-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.gitlab-ci.yml
118 lines (111 loc) · 4.25 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
image: jhipster/jhipster:v7.9.4
cache:
key: '$CI_COMMIT_REF_NAME'
paths:
- .maven/
stages:
- check
- build
- test
- analyze
- package
- release
- deploy
before_script:
- export NG_CLI_ANALYTICS="false"
- export MAVEN_USER_HOME=`pwd`/.maven
nohttp:
stage: check
script:
- ./mvnw -ntp checkstyle:check -Dmaven.repo.local=$MAVEN_USER_HOME
maven-compile:
stage: build
script:
- ./mvnw -ntp compile -P-webapp -Dmaven.repo.local=$MAVEN_USER_HOME
artifacts:
paths:
- target/classes/
- target/generated-sources/
expire_in: 1 day
maven-package:
stage: package
script:
- echo "jhipster" | sudo -S apt-get update
- echo "jhipster" | sudo -S apt-get install -y chromium-browser
- echo 'whereis chromium-browser'
- ./mvnw -ntp verify -Pprod -DskipTests -Dmaven.repo.local=$MAVEN_USER_HOME
artifacts:
paths:
- target/*.jar
- target/classes
expire_in: 1 day
publish-docker:
stage: release
services:
- docker:dind
variables:
DOCKER_HOST: 'tcp://docker:2375'
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ''
dependencies:
- maven-package
script:
- echo "pushing ${CI_REGISTRY_IMAGE} ${CI_REGISTRY_USER} ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY} ${CI_COMMIT_TAG}"
- ./mvnw -ntp -e -X jib:build -DskipTests -Pprod -Djib.to.auth.username=${CI_REGISTRY_USER} -Djib.to.auth.password=${CI_REGISTRY_PASSWORD} -Djib.to.image=${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG}latest -Dmaven.repo.local=$MAVEN_USER_HOME
#deploy expects $PASSPHRASE $RSA $USER@$IP are set in the repo - Setting -> CI/CD -> variables
#$RSA should be a private key file, $USER is the VM user name (e.g. root or ec2) and $IP is the IP address of the Virtual Machine, $PASSPHRASE is the passphrase to unlock the key
#assumes SSH is running on the VM, also assumes Ubuntu VM (with sudo)
deploy-dev:
image: alpine:latest
stage: deploy
when: on_success
resource_group: deployment
variables:
URL: '${CI_PROJECT_NAME}.bham.team'
#ACME test SSL certificate retrival - VM must be public (not behine a proxy), have ports 80 443 open and have caddy web server enabed in install-app.sh
#use one of the following instead to get real SSL certs 'https://acme-v02.api.letsencrypt.org/directory' 'https://acme.zerossl.com/v2/DV90'
ACME: 'https://acme-staging-v02.api.letsencrypt.org/directory'
before_script:
# copy SSH config
- mkdir -p ~/.ssh
- cp src/main/ci/ssh-config ~/.ssh/config
- chmod 0600 ~/.ssh/config
# copy in SSH key
- cp ${RSA_NOPW} ~/.ssh/tpvm
- chmod 0600 ~/.ssh/tpvm
#install and configure SSH on the gitlab-runner
- chmod og= $RSA
- apk update && apk add openssh-client sshpass
#save CI pipeline variables ready for transfer to the deployment server
- echo CI_REGISTRY_USER=${CI_REGISTRY_USER} CI_REGISTRY_PASSWORD=${CI_REGISTRY_PASSWORD} CI_REGISTRY_IMAGE=${CI_REGISTRY_IMAGE} CI_COMMIT_TAG=${CI_COMMIT_TAG} CI_REGISTRY=${CI_REGISTRY} URL=${URL} EMAIL=${GITLAB_USER_EMAIL} ACME=${ACME} > src/main/docker/.env
#delete previous ~/team-project/ folder if it is there and run (install-docker.sh) on the deployment server if it is needed
- ssh teamproject2023-team31 "(rm -rf ~/team-project || true ) && (which docker || sh team-project/install-docker.sh)"
#transfer src/main/docker/ to the deployment server
- scp -r src/main/docker/ teamproject2023-team31:~/team-project
#run (install-app.sh) on the deployment server
- ssh teamproject2023-team31 "sh team-project/install-app.sh"
script:
- ssh teamproject2023-team31 "docker compose -f ~/team-project/app.yml up -d && docker system prune --force --filter 'until=24h'"
deploy-prod:
image: alpine:latest
stage: deploy
when: on_success
only:
- tags
except:
- branches
dependencies:
- deploy-dev
resource_group: deployment
before_script:
- mkdir -p ~/.ssh
- cp src/main/ci/ssh-config ~/.ssh/config
- chmod 0600 ~/.ssh/config
# copy in SSH key
- cp ${RSA_NOPW} ~/.ssh/tpvm
- chmod 0600 ~/.ssh/tpvm
#install and configure SSH on the gitlab-runner
- chmod og= $RSA
- apk update && apk add openssh-client sshpass
script:
- ssh teamproject2023-team31 "docker compose -f ~/team-project/prd.yml up -d && docker system prune --force --filter 'until=24h'"