64 lines
1.8 KiB
YAML
64 lines
1.8 KiB
YAML
stages:
|
|
- build
|
|
- deploy
|
|
|
|
variables:
|
|
LATEST_IMAGE: '$CI_REGISTRY_IMAGE:latest'
|
|
PRODUCTION_URL: 'https://home.unjx.de'
|
|
|
|
image: docker:$V_DOCKER-git
|
|
|
|
.auth_gitlab:
|
|
before_script:
|
|
- echo $CI_REGISTRY_PASSWORD | docker login --username $CI_REGISTRY_USER --password-stdin $CI_REGISTRY
|
|
after_script:
|
|
- docker logout
|
|
|
|
.rules:deploy:
|
|
rules:
|
|
- if: '$CI_COMMIT_TAG =~ /^v[0-9]+\.[0-9]+\.[0-9]+$/'
|
|
|
|
build:
|
|
rules: !reference [.rules:deploy, rules]
|
|
stage: build
|
|
variables:
|
|
DOCKER_BUILDKIT: 1
|
|
CURRENT_IMAGE: '$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG'
|
|
before_script:
|
|
- !reference [.auth_gitlab, before_script]
|
|
script:
|
|
- docker buildx create --use
|
|
- docker buildx build . \
|
|
--provenance=false \
|
|
--platform=linux/amd64,linux/arm64 \
|
|
--build-arg APP_VERSION=${CI_COMMIT_TAG} \
|
|
--build-arg V_GOLANG=${V_GOLANG} \
|
|
--build-arg V_NODE=${V_NODE} \
|
|
--build-arg V_ALPINE=${V_ALPINE} \
|
|
--tag ${CURRENT_IMAGE} \
|
|
--tag ${LATEST_IMAGE} \
|
|
--pull --push
|
|
- docker push $CURRENT_IMAGE
|
|
- docker push $LATEST_IMAGE
|
|
after_script:
|
|
- !reference [.auth_gitlab, after_script]
|
|
|
|
deploy:
|
|
rules: !reference [.rules:deploy, rules]
|
|
stage: deploy
|
|
image: debian:${V_DEBIAN}-slim
|
|
id_tokens:
|
|
TBOT_GITLAB_JWT:
|
|
aud: tp.unjx.de
|
|
script:
|
|
- apt-get update && apt-get install curl -y
|
|
- cp tbot.yaml /tmp
|
|
- cd /tmp
|
|
- 'curl -O https://cdn.teleport.dev/teleport-v${V_TELEPORT}-linux-amd64-bin.tar.gz'
|
|
- tar -xvf teleport-v${V_TELEPORT}-linux-amd64-bin.tar.gz
|
|
- ./teleport/install
|
|
- 'tbot start -c tbot.yaml'
|
|
- 'tsh -i /tmp/machine-id/identity --proxy tp.unjx.de:443 ssh gitlab@berg "docker compose -f /opt/docker/home/compose.yml up home -d --pull always && docker system prune --force"'
|
|
environment:
|
|
name: production
|
|
url: $PRODUCTION_URL
|