build docker via gitlab

.gitlab-ci.yml

@@ -1,76 +1,102 @@
-stages: [notify]
+stages:
+  - build
+  - cleanup
+  - deploy
 
-# --- Notify when MR is opened/updated ---
+variables:
-notify_discord_mr:
+  DOCKER_DRIVER: overlay2
-  stage: notify
+  IMAGE_NAME: "${CI_REGISTRY_IMAGE}/web-lti"
-  image: alpine:3.20
+  DEPLOY_ENV: development
-  rules:
+  KEEP_IMAGES: 3
-    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+  BUILD_MODE: static
+
+# =====================================================
+# 🔑 AUTH TO REGISTRY
+# =====================================================
+before_script:
+  - echo "🔐 Logging in to GitLab Container Registry..."
+  - echo "$GITLAB_TOKEN" | docker login -u "$GITLAB_USER" --password-stdin "$CI_REGISTRY"
+
+# =====================================================
+# 🧱 BUILD IMAGE
+# =====================================================
+build-image:
+  stage: build
+  image: docker:27.0.2
+  services:
+    - docker:dind
   variables:
-    WEBHOOK_URL: $DISCORD_WEBHOOK_URL
+    DOCKER_TLS_CERTDIR: ""
-  before_script:
+  script:
-    - apk add --no-cache curl jq
+    - echo "🚀 Building Docker image for ${DEPLOY_ENV} branch..."
-  script: |
-    MR_URL="${CI_PROJECT_URL}/-/merge_requests/${CI_MERGE_REQUEST_IID}"
 
-    jq -n \
+    # Tag format: web-lti:development_<commit>
-      --arg repo "$CI_PROJECT_PATH" \
+    - export TAG="${DEPLOY_ENV}_${CI_COMMIT_SHORT_SHA}"
-      --arg mr "#${CI_MERGE_REQUEST_IID}" \
-      --arg url "$MR_URL" \
-      --arg requestor "${GITLAB_USER_LOGIN:-$GITLAB_USER_NAME}" \
-      --arg source "$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME" \
-      --arg target "$CI_MERGE_REQUEST_TARGET_BRANCH_NAME" \
-      --arg title "$CI_MERGE_REQUEST_TITLE" \
-      '{
-        username: "CI Bot - FE",
-        embeds: [{
-          title: "📣 [LTI WEB CLIENT] Merge Request Opened/Updated",
-          description: ($mr + " in " + $repo),
-          url: $url,
-          color: 3447003,
-          fields: [
-            {name: "Author", value: $requestor, inline: true},
-            {name: "Source → Target", value: ($source + " → " + $target), inline: true},
-            {name: "Title", value: $title}
-          ]
-        }]
-      }' \
-      | curl -sS -H "Content-Type: application/json" -d @- "$WEBHOOK_URL"
 
-# --- Notify when MR is merged ---
+    - echo "🧱 Tagging image as: $IMAGE_NAME:$TAG"
-notify_discord_merge:
+    - docker build \
-  stage: notify
+        --build-arg NEXT_PUBLIC_API_BASE_URL=$NEXT_PUBLIC_API_BASE_URL \
+        --build-arg NEXT_PUBLIC_LTI_API_START_URL=$NEXT_PUBLIC_LTI_API_START_URL \
+        --build-arg NEXT_PUBLIC_LTI_CLIENT_ID=$NEXT_PUBLIC_LTI_CLIENT_ID \
+        --build-arg BUILD_MODE=$BUILD_MODE \
+        -t "$IMAGE_NAME:$TAG" \
+        -t "$IMAGE_NAME:$DEPLOY_ENV" .
+
+    - echo "📦 Pushing images to registry..."
+    - docker push "$IMAGE_NAME:$TAG"
+    - docker push "$IMAGE_NAME:$DEPLOY_ENV"
+  only:
+    - development
+
+# =====================================================
+# 🧹 CLEANUP OLD IMAGES (KEEP 3)
+# =====================================================
+cleanup-registry:
+  stage: cleanup
   image: alpine:3.20
-  rules:
+  script:
-    # Only run for merge request pipelines that are in merged state
-    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_STATE == "merged"'
-  variables:
-    WEBHOOK_URL: $DISCORD_WEBHOOK_URL
-  before_script:
     - apk add --no-cache curl jq
-  script: |
+    - echo "🧹 Cleaning up old images (keeping ${KEEP_IMAGES})..."
-    MR_URL="${CI_PROJECT_URL}/-/merge_requests/${CI_MERGE_REQUEST_IID}"
 
-    jq -n \
+    - TOKEN=$(curl --silent --request POST --header "Content-Type: application/json" \
-      --arg repo "$CI_PROJECT_PATH" \
+        --data "{\"login\": \"$GITLAB_USER\", \"password\": \"$GITLAB_TOKEN\"}" \
-      --arg mr "#${CI_MERGE_REQUEST_IID}" \
+        "${CI_REGISTRY}/jwt/auth" | jq -r '.token')
-      --arg url "$MR_URL" \
+
-      --arg requestor "${CI_MERGE_REQUEST_AUTHOR}" \
+    - ALL_TAGS=$(curl --silent --header "Authorization: Bearer $TOKEN" \
-      --arg source "$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME" \
+        "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/tags/list" \
-      --arg target "$CI_MERGE_REQUEST_TARGET_BRANCH_NAME" \
+        | jq -r '.tags | sort | reverse | .['$KEEP_IMAGES':] | @sh' | tr -d "'")
-      --arg title "$CI_MERGE_REQUEST_TITLE" \
+
-      '{
+    - |
-        username: "CI Bot - FE",
+      for tag in $ALL_TAGS; do
-        embeds: [{
+        echo "🗑️  Deleting old image tag: $tag"
-          title: "✅ [LTI WEB CLIENT] Merge Request Merged",
+        DIGEST=$(curl --silent -H "Authorization: Bearer $TOKEN" \
-          description: ($mr + " has been merged into " + $repo),
+          "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/manifests/$tag" | jq -r '.config.digest')
-          url: $url,
+        curl --silent -X DELETE -H "Authorization: Bearer $TOKEN" \
-          color: 3066993,
+          "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/manifests/${DIGEST}"
-          fields: [
+      done
-            {name: "Author", value: $requestor, inline: true},
+  only:
-            {name: "Source → Target", value: ($source + " → " + $target), inline: true},
+    - development
-            {name: "Title", value: $title}
+  when: always
-          ]
+
-        }]
+# =====================================================
-      }' \
+# 🚀 DEPLOY TO SERVER (VIA SSH)
-      | curl -sS -H "Content-Type: application/json" -d @- "$WEBHOOK_URL"
+# =====================================================
+deploy:
+  stage: deploy
+  image: alpine:3.20
+  before_script:
+    - apk add --no-cache openssh
+    - mkdir -p ~/.ssh
+    - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
+    - chmod 600 ~/.ssh/id_rsa
+    - ssh-keyscan -H "$SERVER_IP" >> ~/.ssh/known_hosts
+  script:
+    - echo "🚀 Deploying $IMAGE_NAME:$DEPLOY_ENV to $SERVER_USER@$SERVER_IP"
+    - ssh $SERVER_USER@$SERVER_IP "
+        docker login -u '$GITLAB_USER' -p '$GITLAB_TOKEN' $CI_REGISTRY &&
+        docker pull $IMAGE_NAME:$DEPLOY_ENV &&
+        docker compose -f /home/devops/docker/deployment/development/compose/docker-compose.web-lti.yaml up -d dev-web-lti &&
+        docker image prune -f
+      "
+  only:
+    - development

Dockerfile

@@ -0,0 +1,24 @@
+FROM node:20-alpine
+
+RUN apk add --no-cache git bash build-base curl
+
+WORKDIR /app
+
+COPY package*.json ./
+RUN npm ci
+
+COPY . .
+
+# Buat config agar Next tahu output: export
+RUN echo "const config = { output: 'export', images: { unoptimized: true } }; export default config;" > next.config.mjs
+
+# Build project (Next.js 15 otomatis static export)
+RUN NEXT_DISABLE_TURBOPACK=1 npx next build
+
+# Pastikan folder static tersedia untuk URL _next/static
+RUN mkdir -p .next/server/app/_next && \
+    cp -r .next/static .next/server/app/_next/static && \
+    cp -r public/assets .next/server/app/
+
+EXPOSE 3000
+CMD ["npx", "serve", ".next/server/app", "-l", "3000"]

docker-compose.yaml

@@ -0,0 +1,39 @@
+version: "3.9"
+
+services:
+  dev-web-lti:
+    container_name: dev-web-lti
+    build:
+      context: .
+      dockerfile: Dockerfile
+    ports:
+      - "3002:3000"
+    env_file:
+      - .env
+    environment:
+      NODE_ENV: production
+      APP_ENV: production
+    networks:
+      - dev-lti-network
+    restart: always
+    deploy:
+      resources:
+        limits:
+          cpus: "3.0"
+          memory: 3G
+        reservations:
+          cpus: "1.0"
+          memory: 512M
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+    # Optional: aktifkan healthcheck jika punya endpoint
+    # healthcheck:
+    #   test: ["CMD-SHELL", "curl -fsS http://localhost:3000/api/healthz || exit 1"]
+    #   interval: 10s
+    #   timeout: 3s
+    #   retries: 10
+    #   start_period: 15s
+
+networks:
+  dev-lti-network:
+    external: true