Add new pipeline

07d4473b · Frank Sauerburger · 6e00fd62 · 07d4473b · 07d4473b · 6e00fd62
Verified Commit 07d4473b authored 1 year ago by Frank Sauerburger
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
-variables:
-  LOCAL_DIR: public
-stages: 
+stages:
- - build
+- build
- - test_deployment
+- deploy
- - production_deployment
-.sftp: &sftp_template
+build:
-  image: ${CI_REGISTRY_IMAGE}/ubuntu_sftp
-  tags:
-    - wasenweiler.sit-servers.net
-  script:
-    - mkdir -p ~/.ssh
-    - echo "${SFTP_KEY}" > ~/.ssh/id_rsa
-    - echo "${SFTP_HOSTCERT}" > ~/.ssh/known_hosts
-    - chmod 600 ~/.ssh/*
-    - mv ${LOCAL_DIR} ${REMOTE_DIR}
-    - >
-      if [ ! -z "${PREVIEW}" ]; then
-      find ${REMOTE_DIR} -type f -print0 | xargs -0 sed -i 's;</body>;<script src="/.version.js"></script></body>;g';
-      echo "document.body.innerHTML += '<div style=\"position:fixed; bottom:60px; right:-60px; background-color:#d34; padding: 6px 100px; transform: rotate(-45deg); border-top: 1px solid #400; border-bottom: 1px solid #400;\"><a href=\"${CI_PROJECT_URL}/commit/${CI_COMMIT_SHA}\" style=\"color:#fff;\">Preview: ${CI_COMMIT_SHA:0:8}</a></div>';" > ${REMOTE_DIR}/.version.js;
-      fi;
-    - sftp ${SFTP_USERNAME}@${SFTP_HOST} <<< "put -r ${REMOTE_DIR}"
-brunch_build:
  stage: build
-  image: node
+  allow_failure: false
-  before_script:
+  image:
-    - npm i -g brunch
+    name: gcr.io/kaniko-project/executor:v1.14.0-debug
+    entrypoint: [""]
+  rules:
+    - if: $CI_COMMIT_TAG
  script:
-    - npm i
+    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
-    - brunch b --production
+    - /kaniko/executor
-  artifacts:
+      --context "${CI_PROJECT_DIR}"
-    paths:
+      --dockerfile "${CI_PROJECT_DIR}/Dockerfile"
-      - public/*
+      --destination "${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG}"
-    expire_in: 3 days
+deploy:
-test_deploy: 
+  stage: deploy
-  stage: test_deployment
+  image:
-  dependencies:
+    name: bitnami/kubectl:1.27.5-debian-11-r2
-    - brunch_build
+    entrypoint: ['']
-  variables:
-    SFTP_USERNAME: ${TEST_USERNAME}
-    SFTP_KEY: ${TEST_KEY}
-    SFTP_HOST: ${TEST_HOST}
-    SFTP_HOSTCERT: ${TEST_HOSTCERT}
-    REMOTE_DIR: ${TEST_DIR}
-    GIT_STRATEGY: none
-    PREVIEW: "true"
-  environment:
-    name: Preview
-    url: https://longroute.preview.sauerburger.com/
-  <<: *sftp_template
-production_deploy: 
-  stage: production_deployment
-  dependencies:
-    - brunch_build
  variables:
-    SFTP_USERNAME: ${PRODUCTION_USERNAME}
+    HOST: "longroute.sauerburger.com"
-    SFTP_KEY: ${PRODUCTION_KEY}
+  script:
-    SFTP_HOST: ${PRODUCTION_HOST}
+    - sed -i "s;CI_COMMIT_TAG;${CI_COMMIT_TAG};" kubernetes.yaml
-    SFTP_HOSTCERT: ${PRODUCTION_HOSTCERT}
+    - sed -i "s;CI_REGISTRY_IMAGE;${CI_REGISTRY_IMAGE};" kubernetes.yaml
-    REMOTE_DIR: ${PRODUCTION_DIR}
+    - sed -i "s;HOST;${HOST};" kubernetes.yaml
-    GIT_STRATEGY: none
+    - kubectl config use-context frank/longroute:cumulus-agent
+    - kubectl apply -n longroute -f kubernetes.yaml
-  only:
+  rules:
-    - master
+    - if: $CI_COMMIT_TAG
-  when: manual
-  environment:
-    name: Production
-    url: https://longroute.sauerburger.com/
-  <<: *sftp_template
--- a/Dockerfile
+++ b/Dockerfile
+FROM node:21.1.0-bullseye-slim AS builder
+WORKDIR /build
+COPY package-lock.json package.json /build/
+RUN npm i -g brunch
+RUN npm i
+COPY brunch-config.js .eslintrc.js /build/
+COPY app /build/app
+RUN brunch build --production
+FROM busybox
+COPY --from=builder /build/public /public
\ No newline at end of file
--- a/ci/sftp.Dockerfile
+++ b/ci/sftp.Dockerfile
-FROM ubuntu:16.04
-RUN apt-get update \
-  && apt-get install -y openssh-client \
-  && rm -rf /var/lib/apt/lists/*
--- a/kubernetes.yaml
+++ b/kubernetes.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: longroute-web
+  labels:
+    app: longroute-web
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: longroute-web
+  template:
+    metadata:
+      labels:
+        app: longroute-web
+    spec:
+      imagePullSecrets:
+      - name: gitlab-token
+      initContainers:
+      - name: init
+        image: CI_REGISTRY_IMAGE:CI_COMMIT_TAG
+        command:
+        - cp
+        - -a
+        - /public
+        - /user/share/nginx/
+        volumeMounts:
+          - name: web
+            mountPath: /usr/share/nginx
+      containers:
+      - name: web
+        image: nginx:1.25.3-bookworm
+        ports:
+         - containerPort: 80
+        resources:
+          requests:
+            memory: "20M"
+            cpu: 20m
+          limits:
+            memory: "4000M"
+            cpu: 2000m
+        readinessProbe:
+          httpGet:
+            path: "/"
+            port: 80
+          initialDelaySeconds: 15
+          periodSeconds: 30
+        livenessProbe:
+          httpGet:
+            path:  "/"
+            port: 80
+          initialDelaySeconds: 120
+          periodSeconds: 60
+        volumeMounts:
+        - name: web
+          mountPath: /usr/share/nginx/public
+          subPath: public
+      volumes:
+      - name: web
+        emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: lougroute-web
+spec:
+  type: ClusterIP
+  ports:
+  - port: 80
+    protocol: TCP
+    targetPort: 80
+  selector:
+    app: lougroute-web
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-production
+  name: lougroute-ingress
+spec:
+  ingressClassName: nginx
+  rules:
+    - host: HOST
+      http:
+        paths:
+          - path: "/"
+            pathType: Prefix
+            backend:
+              service:
+                name: web
+                port:
+                  number: 80
+  tls:
+    - hosts:
+        - HOST
+      secretName: longroute-ingress-tls-secret
\ No newline at end of file