workflow:
rules:
- if: >-
$CI_COMMIT_BRANCH == "staging" || $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
when: always
- when: never
variables:
DOCKER_VERSION: '20.10.17'
MONGO_VERSION: '4.4'
K8S_NAMESPACE: 'todoapp-devops'
GOOGLE_CLOUD_SDK_IMAGE_VERSION: '400.0.0'
GCP_PROJECT_ID: ss22-devops-app
GCP_COMPUTE_REGION: 'europe-west4'
CONTAINER_TAG: '${CI_REGISTRY_IMAGE}:${CI_PIPELINE_IID}-${CI_COMMIT_SHORT_SHA}'
stages:
# - test
- build
- release
- deploy
.gke-initialization:
before_script:
- echo $BASE64_GOOGLE_CREDENTIALS | base64 -d > ~/service_account.json
- gcloud auth activate-service-account --key-file ~/service_account.json
- gcloud config set project ${GCP_PROJECT_ID}
- gcloud config set compute/zone ${GCP_COMPUTE_REGION}
- gcloud container clusters get-credentials ${GCP_PROJECT_ID}-gke
# run-tests:
# stage: test
# tags:
# - docker-privileged
# image: docker:${DOCKER_VERSION}
# services:
# - name: docker:${DOCKER_VERSION}-dind
# alias: containerhost
# script:
# - docker run -p 27017:27017 -d --name mongo-container --rm mongo:${MONGO_VERSION}
# - docker build
# --tag "${CONTAINER_TAG}-test"
# --target=test
# --build-arg MONGODB_URL_TEST=mongodb://containerhost:27017/todo-app
# --build-arg JWT_SECRET_TEST=my-very-secret-jwt
# "./app"
# after_script:
# - docker stop mongo-container
# - docker images -a | grep "mongo" | awk '{print $3}' | xargs docker rmi --force
# - docker image rm --force "${CONTAINER_TAG}-test"
build-image:
stage: build
# needs:
# - 'run-tests'
tags:
- docker-privileged
image: docker:${DOCKER_VERSION}
services:
- name: docker:${DOCKER_VERSION}-dind
before_script:
- docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY}
script:
- docker image build
--tag "${CONTAINER_TAG}"
--target=build
"./app"
# - docker image build
# --tag "${CONTAINER_TAG}-google-sdk"
# "./gcloud-image"
- docker push "${CONTAINER_TAG}"
# - docker push "${CONTAINER_TAG}-google-sdk"
after_script:
- docker image rm --force "${CONTAINER_TAG}"
# - docker image rm --force "${CONTAINER_TAG}-google-sdk"
create-release_image:
stage: release
tags:
- docker-privileged
image: docker:${DOCKER_VERSION}
services:
- name: docker:${DOCKER_VERSION}-dind
before_script:
- docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY}
- docker pull "${CONTAINER_TAG}"
script:
- VERSION=$(cat ./app/client/package.json | docker run --interactive stedolan/jq --raw-output '.version')
- docker tag "${CONTAINER_TAG}" "${CI_REGISTRY_IMAGE}:${VERSION}"
- docker push "${CI_REGISTRY_IMAGE}:${VERSION}"
after_script:
- docker image rm --force
$(docker images --format '{{.Repository}}{{.Tag}}' | grep '${CI_REGISTRY_IMAGE}')
# create-release_tag:
# stage: release
# needs:
# - 'create-release_image'
# rules:
# - if: $CI_COMMIT_REF_NAME =~ /main/
# when: 'always'
# tags:
# - docker-privileged
# image: docker:${DOCKER_VERSION}-git
# services:
# - name: docker:${DOCKER_VERSION}-dind
# script:
# - VERSION=$(cat ./src/package.json | docker run --interactive stedolan/jq --raw-output '.version')
# - echo ${VERSION}
# #- git tag "v${VERSION}" && git push origin "v${VERSION}"
deploy-image:
extends: .gke-initialization
stage: deploy
needs:
- 'create-release_image'
rules:
- if: $CI_COMMIT_REF_NAME =~ /staging/
when: 'always'
variables:
ENVIRONMENT_NAME: 'staging'
- if: $CI_COMMIT_REF_NAME !~ /main/
when: 'always'
variables:
ENVIRONMENT_NAME: 'production'
tags:
- docker
image: google/cloud-sdk:${GOOGLE_CLOUD_SDK_IMAGE_VERSION}
script:
- VERSION="${CI_PIPELINE_IID}-${CI_COMMIT_SHORT_SHA}"
- IMAGE="${CI_REGISTRY_IMAGE}:${VERSION}"
- cd "./k8s-manifests"
- kubectl apply -f secrets.yaml --namespace "${ENVIRONMENT_NAME}-${K8S_NAMESPACE}"
- kubectl apply -f gitlab-registry-credentials.yaml --namespace "${ENVIRONMENT_NAME}-${K8S_NAMESPACE}"
- kubectl apply -f configmap.yaml --namespace "${ENVIRONMENT_NAME}-${K8S_NAMESPACE}"
- kubectl apply -f deployment.yaml --namespace "${ENVIRONMENT_NAME}-${K8S_NAMESPACE}"
- kubectl apply -f service.yaml --namespace "${ENVIRONMENT_NAME}-${K8S_NAMESPACE}"
- kubectl apply -f ingress.yaml --namespace "${ENVIRONMENT_NAME}-${K8S_NAMESPACE}"