-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
128 lines (110 loc) · 5.92 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
stages:
- build
- deploy
deploy:
when: manual
stage: deploy
before_script:
# Install ssh-agent if not already installed, it is required by Docker.
# (change apt-get to yum if you use a CentOS-based image)
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
# Run ssh-agent (inside the build environment)
- eval $(ssh-agent -s)
# Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
- ssh-add <(echo "$SSH_PRIVATE_KEY")
# For Docker builds disable host key checking. Be aware that by adding that
# you are suspectible to man-in-the-middle attacks.
# WARNING: Use this only with the Docker executor, if you use it with shell
# you will overwrite your user's SSH config.
- mkdir -p ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
script:
- ssh root@${SERVER_ADDRESS} "cd /build && sudo git fetch origin && git checkout ${CI_BUILD_REF}
&& bash ./clean.sh
&& docker-compose -f docker-compose.yml -f docker-compose.prod.yml pull
&& docker-compose -f docker-compose.yml -f docker-compose.prod.yml stop
&& docker-compose -f docker-compose.yml -f docker-compose.prod.yml rm -f
&& GITHUB_CLIENT_SECRET=${GITHUB_CLIENT_SECRET}
MAILER_AUTH_USER=${MAILER_AUTH_USER}
MAILER_AUTH_PASS=${MAILER_AUTH_PASS}
CLOUDFLARE_API_KEY=${CLOUDFLARE_API_KEY}
SECRET_KEY_BASE=${SECRET_KEY_BASE}
docker-compose -f docker-compose.yml -f docker-compose.prod.yml up -d"
build:
stage: build
image: docker:latest
variables:
DOCKER_DRIVER: overlay
services:
- docker:dind
before_script:
- apk add --no-cache py2-pip
- pip install docker-compose
script:
- docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.gitlab.com
- docker-compose -f docker-compose.yml -f docker-compose.prod.yml build
- docker-compose -f docker-compose.yml -f docker-compose.prod.yml push
restart:
when: manual
stage: deploy
before_script:
# Install ssh-agent if not already installed, it is required by Docker.
# (change apt-get to yum if you use a CentOS-based image)
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
# Run ssh-agent (inside the build environment)
- eval $(ssh-agent -s)
# Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
- ssh-add <(echo "$SSH_PRIVATE_KEY")
# For Docker builds disable host key checking. Be aware that by adding that
# you are suspectible to man-in-the-middle attacks.
# WARNING: Use this only with the Docker executor, if you use it with shell
# you will overwrite your user's SSH config.
- mkdir -p ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
script:
- ssh root@${SERVER_ADDRESS} "cd /build && docker-compose -f docker-compose.yml -f docker-compose.prod.yml stop
&& docker-compose -f docker-compose.yml -f docker-compose.prod.yml rm -f
&& GITHUB_CLIENT_SECRET=${GITHUB_CLIENT_SECRET}
MAILER_AUTH_USER=${MAILER_AUTH_USER}
MAILER_AUTH_PASS=${MAILER_AUTH_PASS}
CLOUDFLARE_API_KEY=${CLOUDFLARE_API_KEY}
SECRET_KEY_BASE=${SECRET_KEY_BASE}
docker-compose -f docker-compose.yml -f docker-compose.prod.yml up -d"
maintain:
when: manual
stage: deploy
before_script:
# Install ssh-agent if not already installed, it is required by Docker.
# (change apt-get to yum if you use a CentOS-based image)
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
# Run ssh-agent (inside the build environment)
- eval $(ssh-agent -s)
# Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
- ssh-add <(echo "$SSH_PRIVATE_KEY")
# For Docker builds disable host key checking. Be aware that by adding that
# you are suspectible to man-in-the-middle attacks.
# WARNING: Use this only with the Docker executor, if you use it with shell
# you will overwrite your user's SSH config.
- mkdir -p ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
script:
- ssh root@${SERVER_ADDRESS} "docker cp /build/nginx/maintenance.template build_nginx_1:/usr/share/nginx/html/maintenance.html"
rework:
when: manual
stage: deploy
before_script:
# Install ssh-agent if not already installed, it is required by Docker.
# (change apt-get to yum if you use a CentOS-based image)
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
# Run ssh-agent (inside the build environment)
- eval $(ssh-agent -s)
# Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
- ssh-add <(echo "$SSH_PRIVATE_KEY")
# For Docker builds disable host key checking. Be aware that by adding that
# you are suspectible to man-in-the-middle attacks.
# WARNING: Use this only with the Docker executor, if you use it with shell
# you will overwrite your user's SSH config.
- mkdir -p ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
script:
- ssh root@${SERVER_ADDRESS} "docker exec -it build_nginx_1 rm -f /usr/share/nginx/html/maintenance.html"