-
Notifications
You must be signed in to change notification settings - Fork 0
/
.base.yml
140 lines (126 loc) · 5.72 KB
/
.base.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
#-----------------------------------------------------------------------------------------------------------------------
# CONFIGURATION
#-----------------------------------------------------------------------------------------------------------------------
variables:
BUILD_COMPOSER_VERSION: "2.5"
BUILD_NODE_VERSION: "16"
PHP_VERSION: "8.2"
# default is stage - this is overridden in prod deployment
SSH_USER: ${SSH_USER_STAGE}
SSH_HOST: ${SSH_HOST_STAGE}
# project paths - default both to root directory
PATH_CI_DIR: "${CI_PROJECT_DIR}"
PATH_APP_DIR: "${PATH_CI_DIR}"
#-----------------------------------------------------------------------------------------------------------------------
# DEFAULT-DOCKER-IMAGE
#-----------------------------------------------------------------------------------------------------------------------
image: docker-sc.artifactory.xima-services.de/xima-devops-php${PHP_VERSION}:latest
#-----------------------------------------------------------------------------------------------------------------------
# STAGES
#-----------------------------------------------------------------------------------------------------------------------
stages:
- build
- analyse
- deploy.feature
- sync
- test
- deploy.prod
- test.prod
#-----------------------------------------------------------------------------------------------------------------------
# ANALYSE
#-----------------------------------------------------------------------------------------------------------------------
.base-analyse:
stage: analyse
extends: .feature-branches
except:
- schedules
- pipelines
- tags
#-----------------------------------------------------------------------------------------------------------------------
# BUILD
#-----------------------------------------------------------------------------------------------------------------------
.base-build:
stage: build
extends: .feature-branches
allow_failure: false
except:
- schedules
- pipelines
- tags
artifacts:
when: on_success
expire_in: 36 hour
untracked: true
#-----------------------------------------------------------------------------------------------------------------------
# DEPLOY
#-----------------------------------------------------------------------------------------------------------------------
.base-deploy:
variables:
COMPOSER_CACHE_DIR: '${PATH_CI_DIR}/.composer'
except:
- schedules
- pipelines
.base-deploy-feature:
stage: deploy.feature
resource_group: $CI_COMMIT_REF_NAME
environment:
name: $CI_COMMIT_REF_NAME
url: $ENVIRONMENT_URL
.feature-branches:
variables:
FEATURE_STOP_DOWNSTREAM_BRANCH: main
only:
- /^release-(.*)/
- /^feature-.*$/
- main
#-----------------------------------------------------------------------------------------------------------------------
# SCHEDULE
#-----------------------------------------------------------------------------------------------------------------------
.base-schedule:
rules:
- if: $CI_JOB_NAME == $SCHEDULE_TASK_NAME
when: always
- when: never
#-----------------------------------------------------------------------------------------------------------------------
# TEST
#-----------------------------------------------------------------------------------------------------------------------
.base-test:
stage: test
#-----------------------------------------------------------------------------------------------------------------------
# SSH
#-----------------------------------------------------------------------------------------------------------------------
.ssh:
before_script:
- DATE=`date +%s`
- TITLE="Install SSH Key"
- echo -e "\e[0Ksection_start:${DATE}:${DATE}[collapsed=true]\r\e[0K\033[1;96m${TITLE}\033[m"
## Install ssh-agent if not already installed, it is required by Docker.
## (change apt-get to yum if you use an RPM-based image)
- type ssh-agent 2> /dev/null || ( apt-get update -y && apt-get install openssh-client -y )
## Run ssh-agent (inside the build environment)
- eval $(ssh-agent -s)
## Create the SSH directory and give it the right permissions
- mkdir -p ~/.ssh
## Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
## We're using tr to fix line endings which makes ed25519 keys work
## without extra base64 encoding.
## https://gitlab.com/gitlab-examples/ssh-private-key/issues/1#note_48526556
- echo "${SSH_KEY}" | tr -d ' ' | base64 -d > ~/.ssh/id_rsa
- touch ~/.ssh/config
- chmod 700 -R ~/.ssh
## Use ssh-keyscan to scan the keys of your private server. Replace gitlab.com
## with your own domain name. You can copy and repeat that command if you have
## more than one server to connect to.
## add all SSH_HOST variables to known_hosts file
- printenv | grep ^SSH_HOST | while read line; do ssh-keyscan ${line##*=} >> ~/.ssh/known_hosts; done
- echo "${SSH_HOST}" >> /etc/hosts
- echo -e "Host *\n\tStrictHostKeyChecking yes\n\tUserKnownHostsFile=~/.ssh/known_hosts\n\n" > ~/.ssh/config
- echo -e "\e[0Ksection_end:`date +%s`:${DATE}\r\e[0K"
#-----------------------------------------------------------------------------------------------------------------------
# DEPLOYMENT DEPENDENCIES
#-----------------------------------------------------------------------------------------------------------------------
.check-deployment-dependencies:
script:
# check if composer dependencies are actually available for the next steps
# needed for manual or scheduled jobs with expired artifacts
- if [ ! -d ${PATH_CI_DIR}/vendor ]; then composer install --ignore-platform-reqs --optimize-autoloader --no-ansi --no-interaction --no-progress --no-scripts --quiet -d ${PATH_CI_DIR}; fi