-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
95 lines (90 loc) · 3.36 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
---
stages:
- build
- deploy-to-test
- deploy-to-prod
build-image-tag:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
script:
- mkdir -p /kaniko/.docker
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
- env
- /kaniko/executor --context $CI_PROJECT_DIR/app
--dockerfile Dockerfile
--cache
--build-arg CI_COMMIT_REF_SLUG=${CI_COMMIT_REF_SLUG}
--build-arg CI_COMMIT_TAG=${CI_COMMIT_TAG}
--build-arg CI_COMMIT_SHORT_SHA=${CI_COMMIT_SHORT_SHA}
--destination $CI_REGISTRY_IMAGE/web-site:$CI_COMMIT_TAG
only:
- tags
except:
- /^(?!proxmox).+@/
build-image-branch:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
script:
- mkdir -p /kaniko/.docker
- env
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
- /kaniko/executor --context $CI_PROJECT_DIR/app
--dockerfile Dockerfile
--cache
--build-arg CI_COMMIT_REF_SLUG=${CI_COMMIT_REF_SLUG}
--build-arg CI_COMMIT_TAG=${CI_COMMIT_TAG}
--build-arg CI_COMMIT_SHORT_SHA=${CI_COMMIT_SHORT_SHA}
--destination ${CI_REGISTRY_IMAGE}/${CI_COMMIT_REF_SLUG}:${CI_COMMIT_SHORT_SHA}
- echo "FROM ${CI_REGISTRY_IMAGE}/${CI_COMMIT_REF_SLUG}:${CI_COMMIT_SHORT_SHA}" | /kaniko/executor --dockerfile /dev/stdin --destination ${CI_REGISTRY_IMAGE}/${CI_COMMIT_REF_SLUG}:latest
rules:
- changes:
- .gitlab-ci.yml
- .gitignore
- kube/**/*
- nginx/**/*
when: never
- if: $CI_MERGE_REQUEST_IID && $CI_COMMIT_TAG == null
.deployment:
image: registry.gitlab.com/dev-ops-tom/devopstom/img-kubectl:1.19
script:
- env
- if [[ ${CI_ENVIRONMENT_NAME} == "prod" ]]; then
export NAMESPACE="app";
export TEMPLATE="template_prod-deploy.yml";
else
export NAMESPACE="${CI_COMMIT_REF_SLUG}";
export TEMPLATE="template_branch-deploy.yml";
fi
- if [[ ${CI_ENVIRONMENT_NAME} == "prod" ]]; then export VERSION=${CI_COMMIT_TAG}; else export VERSION="latest"; fi
- echo "NAMESPACE=${NAMESPACE} VERSION=${VERSION}"
- kubectl create secret docker-registry gitlab-dev-ops-tom
--docker-server=$CI_REGISTRY
--docker-username=$GIT_LAB_REG_USER
--docker-password=$GIT_LAB_REG_PASS --dry-run=client -n ${NAMESPACE} -o yaml | kubectl apply -f -
- for secret in $(env | grep "K8S_SECRET_" | cut -d"=" -f 1);
do
kubectl create secret generic $(echo ${secret#K8S_SECRET_}|tr '_' '-' | tr [:upper:] [:lower:])
--from-literal=key=$(eval echo $`echo ${secret}`) -n ${NAMESPACE} --dry-run=client -o yaml | kubectl apply -f - ;
done
- cat $CI_PROJECT_DIR/kube/app/${TEMPLATE} | envsubst | tee >(kubectl apply -f -)
- kubectl -n $NAMESPACE rollout restart deploy $(kubectl -n $NAMESPACE get deploy -o custom-columns=NAME:.metadata.name --no-headers)
deploy-to-test:
extends: .deployment
stage: deploy-to-test
environment:
name: test
rules:
- if: $CI_MERGE_REQUEST_IID && $CI_COMMIT_TAG == null
deploy-to-prod:
extends: .deployment
stage: deploy-to-prod
environment:
name: prod
only:
- tags
except:
- /^(?!proxmox).+@/