.

2026-05-23 14:55:42 +00:00 · 2025-12-15 11:32:43 +07:00
parent b6a60d5009
commit 75ade0d8b3
3 changed files with 92 additions and 159 deletions
@@ -1,90 +1,85 @@
 stages:
+  - build
  - deploy

-deploy-dev:
-  stage: deploy
-  image: alpine:3.20
-  variables:
-    DEPLOY_APP: "LTI-MBUGROUP"
-    # Opsional: kalau pakai submodule, ini bikin clone submodule pakai SSH juga
-    GIT_SUBMODULE_STRATEGY: recursive
-    GIT_DEPTH: "1"
+variables:
+  DOCKER_BUILDKIT: "1"
+  COMPOSE_DOCKER_CLI_BUILD: "1"
+  DOCKER_DRIVER: overlay2
+
+  # Tag image untuk staging
+  IMAGE_TAG: "staging_${CI_COMMIT_SHORT_SHA}"
+  IMAGE_NAME: "${CI_REGISTRY_IMAGE}:${IMAGE_TAG}"
+  IMAGE_LATEST_STAGING: "${CI_REGISTRY_IMAGE}:staging_latest"
+
+# =========================
+# BUILD: Docker image -> GitLab Registry
+# =========================
+build:staging:
+  stage: build
+  image: docker:27.0.3
+  services:
+    - name: docker:27.0.3-dind
+      command: ["--mtu=1460"]
+  rules:
+    - if: '$CI_COMMIT_BRANCH == "staging"'

  before_script:
-    - echo "🧰 Installing dependencies..."
-    - apk update && apk add --no-cache openssh git curl bash
-
-    # Setup SSH di runner
-    - mkdir -p ~/.ssh
-    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
-    - chmod 600 ~/.ssh/id_rsa
-    - eval "$(ssh-agent -s)"
-    - ssh-add ~/.ssh/id_rsa
-
-    # Trust host keys (server + gitlab) biar SSH gak nanya interaktif
-    - ssh-keyscan -H "$SERVER_IP" >> ~/.ssh/known_hosts
-    - ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts
+    - echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin "$CI_REGISTRY"

  script:
-    - echo "🚀 Deploying latest code to $SERVER_USER@$SERVER_IP"
+    - echo "Build image: $IMAGE_NAME"
+    - docker build -t "$IMAGE_NAME" -f Dockerfile .
+    - docker push "$IMAGE_NAME"

-    - >
-      if ssh -o StrictHostKeyChecking=no "$SERVER_USER@$SERVER_IP" "
-        set -e
+    # opsional: juga push tag stabil untuk staging_latest
+    - docker tag "$IMAGE_NAME" "$IMAGE_LATEST_STAGING"
+    - docker push "$IMAGE_LATEST_STAGING"

-        cd /home/devops/docker/deployment/development/lti-api
+  after_script:
+    # bersihin layer di runner supaya tidak cepat penuh disk
+    - docker system prune -af || true

-        # Pastikan remote origin SSH (antisipasi kalau pernah ke-set HTTPS)
-        git remote set-url origin git@gitlab.com:mbugroup/lti-api.git
+# =========================
+# DEPLOY: Server pull image + docker compose up
+# =========================
+# deploy:staging:
+#   stage: deploy
+#   image: alpine:3.20
+#   rules:
+#     - if: '$CI_COMMIT_BRANCH == "staging"'
+#   needs: ["build:staging"]

-        # Pastikan server percaya gitlab.com juga (untuk git fetch via SSH)
-        mkdir -p ~/.ssh
-        ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts
+#   before_script:
+#     - apk add --no-cache openssh-client bash curl ca-certificates
+#     - mkdir -p ~/.ssh

-        # Fetch/reset pakai SSH
-        GIT_SSH_COMMAND='ssh -o StrictHostKeyChecking=no' git fetch origin development
-        git reset --hard origin/development
+#     # penting: buang CRLF biar key tidak "error in libcrypto"
+#     - printf "%s" "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
+#     - chmod 600 ~/.ssh/id_rsa

-        docker compose restart dev-api-lti || docker compose up -d dev-api-lti
-      "; then
-        STATUS='success';
-      else
-        STATUS='failed';
-      fi;
+#     - eval "$(ssh-agent -s)"
+#     - ssh-add ~/.ssh/id_rsa

-      RUN_URL="${CI_PROJECT_URL}/-/pipelines/${CI_PIPELINE_ID}";
+#     - ssh-keyscan -H "$SERVER_IP" >> ~/.ssh/known_hosts

-      if [ "$STATUS" = "success" ]; then
-        COLOR=3066993;
-        TITLE="✅ Deployment API Succeeded";
-        DESC="Deployment job on branch \`${CI_COMMIT_REF_NAME}\` completed successfully.";
-      else
-        COLOR=15158332;
-        TITLE="❌ Deployment API Failed Gaes";
-        DESC="Deployment job on branch \`${CI_COMMIT_REF_NAME}\` failed.";
-      fi;
+#   script:
+#     - echo "Deploy on server: $SERVER_USER@$SERVER_IP"
+#     - echo "Target dir: /docker/deployment/staging/stg-lti-api"
+#     - |
+#       ssh -o StrictHostKeyChecking=no "$SERVER_USER@$SERVER_IP" "
+#         set -e
+#         cd /docker/deployment/staging/stg-lti-api

-      echo "{
-        \"username\": \"CI Bot\",
-        \"embeds\": [{
-          \"title\": \"$TITLE\",
-          \"description\": \"$DESC\",
-          \"color\": $COLOR,
-          \"fields\": [
-            {\"name\": \"Repository\", \"value\": \"${CI_PROJECT_PATH}\", \"inline\": true},
-            {\"name\": \"Actor\", \"value\": \"${GITLAB_USER_LOGIN}\", \"inline\": true},
-            {\"name\": \"Commit\", \"value\": \"${CI_COMMIT_SHA}\", \"inline\": false},
-            {\"name\": \"Pipeline\", \"value\": \"[Open run](${RUN_URL})\", \"inline\": false}
-          ]
-        }]
-      }" > payload.json;
+#         echo 'Login registry on server...'
+#         echo '$CI_REGISTRY_PASSWORD' | docker login -u '$CI_REGISTRY_USER' --password-stdin '$CI_REGISTRY'

-      echo "📡 Sending notification to Discord...";
-      curl -sS -H "Content-Type: application/json" \
-        -d @payload.json "$DISCORD_WEBHOOK_URL";
+#         echo 'Pull new image...'
+#         docker compose pull

-  only:
-    - development
+#         echo 'Restart containers...'
+#         docker compose up -d

-  environment:
-    name: development
+#         echo 'Cleanup old images...'
+#         docker image prune -af --filter 'until=168h' || true
+#       "