diff --git a/.gitea/workflows/deployProd.yml b/.gitea/workflows/deployProd.yml new file mode 100644 index 0000000..d2d57e8 --- /dev/null +++ b/.gitea/workflows/deployProd.yml @@ -0,0 +1,26 @@ +name: Deploy +run-name: ${{ gitea.actor }} build image and push to container registry + +on: + push: + branches: + - 'main' + +jobs: + CreateImage: + runs-on: [squizstaging] + uses: https://gitea.pena/PenaDevops/actions.git/.gitea/workflows/build-image.yml@v1.1.6-p + with: + runner: hubstaging + secrets: + REGISTRY_USER: ${{ secrets.REGISTRY_USER }} + REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} + DeployService: + runs-on: [squizprod] + needs: CreateImage + uses: https://gitea.pena/PenaDevops/actions.git/.gitea/workflows/deploy.yml@v1.1.4-p7 + with: + runner: hubprod + actionid: ${{ gitea.run_id }} + + diff --git a/.gitea/workflows/deployStaging.yml b/.gitea/workflows/deployStaging.yml new file mode 100644 index 0000000..a9c04e4 --- /dev/null +++ b/.gitea/workflows/deployStaging.yml @@ -0,0 +1,26 @@ +name: Deploy +run-name: ${{ gitea.actor }} build image and push to container registry + +on: + push: + branches: + - 'staging' + +jobs: + CreateImage: + runs-on: [hubstaging] + uses: http://gitea.pena/PenaDevops/actions.git/.gitea/workflows/build-image.yml@v1.1.6-p + with: + runner: hubstaging + secrets: + REGISTRY_USER: ${{ secrets.REGISTRY_USER }} + REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} + DeployService: + runs-on: [hubstaging] + needs: CreateImage + uses: http://gitea.pena/PenaDevops/actions.git/.gitea/workflows/deploy.yml@v1.1.4-p7 + with: + runner: hubstaging + actionid: ${{ gitea.run_id }} + + diff --git a/.gitea/workflows/lint.yml b/.gitea/workflows/lint.yml new file mode 100644 index 0000000..20e6298 --- /dev/null +++ b/.gitea/workflows/lint.yml @@ -0,0 +1,14 @@ +name: Lint +run-name: ${{ gitea.actor }} produce linting + +on: + push: + branches: + - 'dev' + +jobs: + Lint: + runs-on: [hubstaging] + uses: http://gitea.pena/PenaDevops/actions.git/.gitea/workflows/lint.yml@v1.1.0 + with: + runner: hubstaging diff --git a/Dockerfile b/Dockerfile index 6dbac76..57624fb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,18 +1,11 @@ -FROM dockerhub.timeweb.cloud/golang:alpine as build +FROM gitea.pena/penadevops/container-images/golang:main as build WORKDIR /app -RUN apk add git COPY . . -ARG GITLAB_TOKEN -ENV GOPRIVATE=penahub.gitlab.yandexcloud.net/backend/penahub_common -RUN git config --global url."https://buildToken:glpat-axA8ttckx3aPf_xd2Dym@penahub.gitlab.yandexcloud.net/".insteadOf "https://penahub.gitlab.yandexcloud.net/" RUN go mod download RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o amocrm ./cmd/main.go RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o token_refresher ./cmd/tokens/main.go -FROM penahub.gitlab.yandexcloud.net:5050/devops/dockerhub-backup/alpine as prod +FROM gitea.pena/penadevops/container-images/alpine:main as prod COPY --from=build /app/amocrm . COPY --from=build /app/token_refresher . -EXPOSE 1488 -ENV IS_PROD_LOG=false -ENV IS_PROD=false CMD ["/amocrm"] diff --git a/deployments/main/docker-compose.yaml b/deployments/main/docker-compose.yaml index a7b024d..f973f71 100644 --- a/deployments/main/docker-compose.yaml +++ b/deployments/main/docker-compose.yaml @@ -1,23 +1,20 @@ -version: "3" services: amocrm: - hostname: squiz-amocrm - container_name: squiz-amocrm - image: $CI_REGISTRY_IMAGE/main:$CI_COMMIT_REF_SLUG.$CI_PIPELINE_ID + image: gitea.pena/squiz/amocrm/main:$GITHUB_RUN_NUMBER tty: true environment: HTTP_HOST: '0.0.0.0' HTTP_PORT: 1488 - REDIS_ADDR: '10.8.0.9:6379' + REDIS_ADDR: '10.8.0.12:6379' REDIS_PASS: 'Redalert2' REDIS_DB: 4 - PENA_SOCIAL_AUTH_URL: 'http://10.8.0.8:59344/amocrm/auth' + PENA_SOCIAL_AUTH_URL: 'http://10.8.0.226:59344/amocrm/auth' - PUBLIC_ACCESS_SECRET_KEY: $JWT_PUBLIC_KEY - PG_CRED: 'host=10.8.0.9 port=5433 user=squiz password=Redalert2 dbname=squiz sslmode=disable' - PUBLIC_KEY: $PEM_PUB_USERID - PRIVATE_KEY: $PEM_PRIV_USERID - KAFKA_BROKERS: 10.8.0.8:9092 + PUBLIC_ACCESS_SECRET_KEY: "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCLW1tlHyKC9AG0hGpmkksET2DE\nr7ojSPemxFWAgFgcPJWQ7x3uNbsdJ3bIZFoA/FClaWKMCZmjnH9tv0bKZtY/CDhM\nZEyHpMruRSn6IKrxjtQZWy4uv/w6MzUeyBYG0OvNCiYpdvz5SkAGAUHD5ZNFqn2w\nKKFD0I2Dr59BFVSGJwIDAQAB\n-----END PUBLIC KEY-----" + PG_CRED: 'host=10.8.0.12 port=5433 user=squiz password=Redalert2 dbname=squiz sslmode=disable' + PUBLIC_KEY: "-----BEGIN PUBLIC KEY-----\nMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAn/Q3CKvaxK4YR3N3Iy8O\nIOs218oDQIwoHpmRh3a9V+vTEqT+rY8/Dkf5cnbTMuEBFP1NYtS+pcSFF7nLlZdm\nVb6rhtjLCV0awogeWxJsXCHBOHF7Fv4iqDa85qMwl7XiVXxKo/9kH9TkPsgFsuYt\nvL4Xc1u6ogoYeVHP7ULDMxgmdLd2N9VIVphxsiGDq304NbgWFVr47/J3x3DU0bw+\nF5QdI7ScU/m4T3S0WlhFaG0hblVbH8x+8U81F9OIyJCX9tGZYb6eR3v1pnWP191L\nkpJPSlj9cPPJhl3d6bCyYzGv6k8KQClSs8lsSklPrcXl0ut3raC+oEFp2JkHQL7R\nUlwPr2ZOt9DTTs7l70gvr8FswO4/N6+t+6spce2s3lwN41BWGWHYcc9PuOHqUQTw\nJ3IQQU6NmAyZOjDiZJw7uoNG2rtCqWQRykTULZvtfxh3lMXI/qKM1em+Qo3AZnKC\nY01xhCr4ahPs9Rb4eReigTJSzq+IRSJa1+xPaR4dNm6tAgMBAAE=\n-----END PUBLIC KEY-----" + PRIVATE_KEY: "-----BEGIN RSA PRIVATE KEY-----\nMIIG4gIBAAKCAYEAn/Q3CKvaxK4YR3N3Iy8OIOs218oDQIwoHpmRh3a9V+vTEqT+\nrY8/Dkf5cnbTMuEBFP1NYtS+pcSFF7nLlZdmVb6rhtjLCV0awogeWxJsXCHBOHF7\nFv4iqDa85qMwl7XiVXxKo/9kH9TkPsgFsuYtvL4Xc1u6ogoYeVHP7ULDMxgmdLd2\nN9VIVphxsiGDq304NbgWFVr47/J3x3DU0bw+F5QdI7ScU/m4T3S0WlhFaG0hblVb\nH8x+8U81F9OIyJCX9tGZYb6eR3v1pnWP191LkpJPSlj9cPPJhl3d6bCyYzGv6k8K\nQClSs8lsSklPrcXl0ut3raC+oEFp2JkHQL7RUlwPr2ZOt9DTTs7l70gvr8FswO4/\nN6+t+6spce2s3lwN41BWGWHYcc9PuOHqUQTwJ3IQQU6NmAyZOjDiZJw7uoNG2rtC\nqWQRykTULZvtfxh3lMXI/qKM1em+Qo3AZnKCY01xhCr4ahPs9Rb4eReigTJSzq+I\nRSJa1+xPaR4dNm6tAgMBAAECggGAAWC0oqX8Tepj+iWT9qEeoYj1IXmzenhalhzj\nhIOw0NOOr1/tc6hCtkhHbUV5vzvx6vDdnEbR15KwRMqMZt71ejKYvqIaaZu8McXD\nYSxw84A07lwH3+RTfxhtmxz3u67M4sidyfjWr3GBf8rwRaC27yPCBvPY0TF+EXlz\nbYtALC3+ks3LvmJfa6OHgy3HuQ/sjoXl5swwTbzMbFLb+myBKmnTsG2LVSvW+xQ5\nw3d0LZiXC6C/lrAHveNdRTXEvVmFehKVGJEUvBde0auREyT9vyBomtB3gdePYB/F\ngpRIccgg9D1xC94t8o92v1urMLDU0gn/XgXSQ9mNPrW1RyHrG9ro6seAcrW/cWF3\nSa6OiFEbgZtDqoBKUKcKVwOt3wA/qQVuaUtrRUl/y3E1vBTQBrQqGiY3NQ9OK4kv\nXVSBmakFYCN/wASUCd85kRebF1Ddbb+b60WB1KA3kNAZn4Hd3yZEi0uiZGngrIke\n1oluLvRY8uzCQZnQbyAqpjThaMlxAoHBANxwg4wQYFPHB2tZQJ4BzLA0p1KtUEF6\nwyfxa8mLpwZXF+U3rdKWMhmT3HB2hD1yK358wDTNmoHTKxiJqkqRbTU1Yb0nNyMl\nfliKJHoGEnt+LPRarTqmUMeqEhcLjWQi/yOqBUiRXlvZCwQXIeX1FEiAGvkXWuKF\nDE0K+FNM6A5zw+aANijna1Ipc1eoW/WRgECtvq9pVzkCWl4ABRcxQ6NAjNktU0RM\nfrFKAB/YO4j4orhx8Sa8eFjdPSefWOomWQKBwQC5wdSwo+bNVqS+512kZlDM+yRa\nDCA76djvef1q1s4cbINx+m8bnaQ8JgDaUJ5hIAYfdKeXH6bgKF0EGyjhrk1QnV9n\nvUnStbFq2+vLCjyNidk2HnGrbTeWtK4eVSMGEqnzFIvlEm5tl3M3ZcyYKeLkhwU9\nMAHVRMguEGsUxQqVVKdjZQxEeedXj/SIUyxxSPPgNTcIgttObU/s3kG5JsU0iUpz\nISjeAPw/z/mjReDJRjPudxo+VnMwjtVRWqk9KHUCgcAvf0rI3ipzQro1hiinIwog\nmWfIJ7HYOgRc0ecAqUeW1SM/72xTqKso2bQww0ihGL2IZobfmcGF4aMyiU8Y/BbE\n1Ti3EgEOYKDFoRZU+IP4+enjyLn0nitfqiR1tLaFcgj5fUPgK/ph3fVCr11NeC4j\npP6q1z5s+m/5FbkF8dc6bfUy8EM7MwnrzSSeKZeO5Qf2Z7ljgFYb4YbpJCX0plfF\nkD4I+XwshjLyLliyg9voGnKtPVfRmeBwfVMU+3+kDBkCgcBLctIryPbG8mlJ7PmY\n+8HX8C3ssT4qd6oYYskuqv7ehqjBE8IrSlVZ5Om1wscBlhtGjYBAnqeOJnbZYxqw\nx7Y5hyIoJbclcY0VZSwZtRexOYtTMvxib6MDgHG0ekoWfmAvDmpf6aOWucwfdSar\nq1+wCLN1DdnAwQY5x4tmzT2mN9MhSPq5mXYAl8Tv1jCX9tSvfY3T1Cq1aSrsf73c\nMUYqN5VYu+A4g9fxJ00zJv/NYMlZE2FCbqSs1WcJezSAVb0CgcAQCIa7cSyN4wet\ni3PZ5i+0kqYUf4/ZDVPQWvNruIo66qBmD3N2UcIJFGwgQxbkMF3fR3ooV1HXOipA\nocqsZSHWowgSPPqU/Hb1pNXHIH2GFxrpXSzVzpiONzhml/Cpkjcq0jrlnN1GuXnw\ndkzVML/YGnNdfnyjtRf+ob2PND6PoWzpXQFgu+4In2PcK/7CWHLjz6GZAyaxZuWm\nHnhOumDhkdCbePfIcRfuE1pBO82RsYc1bCm6kajeHSR0KhCnozE=\n-----END RSA PRIVATE KEY-----" + KAFKA_BROKERS: 10.8.0.12:9092 KAFKA_TOPIC: "squiz-amocrm" GRPC_HOST: "0.0.0.0" RETURN_URL: "https://quiz.pena.digital/squiz/amocrm/oauth" @@ -25,26 +22,24 @@ services: INTEGRATION_ID: "48fc50c2-67a6-4619-bd54-23311619cc79" INTEGRATION_SECRET: "YRvT2CRFprN7r5N021YTSe1LKT0HJdhaE6GJbGYs08q9llyDrwE5FMuM3HXl7CZ0" ports: - - 10.6.0.26:1492:1488 + - 10.8.0.12:1492:1488 refresher: - hostname: amocrm-refresher - container_name: amocrm-refresher - image: $CI_REGISTRY_IMAGE/main:$CI_COMMIT_REF_SLUG.$CI_PIPELINE_ID + image: gitea.pena/squiz/amocrm/main:$GITHUB_RUN_NUMBER tty: true command: /token_refresher environment: HTTP_HOST: '0.0.0.0' HTTP_PORT: 1488 - REDIS_ADDR: '10.8.0.9:6379' + REDIS_ADDR: '10.8.0.12:6379' REDIS_PASS: 'Redalert2' REDIS_DB: 4 - PENA_SOCIAL_AUTH_URL: 'http://10.8.0.8:59344/amocrm/auth' + PENA_SOCIAL_AUTH_URL: 'http://10.8.0.226:59344/amocrm/auth' - PUBLIC_ACCESS_SECRET_KEY: $JWT_PUBLIC_KEY + PUBLIC_ACCESS_SECRET_KEY: "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCLW1tlHyKC9AG0hGpmkksET2DE\nr7ojSPemxFWAgFgcPJWQ7x3uNbsdJ3bIZFoA/FClaWKMCZmjnH9tv0bKZtY/CDhM\nZEyHpMruRSn6IKrxjtQZWy4uv/w6MzUeyBYG0OvNCiYpdvz5SkAGAUHD5ZNFqn2w\nKKFD0I2Dr59BFVSGJwIDAQAB\n-----END PUBLIC KEY-----" PG_CRED: 'host=10.8.0.9 port=5433 user=squiz password=Redalert2 dbname=squiz sslmode=disable' - PUBLIC_KEY: $PEM_PUB_USERID - PRIVATE_KEY: $PEM_PRIV_USERID - KAFKA_BROKERS: 10.8.0.8:9092 + PUBLIC_KEY: "-----BEGIN PUBLIC KEY-----\nMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAn/Q3CKvaxK4YR3N3Iy8O\nIOs218oDQIwoHpmRh3a9V+vTEqT+rY8/Dkf5cnbTMuEBFP1NYtS+pcSFF7nLlZdm\nVb6rhtjLCV0awogeWxJsXCHBOHF7Fv4iqDa85qMwl7XiVXxKo/9kH9TkPsgFsuYt\nvL4Xc1u6ogoYeVHP7ULDMxgmdLd2N9VIVphxsiGDq304NbgWFVr47/J3x3DU0bw+\nF5QdI7ScU/m4T3S0WlhFaG0hblVbH8x+8U81F9OIyJCX9tGZYb6eR3v1pnWP191L\nkpJPSlj9cPPJhl3d6bCyYzGv6k8KQClSs8lsSklPrcXl0ut3raC+oEFp2JkHQL7R\nUlwPr2ZOt9DTTs7l70gvr8FswO4/N6+t+6spce2s3lwN41BWGWHYcc9PuOHqUQTw\nJ3IQQU6NmAyZOjDiZJw7uoNG2rtCqWQRykTULZvtfxh3lMXI/qKM1em+Qo3AZnKC\nY01xhCr4ahPs9Rb4eReigTJSzq+IRSJa1+xPaR4dNm6tAgMBAAE=\n-----END PUBLIC KEY-----" + PRIVATE_KEY: "-----BEGIN RSA PRIVATE KEY-----\nMIIG4gIBAAKCAYEAn/Q3CKvaxK4YR3N3Iy8OIOs218oDQIwoHpmRh3a9V+vTEqT+\nrY8/Dkf5cnbTMuEBFP1NYtS+pcSFF7nLlZdmVb6rhtjLCV0awogeWxJsXCHBOHF7\nFv4iqDa85qMwl7XiVXxKo/9kH9TkPsgFsuYtvL4Xc1u6ogoYeVHP7ULDMxgmdLd2\nN9VIVphxsiGDq304NbgWFVr47/J3x3DU0bw+F5QdI7ScU/m4T3S0WlhFaG0hblVb\nH8x+8U81F9OIyJCX9tGZYb6eR3v1pnWP191LkpJPSlj9cPPJhl3d6bCyYzGv6k8K\nQClSs8lsSklPrcXl0ut3raC+oEFp2JkHQL7RUlwPr2ZOt9DTTs7l70gvr8FswO4/\nN6+t+6spce2s3lwN41BWGWHYcc9PuOHqUQTwJ3IQQU6NmAyZOjDiZJw7uoNG2rtC\nqWQRykTULZvtfxh3lMXI/qKM1em+Qo3AZnKCY01xhCr4ahPs9Rb4eReigTJSzq+I\nRSJa1+xPaR4dNm6tAgMBAAECggGAAWC0oqX8Tepj+iWT9qEeoYj1IXmzenhalhzj\nhIOw0NOOr1/tc6hCtkhHbUV5vzvx6vDdnEbR15KwRMqMZt71ejKYvqIaaZu8McXD\nYSxw84A07lwH3+RTfxhtmxz3u67M4sidyfjWr3GBf8rwRaC27yPCBvPY0TF+EXlz\nbYtALC3+ks3LvmJfa6OHgy3HuQ/sjoXl5swwTbzMbFLb+myBKmnTsG2LVSvW+xQ5\nw3d0LZiXC6C/lrAHveNdRTXEvVmFehKVGJEUvBde0auREyT9vyBomtB3gdePYB/F\ngpRIccgg9D1xC94t8o92v1urMLDU0gn/XgXSQ9mNPrW1RyHrG9ro6seAcrW/cWF3\nSa6OiFEbgZtDqoBKUKcKVwOt3wA/qQVuaUtrRUl/y3E1vBTQBrQqGiY3NQ9OK4kv\nXVSBmakFYCN/wASUCd85kRebF1Ddbb+b60WB1KA3kNAZn4Hd3yZEi0uiZGngrIke\n1oluLvRY8uzCQZnQbyAqpjThaMlxAoHBANxwg4wQYFPHB2tZQJ4BzLA0p1KtUEF6\nwyfxa8mLpwZXF+U3rdKWMhmT3HB2hD1yK358wDTNmoHTKxiJqkqRbTU1Yb0nNyMl\nfliKJHoGEnt+LPRarTqmUMeqEhcLjWQi/yOqBUiRXlvZCwQXIeX1FEiAGvkXWuKF\nDE0K+FNM6A5zw+aANijna1Ipc1eoW/WRgECtvq9pVzkCWl4ABRcxQ6NAjNktU0RM\nfrFKAB/YO4j4orhx8Sa8eFjdPSefWOomWQKBwQC5wdSwo+bNVqS+512kZlDM+yRa\nDCA76djvef1q1s4cbINx+m8bnaQ8JgDaUJ5hIAYfdKeXH6bgKF0EGyjhrk1QnV9n\nvUnStbFq2+vLCjyNidk2HnGrbTeWtK4eVSMGEqnzFIvlEm5tl3M3ZcyYKeLkhwU9\nMAHVRMguEGsUxQqVVKdjZQxEeedXj/SIUyxxSPPgNTcIgttObU/s3kG5JsU0iUpz\nISjeAPw/z/mjReDJRjPudxo+VnMwjtVRWqk9KHUCgcAvf0rI3ipzQro1hiinIwog\nmWfIJ7HYOgRc0ecAqUeW1SM/72xTqKso2bQww0ihGL2IZobfmcGF4aMyiU8Y/BbE\n1Ti3EgEOYKDFoRZU+IP4+enjyLn0nitfqiR1tLaFcgj5fUPgK/ph3fVCr11NeC4j\npP6q1z5s+m/5FbkF8dc6bfUy8EM7MwnrzSSeKZeO5Qf2Z7ljgFYb4YbpJCX0plfF\nkD4I+XwshjLyLliyg9voGnKtPVfRmeBwfVMU+3+kDBkCgcBLctIryPbG8mlJ7PmY\n+8HX8C3ssT4qd6oYYskuqv7ehqjBE8IrSlVZ5Om1wscBlhtGjYBAnqeOJnbZYxqw\nx7Y5hyIoJbclcY0VZSwZtRexOYtTMvxib6MDgHG0ekoWfmAvDmpf6aOWucwfdSar\nq1+wCLN1DdnAwQY5x4tmzT2mN9MhSPq5mXYAl8Tv1jCX9tSvfY3T1Cq1aSrsf73c\nMUYqN5VYu+A4g9fxJ00zJv/NYMlZE2FCbqSs1WcJezSAVb0CgcAQCIa7cSyN4wet\ni3PZ5i+0kqYUf4/ZDVPQWvNruIo66qBmD3N2UcIJFGwgQxbkMF3fR3ooV1HXOipA\nocqsZSHWowgSPPqU/Hb1pNXHIH2GFxrpXSzVzpiONzhml/Cpkjcq0jrlnN1GuXnw\ndkzVML/YGnNdfnyjtRf+ob2PND6PoWzpXQFgu+4In2PcK/7CWHLjz6GZAyaxZuWm\nHnhOumDhkdCbePfIcRfuE1pBO82RsYc1bCm6kajeHSR0KhCnozE=\n-----END RSA PRIVATE KEY-----" + KAFKA_BROKERS: 10.8.0.12:9092 KAFKA_TOPIC: "squiz-amocrm" GRPC_HOST: "0.0.0.0" RETURN_URL: "https://quiz.pena.digital/squiz/amocrm/oauth"