Dobromir Palushev
--- a/.gitlab-ci.yml

+ 89

− 41
+++ b/.gitlab-ci.yml

+ 89

− 41
 workflow:
  rules:
-    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
-      when: always
    - if: >-
-        $CI_PIPELINE_SOURCE == "push"
+        $CI_COMMIT_BRANCH == "staging" || $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
-        && ($CI_COMMIT_BRANCH == "staging" || $CI_COMMIT_BRANCH == "master")
      when: always
    - when: never
 variables:
-  DOCKER_VERSION: '20.10.12'
+  DOCKER_VERSION: '20.10.17'
-  K8S_NAMESPACE: 'devops-s22-deployable'
+  K8S_VERSION: '1.24'
+  GOOGLE_CLOUD_SDK_IMAGE_VERSION: '400.0.0'
+  K8S_NAMESPACE: 'todoapp-devops'
  CONTAINER_TAG: '${CI_REGISTRY_IMAGE}:${CI_PIPELINE_IID}-${CI_COMMIT_SHORT_SHA}'
 stages:
  - test
  - build
+  - release
  - deploy
-job_test-image:
+.gke-initialization:
+    before_script:
+    - echo $BASE64_GOOGLE_CREDENTIALS | base64 -d > ~/service_account.json
+    - gcloud auth activate-service-account --key-file ~/service_account.json
+    - gcloud config set project ${GCP_PROJECT_ID}
+    - gcloud config set compute/zone ${GCP_COMPUTE_REGION}
+    - gcloud container clusters get-credentials ${GCP_PROJECT_ID}-gke
+test-image:
  stage: test
  tags:
-    - docker-priviliged
+    - docker-privileged
-  image: docker:$DOCKER_VERSION
+  image: docker:${DOCKER_VERSION}
  services:
-    - name: docker:$DOCKER_VERSION-dind
+    - name: docker:${DOCKER_VERSION}-dind
  script:
    - docker build
      --tag "${CONTAINER_TAG}-test"
      --target=test
-      "./"
+      "./app"
  after_script:
-    - docker image rm --force "${CI_REGISTRY_IMAGE}:${CI_PIPELINE_IID}-${CI_COMMIT_SHORT_SHA}"
+    - docker image rm --force "${CONTAINER_TAG}-test"
-job_build-image:
+build-image:
  stage: build
  needs:
-    - 'job_test-image'
+    - 'test-image'
-  rules:
-    - if: $CI_COMMIT_BRANCH != "staging" && $CI_COMMIT_BRANCH != "master"
-      when: 'never'
  tags:
-    - docker-priviliged
+    - docker-privileged
-  image: docker:$DOCKER_VERSION
+  image: docker:${DOCKER_VERSION}
  services:
-    - name: docker:$DOCKER_VERSION-dind
+    - name: docker:${DOCKER_VERSION}-dind
+  before_script:
+    - docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY}
  script:
-    - SERVER_PUBLIC_URL=""
+    - docker image build
-    - DB_HOST=""
-    - docker build
      --tag "${CONTAINER_TAG}"
-      --build-arg JWT_SECRET=${JWT_SECRET}
+      "./app"
-      --build-arg SERVER_PUBLIC_URL=${SERVER_PUBLIC_URL}
+    # - docker image build
-      --build-arg DB_HOST=${DB_HOST}
+    #   --tag "${CONTAINER_TAG}-google-sdk"
-      "./"
+    #   "./gcloud-image"
+    - docker push "${CONTAINER_TAG}"
+    # - docker push "${CONTAINER_TAG}-google-sdk"
+  after_script:
+    - docker image rm --force "${CONTAINER_TAG}"
+    # - docker image rm --force "${CONTAINER_TAG}-google-sdk"
+create-release_image:
+  stage: release
+  rules:
+    - if: $CI_COMMIT_REF_NAME =~ /main/
+      when: 'always'
+  tags:
+    - docker-privileged
+  image: docker:${DOCKER_VERSION}
+  services:
+    - name: docker:${DOCKER_VERSION}-dind
+  before_script:
    - docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY}
-    - docker push "${CI_REGISTRY_IMAGE}:${CI_PIPELINE_IID}-${CI_COMMIT_SHORT_SHA}"
+    - docker pull "${CONTAINER_TAG}"
+  script:
+    - VERSION=$(cat ./app/client/package.json | docker run --interactive stedolan/jq --raw-output '.version')
+    - docker tag "${CONTAINER_TAG}" "${CI_REGISTRY_IMAGE}:${VERSION}"
+    - docker push "${CI_REGISTRY_IMAGE}:${VERSION}"
  after_script:
-    - docker image rm --force "${CI_REGISTRY_IMAGE}:${CI_PIPELINE_IID}-${CI_COMMIT_SHORT_SHA}"
+    - docker image rm --force
+        $(docker images --format '{{.Repository}}{{.Tag}}' | grep '${CI_REGISTRY_IMAGE}')
+# create-release_tag:
+#   stage: release
+#   needs:
+#     - 'create-release_image'
+#   rules:
+#     - if: $CI_COMMIT_REF_NAME =~ /main/
+#       when: 'always'
+#   tags:
+#     - docker-privileged
+#   image: docker:${DOCKER_VERSION}-git
+#   services:
+#     - name: docker:${DOCKER_VERSION}-dind
+#   script:
+#     - VERSION=$(cat ./src/package.json | docker run --interactive stedolan/jq --raw-output '.version')
+#     - echo ${VERSION}
+#     #- git tag "v${VERSION}" && git push origin "v${VERSION}"
-job_deploy-image:
+deploy-image:
+  extends: .gke-initialization
  stage: deploy
  needs:
-    - 'job_build-image'
+    - 'build-image'
  rules:
    - if: $CI_COMMIT_REF_NAME =~ /staging/
      when: 'always'
      variables:
        ENVIRONMENT_NAME: 'staging'
-    - if: $CI_COMMIT_REF_NAME !~ /staging/
+    - if: $CI_COMMIT_REF_NAME !~ /main/
      when: 'always'
      variables:
-        ENVIRONMENT_NAME: 'prod'
+        ENVIRONMENT_NAME: 'production'
  tags:
    - docker
-  image:
+  image: google/cloud-sdk:${GOOGLE_CLOUD_SDK_IMAGE_VERSION}
-    name: k8s-image
-    entrypoint: ['']
  script:
-    # - IMAGE="${CI_REGISTRY_IMAGE}:${VERSION}"
+    - VERSION="${CI_PIPELINE_IID}-${CI_COMMIT_SHORT_SHA}"
-    - kubectl apply
+    - IMAGE="${CI_REGISTRY_IMAGE}:${VERSION}"
-        --kubeconfig ${SECRET_KUBECONFIG_PATH}
+    - cd "app/k8s-manifests"
-        --namespace "${ENVIRONMENT_NAME}-${K8S_NAMESPACE}"
+    - kubectl apply secrets.yaml --namespace "${ENVIRONMENT_NAME}-${K8S_NAMESPACE}"
-        --kustomize -
+    - kubectl apply gitlab-registry-credentials.yaml --namespace "${ENVIRONMENT_NAME}-${K8S_NAMESPACE}"
+    - kubectl apply configmap.yaml --namespace "${ENVIRONMENT_NAME}-${K8S_NAMESPACE}"
+    - kubectl apply deployment.yaml --namespace "${ENVIRONMENT_NAME}-${K8S_NAMESPACE}"
+    - kubectl apply service.yaml --namespace "${ENVIRONMENT_NAME}-${K8S_NAMESPACE}"
+    - kubectl apply ingress.yaml --namespace "${ENVIRONMENT_NAME}-${K8S_NAMESPACE}"