.gitlab-ci.yml 5.56 KB
Newer Older
1
image: gitlab.cs.wallawalla.edu:5050/elock/doorcode:latest
2
3

services:
4
  - postgres:13-alpine
Jacob Priddy's avatar
Jacob Priddy committed
5

6
variables:
7
8
9
  POSTGRES_USER: web
  POSTGRES_PASSWORD: secret
  POSTGRES_DB: doorcode
Jacob Priddy's avatar
Jacob Priddy committed
10
11
  DOORCODE_IMAGE_NAME: doorcode/app:$CI_PIPELINE_ID
  NGINX_IMAGE_NAME: doorcode/web:$CI_PIPELINE_ID
12
13

stages:
Jacob Priddy's avatar
Jacob Priddy committed
14
  - build
15
  - test
16
  - coverage
17
  - deploy
18

Jacob Priddy's avatar
Jacob Priddy committed
19
20
21
22
23
24
25
26
27
28
29
build_web_backend:
  stage: build
  script:
    - src/backend/install-dev.sh
  artifacts:
    paths:
      - src/backend/vendor
      - src/backend/.env
      - src/backend/composer.lock
    # Currently set to build timeout
    expire_in: 1 day
Jacob Priddy's avatar
Jacob Priddy committed
30

Jacob Priddy's avatar
Jacob Priddy committed
31
32
33
34
35
36
37
38
39
40
#build_web_frontend:
#  stage: build
#  script:
#    - cd src/frontend
#    - npm install
#    - npm run build --mode=production --dest=dist
#  artifacts:
#    paths:
#      - src/frontend/dist
#    expire_in: 1 day
Jacob Priddy's avatar
Jacob Priddy committed
41

42
43
44
45
46
#test_php_styles:
#  stage: test
#  script:
#    - cd src/backend
#    - vendor/bin/php-cs-fixer fix --config=.php_cs -v --dry-run --stop-on-violation --using-cache=no
47

48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#test_web_backend_unit:
#  stage: test
#  script:
#    - cd src/backend
#    - vendor/bin/phpunit --testsuite Unit
#
#test_web_backend_feature:
#  stage: test
#  script:
#    - cd src/backend
#    - vendor/bin/phpunit --testsuite Feature
#
#test_web_backend_database:
#  stage: test
#  script:
#    - cd src/backend
#    - vendor/bin/phpunit --testsuite Database
#
#generate_api_docs:
#  stage: coverage
#  script:
#    - cd src/backend
#    - sed -i 's/\(^APP_ENV=\).*/\1memory/' .env
#    - "if (php artisan apidoc:generate | grep \"Exception\") then echo \"Failed to generate API docs.\" && false; else true; fi"
#  artifacts:
#    paths:
#      - src/backend/public/docs
#    expire_in: 1 day
#
#generate_code_coverage:
#  stage: coverage
#  script:
#    - cd src/backend
#    - phpdbg -qrr -d memory_limit=256M vendor/bin/phpunit --coverage-html cov
#  artifacts:
#    paths:
#      - src/backend/cov
#    expire_in: 30 days
86

Jacob Priddy's avatar
Jacob Priddy committed
87
88
89
90
deploy application:
  image: tiangolo/docker-with-compose
  tags:
    - elock
91
92
  stage: deploy
  script:
Jacob Priddy's avatar
Jacob Priddy committed
93
94
95
96
97
98
99
100
    # Delete previous unneeded artifacts
    - >
      rm -rf src/backend/cov
      src/backend/vendor
      src/backend/tests
      src/frontend
      src/install-dev.sh
      src/backend/node_modules
101
      .env
Jacob Priddy's avatar
Jacob Priddy committed
102
103
    - docker-compose -f docker-compose.prod.yml build
    - sed -i "s/\(^DB_PASSWORD=\).*/\1$(cat $POSTGRES_PASSWORD)/" $PROJ_DIR/.env
104
    - cp $PROJ_DIR/.env .env
105
106
    - docker build -t $DOORCODE_IMAGE_NAME -f prod.Dockerfile .
    - docker build --build-arg APP_IMAGE=$DOORCODE_IMAGE_NAME -t $NGINX_IMAGE_NAME -f nginx.Dockerfile .
Jacob Priddy's avatar
Jacob Priddy committed
107
    - docker stack deploy -c docker-compose.prod.yml doorcode --prune
Jacob Priddy's avatar
Jacob Priddy committed
108
109
110
111
112
    # Give it some time to spin up...
    - sleep 10
    # Make sure app is running
    - "curl --fail --insecure --location https://${DEPLOY_ADDRESS}/api"
    - "curl --fail --insecure --location https://${DEPLOY_ADDRESS}/api/docs"
113
  environment:
Jacob Priddy's avatar
Jacob Priddy committed
114
    name: production
Jacob Priddy's avatar
Jacob Priddy committed
115
    url: https://elock.cs.wallawalla.edu/api
Jacob Priddy's avatar
Jacob Priddy committed
116
    on_stop: stop-prod
117
#  when: manual
Jacob Priddy's avatar
Jacob Priddy committed
118
  only:
119
    - master
Jacob Priddy's avatar
Jacob Priddy committed
120

Jacob Priddy's avatar
Jacob Priddy committed
121
stop-prod:
122
123
  stage: deploy
  script:
Jacob Priddy's avatar
Jacob Priddy committed
124
    - docker stack rm doorcode
125
126
  only:
    - master
Jacob Priddy's avatar
Jacob Priddy committed
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
  when: manual
  environment:
    name: production
    action: stop


#deploy_backend_production:
#  stage: deploy
#  before_script:
#    - eval $(ssh-agent -s)
#    - ssh-add <(echo "${SSH_PRIVATE_KEY}" | base64 -d -w 0)
#    - mkdir -p ~/.ssh
#    - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
#  script:
#    - SSH_COMMAND_STRING="cd doorcode"
#    # get newest changes
#    - SSH_COMMAND_STRING+=" && git pull"
#    - SSH_COMMAND_STRING+=" && (docker-compose restart || docker-compose up -d)"
#    # the -T fixes the input device is not a TTY .. see https://github.com/docker/compose/issues/5696
#    - SSH_COMMAND_STRING+=" && docker-compose exec -T api ./update-prod.sh"
#    - echo "$SSH_COMMAND_STRING"
#    # Execute the deploy
#    - ssh $SSH_USER@$SSH_HOST "${SSH_COMMAND_STRING}"
#    # Make sure it is running
#    - "curl --insecure --location https://${SSH_HOST}/api | grep \"Welcome to the elock API.\""
#  environment:
#    name: production_api
#    url: https://elock.cs.wallawalla.edu/api
#  when: manual
#  only:
#    - master
#
#deploy_api_docs:
#  stage: deploy
#  before_script:
#    - eval $(ssh-agent -s)
#    - ssh-add <(echo "${SSH_PRIVATE_KEY}" | base64 -d -w 0)
#    - mkdir -p ~/.ssh
#    - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
#  script:
#    # Can't use the CI job token to deploy the artifact because that's a "pRemiUm FEATurE"
#    - "rsync -a --delete src/backend/public/docs $SSH_USER@$SSH_HOST:/home/$SSH_USER/doorcode/src/backend/public/"
#    # Make sure it is running
#    - "curl --insecure --location https://${SSH_HOST}/api/docs/ | grep \"Welcome to the generated API reference.\""
#  environment:
#    name: production_api_docs
#    url: https://elock.cs.wallawalla.edu/api/docs/
#  when: manual
#  only:
#    - master
177

Jacob Priddy's avatar
Jacob Priddy committed
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
#deploy_frontend_production:
#  stage: deploy
#  before_script:
#    - eval $(ssh-agent -s)
#    - ssh-add <(echo "${SSH_PRIVATE_KEY}" | base64 -d -w 0)
#    - mkdir -p ~/.ssh
#    - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
#  script:
#    # Can't use the CI job token to deploy the artifact because that's a "pRemiUm FEATurE"
#    - "rsync -a --delete src/frontend/dist $SSH_USER@$SSH_HOST:/home/$SSH_USER/doorcode/src/frontend/"
#    # Make sure it is running
#    - "curl --insecure --location https://${SSH_HOST} | grep \"work properly without JavaScript enabled.\""
#  environment:
#    name: production_frontend
#    url: https://elock.cs.wallawalla.edu
#  when: manual
#  only:
#    - master