mirror of
https://gitlab.com/mbugroup/lti-api.git
synced 2026-05-20 05:21:57 +00:00
ci: adjust lti gitlab pipeline for ecr gitops
This commit is contained in:
M1 AIR
+10
-128
@@ -39,96 +39,16 @@ workflow:
|
||||
fi
|
||||
echo "$PASS" | docker login --username AWS --password-stdin "$ECR_REGISTRY"
|
||||
|
||||
# =========================
|
||||
# DEV (push ke development)
|
||||
# =========================
|
||||
build_push_dev:
|
||||
stage: build
|
||||
image: public.ecr.aws/docker/library/docker:27
|
||||
tags: [self-hosted-dev]
|
||||
rules:
|
||||
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "development"'
|
||||
variables:
|
||||
IMAGE_TAG: "dev-${CI_COMMIT_SHORT_SHA}"
|
||||
before_script:
|
||||
- set -eu
|
||||
- docker version
|
||||
- docker info
|
||||
- *ecr_login
|
||||
script: |
|
||||
set -eu
|
||||
echo "Build & push: $ECR_REPOSITORY:$IMAGE_TAG"
|
||||
BASE_IMAGE="${NODE_BASE_IMAGE:-public.ecr.aws/docker/library/node:20-alpine}"
|
||||
|
||||
n=1
|
||||
until [ "$n" -gt 3 ]; do
|
||||
docker pull "$BASE_IMAGE" && break
|
||||
echo "Pull base image failed (attempt $n/3), retrying..."
|
||||
sleep $((n * 10))
|
||||
n=$((n + 1))
|
||||
done
|
||||
[ "$n" -le 3 ] || (echo "ERROR: Failed pulling base image: $BASE_IMAGE" && exit 1)
|
||||
|
||||
docker build \
|
||||
--build-arg NODE_IMAGE="$BASE_IMAGE" \
|
||||
--build-arg NODE_ENV="${NODE_ENV:-dev}" \
|
||||
--build-arg PORT="${PORT:-3000}" \
|
||||
--build-arg NEXT_PUBLIC_API_BASE_URL="${NEXT_PUBLIC_API_BASE_URL:-/api}" \
|
||||
--build-arg DATABASE_URL="${DATABASE_URL:-}" \
|
||||
--build-arg AUTH_JWT_SECRET="${AUTH_JWT_SECRET:-}" \
|
||||
--build-arg NEXT_PUBLIC_POWERSYNC_URL="${NEXT_PUBLIC_POWERSYNC_URL:-}" \
|
||||
--build-arg POWERSYNC_PRIVATE_KEY="${POWERSYNC_PRIVATE_KEY:-}" \
|
||||
--build-arg POWERSYNC_PUBLIC_KEY="${POWERSYNC_PUBLIC_KEY:-}" \
|
||||
-t "$ECR_REPOSITORY:$IMAGE_TAG" \
|
||||
.
|
||||
|
||||
docker push "$ECR_REPOSITORY:$IMAGE_TAG"
|
||||
|
||||
update_gitops_dev_presensi:
|
||||
stage: gitops
|
||||
image: public.ecr.aws/docker/library/alpine:3.20
|
||||
tags: [self-hosted-dev]
|
||||
rules:
|
||||
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "development"'
|
||||
needs: ["build_push_dev"]
|
||||
variables:
|
||||
IMAGE_TAG: "dev-${CI_COMMIT_SHORT_SHA}"
|
||||
GITOPS_BRANCH: main
|
||||
VALUES_FILE: environments/mas-presensi/dev/mas-presensi-values-dev.yaml
|
||||
GITOPS_REPO_URL: https://oauth2:${GITOPS_TOKEN}@gitlab.com/cristian.anggita.parjaman/gitops.git
|
||||
before_script:
|
||||
- set -eu
|
||||
- apk add --no-cache git yq
|
||||
- git config --global user.email "ci@gitlab"
|
||||
- git config --global user.name "gitlab-ci"
|
||||
script: |
|
||||
set -eu
|
||||
rm -rf gitops
|
||||
git clone --depth 1 --branch "$GITOPS_BRANCH" "$GITOPS_REPO_URL" gitops
|
||||
cd gitops
|
||||
|
||||
echo "Updating dev image.tag to $IMAGE_TAG"
|
||||
yq -i '.image.tag = strenv(IMAGE_TAG)' "$VALUES_FILE"
|
||||
|
||||
git add "$VALUES_FILE"
|
||||
if git diff --cached --quiet; then
|
||||
echo "No changes to commit"
|
||||
exit 0
|
||||
fi
|
||||
git commit -m "mas-presensi dev deploy ${IMAGE_TAG}"
|
||||
git push origin "$GITOPS_BRANCH"
|
||||
|
||||
# =========================
|
||||
# PROD
|
||||
# 1) MR dev -> prod (merge_request_event, target production) : build optional push
|
||||
# 2) Setelah merge (push ke branch production) : build + push + update gitops
|
||||
# 1) MR ke target production: build (optional push)
|
||||
# 2) Push ke production: build + push + update gitops
|
||||
# =========================
|
||||
|
||||
# (A) MR pipeline (validate build dari state MR)
|
||||
build_prod_mr:
|
||||
stage: build
|
||||
image: public.ecr.aws/docker/library/docker:27
|
||||
tags: [self-hosted-dev]
|
||||
tags: [self-hosted-prod]
|
||||
rules:
|
||||
- if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "production"'
|
||||
variables:
|
||||
@@ -143,21 +63,7 @@ build_prod_mr:
|
||||
script: |
|
||||
set -eu
|
||||
echo "Build (MR) : $ECR_REPOSITORY:$IMAGE_TAG"
|
||||
BASE_IMAGE="${NODE_BASE_IMAGE:-public.ecr.aws/docker/library/node:20-alpine}"
|
||||
docker pull "$BASE_IMAGE" || true
|
||||
|
||||
docker build \
|
||||
--build-arg NODE_IMAGE="$BASE_IMAGE" \
|
||||
--build-arg NODE_ENV="${NODE_ENV:-production}" \
|
||||
--build-arg PORT="${PORT:-3000}" \
|
||||
--build-arg NEXT_PUBLIC_API_BASE_URL="${NEXT_PUBLIC_API_BASE_URL:-/api}" \
|
||||
--build-arg DATABASE_URL="${DATABASE_URL:-}" \
|
||||
--build-arg AUTH_JWT_SECRET="${AUTH_JWT_SECRET:-}" \
|
||||
--build-arg NEXT_PUBLIC_POWERSYNC_URL="${NEXT_PUBLIC_POWERSYNC_URL:-}" \
|
||||
--build-arg POWERSYNC_PRIVATE_KEY="${POWERSYNC_PRIVATE_KEY:-}" \
|
||||
--build-arg POWERSYNC_PUBLIC_KEY="${POWERSYNC_PUBLIC_KEY:-}" \
|
||||
-t "$ECR_REPOSITORY:$IMAGE_TAG" \
|
||||
.
|
||||
docker build -f Dockerfile -t "$ECR_REPOSITORY:$IMAGE_TAG" .
|
||||
|
||||
if [ "$PUSH_IMAGE" = "true" ]; then
|
||||
echo "Pushing image for MR..."
|
||||
@@ -166,11 +72,10 @@ build_prod_mr:
|
||||
echo "Skip push (MR)."
|
||||
fi
|
||||
|
||||
# (B) push ke production (hasil merge) => ini yang "build dari code merge"
|
||||
build_push_prod:
|
||||
stage: build
|
||||
image: public.ecr.aws/docker/library/docker:27
|
||||
tags: [self-hosted-dev]
|
||||
tags: [self-hosted-prod]
|
||||
rules:
|
||||
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "production"'
|
||||
variables:
|
||||
@@ -183,43 +88,20 @@ build_push_prod:
|
||||
script: |
|
||||
set -eu
|
||||
echo "Build & push (prod): $ECR_REPOSITORY:$IMAGE_TAG"
|
||||
BASE_IMAGE="${NODE_BASE_IMAGE:-public.ecr.aws/docker/library/node:20-alpine}"
|
||||
|
||||
n=1
|
||||
until [ "$n" -gt 3 ]; do
|
||||
docker pull "$BASE_IMAGE" && break
|
||||
echo "Pull base image failed (attempt $n/3), retrying..."
|
||||
sleep $((n * 10))
|
||||
n=$((n + 1))
|
||||
done
|
||||
[ "$n" -le 3 ] || (echo "ERROR: Failed pulling base image: $BASE_IMAGE" && exit 1)
|
||||
|
||||
docker build \
|
||||
--build-arg NODE_IMAGE="$BASE_IMAGE" \
|
||||
--build-arg NODE_ENV="${NODE_ENV:-production}" \
|
||||
--build-arg PORT="${PORT:-3000}" \
|
||||
--build-arg NEXT_PUBLIC_API_BASE_URL="${NEXT_PUBLIC_API_BASE_URL:-/api}" \
|
||||
--build-arg DATABASE_URL="${DATABASE_URL:-}" \
|
||||
--build-arg AUTH_JWT_SECRET="${AUTH_JWT_SECRET:-}" \
|
||||
--build-arg NEXT_PUBLIC_POWERSYNC_URL="${NEXT_PUBLIC_POWERSYNC_URL:-}" \
|
||||
--build-arg POWERSYNC_PRIVATE_KEY="${POWERSYNC_PRIVATE_KEY:-}" \
|
||||
--build-arg POWERSYNC_PUBLIC_KEY="${POWERSYNC_PUBLIC_KEY:-}" \
|
||||
-t "$ECR_REPOSITORY:$IMAGE_TAG" \
|
||||
.
|
||||
|
||||
docker build -f Dockerfile -t "$ECR_REPOSITORY:$IMAGE_TAG" .
|
||||
docker push "$ECR_REPOSITORY:$IMAGE_TAG"
|
||||
|
||||
update_gitops_prod_presensi:
|
||||
update_gitops_prod_lti:
|
||||
stage: gitops
|
||||
image: public.ecr.aws/docker/library/alpine:3.20
|
||||
tags: [self-hosted-dev]
|
||||
tags: [self-hosted-prod]
|
||||
rules:
|
||||
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "production"'
|
||||
needs: ["build_push_prod"]
|
||||
variables:
|
||||
IMAGE_TAG: "prod-${CI_COMMIT_SHORT_SHA}"
|
||||
GITOPS_BRANCH: main
|
||||
VALUES_FILE: environments/lti/prod/lti-values-prod.yaml .yaml
|
||||
VALUES_FILE: environments/lti/prod/lti-values-prod.yaml
|
||||
GITOPS_REPO_URL: https://oauth2:${GITOPS_TOKEN}@gitlab.com/cristian.anggita.parjaman/gitops.git
|
||||
before_script:
|
||||
- set -eu
|
||||
@@ -240,5 +122,5 @@ update_gitops_prod_presensi:
|
||||
echo "No changes to commit"
|
||||
exit 0
|
||||
fi
|
||||
git commit -m "mas-presensi prod deploy ${IMAGE_TAG}"
|
||||
git commit -m "lti prod deploy ${IMAGE_TAG}"
|
||||
git push origin "$GITOPS_BRANCH"
|
||||
|
||||
Reference in New Issue
Block a user