI_BUILD_REF_NAME\nCOMMIT=$CI_COMMIT_SHA" > version.env  # COMMIT=`git rev-parse HEAD`
   script:
     - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
-    - docker build . --tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF}
-    - docker push ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF}
+    - IMAGE=$CI_REGISTRY/$CI_PROJECT_PATH/$CI_BUILD_REF_NAME:$CI_BUILD_REF
+    - docker build . --tag $IMAGE
+    - docker push $IMAGE
+    - echo "CS_IMAGE=$IMAGE" > container_scanning.env
+  artifacts:
+    reports:
+      dotenv: container_scanning.env
 
 build:apt:
   image: debian:bookworm-slim
   interruptible: true
   stage: build
   rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+    - if: $CI_COMMIT_TAG
     - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
       changes:
         - app/**/*
         - .DEBIAN/**/*
     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
   before_script:
-    - echo "COMMIT=${CI_COMMIT_SHA}" >> version.env
-    - source version.env
+    - echo -e "VERSION=$CI_BUILD_REF_NAME\nCOMMIT=$CI_COMMIT_SHA" > version.env
     # install build dependencies
     - apt-get update -qq && apt-get install -qq -y build-essential
     # create build directory for .deb sources
@@ -60,8 +64,8 @@ build:apt:
     # cd into "build/"
     - cd build/
   script:
-    # set version based on value in "$VERSION" (which is set above from version.env)
-    - sed -i -E 's/(Version\:\s)0.0/\1'"$VERSION"'/g' DEBIAN/control
+    # set version based on value in "$CI_BUILD_REF_NAME"
+    - sed -i -E 's/(Version\:\s)0.0/\1'"$CI_BUILD_REF_NAME"'/g' DEBIAN/control
     # build
     - dpkg -b . build.deb
     - dpkg -I build.deb
@@ -82,7 +86,7 @@ build:pacman:
         - .PKGBUILD/**/*
     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
   before_script:
-    - echo "COMMIT=${CI_COMMIT_SHA}" >> version.env
+    - echo -e "VERSION=$CI_BUILD_REF_NAME\nCOMMIT=$CI_COMMIT_SHA" > version.env
     # install build dependencies
     - pacman -Syu --noconfirm git
     # create a build-user because "makepkg" don't like root user
@@ -108,6 +112,7 @@ test:
   stage: test
   rules:
     - if: $CI_COMMIT_BRANCH
+    - if: $CI_COMMIT_TAG
     - if: $CI_PIPELINE_SOURCE == "merge_request_event"
   variables:
     DATABASE: sqlite:///../app/db.sqlite
@@ -192,28 +197,24 @@ code_quality:
     - if: $CODE_QUALITY_DISABLED
       when: never
     - if: $CI_PIPELINE_SOURCE == "merge_request_event"
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
 
 secret_detection:
   rules:
     - if: $SECRET_DETECTION_DISABLED
       when: never
     - if: $CI_PIPELINE_SOURCE == "merge_request_event"
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
 
 semgrep-sast:
   rules:
     - if: $SAST_DISABLED
       when: never
     - if: $CI_PIPELINE_SOURCE == "merge_request_event"
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
 
 test_coverage:
   extends: test
   allow_failure: true
   rules:
     - if: $CI_PIPELINE_SOURCE == "merge_request_event"
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
   script:
     - pip install pytest pytest-cov
     - coverage run -m pytest main.py
@@ -232,43 +233,36 @@ container_scanning:
     - if: $CONTAINER_SCANNING_DISABLED
       when: never
     - if: $CI_PIPELINE_SOURCE == "merge_request_event"
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
 
 gemnasium-python-dependency_scanning:
   rules:
     - if: $DEPENDENCY_SCANNING_DISABLED
       when: never
     - if: $CI_PIPELINE_SOURCE == "merge_request_event"
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
 
 .deploy:
   rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
     - if: $CI_COMMIT_TAG
-      when: never
 
 deploy:docker:
   extends: .deploy
   stage: deploy
-  rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
   before_script:
-    - echo "COMMIT=${CI_COMMIT_SHA}" >> version.env
-    - source version.env
-    - echo "Building docker image for commit ${COMMIT} with version ${VERSION}"
+    - echo -e "VERSION=$CI_BUILD_REF_NAME\nCOMMIT=$CI_COMMIT_SHA" > version.env
+    - echo "Building docker image for commit $CI_COMMIT_SHA with version $CI_BUILD_REF_NAME"
   script:
     - echo "GitLab-Registry"
     - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
-    - docker build . --tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${VERSION}
-    - docker build . --tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:latest
-    - docker push ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${VERSION}
-    - docker push ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:latest
+    - docker build . --tag $CI_REGISTRY/$CI_PROJECT_PATH/$CI_BUILD_REF_NAME:$CI_BUILD_REF_NAME
+    - docker build . --tag $CI_REGISTRY/$CI_PROJECT_PATH/$CI_BUILD_REF_NAME:latest
+    - docker push $CI_REGISTRY/$CI_PROJECT_PATH/$CI_BUILD_REF_NAME:$CI_BUILD_REF_NAME
+    - docker push $CI_REGISTRY/$CI_PROJECT_PATH/$CI_BUILD_REF_NAME:latest
     - echo "Docker-Hub"
     - docker login -u $PUBLIC_REGISTRY_USER -p $PUBLIC_REGISTRY_TOKEN
-    - docker build . --tag $PUBLIC_REGISTRY_USER/${CI_PROJECT_NAME}:${VERSION}
-    - docker build . --tag $PUBLIC_REGISTRY_USER/${CI_PROJECT_NAME}:latest
-    - docker push $PUBLIC_REGISTRY_USER/${CI_PROJECT_NAME}:${VERSION}
-    - docker push $PUBLIC_REGISTRY_USER/${CI_PROJECT_NAME}:latest
+    - docker build . --tag $PUBLIC_REGISTRY_USER/$CI_PROJECT_NAME:$CI_BUILD_REF_NAME
+    - docker build . --tag $PUBLIC_REGISTRY_USER/$CI_PROJECT_NAME:latest
+    - docker push $PUBLIC_REGISTRY_USER/$CI_PROJECT_NAME:$CI_BUILD_REF_NAME
+    - docker push $PUBLIC_REGISTRY_USER/$CI_PROJECT_NAME:latest
 
 deploy:apt:
   # doc: https://git.collinwebdesigns.de/help/user/packages/debian_repository/index.md#install-a-package
@@ -276,7 +270,7 @@ deploy:apt:
   image: debian:bookworm-slim
   stage: deploy
   rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+    - if: $CI_COMMIT_TAG
   needs:
     - job: build:apt
       artifacts: true
@@ -317,7 +311,7 @@ deploy:pacman:
   image: archlinux:base-devel
   stage: deploy
   rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+    - if: $CI_COMMIT_TAG
   needs:
     - job: build:pacman
       artifacts: true
@@ -325,9 +319,9 @@ deploy:pacman:
     - source .PKGBUILD/PKGBUILD
     - source version.env
     # fastapi-dls-1.0-1-any.pkg.tar.zst
-    - BUILD_NAME=${pkgname}-${VERSION}-${pkgrel}-any.pkg.tar.zst
+    - BUILD_NAME=${pkgname}-${CI_BUILD_REF_NAME}-${pkgrel}-any.pkg.tar.zst
     - PACKAGE_NAME=${pkgname}
-    - PACKAGE_VERSION=${VERSION}
+    - PACKAGE_VERSION=${CI_BUILD_REF_NAME}
     - PACKAGE_ARCH=any
     - EXPORT_NAME=${BUILD_NAME}
     - 'echo "PACKAGE_NAME:    ${PACKAGE_NAME}"'
@@ -339,19 +333,15 @@ deploy:pacman:
 release:
   image: registry.gitlab.com/gitlab-org/release-cli:latest
   stage: .post
-  needs:
-    - job: test
-      artifacts: true
+  needs: [ test ]
   rules:
     - if: $CI_COMMIT_TAG
-      when: never
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
   script:
-    - echo "Running release-job for $VERSION"
+    - echo "Running release-job for $CI_COMMIT_TAG"
   release:
-    name: $CI_PROJECT_TITLE $VERSION
-    description: Release of $CI_PROJECT_TITLE version $VERSION
-    tag_name: $VERSION
+    name: $CI_PROJECT_TITLE $CI_COMMIT_TAG
+    description: Release of $CI_PROJECT_TITLE version $CI_COMMIT_TAG
+    tag_name: $CI_COMMIT_TAG
     ref: $CI_COMMIT_SHA
     assets:
       links:
diff --git a/version.env b/version.env
deleted file mode 100644
index db1aeb8..0000000
--- a/version.env
+++ /dev/null
@@ -1 +0,0 @@
-VERSION=1.3.5

From 86f703a36caced868b5cc776cd116aaf88c375d7 Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Mon, 20 Mar 2023 08:35:06 +0100
Subject: [PATCH 12/15] ci improvements

---
 .gitlab-ci.yml | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index e211808..7cf0208 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -37,13 +37,19 @@ build:apt:
   stage: build
   rules:
     - if: $CI_COMMIT_TAG
+      variables:
+        VERSION: $CI_BUILD_REF_NAME
     - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
       changes:
         - app/**/*
         - .DEBIAN/**/*
+      variables:
+        VERSION: "0.0.1"
     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
+      variables:
+        VERSION: "0.0.1"
   before_script:
-    - echo -e "VERSION=$CI_BUILD_REF_NAME\nCOMMIT=$CI_COMMIT_SHA" > version.env
+    - echo -e "VERSION=$VERSION\nCOMMIT=$CI_COMMIT_SHA" > version.env
     # install build dependencies
     - apt-get update -qq && apt-get install -qq -y build-essential
     # create build directory for .deb sources
@@ -79,12 +85,18 @@ build:pacman:
   interruptible: true
   stage: build
   rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+    - if: $CI_COMMIT_TAG
+      variables:
+        VERSION: $CI_BUILD_REF_NAME
     - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
       changes:
         - app/**/*
         - .PKGBUILD/**/*
+      variables:
+        VERSION: "0.0.1"
     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
+      variables:
+        VERSION: "0.0.1"
   before_script:
     - echo -e "VERSION=$CI_BUILD_REF_NAME\nCOMMIT=$CI_COMMIT_SHA" > version.env
     # install build dependencies

From e42dc6aa86591bcd4887d551ef81d3f1779537de Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Mon, 20 Mar 2023 10:06:21 +0100
Subject: [PATCH 13/15] code styling

---
 app/main.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/main.py b/app/main.py
index 4b78253..f5388c8 100644
--- a/app/main.py
+++ b/app/main.py
@@ -82,7 +82,7 @@ async def _index():
 
 
 @app.get('/-/health', summary='* Health')
-async def _health(request: Request):
+async def _health():
     return JSONr({'status': 'up'})
 
 

From a22b56edbeef93d2ad33f3dab55405d09b2f3183 Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Mon, 20 Mar 2023 10:09:50 +0100
Subject: [PATCH 14/15] fixes

---
 .PKGBUILD/PKGBUILD | 3 ++-
 .gitlab-ci.yml     | 9 ++++++---
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/.PKGBUILD/PKGBUILD b/.PKGBUILD/PKGBUILD
index 82d038d..3913360 100644
--- a/.PKGBUILD/PKGBUILD
+++ b/.PKGBUILD/PKGBUILD
@@ -22,8 +22,9 @@ sha256sums=('SKIP'
             '3dc60140c08122a8ec0e7fa7f0937eb8c1288058890ba09478420fc30ce9e30c')
 
 pkgver() {
+  echo -e "VERSION=$VERSION\nCOMMIT=$CI_COMMIT_SHA" > $srcdir/$pkgname/version.env
   source $srcdir/$pkgname/version.env
-  echo ${VERSION}
+  echo $VERSION
 }
 
 check() {
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 7cf0208..395f4fb 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -43,12 +43,14 @@ build:apt:
       changes:
         - app/**/*
         - .DEBIAN/**/*
+        - .gitlab-ci.yml
       variables:
         VERSION: "0.0.1"
     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
       variables:
         VERSION: "0.0.1"
   before_script:
+    - echo $VERSION
     - echo -e "VERSION=$VERSION\nCOMMIT=$CI_COMMIT_SHA" > version.env
     # install build dependencies
     - apt-get update -qq && apt-get install -qq -y build-essential
@@ -71,7 +73,7 @@ build:apt:
     - cd build/
   script:
     # set version based on value in "$CI_BUILD_REF_NAME"
-    - sed -i -E 's/(Version\:\s)0.0/\1'"$CI_BUILD_REF_NAME"'/g' DEBIAN/control
+    - sed -i -E 's/(Version\:\s)0.0/\1'"$VERSION"'/g' DEBIAN/control
     # build
     - dpkg -b . build.deb
     - dpkg -I build.deb
@@ -92,13 +94,14 @@ build:pacman:
       changes:
         - app/**/*
         - .PKGBUILD/**/*
+        - .gitlab-ci.yml
       variables:
         VERSION: "0.0.1"
     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
       variables:
         VERSION: "0.0.1"
   before_script:
-    - echo -e "VERSION=$CI_BUILD_REF_NAME\nCOMMIT=$CI_COMMIT_SHA" > version.env
+    #- echo -e "VERSION=$VERSION\nCOMMIT=$CI_COMMIT_SHA" > version.env
     # install build dependencies
     - pacman -Syu --noconfirm git
     # create a build-user because "makepkg" don't like root user
@@ -113,7 +116,7 @@ build:pacman:
     # download dependencies
     - source PKGBUILD && pacman -Syu --noconfirm --needed --asdeps "${makedepends[@]}" "${depends[@]}"
     # build
-    - sudo -u build makepkg -s
+    - sudo --preserve-env -u build makepkg -s
   artifacts:
     expire_in: 1 week
     paths:

From 7cd4e6fde09ff586fddfc64c7c376a39838ad77f Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Mon, 20 Mar 2023 14:51:54 +0100
Subject: [PATCH 15/15] fixes

---
 .gitlab-ci.yml | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 395f4fb..93188ca 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -50,7 +50,6 @@ build:apt:
       variables:
         VERSION: "0.0.1"
   before_script:
-    - echo $VERSION
     - echo -e "VERSION=$VERSION\nCOMMIT=$CI_COMMIT_SHA" > version.env
     # install build dependencies
     - apt-get update -qq && apt-get install -qq -y build-essential
@@ -284,8 +283,6 @@ deploy:apt:
   extends: .deploy
   image: debian:bookworm-slim
   stage: deploy
-  rules:
-    - if: $CI_COMMIT_TAG
   needs:
     - job: build:apt
       artifacts: true
@@ -325,8 +322,6 @@ deploy:pacman:
   extends: .deploy
   image: archlinux:base-devel
   stage: deploy
-  rules:
-    - if: $CI_COMMIT_TAG
   needs:
     - job: build:pacman
       artifacts: true