gitea-admin/lti-api
1
0
Fork 0
mirror of https://gitlab.com/mbugroup/lti-api.git synced 2026-05-26 00:05:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

merge: sync staging with production

Browse Source
This commit is contained in:
M1 AIR
2026-01-21 15:16:36 +07:00
parent 69d9137e78 cf42e8c130
commit 1818f5a295
1 changed files with 121 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitlab-ci.yml
+112 -70
View File
@@ -1,90 +1,132 @@
stages: stages:
- build
- migrate
- deploy - deploy
- seed
deploy-dev: default:
stage: deploy tags:
image: alpine:3.20 - self-hosted-prod
variables:
DEPLOY_APP: "LTI-MBUGROUP"
# Opsional: kalau pakai submodule, ini bikin clone submodule pakai SSH juga
GIT_SUBMODULE_STRATEGY: recursive
GIT_DEPTH: "1"
before_script: workflow:
- echo "🧰 Installing dependencies..." rules:
- apk update && apk add --no-cache openssh git curl bash - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "production"'
when: always
- when: never
# Setup SSH di runner variables:
- mkdir -p ~/.ssh DOCKER_BUILDKIT: "1"
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
- chmod 600 ~/.ssh/id_rsa
- eval "$(ssh-agent -s)"
- ssh-add ~/.ssh/id_rsa
# Trust host keys (server + gitlab) biar SSH gak nanya interaktif IMAGE_TAG: "production_${CI_COMMIT_SHORT_SHA}"
- ssh-keyscan -H "$SERVER_IP" >> ~/.ssh/known_hosts IMAGE_NAME: "${CI_REGISTRY_IMAGE}:${IMAGE_TAG}"
- ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts IMAGE_LATEST: "${CI_REGISTRY_IMAGE}:production_latest"
script: DEPLOY_DIR: "/opt/deploy/lti"
- echo "🚀 Deploying latest code to $SERVER_USER@$SERVER_IP" COMPOSE_FILE: "docker-compose.yaml"
- > # =========================
if ssh -o StrictHostKeyChecking=no "$SERVER_USER@$SERVER_IP" " # BUILD (AUTO)
# =========================
build_production:
stage: build
rules:
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "production"'
script: |
set -e set -e
docker info
cd /home/devops/docker/deployment/development/lti-api echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin "$CI_REGISTRY"
# Pastikan remote origin SSH (antisipasi kalau pernah ke-set HTTPS) echo "✅ Build image: $IMAGE_NAME"
git remote set-url origin git@gitlab.com:mbugroup/lti-api.git docker build -t "$IMAGE_NAME" -f Dockerfile .
# Pastikan server percaya gitlab.com juga (untuk git fetch via SSH) echo "✅ Push image: $IMAGE_NAME"
mkdir -p ~/.ssh docker push "$IMAGE_NAME"
ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts
# Fetch/reset pakai SSH echo "✅ Tag latest: $IMAGE_LATEST"
GIT_SSH_COMMAND='ssh -o StrictHostKeyChecking=no' git fetch origin development docker tag "$IMAGE_NAME" "$IMAGE_LATEST"
git reset --hard origin/development docker push "$IMAGE_LATEST"
docker compose restart dev-api-lti || docker compose up -d dev-api-lti
"; then
STATUS='success';
else
STATUS='failed';
fi;
RUN_URL="${CI_PROJECT_URL}/-/pipelines/${CI_PIPELINE_ID}"; # =========================
# MIGRATE (PRODUCTION - MANUAL)
# =========================
migrate_production:
stage: migrate
rules:
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "production"'
when: manual
allow_failure: false
needs:
- job: build_production
artifacts: false
script: |
set -e
cd /opt/deploy/lti
test -f .env || (echo "❌ .env not found" && exit 1)
if [ "$STATUS" = "success" ]; then set -a
COLOR=3066993; . ./.env
TITLE="✅ Deployment API Succeeded"; set +a
DESC="Deployment job on branch \`${CI_COMMIT_REF_NAME}\` completed successfully.";
else
COLOR=15158332;
TITLE="❌ Deployment API Failed Gaes";
DESC="Deployment job on branch \`${CI_COMMIT_REF_NAME}\` failed.";
fi;
echo "{ # Validasi env wajib
\"username\": \"CI Bot\", : "${DB_HOST:?DB_HOST not set}"
\"embeds\": [{ : "${DB_PORT:?DB_PORT not set}"
\"title\": \"$TITLE\", : "${DB_USER:?DB_USER not set}"
\"description\": \"$DESC\", : "${DB_PASSWORD:?DB_PASSWORD not set}"
\"color\": $COLOR, : "${DB_NAME:?DB_NAME not set}"
\"fields\": [
{\"name\": \"Repository\", \"value\": \"${CI_PROJECT_PATH}\", \"inline\": true},
{\"name\": \"Actor\", \"value\": \"${GITLAB_USER_LOGIN}\", \"inline\": true},
{\"name\": \"Commit\", \"value\": \"${CI_COMMIT_SHA}\", \"inline\": false},
{\"name\": \"Pipeline\", \"value\": \"[Open run](${RUN_URL})\", \"inline\": false}
]
}]
}" > payload.json;
echo "📡 Sending notification to Discord..."; DB_SSLMODE="${DB_SSLMODE:-require}"
curl -sS -H "Content-Type: application/json" \ export DATABASE_URL="postgres://${DB_USER}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?sslmode=${DB_SSLMODE}"
-d @payload.json "$DISCORD_WEBHOOK_URL";
only: echo "✅ Running migrations (production)..."
- development docker run --rm \
-v "$CI_PROJECT_DIR/internal/database/migrations:/migrations:ro" \
migrate/migrate:v4.15.2 \
-path=/migrations -database "$DATABASE_URL" up
# =========================
# DEPLOY (AUTO)
# =========================
deploy_production:
stage: deploy
rules:
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "production"'
needs:
- job: migrate_production
artifacts: false
- job: build_production
artifacts: false
script: |
set -e
docker info
echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin "$CI_REGISTRY"
cd "$DEPLOY_DIR"
test -f "$COMPOSE_FILE" || (echo "❌ $COMPOSE_FILE not found in $DEPLOY_DIR" && exit 1)
test -f .env || (echo "❌ .env not found in $DEPLOY_DIR" && exit 1)
docker compose -f "$COMPOSE_FILE" pull
docker compose -f "$COMPOSE_FILE" up -d --force-recreate
docker image prune -f
# =========================
# SEED (MANUAL)
# =========================
seed_production:
stage: seed
rules:
- if: '$CI_COMMIT_BRANCH == "production"'
when: manual
script: |
set -e
cd /opt/deploy/lti
test -f .env || (echo "❌ .env not found" && exit 1)
echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin "$CI_REGISTRY"
docker compose --env-file .env pull seed
docker compose --env-file .env run --rm seed
environment:
name: development