Update .gitlab-ci.yml change https to ssh

2026-05-20 13:31:56 +00:00 · 2025-12-01 04:40:38 +00:00
parent 2e2aed67b8
commit 91ad7ad5e0
1 changed files with 27 additions and 6 deletions
@@ -6,24 +6,45 @@ deploy-dev:
  image: alpine:3.20
  variables:
    DEPLOY_APP: "LTI-MBUGROUP"
+    # Opsional: kalau pakai submodule, ini bikin clone submodule pakai SSH juga
+    GIT_SUBMODULE_STRATEGY: recursive
+    GIT_DEPTH: "1"

  before_script:
    - echo "🧰 Installing dependencies..."
-    - apk update && apk add --no-cache openssh git curl
+    - apk update && apk add --no-cache openssh git curl bash
+
+    # Setup SSH di runner
    - mkdir -p ~/.ssh
-    - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
+    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
    - chmod 600 ~/.ssh/id_rsa
-    - eval $(ssh-agent -s)
+    - eval "$(ssh-agent -s)"
    - ssh-add ~/.ssh/id_rsa
+
+    # Trust host keys (server + gitlab) biar SSH gak nanya interaktif
    - ssh-keyscan -H "$SERVER_IP" >> ~/.ssh/known_hosts
+    - ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts

  script:
    - echo "🚀 Deploying latest code to $SERVER_USER@$SERVER_IP"
+
    - >
      if ssh -o StrictHostKeyChecking=no "$SERVER_USER@$SERVER_IP" "
-        cd /home/devops/docker/deployment/development/lti-api &&
-        git fetch origin development &&
-        git reset --hard origin/development &&
+        set -e
+
+        cd /home/devops/docker/deployment/development/lti-api
+
+        # Pastikan remote origin SSH (antisipasi kalau pernah ke-set HTTPS)
+        git remote set-url origin git@gitlab.com:mbugroup/lti-api.git
+
+        # Pastikan server percaya gitlab.com juga (untuk git fetch via SSH)
+        mkdir -p ~/.ssh
+        ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts
+
+        # Fetch/reset pakai SSH
+        GIT_SSH_COMMAND='ssh -o StrictHostKeyChecking=no' git fetch origin development
+        git reset --hard origin/development
+
        docker compose restart dev-api-lti || docker compose up -d dev-api-lti
      "; then
        STATUS='success';