stages: - build - deploy variables: DOCKER_BUILDKIT: "1" COMPOSE_DOCKER_CLI_BUILD: "1" DOCKER_DRIVER: overlay2 IMAGE_TAG: "stg-ec2_${CI_COMMIT_SHORT_SHA}" IMAGE_NAME: "${CI_REGISTRY_IMAGE}:${IMAGE_TAG}" IMAGE_LATEST_stg-ec2: "${CI_REGISTRY_IMAGE}:stg-ec2_latest" build:stg-ec2: stage: build image: docker:27.0.3 services: - name: docker:27.0.3-dind command: ["--mtu=1460"] rules: - if: '$CI_COMMIT_BRANCH == "stg-ec2"' before_script: - echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin "$CI_REGISTRY" script: - docker build -t "$IMAGE_NAME" -f Dockerfile . - docker push "$IMAGE_NAME" - docker tag "$IMAGE_NAME" "$IMAGE_LATEST_stg-ec2" - docker push "$IMAGE_LATEST_stg-ec2" after_script: - docker system prune -af || true # ========================= # DEPLOY: Server pull image + docker compose up # ========================= # deploy:stg-ec2: # stage: deploy # image: alpine:3.20 # rules: # - if: '$CI_COMMIT_BRANCH == "stg-ec2"' # needs: ["build:stg-ec2"] # before_script: # - apk add --no-cache openssh-client bash curl ca-certificates # - mkdir -p ~/.ssh # # penting: buang CRLF biar key tidak "error in libcrypto" # - printf "%s" "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa # - chmod 600 ~/.ssh/id_rsa # - eval "$(ssh-agent -s)" # - ssh-add ~/.ssh/id_rsa # - ssh-keyscan -H "$SERVER_IP" >> ~/.ssh/known_hosts # script: # - echo "Deploy on server: $SERVER_USER@$SERVER_IP" # - echo "Target dir: /docker/deployment/stg-ec2/stg-lti-api" # - | # ssh -o StrictHostKeyChecking=no "$SERVER_USER@$SERVER_IP" " # set -e # cd /docker/deployment/stg-ec2/stg-lti-api # echo 'Login registry on server...' # echo '$CI_REGISTRY_PASSWORD' | docker login -u '$CI_REGISTRY_USER' --password-stdin '$CI_REGISTRY' # echo 'Pull new image...' # docker compose pull # echo 'Restart containers...' # docker compose up -d # echo 'Cleanup old images...' # docker image prune -af --filter 'until=168h' || true # "