feat: ci\cd setup
This commit is contained in:
parent
de5c18b128
commit
5e1dc36a97
46
.gitlab-ci.yml
Normal file
46
.gitlab-ci.yml
Normal file
@ -0,0 +1,46 @@
|
||||
include:
|
||||
- project: "devops/pena-continuous-integration"
|
||||
file: "/templates/docker/build-template.gitlab-ci.yml"
|
||||
- project: "devops/pena-continuous-integration"
|
||||
file: "/templates/docker/clean-template.gitlab-ci.yml"
|
||||
- project: "devops/pena-continuous-integration"
|
||||
file: "/templates/docker/deploy-template.gitlab-ci.yml"
|
||||
stages:
|
||||
- clean
|
||||
- build
|
||||
- deploy
|
||||
|
||||
clear-old-images:
|
||||
extends: .clean_template
|
||||
variables:
|
||||
STAGING_BRANCH: "main"
|
||||
PRODUCTION_BRANCH: "main"
|
||||
image:
|
||||
name: docker/compose:1.28.0
|
||||
entrypoint: [""]
|
||||
before_script:
|
||||
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
||||
- docker images
|
||||
script:
|
||||
- docker system prune -af
|
||||
build-app:
|
||||
extends: .build_template
|
||||
variables:
|
||||
DOCKER_BUILD_PATH: "./Dockerfile"
|
||||
STAGING_BRANCH: "main"
|
||||
PRODUCTION_BRANCH: "main"
|
||||
script:
|
||||
- mkdir -p /kaniko/.docker
|
||||
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
|
||||
- |
|
||||
/kaniko/executor --context $CI_PROJECT_DIR \
|
||||
--cache=true --cache-repo=$CI_REGISTRY_IMAGE \
|
||||
--dockerfile $CI_PROJECT_DIR/$DOCKER_BUILD_PATH --use-new-run --snapshotMode=redo \
|
||||
--destination $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG.$CI_PIPELINE_ID
|
||||
|
||||
deploy-to-staging:
|
||||
extends: .deploy_template
|
||||
variables:
|
||||
DEPLOY_TO: "staging"
|
||||
BRANCH: "main"
|
||||
|
||||
5
Proxy
5
Proxy
@ -1,5 +0,0 @@
|
||||
FROM nginx:latest
|
||||
|
||||
COPY privkey.pem /etc/nginx/
|
||||
COPY fullchain.pem /etc/nginx/
|
||||
COPY default.conf /etc/nginx/conf.d/
|
||||
89
default.conf
89
default.conf
@ -1,89 +0,0 @@
|
||||
server {
|
||||
root /usr/share/nginx/html;
|
||||
|
||||
index index.html index.htm index.nginx-debian.html;
|
||||
server_name _; # managed by Certbot
|
||||
|
||||
location /auth {
|
||||
if ($request_method = OPTIONS) {
|
||||
add_header Access-Control-Allow-Origin $http_origin always;
|
||||
add_header Access-Control-Allow-Credentials true always;
|
||||
add_header Access-Control-Allow-Headers content-type always;
|
||||
return 200;
|
||||
}
|
||||
if ($host = admin.pena.digital) {
|
||||
proxy_pass http://admin-auth-service:8080;
|
||||
}
|
||||
if ($host != admin.pena.digital) {
|
||||
proxy_pass http://pena-auth-service:8080;
|
||||
}
|
||||
proxy_hide_header Access-Control-Allow-Origin;
|
||||
add_header Access-Control-Allow-Origin $http_origin always;
|
||||
add_header Access-Control-Allow-Credentials true always;
|
||||
}
|
||||
location /user {
|
||||
proxy_pass http://pena-auth-service:8080;
|
||||
}
|
||||
|
||||
location /swagger/ {
|
||||
proxy_pass http://pena-auth-service:8080/;
|
||||
}
|
||||
location /cookie {
|
||||
add_header Access-Control-Allow-Origin $http_origin;
|
||||
add_header Access-Control-Allow-Credentials true;
|
||||
add_header Set-Cookie "test=sameshit;SameSite=None;HttpOnly;Secure;";
|
||||
return 200;
|
||||
}
|
||||
|
||||
location /heruvym/ {
|
||||
proxy_set_header Referer $host;
|
||||
proxy_set_header Origin $http_origin;
|
||||
proxy_set_header Connection '';
|
||||
proxy_http_version 1.1;
|
||||
chunked_transfer_encoding off;
|
||||
proxy_buffering off;
|
||||
proxy_cache off;
|
||||
proxy_pass https://10.6.0.11:1488/;
|
||||
}
|
||||
|
||||
location /strator/ {
|
||||
proxy_pass http://hub-admin-backend-service:8005/;
|
||||
}
|
||||
location /feedback/ {
|
||||
proxy_set_header Host $host;
|
||||
proxy_pass http://10.6.0.31:8006/;
|
||||
}
|
||||
|
||||
location / {
|
||||
if ($host = hub.pena.digital) {
|
||||
proxy_pass http://hub;
|
||||
}
|
||||
if ($host = docs.pena.digital) {
|
||||
proxy_pass http://docs;
|
||||
}
|
||||
if ($host = admin.pena.digital) {
|
||||
proxy_pass http://admin;
|
||||
}
|
||||
if ($host = services.pena.digital) {
|
||||
proxy_pass http://services;
|
||||
}
|
||||
if ($host = links.pena.digital) {
|
||||
proxy_pass http://dwarfener;
|
||||
}
|
||||
if ($host = oauth.pena.digital) {
|
||||
proxy_pass http://pena-social-auth-service:8000;
|
||||
}
|
||||
}
|
||||
|
||||
listen [::]:443 ssl ipv6only=on; # managed by Certbot
|
||||
listen 443 ssl; # managed by Certbot
|
||||
ssl_certificate /etc/nginx/fullchain.pem; # managed by Certbot
|
||||
ssl_certificate_key /etc/nginx/privkey.pem; # managed by Certbot
|
||||
|
||||
}
|
||||
server {
|
||||
listen 80 ;
|
||||
listen [::]:80 ;
|
||||
server_name _;
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
13
deployments/staging/docker-compose.yaml
Normal file
13
deployments/staging/docker-compose.yaml
Normal file
@ -0,0 +1,13 @@
|
||||
services:
|
||||
hub:
|
||||
container_name: hub
|
||||
restart: unless-stopped
|
||||
image: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG.$CI_PIPELINE_ID
|
||||
networks:
|
||||
- marketplace_penahub_frontend
|
||||
hostname: hub
|
||||
tty: true
|
||||
networks:
|
||||
marketplace_penahub_frontend:
|
||||
external: true
|
||||
|
||||
Loading…
Reference in New Issue
Block a user