edit .gitlab-ci

2026-05-20 13:32:00 +00:00 · 2025-11-09 15:01:10 +07:00
parent 29ff1bb50a
commit 66b6579f27
2 changed files with 45 additions and 100 deletions
@@ -1,95 +1,44 @@
 stages:
  - build
  - cleanup
  - deploy
 variables:
  # 🔧 Aktifkan Docker BuildKit (build lebih cepat & caching layer)
  DOCKER_BUILDKIT: "1"
  COMPOSE_DOCKER_CLI_BUILD: "1"
  DOCKER_DRIVER: overlay2
  IMAGE_NAME: "${CI_REGISTRY_IMAGE}/web-lti"
  DEPLOY_ENV: development
  KEEP_IMAGES: 3
  BUILD_MODE: static
-before_script:
+  # 🧠 Nama image (pakai commit short SHA)
-  - echo "🔐 Logging in to GitLab Container Registry..."
+  IMAGE_NAME: "$CI_REGISTRY_IMAGE/web-lti:development_${CI_COMMIT_SHORT_SHA}"
-  - echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin "$CI_REGISTRY"
+
  # Cache npm (disimpan antar pipeline)
  NPM_CACHE_DIR: "$CI_PROJECT_DIR/.npm"
 cache:
  key: npm-cache
  paths:
    - .npm/
 # =====================================================
 # 🧱 BUILD IMAGE
 # =====================================================
 build-image:
  stage: build
-  image: docker:27.0.2
+  image: docker:27.0.3
  services:
    - docker:dind
  variables:
    DOCKER_TLS_CERTDIR: ""
  script: |
    echo "🚀 Building Docker image for ${DEPLOY_ENV} branch..."
    export TAG="${DEPLOY_ENV}_${CI_COMMIT_SHORT_SHA}"
    echo "🧱 Tagging image as: $IMAGE_NAME:$TAG"
    docker build \
      --build-arg NEXT_PUBLIC_API_BASE_URL=$NEXT_PUBLIC_API_BASE_URL \
      --build-arg NEXT_PUBLIC_SSO_LOGIN_URL=$NEXT_PUBLIC_SSO_LOGIN_URL \
      --build-arg BUILD_MODE=$BUILD_MODE \
      -t "$IMAGE_NAME:$TAG" \
      -t "$IMAGE_NAME:$DEPLOY_ENV" .
    echo "📦 Pushing images to registry..."
    docker push "$IMAGE_NAME:$TAG"
    docker push "$IMAGE_NAME:$DEPLOY_ENV"
  only:
    - development
 # =====================================================
 # 🧹 CLEANUP OLD IMAGES (KEEP 3)
 # =====================================================
 cleanup-registry:
  stage: cleanup
  image: alpine:3.20
  script: |
    apk add --no-cache curl jq
    echo "🧹 Cleaning up old images (keeping ${KEEP_IMAGES})..."
    TOKEN=$(curl --silent --request POST --header "Content-Type: application/json" \
      --data "{\"login\": \"$GITLAB_USER\", \"password\": \"$GITLAB_TOKEN\"}" \
      "${CI_REGISTRY}/jwt/auth" | jq -r '.token')
    ALL_TAGS=$(curl --silent --header "Authorization: Bearer $TOKEN" \
      "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/tags/list" \
      | jq -r ".tags | sort | reverse | .[${KEEP_IMAGES}:]" | jq -r '.[]')
    for tag in $ALL_TAGS; do
      echo "🗑️  Deleting old image tag: $tag"
      DIGEST=$(curl --silent -H "Authorization: Bearer $TOKEN" \
        "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/manifests/$tag" | jq -r '.config.digest')
      curl --silent -X DELETE -H "Authorization: Bearer $TOKEN" \
        "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/manifests/${DIGEST}" || true
    done
  only:
    - development
  when: always
 # =====================================================
 # 🚀 DEPLOY TO SERVER (VIA SSH)
 # =====================================================
 deploy:
  stage: deploy
  image: alpine:3.20
  before_script:
-    - apk add --no-cache openssh
+    - echo "🔐 Logging in to GitLab Container Registry..."
-    - mkdir -p ~/.ssh
+    - echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin "$CI_REGISTRY"
-    - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
+
-    - chmod 600 ~/.ssh/id_rsa
+  script:
-    - ssh-keyscan -H "$SERVER_IP" >> ~/.ssh/known_hosts
+    - echo "🚧 Building optimized Docker image..."
-  script: |
+    - docker build --build-arg BUILDKIT_INLINE_CACHE=1 --cache-from $CI_REGISTRY_IMAGE/web-lti:latest -t "$IMAGE_NAME" .
-    echo "🚀 Deploying $IMAGE_NAME:$DEPLOY_ENV to $SERVER_USER@$SERVER_IP"
+    - docker push "$IMAGE_NAME"
-    ssh $SERVER_USER@$SERVER_IP "
+
-      docker login -u '$GITLAB_USER' -p '$GITLAB_TOKEN' $CI_REGISTRY &&
+    # 🧹 Keep only last 3 images (hapus yang lama)
-      docker pull $IMAGE_NAME:$DEPLOY_ENV &&
+    - echo "🧹 Cleaning old images..."
-      docker compose -f /home/devops/docker/deployment/development/compose/docker-compose.web-lti.yaml up -d dev-web-lti &&
+    - docker image prune -af --filter "until=72h"
-      docker image prune -f
+
-    "
+  after_script:
-  only:
+    - echo "✅ Build complete: $IMAGE_NAME"
-    - development
+
  rules:
    - if: '$CI_COMMIT_BRANCH == "development"'
@@ -1,56 +1,52 @@
 # ============================================================
-# 🏗️  Stage 1 — Builder
+# 🏗️ Stage 1 — Builder
 # ============================================================
 FROM node:20-alpine AS builder
-# Install hanya yang diperlukan untuk build
+# Install dependensi dasar
 RUN apk add --no-cache git bash build-base curl
 WORKDIR /app
-# Copy dependency list terlebih dahulu agar cache efektif
+# Copy dependencies terlebih dahulu agar cache efisien
 COPY package*.json ./
-# Gunakan npm ci (lebih cepat, konsisten)
+# Pastikan npm up to date agar mendukung flag terbaru
-RUN npm ci --omit=dev
+RUN npm install -g npm@11 && npm --version
-# Copy source code terakhir
+# Install dependency tanpa devDependencies (aman di semua npm versi)
 RUN npm ci --only=production
 # Copy seluruh source
 COPY . .
-# Buat config agar Next tahu mode static export
+# Buat konfigurasi output Next.js
 RUN echo "const config = { output: 'export', images: { unoptimized: true } }; export default config;" > next.config.mjs
-# Build Next.js tanpa Turbopack, lalu hapus cache npm
+# Build project (disable Turbopack agar tidak makan RAM)
 ENV NEXT_DISABLE_TURBOPACK=1
 RUN npx next build && npm cache clean --force
-# Tambahkan cache folder _next agar bisa dilayani oleh server
+# Siapkan folder static untuk serve
 RUN mkdir -p .next/server/app/_next && \
    cp -r .next/static .next/server/app/_next/static && \
    cp -r public/assets .next/server/app/ || true
 # ============================================================
-# 🧱  Stage 2 — Runtime (super ringan)
+# 🧱 Stage 2 — Runtime
 # ============================================================
 FROM node:20-alpine AS runtime
-# Install hanya 1 dependency ringan untuk serving static file
+RUN apk add --no-cache tini && npm install -g serve
 RUN npm install -g serve && apk add --no-cache tini
 WORKDIR /app
 # Copy hasil build dari stage sebelumnya
 COPY --from=builder /app/.next/server/app ./server
 COPY --from=builder /app/.next/server/app/_next ./server/_next
 COPY --from=builder /app/public ./public
 # Set environment minimal
 ENV NODE_ENV=production
 ENV PORT=3000
 EXPOSE 3000
 # Jalankan lewat tini untuk handle signal & memory leak
 ENTRYPOINT ["/sbin/tini", "--"]
 CMD ["serve", "-s", "server", "-l", "3000"]