stages: - build - cleanup - deploy variables: DOCKER_DRIVER: overlay2 IMAGE_NAME: "${CI_REGISTRY_IMAGE}/web-lti" DEPLOY_ENV: development KEEP_IMAGES: 3 BUILD_MODE: static before_script: - echo "๐Ÿ” Logging in to GitLab Container Registry..." - echo "$GITLAB_TOKEN" | docker login -u "$GITLAB_USER" --password-stdin "$CI_REGISTRY" # ===================================================== # ๐Ÿงฑ BUILD IMAGE # ===================================================== build-image: stage: build image: docker:27.0.2 services: - docker:dind variables: DOCKER_TLS_CERTDIR: "" script: | echo "๐Ÿš€ Building Docker image for ${DEPLOY_ENV} branch..." export TAG="${DEPLOY_ENV}_${CI_COMMIT_SHORT_SHA}" echo "๐Ÿงฑ Tagging image as: $IMAGE_NAME:$TAG" docker build \ --build-arg NEXT_PUBLIC_API_BASE_URL=$NEXT_PUBLIC_API_BASE_URL \ --build-arg NEXT_PUBLIC_SSO_LOGIN_URL=$NEXT_PUBLIC_SSO_LOGIN_URL \ --build-arg BUILD_MODE=$BUILD_MODE \ -t "$IMAGE_NAME:$TAG" \ -t "$IMAGE_NAME:$DEPLOY_ENV" . echo "๐Ÿ“ฆ Pushing images to registry..." docker push "$IMAGE_NAME:$TAG" docker push "$IMAGE_NAME:$DEPLOY_ENV" only: - development # ===================================================== # ๐Ÿงน CLEANUP OLD IMAGES (KEEP 3) # ===================================================== cleanup-registry: stage: cleanup image: alpine:3.20 script: | apk add --no-cache curl jq echo "๐Ÿงน Cleaning up old images (keeping ${KEEP_IMAGES})..." TOKEN=$(curl --silent --request POST --header "Content-Type: application/json" \ --data "{\"login\": \"$GITLAB_USER\", \"password\": \"$GITLAB_TOKEN\"}" \ "${CI_REGISTRY}/jwt/auth" | jq -r '.token') ALL_TAGS=$(curl --silent --header "Authorization: Bearer $TOKEN" \ "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/tags/list" \ | jq -r ".tags | sort | reverse | .[${KEEP_IMAGES}:]" | jq -r '.[]') for tag in $ALL_TAGS; do echo "๐Ÿ—‘๏ธ Deleting old image tag: $tag" DIGEST=$(curl --silent -H "Authorization: Bearer $TOKEN" \ "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/manifests/$tag" | jq -r '.config.digest') curl --silent -X DELETE -H "Authorization: Bearer $TOKEN" \ "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/manifests/${DIGEST}" || true done only: - development when: always # ===================================================== # ๐Ÿš€ DEPLOY TO SERVER (VIA SSH) # ===================================================== deploy: stage: deploy image: alpine:3.20 before_script: - apk add --no-cache openssh - mkdir -p ~/.ssh - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa - chmod 600 ~/.ssh/id_rsa - ssh-keyscan -H "$SERVER_IP" >> ~/.ssh/known_hosts script: | echo "๐Ÿš€ Deploying $IMAGE_NAME:$DEPLOY_ENV to $SERVER_USER@$SERVER_IP" ssh $SERVER_USER@$SERVER_IP " docker login -u '$GITLAB_USER' -p '$GITLAB_TOKEN' $CI_REGISTRY && docker pull $IMAGE_NAME:$DEPLOY_ENV && docker compose -f /home/devops/docker/deployment/development/compose/docker-compose.web-lti.yaml up -d dev-web-lti && docker image prune -f " only: - development