From f99f8e80c1877bc2f8ebf37d147f62ad2f2e242b Mon Sep 17 00:00:00 2001 From: skeris Date: Fri, 28 Feb 2025 01:15:08 +0300 Subject: [PATCH] main deployment rule --- .gitea/workflows/deployProd.yml | 26 ++++++++++++++++++++++++++ .gitea/workflows/deployStaging.yml | 26 ++++++++++++++++++++++++++ .gitea/workflows/lint.yml | 14 ++++++++++++++ Dockerfile | 12 ++---------- deployments/main/docker-compose.yaml | 19 ++++++++----------- 5 files changed, 76 insertions(+), 21 deletions(-) create mode 100644 .gitea/workflows/deployProd.yml create mode 100644 .gitea/workflows/deployStaging.yml create mode 100644 .gitea/workflows/lint.yml diff --git a/.gitea/workflows/deployProd.yml b/.gitea/workflows/deployProd.yml new file mode 100644 index 0000000..d2d57e8 --- /dev/null +++ b/.gitea/workflows/deployProd.yml @@ -0,0 +1,26 @@ +name: Deploy +run-name: ${{ gitea.actor }} build image and push to container registry + +on: + push: + branches: + - 'main' + +jobs: + CreateImage: + runs-on: [squizstaging] + uses: https://gitea.pena/PenaDevops/actions.git/.gitea/workflows/build-image.yml@v1.1.6-p + with: + runner: hubstaging + secrets: + REGISTRY_USER: ${{ secrets.REGISTRY_USER }} + REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} + DeployService: + runs-on: [squizprod] + needs: CreateImage + uses: https://gitea.pena/PenaDevops/actions.git/.gitea/workflows/deploy.yml@v1.1.4-p7 + with: + runner: hubprod + actionid: ${{ gitea.run_id }} + + diff --git a/.gitea/workflows/deployStaging.yml b/.gitea/workflows/deployStaging.yml new file mode 100644 index 0000000..a9c04e4 --- /dev/null +++ b/.gitea/workflows/deployStaging.yml @@ -0,0 +1,26 @@ +name: Deploy +run-name: ${{ gitea.actor }} build image and push to container registry + +on: + push: + branches: + - 'staging' + +jobs: + CreateImage: + runs-on: [hubstaging] + uses: http://gitea.pena/PenaDevops/actions.git/.gitea/workflows/build-image.yml@v1.1.6-p + with: + runner: hubstaging + secrets: + REGISTRY_USER: ${{ secrets.REGISTRY_USER }} + REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} + DeployService: + runs-on: [hubstaging] + needs: CreateImage + uses: http://gitea.pena/PenaDevops/actions.git/.gitea/workflows/deploy.yml@v1.1.4-p7 + with: + runner: hubstaging + actionid: ${{ gitea.run_id }} + + diff --git a/.gitea/workflows/lint.yml b/.gitea/workflows/lint.yml new file mode 100644 index 0000000..20e6298 --- /dev/null +++ b/.gitea/workflows/lint.yml @@ -0,0 +1,14 @@ +name: Lint +run-name: ${{ gitea.actor }} produce linting + +on: + push: + branches: + - 'dev' + +jobs: + Lint: + runs-on: [hubstaging] + uses: http://gitea.pena/PenaDevops/actions.git/.gitea/workflows/lint.yml@v1.1.0 + with: + runner: hubstaging diff --git a/Dockerfile b/Dockerfile index f8cf18c..7cc7353 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,17 +1,9 @@ -FROM penahub.gitlab.yandexcloud.net:5050/devops/dockerhub-backup/golang as build +FROM gitea.pena/penadevops/container-images/golang:main as build WORKDIR /app COPY . . -RUN apk add git -ENV GOPRIVATE=penahub.gitlab.yandexcloud.net/backend/penahub_common -RUN git config --global url."https://buildToken:glpat-axA8ttckx3aPf_xd2Dym@penahub.gitlab.yandexcloud.net/".insteadOf "https://penahub.gitlab.yandexcloud.net/" RUN go mod download RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o ans ./main.go -FROM penahub.gitlab.yandexcloud.net:5050/devops/dockerhub-backup/alpine as prod +FROM gitea.pena/penadevops/container-images/alpine:main as prod COPY --from=build /app/ans . -EXPOSE 1490 -ENV IS_PROD_LOG=false -ENV IS_PROD=false -ENV PORT=1490 -ENV PG_CRED="host=postgres port=5432 user=squiz password=Redalert2 dbname=squiz sslmode=disable" CMD ["/ans"] diff --git a/deployments/main/docker-compose.yaml b/deployments/main/docker-compose.yaml index 3222d6c..8d5d5fd 100644 --- a/deployments/main/docker-compose.yaml +++ b/deployments/main/docker-compose.yaml @@ -1,26 +1,23 @@ -version: "3" services: answererv1.0.0: - hostname: squiz-answererv1.0.0 - container_name: squiz-answererv1.0.0 - image: $CI_REGISTRY_IMAGE/main-answerer:$CI_COMMIT_REF_SLUG.$CI_PIPELINE_ID + image: gitea.pena/squiz/answerer/main:$GITHUB_RUN_NUMBER tty: true environment: IS_PROD_LOG: 'false' IS_PROD: 'false' - PUBLIC_ACCESS_SECRET_KEY: $JWT_PUBLIC_KEY + PUBLIC_ACCESS_SECRET_KEY: "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCLW1tlHyKC9AG0hGpmkksET2DE\nr7ojSPemxFWAgFgcPJWQ7x3uNbsdJ3bIZFoA/FClaWKMCZmjnH9tv0bKZtY/CDhM\nZEyHpMruRSn6IKrxjtQZWy4uv/w6MzUeyBYG0OvNCiYpdvz5SkAGAUHD5ZNFqn2w\nKKFD0I2Dr59BFVSGJwIDAQAB\n-----END PUBLIC KEY-----" PORT: 1490 MINIO_EP: s3.timeweb.cloud MINIO_AK: 5CV77KVDUU9H0II9R24M MINIO_SK: '0W0m8DyvdAKRJnsAy6mB5zndQ7RouJBLhqhtThcu' - PG_CRED: 'host=10.8.0.9 port=5433 user=squiz password=Redalert2 dbname=squiz sslmode=disable' - REDIS_HOST: '10.8.0.9:6379' + PG_CRED: 'host=10.8.0.12 port=5433 user=squiz password=Redalert2 dbname=squiz sslmode=disable' + REDIS_HOST: '10.8.0.12:6379' REDIS_PASSWORD: 'Redalert2' REDIS_DB: 2 - PUBLIC_KEY: $PUBLIC_KEY - PRIVATE_KEY: $PRIVATE_KEY - TRASH_LOG_HOST: "10.8.0.15:7113" + PUBLIC_KEY: "-----BEGIN PUBLIC KEY-----\nMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAn/Q3CKvaxK4YR3N3Iy8O\nIOs218oDQIwoHpmRh3a9V+vTEqT+rY8/Dkf5cnbTMuEBFP1NYtS+pcSFF7nLlZdm\nVb6rhtjLCV0awogeWxJsXCHBOHF7Fv4iqDa85qMwl7XiVXxKo/9kH9TkPsgFsuYt\nvL4Xc1u6ogoYeVHP7ULDMxgmdLd2N9VIVphxsiGDq304NbgWFVr47/J3x3DU0bw+\nF5QdI7ScU/m4T3S0WlhFaG0hblVbH8x+8U81F9OIyJCX9tGZYb6eR3v1pnWP191L\nkpJPSlj9cPPJhl3d6bCyYzGv6k8KQClSs8lsSklPrcXl0ut3raC+oEFp2JkHQL7R\nUlwPr2ZOt9DTTs7l70gvr8FswO4/N6+t+6spce2s3lwN41BWGWHYcc9PuOHqUQTw\nJ3IQQU6NmAyZOjDiZJw7uoNG2rtCqWQRykTULZvtfxh3lMXI/qKM1em+Qo3AZnKC\nY01xhCr4ahPs9Rb4eReigTJSzq+IRSJa1+xPaR4dNm6tAgMBAAE=\n-----END PUBLIC KEY-----" + PRIVATE_KEY: "-----BEGIN RSA PRIVATE KEY-----\nMIIG4gIBAAKCAYEAn/Q3CKvaxK4YR3N3Iy8OIOs218oDQIwoHpmRh3a9V+vTEqT+\nrY8/Dkf5cnbTMuEBFP1NYtS+pcSFF7nLlZdmVb6rhtjLCV0awogeWxJsXCHBOHF7\nFv4iqDa85qMwl7XiVXxKo/9kH9TkPsgFsuYtvL4Xc1u6ogoYeVHP7ULDMxgmdLd2\nN9VIVphxsiGDq304NbgWFVr47/J3x3DU0bw+F5QdI7ScU/m4T3S0WlhFaG0hblVb\nH8x+8U81F9OIyJCX9tGZYb6eR3v1pnWP191LkpJPSlj9cPPJhl3d6bCyYzGv6k8K\nQClSs8lsSklPrcXl0ut3raC+oEFp2JkHQL7RUlwPr2ZOt9DTTs7l70gvr8FswO4/\nN6+t+6spce2s3lwN41BWGWHYcc9PuOHqUQTwJ3IQQU6NmAyZOjDiZJw7uoNG2rtC\nqWQRykTULZvtfxh3lMXI/qKM1em+Qo3AZnKCY01xhCr4ahPs9Rb4eReigTJSzq+I\nRSJa1+xPaR4dNm6tAgMBAAECggGAAWC0oqX8Tepj+iWT9qEeoYj1IXmzenhalhzj\nhIOw0NOOr1/tc6hCtkhHbUV5vzvx6vDdnEbR15KwRMqMZt71ejKYvqIaaZu8McXD\nYSxw84A07lwH3+RTfxhtmxz3u67M4sidyfjWr3GBf8rwRaC27yPCBvPY0TF+EXlz\nbYtALC3+ks3LvmJfa6OHgy3HuQ/sjoXl5swwTbzMbFLb+myBKmnTsG2LVSvW+xQ5\nw3d0LZiXC6C/lrAHveNdRTXEvVmFehKVGJEUvBde0auREyT9vyBomtB3gdePYB/F\ngpRIccgg9D1xC94t8o92v1urMLDU0gn/XgXSQ9mNPrW1RyHrG9ro6seAcrW/cWF3\nSa6OiFEbgZtDqoBKUKcKVwOt3wA/qQVuaUtrRUl/y3E1vBTQBrQqGiY3NQ9OK4kv\nXVSBmakFYCN/wASUCd85kRebF1Ddbb+b60WB1KA3kNAZn4Hd3yZEi0uiZGngrIke\n1oluLvRY8uzCQZnQbyAqpjThaMlxAoHBANxwg4wQYFPHB2tZQJ4BzLA0p1KtUEF6\nwyfxa8mLpwZXF+U3rdKWMhmT3HB2hD1yK358wDTNmoHTKxiJqkqRbTU1Yb0nNyMl\nfliKJHoGEnt+LPRarTqmUMeqEhcLjWQi/yOqBUiRXlvZCwQXIeX1FEiAGvkXWuKF\nDE0K+FNM6A5zw+aANijna1Ipc1eoW/WRgECtvq9pVzkCWl4ABRcxQ6NAjNktU0RM\nfrFKAB/YO4j4orhx8Sa8eFjdPSefWOomWQKBwQC5wdSwo+bNVqS+512kZlDM+yRa\nDCA76djvef1q1s4cbINx+m8bnaQ8JgDaUJ5hIAYfdKeXH6bgKF0EGyjhrk1QnV9n\nvUnStbFq2+vLCjyNidk2HnGrbTeWtK4eVSMGEqnzFIvlEm5tl3M3ZcyYKeLkhwU9\nMAHVRMguEGsUxQqVVKdjZQxEeedXj/SIUyxxSPPgNTcIgttObU/s3kG5JsU0iUpz\nISjeAPw/z/mjReDJRjPudxo+VnMwjtVRWqk9KHUCgcAvf0rI3ipzQro1hiinIwog\nmWfIJ7HYOgRc0ecAqUeW1SM/72xTqKso2bQww0ihGL2IZobfmcGF4aMyiU8Y/BbE\n1Ti3EgEOYKDFoRZU+IP4+enjyLn0nitfqiR1tLaFcgj5fUPgK/ph3fVCr11NeC4j\npP6q1z5s+m/5FbkF8dc6bfUy8EM7MwnrzSSeKZeO5Qf2Z7ljgFYb4YbpJCX0plfF\nkD4I+XwshjLyLliyg9voGnKtPVfRmeBwfVMU+3+kDBkCgcBLctIryPbG8mlJ7PmY\n+8HX8C3ssT4qd6oYYskuqv7ehqjBE8IrSlVZ5Om1wscBlhtGjYBAnqeOJnbZYxqw\nx7Y5hyIoJbclcY0VZSwZtRexOYtTMvxib6MDgHG0ekoWfmAvDmpf6aOWucwfdSar\nq1+wCLN1DdnAwQY5x4tmzT2mN9MhSPq5mXYAl8Tv1jCX9tSvfY3T1Cq1aSrsf73c\nMUYqN5VYu+A4g9fxJ00zJv/NYMlZE2FCbqSs1WcJezSAVb0CgcAQCIa7cSyN4wet\ni3PZ5i+0kqYUf4/ZDVPQWvNruIo66qBmD3N2UcIJFGwgQxbkMF3fR3ooV1HXOipA\nocqsZSHWowgSPPqU/Hb1pNXHIH2GFxrpXSzVzpiONzhml/Cpkjcq0jrlnN1GuXnw\ndkzVML/YGnNdfnyjtRf+ob2PND6PoWzpXQFgu+4In2PcK/7CWHLjz6GZAyaxZuWm\nHnhOumDhkdCbePfIcRfuE1pBO82RsYc1bCm6kajeHSR0KhCnozE=\n-----END RSA PRIVATE KEY-----" + TRASH_LOG_HOST: "10.8.0.200:7113" MODULE_LOGGER: "quiz-answerer-main" REDIRECT_URL: "https://quiz.pena.digital" ports: - - 10.6.0.26:1491:1490 + - 10.8.0.12:1491:1490