mirror of
https://gitlab.com/mbugroup/lti-api.git
synced 2026-05-20 13:31:56 +00:00
Update .gitlab-ci.yml file
This commit is contained in:
kris
+54
-73
@@ -1,90 +1,71 @@
|
||||
stages:
|
||||
- build
|
||||
- deploy
|
||||
|
||||
deploy-dev:
|
||||
variables:
|
||||
DOCKER_BUILDKIT: "1"
|
||||
DOCKER_DRIVER: overlay2
|
||||
DOCKER_HOST: tcp://docker:2375
|
||||
DOCKER_TLS_CERTDIR: ""
|
||||
|
||||
IMAGE_TAG: "staging_${CI_COMMIT_SHORT_SHA}"
|
||||
IMAGE_NAME: "${CI_REGISTRY_IMAGE}:${IMAGE_TAG}"
|
||||
IMAGE_LATEST_STG_EC2: "${CI_REGISTRY_IMAGE}:staging_latest"
|
||||
|
||||
build:staging:
|
||||
stage: build
|
||||
image: docker:27.0.3
|
||||
services:
|
||||
- name: docker:27.0.3-dind
|
||||
command: ["--mtu=1460"]
|
||||
rules:
|
||||
- if: '$CI_COMMIT_BRANCH == "staging"'
|
||||
before_script:
|
||||
- docker info
|
||||
- echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin "$CI_REGISTRY"
|
||||
script:
|
||||
- docker build -t "$IMAGE_NAME" -f Dockerfile .
|
||||
- docker push "$IMAGE_NAME"
|
||||
- docker tag "$IMAGE_NAME" "$IMAGE_LATEST_STG_EC2"
|
||||
- docker push "$IMAGE_LATEST_STG_EC2"
|
||||
|
||||
deploy:staging:
|
||||
stage: deploy
|
||||
image: alpine:3.20
|
||||
variables:
|
||||
DEPLOY_APP: "LTI-MBUGROUP"
|
||||
# Opsional: kalau pakai submodule, ini bikin clone submodule pakai SSH juga
|
||||
GIT_SUBMODULE_STRATEGY: recursive
|
||||
GIT_DEPTH: "1"
|
||||
rules:
|
||||
- if: '$CI_COMMIT_BRANCH == "staging"'
|
||||
needs:
|
||||
- job: build:staging
|
||||
|
||||
before_script:
|
||||
- echo "🧰 Installing dependencies..."
|
||||
- apk update && apk add --no-cache openssh git curl bash
|
||||
|
||||
# Setup SSH di runner
|
||||
- apk add --no-cache openssh-client bash ca-certificates
|
||||
- mkdir -p ~/.ssh
|
||||
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
|
||||
- chmod 700 ~/.ssh
|
||||
|
||||
# SSH_PRIVATE_KEY = multiline private key (bukan File)
|
||||
- printf "%s\n" "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
|
||||
- sed -i 's/\r$//' ~/.ssh/id_rsa
|
||||
- chmod 600 ~/.ssh/id_rsa
|
||||
|
||||
- head -n 1 ~/.ssh/id_rsa
|
||||
- tail -n 1 ~/.ssh/id_rsa
|
||||
|
||||
- eval "$(ssh-agent -s)"
|
||||
- ssh-add ~/.ssh/id_rsa
|
||||
|
||||
# Trust host keys (server + gitlab) biar SSH gak nanya interaktif
|
||||
- ssh-keyscan -H "$SERVER_IP" >> ~/.ssh/known_hosts
|
||||
- ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts
|
||||
|
||||
script:
|
||||
- echo "🚀 Deploying latest code to $SERVER_USER@$SERVER_IP"
|
||||
|
||||
- >
|
||||
if ssh -o StrictHostKeyChecking=no "$SERVER_USER@$SERVER_IP" "
|
||||
set -e
|
||||
|
||||
cd /home/devops/docker/deployment/development/lti-api
|
||||
|
||||
# Pastikan remote origin SSH (antisipasi kalau pernah ke-set HTTPS)
|
||||
git remote set-url origin git@gitlab.com:mbugroup/lti-api.git
|
||||
|
||||
# Pastikan server percaya gitlab.com juga (untuk git fetch via SSH)
|
||||
mkdir -p ~/.ssh
|
||||
ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts
|
||||
|
||||
# Fetch/reset pakai SSH
|
||||
GIT_SSH_COMMAND='ssh -o StrictHostKeyChecking=no' git fetch origin development
|
||||
git reset --hard origin/development
|
||||
|
||||
docker compose restart dev-api-lti || docker compose up -d dev-api-lti
|
||||
"; then
|
||||
STATUS='success';
|
||||
else
|
||||
STATUS='failed';
|
||||
fi;
|
||||
|
||||
RUN_URL="${CI_PROJECT_URL}/-/pipelines/${CI_PIPELINE_ID}";
|
||||
|
||||
if [ "$STATUS" = "success" ]; then
|
||||
COLOR=3066993;
|
||||
TITLE="✅ Deployment API Succeeded";
|
||||
DESC="Deployment job on branch \`${CI_COMMIT_REF_NAME}\` completed successfully.";
|
||||
else
|
||||
COLOR=15158332;
|
||||
TITLE="❌ Deployment API Failed Gaes";
|
||||
DESC="Deployment job on branch \`${CI_COMMIT_REF_NAME}\` failed.";
|
||||
fi;
|
||||
|
||||
echo "{
|
||||
\"username\": \"CI Bot\",
|
||||
\"embeds\": [{
|
||||
\"title\": \"$TITLE\",
|
||||
\"description\": \"$DESC\",
|
||||
\"color\": $COLOR,
|
||||
\"fields\": [
|
||||
{\"name\": \"Repository\", \"value\": \"${CI_PROJECT_PATH}\", \"inline\": true},
|
||||
{\"name\": \"Actor\", \"value\": \"${GITLAB_USER_LOGIN}\", \"inline\": true},
|
||||
{\"name\": \"Commit\", \"value\": \"${CI_COMMIT_SHA}\", \"inline\": false},
|
||||
{\"name\": \"Pipeline\", \"value\": \"[Open run](${RUN_URL})\", \"inline\": false}
|
||||
]
|
||||
}]
|
||||
}" > payload.json;
|
||||
|
||||
echo "📡 Sending notification to Discord...";
|
||||
curl -sS -H "Content-Type: application/json" \
|
||||
-d @payload.json "$DISCORD_WEBHOOK_URL";
|
||||
|
||||
only:
|
||||
- development
|
||||
ssh "$SERVER_USER@$SERVER_IP"
|
||||
"export CI_REGISTRY_USER='$CI_REGISTRY_USER';
|
||||
export CI_REGISTRY_PASSWORD='$CI_REGISTRY_PASSWORD';
|
||||
export CI_REGISTRY='$CI_REGISTRY';
|
||||
set -e;
|
||||
cd /home/ubuntu/docker/deployment/staging/stg-lti-api;
|
||||
echo \"\$CI_REGISTRY_PASSWORD\" | docker login -u \"\$CI_REGISTRY_USER\" --password-stdin \"\$CI_REGISTRY\";
|
||||
docker compose pull;
|
||||
docker compose up -d;
|
||||
docker image prune -f"
|
||||
|
||||
environment:
|
||||
name: development
|
||||
name: staging
|
||||
Reference in New Issue
Block a user