feat: ci\cd setup
This commit is contained in:
parent
de5c18b128
commit
5e1dc36a97
46
.gitlab-ci.yml
Normal file
46
.gitlab-ci.yml
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
include:
|
||||||
|
- project: "devops/pena-continuous-integration"
|
||||||
|
file: "/templates/docker/build-template.gitlab-ci.yml"
|
||||||
|
- project: "devops/pena-continuous-integration"
|
||||||
|
file: "/templates/docker/clean-template.gitlab-ci.yml"
|
||||||
|
- project: "devops/pena-continuous-integration"
|
||||||
|
file: "/templates/docker/deploy-template.gitlab-ci.yml"
|
||||||
|
stages:
|
||||||
|
- clean
|
||||||
|
- build
|
||||||
|
- deploy
|
||||||
|
|
||||||
|
clear-old-images:
|
||||||
|
extends: .clean_template
|
||||||
|
variables:
|
||||||
|
STAGING_BRANCH: "main"
|
||||||
|
PRODUCTION_BRANCH: "main"
|
||||||
|
image:
|
||||||
|
name: docker/compose:1.28.0
|
||||||
|
entrypoint: [""]
|
||||||
|
before_script:
|
||||||
|
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
||||||
|
- docker images
|
||||||
|
script:
|
||||||
|
- docker system prune -af
|
||||||
|
build-app:
|
||||||
|
extends: .build_template
|
||||||
|
variables:
|
||||||
|
DOCKER_BUILD_PATH: "./Dockerfile"
|
||||||
|
STAGING_BRANCH: "main"
|
||||||
|
PRODUCTION_BRANCH: "main"
|
||||||
|
script:
|
||||||
|
- mkdir -p /kaniko/.docker
|
||||||
|
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
|
||||||
|
- |
|
||||||
|
/kaniko/executor --context $CI_PROJECT_DIR \
|
||||||
|
--cache=true --cache-repo=$CI_REGISTRY_IMAGE \
|
||||||
|
--dockerfile $CI_PROJECT_DIR/$DOCKER_BUILD_PATH --use-new-run --snapshotMode=redo \
|
||||||
|
--destination $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG.$CI_PIPELINE_ID
|
||||||
|
|
||||||
|
deploy-to-staging:
|
||||||
|
extends: .deploy_template
|
||||||
|
variables:
|
||||||
|
DEPLOY_TO: "staging"
|
||||||
|
BRANCH: "main"
|
||||||
|
|
||||||
5
Proxy
5
Proxy
@ -1,5 +0,0 @@
|
|||||||
FROM nginx:latest
|
|
||||||
|
|
||||||
COPY privkey.pem /etc/nginx/
|
|
||||||
COPY fullchain.pem /etc/nginx/
|
|
||||||
COPY default.conf /etc/nginx/conf.d/
|
|
||||||
89
default.conf
89
default.conf
@ -1,89 +0,0 @@
|
|||||||
server {
|
|
||||||
root /usr/share/nginx/html;
|
|
||||||
|
|
||||||
index index.html index.htm index.nginx-debian.html;
|
|
||||||
server_name _; # managed by Certbot
|
|
||||||
|
|
||||||
location /auth {
|
|
||||||
if ($request_method = OPTIONS) {
|
|
||||||
add_header Access-Control-Allow-Origin $http_origin always;
|
|
||||||
add_header Access-Control-Allow-Credentials true always;
|
|
||||||
add_header Access-Control-Allow-Headers content-type always;
|
|
||||||
return 200;
|
|
||||||
}
|
|
||||||
if ($host = admin.pena.digital) {
|
|
||||||
proxy_pass http://admin-auth-service:8080;
|
|
||||||
}
|
|
||||||
if ($host != admin.pena.digital) {
|
|
||||||
proxy_pass http://pena-auth-service:8080;
|
|
||||||
}
|
|
||||||
proxy_hide_header Access-Control-Allow-Origin;
|
|
||||||
add_header Access-Control-Allow-Origin $http_origin always;
|
|
||||||
add_header Access-Control-Allow-Credentials true always;
|
|
||||||
}
|
|
||||||
location /user {
|
|
||||||
proxy_pass http://pena-auth-service:8080;
|
|
||||||
}
|
|
||||||
|
|
||||||
location /swagger/ {
|
|
||||||
proxy_pass http://pena-auth-service:8080/;
|
|
||||||
}
|
|
||||||
location /cookie {
|
|
||||||
add_header Access-Control-Allow-Origin $http_origin;
|
|
||||||
add_header Access-Control-Allow-Credentials true;
|
|
||||||
add_header Set-Cookie "test=sameshit;SameSite=None;HttpOnly;Secure;";
|
|
||||||
return 200;
|
|
||||||
}
|
|
||||||
|
|
||||||
location /heruvym/ {
|
|
||||||
proxy_set_header Referer $host;
|
|
||||||
proxy_set_header Origin $http_origin;
|
|
||||||
proxy_set_header Connection '';
|
|
||||||
proxy_http_version 1.1;
|
|
||||||
chunked_transfer_encoding off;
|
|
||||||
proxy_buffering off;
|
|
||||||
proxy_cache off;
|
|
||||||
proxy_pass https://10.6.0.11:1488/;
|
|
||||||
}
|
|
||||||
|
|
||||||
location /strator/ {
|
|
||||||
proxy_pass http://hub-admin-backend-service:8005/;
|
|
||||||
}
|
|
||||||
location /feedback/ {
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_pass http://10.6.0.31:8006/;
|
|
||||||
}
|
|
||||||
|
|
||||||
location / {
|
|
||||||
if ($host = hub.pena.digital) {
|
|
||||||
proxy_pass http://hub;
|
|
||||||
}
|
|
||||||
if ($host = docs.pena.digital) {
|
|
||||||
proxy_pass http://docs;
|
|
||||||
}
|
|
||||||
if ($host = admin.pena.digital) {
|
|
||||||
proxy_pass http://admin;
|
|
||||||
}
|
|
||||||
if ($host = services.pena.digital) {
|
|
||||||
proxy_pass http://services;
|
|
||||||
}
|
|
||||||
if ($host = links.pena.digital) {
|
|
||||||
proxy_pass http://dwarfener;
|
|
||||||
}
|
|
||||||
if ($host = oauth.pena.digital) {
|
|
||||||
proxy_pass http://pena-social-auth-service:8000;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
listen [::]:443 ssl ipv6only=on; # managed by Certbot
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/nginx/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/nginx/privkey.pem; # managed by Certbot
|
|
||||||
|
|
||||||
}
|
|
||||||
server {
|
|
||||||
listen 80 ;
|
|
||||||
listen [::]:80 ;
|
|
||||||
server_name _;
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
}
|
|
||||||
13
deployments/staging/docker-compose.yaml
Normal file
13
deployments/staging/docker-compose.yaml
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
services:
|
||||||
|
hub:
|
||||||
|
container_name: hub
|
||||||
|
restart: unless-stopped
|
||||||
|
image: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG.$CI_PIPELINE_ID
|
||||||
|
networks:
|
||||||
|
- marketplace_penahub_frontend
|
||||||
|
hostname: hub
|
||||||
|
tty: true
|
||||||
|
networks:
|
||||||
|
marketplace_penahub_frontend:
|
||||||
|
external: true
|
||||||
|
|
||||||
Loading…
Reference in New Issue
Block a user