@catladder/pipeline 1.144.0 → 1.145.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bash/BashExpression.d.ts +40 -0
- package/dist/bash/BashExpression.js +124 -0
- package/dist/bash/bashExpressionPerPipelineType.d.ts +6 -0
- package/dist/bash/bashExpressionPerPipelineType.js +11 -0
- package/dist/bash/bashYaml.d.ts +10 -0
- package/dist/bash/bashYaml.js +46 -0
- package/dist/bash/getInjectVarsScript.d.ts +2 -0
- package/dist/bash/getInjectVarsScript.js +45 -0
- package/dist/bash/replaceAsync.d.ts +2 -0
- package/dist/{pipeline/commitInfo/getCommitInfo.js → bash/replaceAsync.js} +49 -21
- package/dist/build/base/__tests__/createArtifactsConfig.test.js +3 -1
- package/dist/build/base/constants.js +3 -1
- package/dist/build/base/createAppBuildJob.d.ts +2 -1
- package/dist/build/base/createAppBuildJob.js +10 -6
- package/dist/build/base/createArtifactsConfig.d.ts +1 -1
- package/dist/build/base/createArtifactsConfig.js +3 -1
- package/dist/build/base/index.js +3 -1
- package/dist/build/base/writeBuildInfo.js +4 -3
- package/dist/build/base/writeDotEnv.js +12 -3
- package/dist/build/custom/__tests__/testJob.test.js +3 -1
- package/dist/build/custom/buildJob.js +4 -12
- package/dist/build/custom/index.js +3 -1
- package/dist/build/custom/testJob.d.ts +1 -1
- package/dist/build/custom/testJob.js +18 -14
- package/dist/build/docker.d.ts +5 -31
- package/dist/build/docker.js +16 -9
- package/dist/build/index.d.ts +1 -1
- package/dist/build/index.js +13 -7
- package/dist/build/node/buildJob.js +4 -12
- package/dist/build/node/cache.js +6 -3
- package/dist/build/node/constants.js +3 -1
- package/dist/build/node/index.js +3 -1
- package/dist/build/node/meteor.js +5 -2
- package/dist/build/node/testJob.js +18 -14
- package/dist/build/node/yarn.d.ts +3 -2
- package/dist/build/node/yarn.js +6 -3
- package/dist/build/rails/build.js +3 -1
- package/dist/build/rails/index.js +3 -1
- package/dist/build/rails/test.js +15 -11
- package/dist/build/sbom.js +3 -1
- package/dist/build/types.d.ts +24 -18
- package/dist/build/types.js +3 -1
- package/dist/bundles/catladder-gitlab/index.js +3 -3
- package/dist/catladder-gitlab.js +10 -54
- package/dist/config/__tests__/configruedEnvs.test.js +3 -1
- package/dist/config/configruedEnvs.js +3 -1
- package/dist/config/index.js +13 -7
- package/dist/config/readConfig.js +6 -5
- package/dist/constants.js +5 -3
- package/dist/context/__tests__/resolveReferences.test.js +40 -8
- package/dist/context/getBuildInfoVariables.d.ts +7 -0
- package/dist/context/getBuildInfoVariables.js +29 -0
- package/dist/context/getEnvConfig.js +3 -1
- package/dist/context/getEnvType.js +3 -1
- package/dist/context/getEnvironment.d.ts +3 -3
- package/dist/context/getEnvironment.js +10 -14
- package/dist/context/getEnvironmentContext.d.ts +7 -3
- package/dist/context/getEnvironmentContext.js +21 -11
- package/dist/context/getEnvironmentVariables.d.ts +26 -5
- package/dist/context/getEnvironmentVariables.js +41 -25
- package/dist/context/getLabels.js +4 -2
- package/dist/context/getReviewSlug.d.ts +4 -0
- package/dist/context/getReviewSlug.js +22 -0
- package/dist/context/index.d.ts +12 -3
- package/dist/context/index.js +21 -15
- package/dist/context/resolveReferences.d.ts +3 -1
- package/dist/context/resolveReferences.js +53 -21
- package/dist/context/transformJobOnlyVars.d.ts +5 -2
- package/dist/context/transformJobOnlyVars.js +4 -2
- package/dist/context/utils/envVars.d.ts +1 -1
- package/dist/context/utils/envVars.js +5 -2
- package/dist/defaults/index.js +3 -1
- package/dist/deploy/base/deploy.d.ts +1 -1
- package/dist/deploy/base/deploy.js +12 -11
- package/dist/deploy/base/index.js +3 -1
- package/dist/deploy/base/rollback.d.ts +1 -1
- package/dist/deploy/base/rollback.js +13 -9
- package/dist/deploy/base/stop.d.ts +1 -1
- package/dist/deploy/base/stop.js +16 -11
- package/dist/deploy/base/types.d.ts +1 -1
- package/dist/deploy/base/types.js +3 -1
- package/dist/deploy/base/variables.js +3 -1
- package/dist/deploy/cloudRun/artifactsRegistry.d.ts +2 -1
- package/dist/deploy/cloudRun/artifactsRegistry.js +6 -4
- package/dist/deploy/cloudRun/cleanup.js +3 -1
- package/dist/deploy/cloudRun/cloudRunRevisions.js +3 -1
- package/dist/deploy/cloudRun/createJobs/cloudRunJobs.js +8 -5
- package/dist/deploy/cloudRun/createJobs/cloudRunServices.d.ts +2 -2
- package/dist/deploy/cloudRun/createJobs/cloudRunServices.js +6 -3
- package/dist/deploy/cloudRun/createJobs/common.d.ts +3 -3
- package/dist/deploy/cloudRun/createJobs/common.js +3 -1
- package/dist/deploy/cloudRun/createJobs/constants.d.ts +1 -0
- package/dist/deploy/cloudRun/createJobs/constants.js +7 -0
- package/dist/deploy/cloudRun/createJobs/getCloudRunDeployScripts.js +9 -2
- package/dist/deploy/cloudRun/createJobs/getCloudRunStopScripts.js +3 -1
- package/dist/deploy/cloudRun/createJobs/index.js +25 -8
- package/dist/deploy/cloudRun/createJobs/volumes.js +3 -1
- package/dist/deploy/cloudRun/index.js +5 -3
- package/dist/deploy/cloudRun/utils/createArgsString.d.ts +2 -1
- package/dist/deploy/cloudRun/utils/createArgsString.js +3 -1
- package/dist/deploy/cloudRun/utils/database.js +13 -13
- package/dist/deploy/cloudRun/utils/gcloudServiceAccountLoginCommands.js +3 -1
- package/dist/deploy/cloudRun/utils/getServiceName.d.ts +1 -1
- package/dist/deploy/cloudRun/utils/getServiceName.js +3 -1
- package/dist/deploy/cloudRun/utils/jobName.d.ts +2 -1
- package/dist/deploy/cloudRun/utils/jobName.js +4 -2
- package/dist/deploy/cloudRun/utils/removeFirstLinesFromCommandOutput.js +3 -1
- package/dist/deploy/cloudSql/utils.d.ts +2 -1
- package/dist/deploy/cloudSql/utils.js +7 -2
- package/dist/deploy/custom/deployJob.js +3 -1
- package/dist/deploy/custom/index.js +3 -1
- package/dist/deploy/dockerTag/deployJob.js +3 -1
- package/dist/deploy/dockerTag/index.js +3 -1
- package/dist/deploy/index.d.ts +4 -3
- package/dist/deploy/index.js +13 -7
- package/dist/deploy/kubernetes/additionalSecretKeys.js +3 -1
- package/dist/deploy/kubernetes/cloudSql/index.d.ts +3 -2
- package/dist/deploy/kubernetes/cloudSql/index.js +6 -4
- package/dist/deploy/kubernetes/deployJob.js +22 -15
- package/dist/deploy/kubernetes/index.js +51 -14
- package/dist/deploy/kubernetes/kubeEnv.d.ts +3 -2
- package/dist/deploy/kubernetes/kubeEnv.js +7 -4
- package/dist/deploy/kubernetes/kubeValues.d.ts +2 -2
- package/dist/deploy/kubernetes/kubeValues.js +3 -2
- package/dist/deploy/kubernetes/mongodb.js +3 -1
- package/dist/deploy/kubernetes/processSecretsAsFiles.d.ts +2 -1
- package/dist/deploy/kubernetes/processSecretsAsFiles.js +3 -1
- package/dist/deploy/sbom.js +3 -1
- package/dist/deploy/types/base.d.ts +8 -2
- package/dist/deploy/types/base.js +3 -1
- package/dist/deploy/types/custom.d.ts +1 -1
- package/dist/deploy/types/custom.js +3 -1
- package/dist/deploy/types/dockerTag.d.ts +1 -1
- package/dist/deploy/types/dockerTag.js +3 -1
- package/dist/deploy/types/googleCloudRun.d.ts +19 -18
- package/dist/deploy/types/googleCloudRun.js +3 -1
- package/dist/deploy/types/index.d.ts +6 -6
- package/dist/deploy/types/index.js +13 -7
- package/dist/deploy/types/kubernetes.d.ts +22 -22
- package/dist/deploy/types/kubernetes.js +3 -1
- package/dist/deploy/utils.js +3 -1
- package/dist/index.d.ts +3 -2
- package/dist/index.js +16 -9
- package/dist/packageInfos.d.ts +2 -0
- package/dist/packageInfos.js +14 -0
- package/dist/pipeline/createAllJobs.d.ts +13 -5
- package/dist/pipeline/createAllJobs.js +21 -10
- package/dist/pipeline/createChildPipeline.d.ts +1 -1
- package/dist/pipeline/createChildPipeline.js +24 -7
- package/dist/pipeline/createJobsForComponent.d.ts +3 -3
- package/dist/pipeline/createJobsForComponent.js +19 -18
- package/dist/pipeline/createMainPipeline.d.ts +3 -0
- package/dist/pipeline/createMainPipeline.js +248 -0
- package/dist/pipeline/generatePipelineFiles.d.ts +2 -0
- package/dist/pipeline/generatePipelineFiles.js +178 -0
- package/dist/pipeline/getPipelineStages.js +3 -1
- package/dist/pipeline/gitlab/createGitlabJobs.d.ts +15 -5
- package/dist/pipeline/gitlab/createGitlabJobs.js +98 -25
- package/dist/pipeline/gitlab/createGitlabPipeline.d.ts +7 -2
- package/dist/pipeline/gitlab/createGitlabPipeline.js +34 -17
- package/dist/pipeline/gitlab/getPipelineTriggerForGitlabChildPipeline.d.ts +1 -0
- package/dist/pipeline/gitlab/getPipelineTriggerForGitlabChildPipeline.js +29 -0
- package/dist/pipeline/gitlab/gitlabReleaseJobs.d.ts +33 -0
- package/dist/pipeline/gitlab/gitlabReleaseJobs.js +24 -0
- package/dist/pipeline/index.d.ts +3 -1
- package/dist/pipeline/index.js +16 -8
- package/dist/pipeline/packageManager.js +4 -2
- package/dist/pipeline/yarn/yarnUtils.js +6 -4
- package/dist/rules/index.d.ts +4 -1
- package/dist/rules/index.js +25 -18
- package/dist/runner/index.d.ts +1 -1
- package/dist/runner/index.js +3 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/dist/types/config.d.ts +18 -15
- package/dist/types/config.js +5 -2
- package/dist/types/context.d.ts +37 -32
- package/dist/types/context.js +3 -1
- package/dist/types/environmentContext.d.ts +11 -7
- package/dist/types/environmentContext.js +3 -1
- package/dist/types/gitlab-ci-yml.d.ts +30 -30
- package/dist/types/gitlab-ci-yml.js +3 -2
- package/dist/types/gitlab-types.d.ts +4 -6
- package/dist/types/gitlab-types.js +3 -1
- package/dist/types/index.js +13 -7
- package/dist/types/jobs.d.ts +23 -6
- package/dist/types/jobs.js +3 -1
- package/dist/types/pipeline.d.ts +4 -3
- package/dist/types/pipeline.js +3 -1
- package/dist/types/utils.d.ts +1 -1
- package/dist/types/utils.js +3 -1
- package/dist/utils/gitlab.js +3 -1
- package/dist/utils/index.d.ts +1 -1
- package/dist/utils/index.js +3 -1
- package/dist/utils/writeFiles.d.ts +7 -0
- package/dist/{pipeline/commitInfo/getBuildId.js → utils/writeFiles.js} +39 -22
- package/examples/__snapshots__/cloud-run-memory-limit.ts.snap +480 -384
- package/examples/__snapshots__/cloud-run-meteor-with-worker.ts.snap +462 -366
- package/examples/__snapshots__/cloud-run-no-cpu-throttling.ts.snap +480 -384
- package/examples/__snapshots__/cloud-run-no-service.ts.snap +501 -393
- package/examples/__snapshots__/cloud-run-non-public.ts.snap +480 -384
- package/examples/__snapshots__/cloud-run-post-stop-job.ts.snap +489 -392
- package/examples/__snapshots__/cloud-run-service-gen2.ts.snap +480 -384
- package/examples/__snapshots__/cloud-run-service-with-volumes.ts.snap +501 -401
- package/examples/__snapshots__/cloud-run-with-sql-reuse-db.ts.snap +1155 -915
- package/examples/__snapshots__/cloud-run-with-sql.ts.snap +1116 -888
- package/examples/__snapshots__/cloud-run-with-worker.ts.snap +482 -386
- package/examples/__snapshots__/custom-build-job-with-tests.ts.snap +452 -356
- package/examples/__snapshots__/custom-build-job.ts.snap +434 -350
- package/examples/__snapshots__/custom-deploy.ts.snap +319 -223
- package/examples/__snapshots__/custom-envs.ts.snap +123 -81
- package/examples/__snapshots__/custom-sbom-java.ts.snap +434 -350
- package/examples/__snapshots__/kubernetes-application-customization.ts.snap +846 -969
- package/examples/__snapshots__/kubernetes-with-cloud-sql-legacy.ts.snap +886 -957
- package/examples/__snapshots__/kubernetes-with-cloud-sql.ts.snap +894 -969
- package/examples/__snapshots__/kubernetes-with-jobs.ts.snap +1626 -1728
- package/examples/__snapshots__/kubernetes-with-mongodb.ts.snap +974 -1137
- package/examples/__snapshots__/local-dot-env.ts.snap +480 -384
- package/examples/__snapshots__/meteor-kubernetes.ts.snap +906 -1069
- package/examples/__snapshots__/multiline-var.ts.snap +4500 -0
- package/examples/__snapshots__/native-app.ts.snap +706 -578
- package/examples/__snapshots__/node-build-with-custom-image.ts.snap +480 -384
- package/examples/__snapshots__/node-build-with-docker-additions.ts.snap +488 -384
- package/examples/__snapshots__/rails-k8s-with-worker.ts.snap +1656 -1942
- package/examples/__snapshots__/wait-for-other-deploy.ts.snap +287 -231
- package/examples/custom-deploy.ts +7 -7
- package/examples/multiline-var.ts +64 -0
- package/package.json +5 -8
- package/src/bash/BashExpression.ts +81 -0
- package/src/bash/bashExpressionPerPipelineType.ts +16 -0
- package/src/bash/bashYaml.ts +46 -0
- package/src/bash/getInjectVarsScript.ts +12 -0
- package/src/bash/replaceAsync.ts +50 -0
- package/src/build/base/createAppBuildJob.ts +6 -2
- package/src/build/base/writeBuildInfo.ts +1 -1
- package/src/build/base/writeDotEnv.ts +6 -1
- package/src/build/custom/buildJob.ts +2 -4
- package/src/build/custom/testJob.ts +3 -2
- package/src/build/docker.ts +15 -7
- package/src/build/node/buildJob.ts +1 -3
- package/src/build/node/testJob.ts +3 -2
- package/src/build/node/yarn.ts +9 -4
- package/src/build/rails/test.ts +2 -1
- package/src/build/types.ts +8 -1
- package/src/catladder-gitlab.ts +8 -55
- package/src/config/readConfig.ts +2 -3
- package/src/constants.ts +5 -2
- package/src/context/__tests__/resolveReferences.test.ts +11 -6
- package/src/context/getBuildInfoVariables.ts +40 -0
- package/src/context/getEnvironment.ts +7 -30
- package/src/context/getEnvironmentContext.ts +25 -29
- package/src/context/getEnvironmentVariables.ts +61 -36
- package/src/context/getReviewSlug.ts +27 -0
- package/src/context/index.ts +24 -23
- package/src/context/resolveReferences.ts +28 -8
- package/src/context/transformJobOnlyVars.ts +5 -2
- package/src/context/utils/envVars.ts +2 -1
- package/src/deploy/base/deploy.ts +20 -18
- package/src/deploy/base/rollback.ts +8 -10
- package/src/deploy/base/stop.ts +8 -9
- package/src/deploy/cloudRun/artifactsRegistry.ts +9 -4
- package/src/deploy/cloudRun/createJobs/cloudRunJobs.ts +12 -7
- package/src/deploy/cloudRun/createJobs/cloudRunServices.ts +3 -2
- package/src/deploy/cloudRun/createJobs/constants.ts +1 -0
- package/src/deploy/cloudRun/createJobs/getCloudRunDeployScripts.ts +20 -2
- package/src/deploy/cloudRun/createJobs/index.ts +17 -8
- package/src/deploy/cloudRun/index.ts +14 -6
- package/src/deploy/cloudRun/utils/createArgsString.ts +2 -1
- package/src/deploy/cloudRun/utils/database.ts +2 -2
- package/src/deploy/cloudRun/utils/jobName.ts +7 -2
- package/src/deploy/cloudSql/utils.ts +12 -9
- package/src/deploy/index.ts +2 -1
- package/src/deploy/kubernetes/cloudSql/index.ts +3 -2
- package/src/deploy/kubernetes/deployJob.ts +24 -10
- package/src/deploy/kubernetes/index.ts +15 -8
- package/src/deploy/kubernetes/kubeEnv.ts +8 -6
- package/src/deploy/kubernetes/kubeValues.ts +0 -1
- package/src/deploy/kubernetes/processSecretsAsFiles.ts +2 -1
- package/src/deploy/types/base.ts +6 -0
- package/src/deploy/types/googleCloudRun.ts +2 -0
- package/src/index.ts +2 -1
- package/src/packageInfos.ts +10 -0
- package/src/pipeline/createAllJobs.ts +24 -10
- package/src/pipeline/createChildPipeline.ts +19 -8
- package/src/pipeline/createJobsForComponent.ts +14 -22
- package/src/pipeline/createMainPipeline.ts +88 -0
- package/src/pipeline/generatePipelineFiles.ts +29 -0
- package/src/pipeline/gitlab/createGitlabJobs.ts +174 -51
- package/src/pipeline/gitlab/createGitlabPipeline.ts +16 -14
- package/src/pipeline/gitlab/getPipelineTriggerForGitlabChildPipeline.ts +46 -0
- package/src/pipeline/gitlab/gitlabReleaseJobs.ts +20 -0
- package/src/pipeline/index.ts +2 -0
- package/src/rules/index.ts +15 -9
- package/src/types/config.ts +11 -2
- package/src/types/context.ts +39 -26
- package/src/types/environmentContext.ts +12 -6
- package/src/types/gitlab-ci-yml.ts +0 -1
- package/src/types/gitlab-types.ts +5 -4
- package/src/types/jobs.ts +28 -3
- package/src/types/pipeline.ts +4 -0
- package/src/utils/writeFiles.ts +40 -0
- package/dist/deploy/cloudRun/createJobs/variables.d.ts +0 -5
- package/dist/deploy/cloudRun/createJobs/variables.js +0 -19
- package/dist/pipeline/commitInfo/getBuildId.d.ts +0 -6
- package/dist/pipeline/commitInfo/getCommitInfo.d.ts +0 -2
- package/src/deploy/cloudRun/createJobs/variables.ts +0 -21
- package/src/pipeline/commitInfo/getBuildId.ts +0 -17
- package/src/pipeline/commitInfo/getCommitInfo.ts +0 -15
|
@@ -33,6 +33,9 @@ exports[`matches snapshot 1`] = `
|
|
|
33
33
|
],
|
|
34
34
|
},
|
|
35
35
|
"script": [
|
|
36
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
37
|
+
"export APP_PATH="api"",
|
|
38
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
36
39
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
37
40
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
38
41
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -49,7 +52,6 @@ exports[`matches snapshot 1`] = `
|
|
|
49
52
|
],
|
|
50
53
|
"stage": "test",
|
|
51
54
|
"variables": {
|
|
52
|
-
"APP_PATH": "api",
|
|
53
55
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
54
56
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
55
57
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -102,7 +104,31 @@ exports[`matches snapshot 1`] = `
|
|
|
102
104
|
],
|
|
103
105
|
},
|
|
104
106
|
"script": [
|
|
105
|
-
"echo
|
|
107
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
108
|
+
"export ENV_SHORT="dev"",
|
|
109
|
+
"export APP_DIR="api"",
|
|
110
|
+
"export ENV_TYPE="dev"",
|
|
111
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
112
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
113
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
114
|
+
"export HOST="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
115
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
116
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
117
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
118
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
119
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
120
|
+
"export DB_NAME="pan-test-app-dev-api"",
|
|
121
|
+
"export DB_USER="my-user"",
|
|
122
|
+
"export DB_PASSWORD="$CL_dev_api_DB_PASSWORD"",
|
|
123
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
124
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
125
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
126
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
127
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_dev_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
128
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
129
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
130
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
131
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json",
|
|
106
132
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
107
133
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
108
134
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -119,31 +145,9 @@ exports[`matches snapshot 1`] = `
|
|
|
119
145
|
],
|
|
120
146
|
"stage": "build",
|
|
121
147
|
"variables": {
|
|
122
|
-
"APP_DIR": "api",
|
|
123
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
124
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
125
|
-
"BUILD_INFO_ID": "some-id",
|
|
126
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
127
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
128
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
129
|
-
"DB_NAME": "pan-test-app-dev-api",
|
|
130
|
-
"DB_PASSWORD": "$CL_dev_api_DB_PASSWORD",
|
|
131
|
-
"DB_USER": "my-user",
|
|
132
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
133
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
134
|
-
"ENV_SHORT": "dev",
|
|
135
|
-
"ENV_TYPE": "dev",
|
|
136
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey",
|
|
137
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
138
|
-
"HOST": "pan-test-app-dev-api-unknown-host.example.com",
|
|
139
|
-
"HOST_CANONICAL": "pan-test-app-dev-api-unknown-host.example.com",
|
|
140
|
-
"HOST_INTERNAL": "pan-test-app-dev-api-unknown-host.example.com",
|
|
141
148
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
142
149
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
143
150
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
144
|
-
"ROOT_URL": "https://pan-test-app-dev-api-unknown-host.example.com",
|
|
145
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-dev-api-unknown-host.example.com",
|
|
146
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
147
151
|
},
|
|
148
152
|
},
|
|
149
153
|
"api 🔨 docker | dev ": {
|
|
@@ -169,6 +173,21 @@ exports[`matches snapshot 1`] = `
|
|
|
169
173
|
],
|
|
170
174
|
},
|
|
171
175
|
"script": [
|
|
176
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
177
|
+
"export APP_DIR="api"",
|
|
178
|
+
"export DOCKER_DIR="."",
|
|
179
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
180
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api"",
|
|
181
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
|
|
182
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
183
|
+
"export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
|
|
184
|
+
RUN yarn plugin import workspace-tools
|
|
185
|
+
RUN yarn workspaces focus --production && yarn rebuild"",
|
|
186
|
+
"export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
|
|
187
|
+
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
188
|
+
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
189
|
+
COPY --chown=node:node .yarn /app/.yarn"",
|
|
190
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
172
191
|
"ensureNodeDockerfile",
|
|
173
192
|
"echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
|
|
174
193
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
@@ -193,24 +212,9 @@ exports[`matches snapshot 1`] = `
|
|
|
193
212
|
],
|
|
194
213
|
"stage": "build",
|
|
195
214
|
"variables": {
|
|
196
|
-
"APP_DIR": "api",
|
|
197
|
-
"DOCKERFILE_ADDITIONS": undefined,
|
|
198
|
-
"DOCKERFILE_ADDITIONS_END": undefined,
|
|
199
215
|
"DOCKER_BUILDKIT": "1",
|
|
200
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api",
|
|
201
|
-
"DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
|
|
202
|
-
RUN yarn plugin import workspace-tools
|
|
203
|
-
RUN yarn workspaces focus --production && yarn rebuild",
|
|
204
|
-
"DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node api/package.json /app/api/package.json
|
|
205
|
-
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
206
|
-
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
207
|
-
COPY --chown=node:node .yarn /app/.yarn",
|
|
208
|
-
"DOCKER_DIR": ".",
|
|
209
216
|
"DOCKER_DRIVER": "overlay2",
|
|
210
217
|
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
211
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api",
|
|
212
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
213
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
214
218
|
"DOCKER_TLS_CERTDIR": "",
|
|
215
219
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
216
220
|
"KUBERNETES_MEMORY_LIMIT": "2Gi",
|
|
@@ -220,15 +224,15 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
220
224
|
"api 🚀 Deploy | dev ": {
|
|
221
225
|
"allow_failure": false,
|
|
222
226
|
"artifacts": {
|
|
223
|
-
"
|
|
224
|
-
"
|
|
225
|
-
|
|
227
|
+
"reports": {
|
|
228
|
+
"dotenv": "gitlab_environment.env",
|
|
229
|
+
},
|
|
226
230
|
},
|
|
227
231
|
"environment": {
|
|
228
232
|
"auto_stop_in": "4 weeks",
|
|
229
233
|
"name": "dev/api",
|
|
230
234
|
"on_stop": "api 🛑 Stop ⚠️ | dev ",
|
|
231
|
-
"url": "
|
|
235
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
232
236
|
},
|
|
233
237
|
"image": "path/to/docker/gcloud:the-version",
|
|
234
238
|
"interruptible": true,
|
|
@@ -271,13 +275,89 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
271
275
|
},
|
|
272
276
|
],
|
|
273
277
|
"script": [
|
|
278
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
279
|
+
"export ENV_SHORT="dev"",
|
|
280
|
+
"export APP_DIR="api"",
|
|
281
|
+
"export ENV_TYPE="dev"",
|
|
282
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
283
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
284
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
285
|
+
"export HOST="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
286
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
287
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
288
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
289
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
290
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
291
|
+
"export DB_NAME="pan-test-app-dev-api"",
|
|
292
|
+
"export DB_USER="my-user"",
|
|
293
|
+
"export DB_PASSWORD="$CL_dev_api_DB_PASSWORD"",
|
|
294
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
295
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
296
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
297
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
298
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_dev_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
299
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
300
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
301
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
302
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api"",
|
|
303
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
|
|
304
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
305
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
306
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
274
307
|
"echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
|
|
275
308
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
276
309
|
"export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
|
|
277
310
|
"echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
|
|
278
311
|
"echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
|
|
312
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
|
|
313
|
+
"cat > ____envvars.yaml <<EOF
|
|
314
|
+
ENV_SHORT: |-
|
|
315
|
+
dev
|
|
316
|
+
APP_DIR: |-
|
|
317
|
+
api
|
|
318
|
+
ENV_TYPE: |-
|
|
319
|
+
dev
|
|
320
|
+
BUILD_INFO_BUILD_ID: |-
|
|
321
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
|
|
322
|
+
BUILD_INFO_BUILD_TIME: |-
|
|
323
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
|
|
324
|
+
BUILD_INFO_CURRENT_VERSION: |-
|
|
325
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/ /')
|
|
326
|
+
HOST: |-
|
|
327
|
+
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
328
|
+
ROOT_URL: |-
|
|
329
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
330
|
+
HOST_INTERNAL: |-
|
|
331
|
+
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
332
|
+
HOST_CANONICAL: |-
|
|
333
|
+
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
334
|
+
ROOT_URL_INTERNAL: |-
|
|
335
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
336
|
+
CLOUD_SQL_INSTANCE_CONNECTION_NAME: |-
|
|
337
|
+
projectId:region:instancename
|
|
338
|
+
DB_NAME: |-
|
|
339
|
+
pan-test-app-dev-api
|
|
340
|
+
DB_USER: |-
|
|
341
|
+
my-user
|
|
342
|
+
DB_PASSWORD: |-
|
|
343
|
+
$(printf %s "$CL_dev_api_DB_PASSWORD" | sed 's/^/ /')
|
|
344
|
+
DATABASE_URL: |-
|
|
345
|
+
postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
|
|
346
|
+
DATABASE_JDBC_URL: |-
|
|
347
|
+
jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
|
|
348
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
349
|
+
google-project-id
|
|
350
|
+
DEPLOY_CLOUD_RUN_REGION: |-
|
|
351
|
+
europe-west6
|
|
352
|
+
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
353
|
+
$(printf %s "$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
|
|
354
|
+
_ALL_ENV_VAR_KEYS: |-
|
|
355
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
356
|
+
|
|
357
|
+
EOF
|
|
358
|
+
",
|
|
359
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
|
|
279
360
|
"echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
|
|
280
|
-
"echo "$ENV_VARS" > ____envvars.yaml",
|
|
281
361
|
"set +e",
|
|
282
362
|
"echo "ensuring Database..."",
|
|
283
363
|
"gcloud sql databases create pan-test-app-dev-api --instance=instancename --project projectId",
|
|
@@ -290,81 +370,27 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
290
370
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
291
371
|
"echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
|
|
292
372
|
"echo Uploading SBOM to Dependency Track",
|
|
293
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https
|
|
294
|
-
|
|
295
|
-
"services": [
|
|
296
|
-
{
|
|
297
|
-
"command": [
|
|
298
|
-
"--tls=false",
|
|
299
|
-
],
|
|
300
|
-
"name": "docker:24.0.6-dind",
|
|
301
|
-
},
|
|
373
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
|
|
374
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
302
375
|
],
|
|
303
376
|
"stage": "deploy dev",
|
|
304
377
|
"variables": {
|
|
305
|
-
"APP_DIR": "api",
|
|
306
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
307
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
308
|
-
"BUILD_INFO_ID": "some-id",
|
|
309
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
310
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
311
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
312
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
313
|
-
"DB_NAME": "pan-test-app-dev-api",
|
|
314
|
-
"DB_PASSWORD": "$CL_dev_api_DB_PASSWORD",
|
|
315
|
-
"DB_USER": "my-user",
|
|
316
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
317
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
318
|
-
"DOCKER_BUILDKIT": "1",
|
|
319
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api",
|
|
320
|
-
"DOCKER_DRIVER": "overlay2",
|
|
321
|
-
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
322
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api",
|
|
323
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
324
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
325
|
-
"DOCKER_TLS_CERTDIR": "",
|
|
326
|
-
"ENV_SHORT": "dev",
|
|
327
|
-
"ENV_TYPE": "dev",
|
|
328
|
-
"ENV_VARS": "ENV_SHORT: 'dev'
|
|
329
|
-
APP_DIR: 'api'
|
|
330
|
-
ENV_TYPE: 'dev'
|
|
331
|
-
BUILD_INFO_ID: 'some-id'
|
|
332
|
-
BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
|
|
333
|
-
BUILD_INFO_CURRENT_VERSION: '3.2.1'
|
|
334
|
-
HOST: 'pan-test-app-dev-api-unknown-host.example.com'
|
|
335
|
-
ROOT_URL: 'https://pan-test-app-dev-api-unknown-host.example.com'
|
|
336
|
-
HOST_CANONICAL: 'pan-test-app-dev-api-unknown-host.example.com'
|
|
337
|
-
ROOT_URL_INTERNAL: 'https://pan-test-app-dev-api-unknown-host.example.com'
|
|
338
|
-
HOST_INTERNAL: 'pan-test-app-dev-api-unknown-host.example.com'
|
|
339
|
-
CLOUD_SQL_INSTANCE_CONNECTION_NAME: 'projectId:region:instancename'
|
|
340
|
-
DB_NAME: 'pan-test-app-dev-api'
|
|
341
|
-
DB_USER: 'my-user'
|
|
342
|
-
DB_PASSWORD: '$CL_dev_api_DB_PASSWORD'
|
|
343
|
-
DATABASE_URL: 'postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME'
|
|
344
|
-
DATABASE_JDBC_URL: 'jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD'
|
|
345
|
-
DEPLOY_CLOUD_RUN_PROJECT_ID: 'google-project-id'
|
|
346
|
-
DEPLOY_CLOUD_RUN_REGION: 'europe-west6'
|
|
347
|
-
GCLOUD_RUN_canonicalHostSuffix: '$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix'
|
|
348
|
-
_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
|
|
349
|
-
",
|
|
350
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey",
|
|
351
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
352
|
-
"HOST": "pan-test-app-dev-api-unknown-host.example.com",
|
|
353
|
-
"HOST_CANONICAL": "pan-test-app-dev-api-unknown-host.example.com",
|
|
354
|
-
"HOST_INTERNAL": "pan-test-app-dev-api-unknown-host.example.com",
|
|
355
378
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
356
379
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
357
380
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
358
|
-
"ROOT_URL": "https://pan-test-app-dev-api-unknown-host.example.com",
|
|
359
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-dev-api-unknown-host.example.com",
|
|
360
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
361
381
|
},
|
|
362
382
|
},
|
|
363
383
|
"api 🛑 Stop ⚠️ | dev ": {
|
|
384
|
+
"allow_failure": true,
|
|
385
|
+
"artifacts": {
|
|
386
|
+
"reports": {
|
|
387
|
+
"dotenv": "gitlab_environment.env",
|
|
388
|
+
},
|
|
389
|
+
},
|
|
364
390
|
"environment": {
|
|
365
391
|
"action": "stop",
|
|
366
392
|
"name": "dev/api",
|
|
367
|
-
"url": "
|
|
393
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
368
394
|
},
|
|
369
395
|
"image": "path/to/docker/gcloud:the-version",
|
|
370
396
|
"interruptible": true,
|
|
@@ -378,28 +404,29 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
378
404
|
},
|
|
379
405
|
"rules": [
|
|
380
406
|
{
|
|
381
|
-
"allow_failure": true,
|
|
382
407
|
"if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
|
|
383
408
|
"when": "on_success",
|
|
384
409
|
},
|
|
385
410
|
{
|
|
386
|
-
"allow_failure": true,
|
|
387
411
|
"when": "manual",
|
|
388
412
|
},
|
|
389
413
|
],
|
|
390
414
|
"script": [
|
|
415
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
416
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
417
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
391
418
|
"set +e",
|
|
392
419
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
393
420
|
"gcloud run services delete pan-test-app-dev-api --project=google-project-id --region=europe-west6",
|
|
394
421
|
"gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api --quiet --delete-tags",
|
|
395
422
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
396
423
|
"echo Disabling component in Dependency Track",
|
|
397
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https
|
|
424
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
|
|
398
425
|
"set -e",
|
|
426
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
399
427
|
],
|
|
400
428
|
"stage": "stop dev",
|
|
401
429
|
"variables": {
|
|
402
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
403
430
|
"GIT_STRATEGY": "none",
|
|
404
431
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
405
432
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
@@ -419,12 +446,14 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
419
446
|
],
|
|
420
447
|
},
|
|
421
448
|
"script": [
|
|
449
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
450
|
+
"export APP_PATH="api"",
|
|
451
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
422
452
|
"cd api",
|
|
423
453
|
"yarn npm audit --environment production",
|
|
424
454
|
],
|
|
425
455
|
"stage": "test",
|
|
426
456
|
"variables": {
|
|
427
|
-
"APP_PATH": "api",
|
|
428
457
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
429
458
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
430
459
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -458,6 +487,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
458
487
|
],
|
|
459
488
|
},
|
|
460
489
|
"script": [
|
|
490
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
491
|
+
"export APP_PATH="api"",
|
|
492
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
461
493
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
462
494
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
463
495
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -474,7 +506,6 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
474
506
|
],
|
|
475
507
|
"stage": "test",
|
|
476
508
|
"variables": {
|
|
477
|
-
"APP_PATH": "api",
|
|
478
509
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
479
510
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
480
511
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -498,6 +529,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
498
529
|
],
|
|
499
530
|
},
|
|
500
531
|
"script": [
|
|
532
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
533
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
501
534
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
|
|
502
535
|
],
|
|
503
536
|
"stage": "build",
|
|
@@ -531,6 +564,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
531
564
|
],
|
|
532
565
|
},
|
|
533
566
|
"script": [
|
|
567
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
568
|
+
"export APP_PATH="api"",
|
|
569
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
534
570
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
535
571
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
536
572
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -547,7 +583,6 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
547
583
|
],
|
|
548
584
|
"stage": "test",
|
|
549
585
|
"variables": {
|
|
550
|
-
"APP_PATH": "api",
|
|
551
586
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
552
587
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
553
588
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -600,7 +635,31 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
600
635
|
],
|
|
601
636
|
},
|
|
602
637
|
"script": [
|
|
603
|
-
"echo
|
|
638
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
639
|
+
"export ENV_SHORT="dev"",
|
|
640
|
+
"export APP_DIR="api"",
|
|
641
|
+
"export ENV_TYPE="dev"",
|
|
642
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
643
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
644
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
645
|
+
"export HOST="$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
646
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
647
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
648
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
649
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
650
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
651
|
+
"export DB_NAME="pan-test-app-dev-api"",
|
|
652
|
+
"export DB_USER="my-user"",
|
|
653
|
+
"export DB_PASSWORD="$CL_dev_api_DB_PASSWORD"",
|
|
654
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
655
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
656
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
657
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
658
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_dev_worker_GCLOUD_DEPLOY_credentialsKey"",
|
|
659
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix"",
|
|
660
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
661
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
662
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json",
|
|
604
663
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
605
664
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
606
665
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -617,31 +676,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
617
676
|
],
|
|
618
677
|
"stage": "build",
|
|
619
678
|
"variables": {
|
|
620
|
-
"APP_DIR": "api",
|
|
621
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
622
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
623
|
-
"BUILD_INFO_ID": "some-id",
|
|
624
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
625
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
626
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
627
|
-
"DB_NAME": "pan-test-app-dev-api",
|
|
628
|
-
"DB_PASSWORD": "$CL_dev_api_DB_PASSWORD",
|
|
629
|
-
"DB_USER": "my-user",
|
|
630
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
631
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
632
|
-
"ENV_SHORT": "dev",
|
|
633
|
-
"ENV_TYPE": "dev",
|
|
634
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_dev_worker_GCLOUD_DEPLOY_credentialsKey",
|
|
635
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix",
|
|
636
|
-
"HOST": "pan-test-app-dev-worker-unknown-host.example.com",
|
|
637
|
-
"HOST_CANONICAL": "pan-test-app-dev-worker-unknown-host.example.com",
|
|
638
|
-
"HOST_INTERNAL": "pan-test-app-dev-worker-unknown-host.example.com",
|
|
639
679
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
640
680
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
641
681
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
642
|
-
"ROOT_URL": "https://pan-test-app-dev-worker-unknown-host.example.com",
|
|
643
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-dev-worker-unknown-host.example.com",
|
|
644
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
645
682
|
},
|
|
646
683
|
},
|
|
647
684
|
"worker 🔨 docker | dev ": {
|
|
@@ -667,6 +704,21 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
667
704
|
],
|
|
668
705
|
},
|
|
669
706
|
"script": [
|
|
707
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
708
|
+
"export APP_DIR="api"",
|
|
709
|
+
"export DOCKER_DIR="."",
|
|
710
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
711
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/worker"",
|
|
712
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker"",
|
|
713
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
714
|
+
"export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
|
|
715
|
+
RUN yarn plugin import workspace-tools
|
|
716
|
+
RUN yarn workspaces focus --production && yarn rebuild"",
|
|
717
|
+
"export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
|
|
718
|
+
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
719
|
+
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
720
|
+
COPY --chown=node:node .yarn /app/.yarn"",
|
|
721
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
670
722
|
"ensureNodeDockerfile",
|
|
671
723
|
"echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
|
|
672
724
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_dev_worker_GCLOUD_DEPLOY_credentialsKey")",
|
|
@@ -691,24 +743,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
691
743
|
],
|
|
692
744
|
"stage": "build",
|
|
693
745
|
"variables": {
|
|
694
|
-
"APP_DIR": "api",
|
|
695
|
-
"DOCKERFILE_ADDITIONS": undefined,
|
|
696
|
-
"DOCKERFILE_ADDITIONS_END": undefined,
|
|
697
746
|
"DOCKER_BUILDKIT": "1",
|
|
698
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker",
|
|
699
|
-
"DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
|
|
700
|
-
RUN yarn plugin import workspace-tools
|
|
701
|
-
RUN yarn workspaces focus --production && yarn rebuild",
|
|
702
|
-
"DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node api/package.json /app/api/package.json
|
|
703
|
-
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
704
|
-
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
705
|
-
COPY --chown=node:node .yarn /app/.yarn",
|
|
706
|
-
"DOCKER_DIR": ".",
|
|
707
747
|
"DOCKER_DRIVER": "overlay2",
|
|
708
748
|
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
709
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/worker",
|
|
710
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
711
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
712
749
|
"DOCKER_TLS_CERTDIR": "",
|
|
713
750
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
714
751
|
"KUBERNETES_MEMORY_LIMIT": "2Gi",
|
|
@@ -718,15 +755,15 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
718
755
|
"worker 🚀 Deploy | dev ": {
|
|
719
756
|
"allow_failure": false,
|
|
720
757
|
"artifacts": {
|
|
721
|
-
"
|
|
722
|
-
"
|
|
723
|
-
|
|
758
|
+
"reports": {
|
|
759
|
+
"dotenv": "gitlab_environment.env",
|
|
760
|
+
},
|
|
724
761
|
},
|
|
725
762
|
"environment": {
|
|
726
763
|
"auto_stop_in": "4 weeks",
|
|
727
764
|
"name": "dev/worker",
|
|
728
765
|
"on_stop": "worker 🛑 Stop ⚠️ | dev ",
|
|
729
|
-
"url": "
|
|
766
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
730
767
|
},
|
|
731
768
|
"image": "path/to/docker/gcloud:the-version",
|
|
732
769
|
"interruptible": true,
|
|
@@ -769,13 +806,89 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
769
806
|
},
|
|
770
807
|
],
|
|
771
808
|
"script": [
|
|
809
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
810
|
+
"export ENV_SHORT="dev"",
|
|
811
|
+
"export APP_DIR="api"",
|
|
812
|
+
"export ENV_TYPE="dev"",
|
|
813
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
814
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
815
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
816
|
+
"export HOST="$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
817
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
818
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
819
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
820
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
821
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
822
|
+
"export DB_NAME="pan-test-app-dev-api"",
|
|
823
|
+
"export DB_USER="my-user"",
|
|
824
|
+
"export DB_PASSWORD="$CL_dev_api_DB_PASSWORD"",
|
|
825
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
826
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
827
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
828
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
829
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_dev_worker_GCLOUD_DEPLOY_credentialsKey"",
|
|
830
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix"",
|
|
831
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
832
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
833
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/worker"",
|
|
834
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker"",
|
|
835
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
836
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
837
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
772
838
|
"echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
|
|
773
839
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_dev_worker_GCLOUD_DEPLOY_credentialsKey")",
|
|
774
840
|
"export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
|
|
775
841
|
"echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
|
|
776
842
|
"echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
|
|
843
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
|
|
844
|
+
"cat > ____envvars.yaml <<EOF
|
|
845
|
+
ENV_SHORT: |-
|
|
846
|
+
dev
|
|
847
|
+
APP_DIR: |-
|
|
848
|
+
api
|
|
849
|
+
ENV_TYPE: |-
|
|
850
|
+
dev
|
|
851
|
+
BUILD_INFO_BUILD_ID: |-
|
|
852
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
|
|
853
|
+
BUILD_INFO_BUILD_TIME: |-
|
|
854
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
|
|
855
|
+
BUILD_INFO_CURRENT_VERSION: |-
|
|
856
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/ /')
|
|
857
|
+
HOST: |-
|
|
858
|
+
$(printf %s "$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
859
|
+
ROOT_URL: |-
|
|
860
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
861
|
+
HOST_INTERNAL: |-
|
|
862
|
+
$(printf %s "$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
863
|
+
HOST_CANONICAL: |-
|
|
864
|
+
$(printf %s "$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
865
|
+
ROOT_URL_INTERNAL: |-
|
|
866
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
867
|
+
CLOUD_SQL_INSTANCE_CONNECTION_NAME: |-
|
|
868
|
+
projectId:region:instancename
|
|
869
|
+
DB_NAME: |-
|
|
870
|
+
pan-test-app-dev-api
|
|
871
|
+
DB_USER: |-
|
|
872
|
+
my-user
|
|
873
|
+
DB_PASSWORD: |-
|
|
874
|
+
$(printf %s "$CL_dev_api_DB_PASSWORD" | sed 's/^/ /')
|
|
875
|
+
DATABASE_URL: |-
|
|
876
|
+
postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
|
|
877
|
+
DATABASE_JDBC_URL: |-
|
|
878
|
+
jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
|
|
879
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
880
|
+
google-project-id
|
|
881
|
+
DEPLOY_CLOUD_RUN_REGION: |-
|
|
882
|
+
europe-west6
|
|
883
|
+
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
884
|
+
$(printf %s "$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
|
|
885
|
+
_ALL_ENV_VAR_KEYS: |-
|
|
886
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
887
|
+
|
|
888
|
+
EOF
|
|
889
|
+
",
|
|
890
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
|
|
777
891
|
"echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
|
|
778
|
-
"echo "$ENV_VARS" > ____envvars.yaml",
|
|
779
892
|
"set +e",
|
|
780
893
|
"echo "ensuring Database..."",
|
|
781
894
|
"gcloud sql databases create pan-test-app-dev-api --instance=instancename --project projectId",
|
|
@@ -788,81 +901,27 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
788
901
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker@$version --quiet --delete-tags; done",
|
|
789
902
|
"echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
|
|
790
903
|
"echo Uploading SBOM to Dependency Track",
|
|
791
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/worker" "https
|
|
792
|
-
|
|
793
|
-
"services": [
|
|
794
|
-
{
|
|
795
|
-
"command": [
|
|
796
|
-
"--tls=false",
|
|
797
|
-
],
|
|
798
|
-
"name": "docker:24.0.6-dind",
|
|
799
|
-
},
|
|
904
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/worker" "https://$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
|
|
905
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
800
906
|
],
|
|
801
907
|
"stage": "deploy dev",
|
|
802
908
|
"variables": {
|
|
803
|
-
"APP_DIR": "api",
|
|
804
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
805
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
806
|
-
"BUILD_INFO_ID": "some-id",
|
|
807
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
808
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
809
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
810
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
811
|
-
"DB_NAME": "pan-test-app-dev-api",
|
|
812
|
-
"DB_PASSWORD": "$CL_dev_api_DB_PASSWORD",
|
|
813
|
-
"DB_USER": "my-user",
|
|
814
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
815
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
816
|
-
"DOCKER_BUILDKIT": "1",
|
|
817
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker",
|
|
818
|
-
"DOCKER_DRIVER": "overlay2",
|
|
819
|
-
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
820
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/worker",
|
|
821
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
822
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
823
|
-
"DOCKER_TLS_CERTDIR": "",
|
|
824
|
-
"ENV_SHORT": "dev",
|
|
825
|
-
"ENV_TYPE": "dev",
|
|
826
|
-
"ENV_VARS": "ENV_SHORT: 'dev'
|
|
827
|
-
APP_DIR: 'api'
|
|
828
|
-
ENV_TYPE: 'dev'
|
|
829
|
-
BUILD_INFO_ID: 'some-id'
|
|
830
|
-
BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
|
|
831
|
-
BUILD_INFO_CURRENT_VERSION: '3.2.1'
|
|
832
|
-
HOST: 'pan-test-app-dev-worker-unknown-host.example.com'
|
|
833
|
-
ROOT_URL: 'https://pan-test-app-dev-worker-unknown-host.example.com'
|
|
834
|
-
HOST_CANONICAL: 'pan-test-app-dev-worker-unknown-host.example.com'
|
|
835
|
-
ROOT_URL_INTERNAL: 'https://pan-test-app-dev-worker-unknown-host.example.com'
|
|
836
|
-
HOST_INTERNAL: 'pan-test-app-dev-worker-unknown-host.example.com'
|
|
837
|
-
CLOUD_SQL_INSTANCE_CONNECTION_NAME: 'projectId:region:instancename'
|
|
838
|
-
DB_NAME: 'pan-test-app-dev-api'
|
|
839
|
-
DB_USER: 'my-user'
|
|
840
|
-
DB_PASSWORD: '$CL_dev_api_DB_PASSWORD'
|
|
841
|
-
DATABASE_URL: 'postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME'
|
|
842
|
-
DATABASE_JDBC_URL: 'jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD'
|
|
843
|
-
DEPLOY_CLOUD_RUN_PROJECT_ID: 'google-project-id'
|
|
844
|
-
DEPLOY_CLOUD_RUN_REGION: 'europe-west6'
|
|
845
|
-
GCLOUD_RUN_canonicalHostSuffix: '$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix'
|
|
846
|
-
_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
|
|
847
|
-
",
|
|
848
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_dev_worker_GCLOUD_DEPLOY_credentialsKey",
|
|
849
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix",
|
|
850
|
-
"HOST": "pan-test-app-dev-worker-unknown-host.example.com",
|
|
851
|
-
"HOST_CANONICAL": "pan-test-app-dev-worker-unknown-host.example.com",
|
|
852
|
-
"HOST_INTERNAL": "pan-test-app-dev-worker-unknown-host.example.com",
|
|
853
909
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
854
910
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
855
911
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
856
|
-
"ROOT_URL": "https://pan-test-app-dev-worker-unknown-host.example.com",
|
|
857
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-dev-worker-unknown-host.example.com",
|
|
858
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
859
912
|
},
|
|
860
913
|
},
|
|
861
914
|
"worker 🛑 Stop ⚠️ | dev ": {
|
|
915
|
+
"allow_failure": true,
|
|
916
|
+
"artifacts": {
|
|
917
|
+
"reports": {
|
|
918
|
+
"dotenv": "gitlab_environment.env",
|
|
919
|
+
},
|
|
920
|
+
},
|
|
862
921
|
"environment": {
|
|
863
922
|
"action": "stop",
|
|
864
923
|
"name": "dev/worker",
|
|
865
|
-
"url": "
|
|
924
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
866
925
|
},
|
|
867
926
|
"image": "path/to/docker/gcloud:the-version",
|
|
868
927
|
"interruptible": true,
|
|
@@ -876,28 +935,29 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
876
935
|
},
|
|
877
936
|
"rules": [
|
|
878
937
|
{
|
|
879
|
-
"allow_failure": true,
|
|
880
938
|
"if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
|
|
881
939
|
"when": "on_success",
|
|
882
940
|
},
|
|
883
941
|
{
|
|
884
|
-
"allow_failure": true,
|
|
885
942
|
"when": "manual",
|
|
886
943
|
},
|
|
887
944
|
],
|
|
888
945
|
"script": [
|
|
946
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
947
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
948
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
889
949
|
"set +e",
|
|
890
950
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_dev_worker_GCLOUD_DEPLOY_credentialsKey")",
|
|
891
951
|
"gcloud run services delete pan-test-app-dev-worker --project=google-project-id --region=europe-west6",
|
|
892
952
|
"gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/worker --quiet --delete-tags",
|
|
893
953
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker@$version --quiet --delete-tags; done",
|
|
894
954
|
"echo Disabling component in Dependency Track",
|
|
895
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/worker" "https
|
|
955
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/worker" "https://$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
|
|
896
956
|
"set -e",
|
|
957
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-worker-$CL_dev_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
897
958
|
],
|
|
898
959
|
"stage": "stop dev",
|
|
899
960
|
"variables": {
|
|
900
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
901
961
|
"GIT_STRATEGY": "none",
|
|
902
962
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
903
963
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
@@ -917,12 +977,14 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
917
977
|
],
|
|
918
978
|
},
|
|
919
979
|
"script": [
|
|
980
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
981
|
+
"export APP_PATH="api"",
|
|
982
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
920
983
|
"cd api",
|
|
921
984
|
"yarn npm audit --environment production",
|
|
922
985
|
],
|
|
923
986
|
"stage": "test",
|
|
924
987
|
"variables": {
|
|
925
|
-
"APP_PATH": "api",
|
|
926
988
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
927
989
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
928
990
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -956,6 +1018,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
956
1018
|
],
|
|
957
1019
|
},
|
|
958
1020
|
"script": [
|
|
1021
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1022
|
+
"export APP_PATH="api"",
|
|
1023
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
959
1024
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
960
1025
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
961
1026
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -972,7 +1037,6 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
972
1037
|
],
|
|
973
1038
|
"stage": "test",
|
|
974
1039
|
"variables": {
|
|
975
|
-
"APP_PATH": "api",
|
|
976
1040
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
977
1041
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
978
1042
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -996,6 +1060,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
996
1060
|
],
|
|
997
1061
|
},
|
|
998
1062
|
"script": [
|
|
1063
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1064
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
999
1065
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
|
|
1000
1066
|
],
|
|
1001
1067
|
"stage": "build",
|
|
@@ -1048,7 +1114,7 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1048
1114
|
],
|
|
1049
1115
|
"variables": {
|
|
1050
1116
|
"FF_USE_FASTZIP": "true",
|
|
1051
|
-
"GIT_DEPTH": 1,
|
|
1117
|
+
"GIT_DEPTH": "1",
|
|
1052
1118
|
},
|
|
1053
1119
|
"workflow": {
|
|
1054
1120
|
"rules": [
|
|
@@ -1106,6 +1172,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1106
1172
|
],
|
|
1107
1173
|
},
|
|
1108
1174
|
"script": [
|
|
1175
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1176
|
+
"export APP_PATH="api"",
|
|
1177
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1109
1178
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
1110
1179
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
1111
1180
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -1122,7 +1191,6 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1122
1191
|
],
|
|
1123
1192
|
"stage": "test",
|
|
1124
1193
|
"variables": {
|
|
1125
|
-
"APP_PATH": "api",
|
|
1126
1194
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1127
1195
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
1128
1196
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -1175,7 +1243,31 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1175
1243
|
],
|
|
1176
1244
|
},
|
|
1177
1245
|
"script": [
|
|
1178
|
-
"echo
|
|
1246
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1247
|
+
"export ENV_SHORT="review"",
|
|
1248
|
+
"export APP_DIR="api"",
|
|
1249
|
+
"export ENV_TYPE="review"",
|
|
1250
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
1251
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
1252
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
1253
|
+
"export HOST="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1254
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1255
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1256
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1257
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1258
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
1259
|
+
"export DB_NAME="pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"",
|
|
1260
|
+
"export DB_USER="my-user"",
|
|
1261
|
+
"export DB_PASSWORD="$CL_review_api_DB_PASSWORD"",
|
|
1262
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
1263
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
1264
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
1265
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
1266
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_review_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
1267
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_review_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
1268
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
1269
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1270
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json",
|
|
1179
1271
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
1180
1272
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
1181
1273
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -1192,31 +1284,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1192
1284
|
],
|
|
1193
1285
|
"stage": "build",
|
|
1194
1286
|
"variables": {
|
|
1195
|
-
"APP_DIR": "api",
|
|
1196
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
1197
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
1198
|
-
"BUILD_INFO_ID": "some-id",
|
|
1199
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
1200
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
1201
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
1202
|
-
"DB_NAME": "pan-test-app-review-mr1234-api",
|
|
1203
|
-
"DB_PASSWORD": "$CL_review_api_DB_PASSWORD",
|
|
1204
|
-
"DB_USER": "my-user",
|
|
1205
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
1206
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
1207
|
-
"ENV_SHORT": "review",
|
|
1208
|
-
"ENV_TYPE": "review",
|
|
1209
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_review_api_GCLOUD_DEPLOY_credentialsKey",
|
|
1210
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_review_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
1211
|
-
"HOST": "pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1212
|
-
"HOST_CANONICAL": "pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1213
|
-
"HOST_INTERNAL": "pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1214
1287
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1215
1288
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
1216
1289
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
1217
|
-
"ROOT_URL": "https://pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1218
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1219
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
1220
1290
|
},
|
|
1221
1291
|
},
|
|
1222
1292
|
"api 🔨 docker | review ": {
|
|
@@ -1242,6 +1312,21 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1242
1312
|
],
|
|
1243
1313
|
},
|
|
1244
1314
|
"script": [
|
|
1315
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1316
|
+
"export APP_DIR="api"",
|
|
1317
|
+
"export DOCKER_DIR="."",
|
|
1318
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
1319
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"",
|
|
1320
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
|
|
1321
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
1322
|
+
"export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
|
|
1323
|
+
RUN yarn plugin import workspace-tools
|
|
1324
|
+
RUN yarn workspaces focus --production && yarn rebuild"",
|
|
1325
|
+
"export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
|
|
1326
|
+
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
1327
|
+
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1328
|
+
COPY --chown=node:node .yarn /app/.yarn"",
|
|
1329
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1245
1330
|
"ensureNodeDockerfile",
|
|
1246
1331
|
"echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
|
|
1247
1332
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
@@ -1266,24 +1351,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1266
1351
|
],
|
|
1267
1352
|
"stage": "build",
|
|
1268
1353
|
"variables": {
|
|
1269
|
-
"APP_DIR": "api",
|
|
1270
|
-
"DOCKERFILE_ADDITIONS": undefined,
|
|
1271
|
-
"DOCKERFILE_ADDITIONS_END": undefined,
|
|
1272
1354
|
"DOCKER_BUILDKIT": "1",
|
|
1273
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api",
|
|
1274
|
-
"DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
|
|
1275
|
-
RUN yarn plugin import workspace-tools
|
|
1276
|
-
RUN yarn workspaces focus --production && yarn rebuild",
|
|
1277
|
-
"DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node api/package.json /app/api/package.json
|
|
1278
|
-
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
1279
|
-
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1280
|
-
COPY --chown=node:node .yarn /app/.yarn",
|
|
1281
|
-
"DOCKER_DIR": ".",
|
|
1282
1355
|
"DOCKER_DRIVER": "overlay2",
|
|
1283
1356
|
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
1284
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/mr1234",
|
|
1285
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
1286
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
1287
1357
|
"DOCKER_TLS_CERTDIR": "",
|
|
1288
1358
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1289
1359
|
"KUBERNETES_MEMORY_LIMIT": "2Gi",
|
|
@@ -1293,15 +1363,15 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
1293
1363
|
"api 🚀 Deploy | review ": {
|
|
1294
1364
|
"allow_failure": false,
|
|
1295
1365
|
"artifacts": {
|
|
1296
|
-
"
|
|
1297
|
-
"
|
|
1298
|
-
|
|
1366
|
+
"reports": {
|
|
1367
|
+
"dotenv": "gitlab_environment.env",
|
|
1368
|
+
},
|
|
1299
1369
|
},
|
|
1300
1370
|
"environment": {
|
|
1301
1371
|
"auto_stop_in": "1 week",
|
|
1302
|
-
"name": "review/
|
|
1372
|
+
"name": "review/$CI_COMMIT_REF_NAME/api",
|
|
1303
1373
|
"on_stop": "api 🛑 Stop ⚠️ | review ",
|
|
1304
|
-
"url": "
|
|
1374
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
1305
1375
|
},
|
|
1306
1376
|
"image": "path/to/docker/gcloud:the-version",
|
|
1307
1377
|
"interruptible": true,
|
|
@@ -1344,103 +1414,125 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
1344
1414
|
},
|
|
1345
1415
|
],
|
|
1346
1416
|
"script": [
|
|
1417
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1418
|
+
"export ENV_SHORT="review"",
|
|
1419
|
+
"export APP_DIR="api"",
|
|
1420
|
+
"export ENV_TYPE="review"",
|
|
1421
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
1422
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
1423
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
1424
|
+
"export HOST="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1425
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1426
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1427
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1428
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1429
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
1430
|
+
"export DB_NAME="pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"",
|
|
1431
|
+
"export DB_USER="my-user"",
|
|
1432
|
+
"export DB_PASSWORD="$CL_review_api_DB_PASSWORD"",
|
|
1433
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
1434
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
1435
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
1436
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
1437
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_review_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
1438
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_review_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
1439
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
1440
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
1441
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"",
|
|
1442
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
|
|
1443
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
1444
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
1445
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1347
1446
|
"echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
|
|
1348
1447
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
1349
1448
|
"export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
|
|
1350
1449
|
"echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
|
|
1351
1450
|
"echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
|
|
1451
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
|
|
1452
|
+
"cat > ____envvars.yaml <<EOF
|
|
1453
|
+
ENV_SHORT: |-
|
|
1454
|
+
review
|
|
1455
|
+
APP_DIR: |-
|
|
1456
|
+
api
|
|
1457
|
+
ENV_TYPE: |-
|
|
1458
|
+
review
|
|
1459
|
+
BUILD_INFO_BUILD_ID: |-
|
|
1460
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
|
|
1461
|
+
BUILD_INFO_BUILD_TIME: |-
|
|
1462
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
|
|
1463
|
+
BUILD_INFO_CURRENT_VERSION: |-
|
|
1464
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/ /')
|
|
1465
|
+
HOST: |-
|
|
1466
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1467
|
+
ROOT_URL: |-
|
|
1468
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1469
|
+
HOST_INTERNAL: |-
|
|
1470
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1471
|
+
HOST_CANONICAL: |-
|
|
1472
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1473
|
+
ROOT_URL_INTERNAL: |-
|
|
1474
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1475
|
+
CLOUD_SQL_INSTANCE_CONNECTION_NAME: |-
|
|
1476
|
+
projectId:region:instancename
|
|
1477
|
+
DB_NAME: |-
|
|
1478
|
+
$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | sed 's/^/ /')
|
|
1479
|
+
DB_USER: |-
|
|
1480
|
+
my-user
|
|
1481
|
+
DB_PASSWORD: |-
|
|
1482
|
+
$(printf %s "$CL_review_api_DB_PASSWORD" | sed 's/^/ /')
|
|
1483
|
+
DATABASE_URL: |-
|
|
1484
|
+
postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
|
|
1485
|
+
DATABASE_JDBC_URL: |-
|
|
1486
|
+
jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
|
|
1487
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
1488
|
+
google-project-id
|
|
1489
|
+
DEPLOY_CLOUD_RUN_REGION: |-
|
|
1490
|
+
europe-west6
|
|
1491
|
+
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
1492
|
+
$(printf %s "$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
|
|
1493
|
+
_ALL_ENV_VAR_KEYS: |-
|
|
1494
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
1495
|
+
|
|
1496
|
+
EOF
|
|
1497
|
+
",
|
|
1498
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
|
|
1352
1499
|
"echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
|
|
1353
|
-
"echo "$ENV_VARS" > ____envvars.yaml",
|
|
1354
1500
|
"set +e",
|
|
1355
1501
|
"echo "ensuring Database..."",
|
|
1356
|
-
"gcloud sql databases create pan-test-app-review-
|
|
1502
|
+
"gcloud sql databases create pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api --instance=instancename --project projectId",
|
|
1357
1503
|
"set -e",
|
|
1358
|
-
"gcloud run deploy pan-test-app-review-
|
|
1504
|
+
"gcloud run deploy $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-service-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
|
|
1359
1505
|
"echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
|
|
1360
1506
|
"echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
|
|
1361
|
-
"gcloud run revisions list --project=google-project-id --region=europe-west6 --service
|
|
1362
|
-
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api
|
|
1507
|
+
"gcloud run revisions list --project=google-project-id --region=europe-west6 --service=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done",
|
|
1508
|
+
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })@$version --quiet --delete-tags; done",
|
|
1363
1509
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
1364
1510
|
"set +e",
|
|
1365
1511
|
"gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api --quiet --delete-tags",
|
|
1366
1512
|
"set -e",
|
|
1367
1513
|
"echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
|
|
1368
1514
|
"echo Uploading SBOM to Dependency Track",
|
|
1369
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https
|
|
1370
|
-
|
|
1371
|
-
"services": [
|
|
1372
|
-
{
|
|
1373
|
-
"command": [
|
|
1374
|
-
"--tls=false",
|
|
1375
|
-
],
|
|
1376
|
-
"name": "docker:24.0.6-dind",
|
|
1377
|
-
},
|
|
1515
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
|
|
1516
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
1378
1517
|
],
|
|
1379
1518
|
"stage": "deploy review",
|
|
1380
1519
|
"variables": {
|
|
1381
|
-
"APP_DIR": "api",
|
|
1382
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
1383
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
1384
|
-
"BUILD_INFO_ID": "some-id",
|
|
1385
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
1386
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
1387
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
1388
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
1389
|
-
"DB_NAME": "pan-test-app-review-mr1234-api",
|
|
1390
|
-
"DB_PASSWORD": "$CL_review_api_DB_PASSWORD",
|
|
1391
|
-
"DB_USER": "my-user",
|
|
1392
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
1393
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
1394
|
-
"DOCKER_BUILDKIT": "1",
|
|
1395
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api",
|
|
1396
|
-
"DOCKER_DRIVER": "overlay2",
|
|
1397
|
-
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
1398
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/mr1234",
|
|
1399
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
1400
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
1401
|
-
"DOCKER_TLS_CERTDIR": "",
|
|
1402
|
-
"ENV_SHORT": "review",
|
|
1403
|
-
"ENV_TYPE": "review",
|
|
1404
|
-
"ENV_VARS": "ENV_SHORT: 'review'
|
|
1405
|
-
APP_DIR: 'api'
|
|
1406
|
-
ENV_TYPE: 'review'
|
|
1407
|
-
BUILD_INFO_ID: 'some-id'
|
|
1408
|
-
BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
|
|
1409
|
-
BUILD_INFO_CURRENT_VERSION: '3.2.1'
|
|
1410
|
-
HOST: 'pan-test-app-review-mr1234-api-unknown-host.example.com'
|
|
1411
|
-
ROOT_URL: 'https://pan-test-app-review-mr1234-api-unknown-host.example.com'
|
|
1412
|
-
HOST_CANONICAL: 'pan-test-app-review-mr1234-api-unknown-host.example.com'
|
|
1413
|
-
ROOT_URL_INTERNAL: 'https://pan-test-app-review-mr1234-api-unknown-host.example.com'
|
|
1414
|
-
HOST_INTERNAL: 'pan-test-app-review-mr1234-api-unknown-host.example.com'
|
|
1415
|
-
CLOUD_SQL_INSTANCE_CONNECTION_NAME: 'projectId:region:instancename'
|
|
1416
|
-
DB_NAME: 'pan-test-app-review-mr1234-api'
|
|
1417
|
-
DB_USER: 'my-user'
|
|
1418
|
-
DB_PASSWORD: '$CL_review_api_DB_PASSWORD'
|
|
1419
|
-
DATABASE_URL: 'postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME'
|
|
1420
|
-
DATABASE_JDBC_URL: 'jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD'
|
|
1421
|
-
DEPLOY_CLOUD_RUN_PROJECT_ID: 'google-project-id'
|
|
1422
|
-
DEPLOY_CLOUD_RUN_REGION: 'europe-west6'
|
|
1423
|
-
GCLOUD_RUN_canonicalHostSuffix: '$CL_review_api_GCLOUD_RUN_canonicalHostSuffix'
|
|
1424
|
-
_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
|
|
1425
|
-
",
|
|
1426
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_review_api_GCLOUD_DEPLOY_credentialsKey",
|
|
1427
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_review_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
1428
|
-
"HOST": "pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1429
|
-
"HOST_CANONICAL": "pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1430
|
-
"HOST_INTERNAL": "pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1431
1520
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1432
1521
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
1433
1522
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
1434
|
-
"ROOT_URL": "https://pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1435
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1436
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
1437
1523
|
},
|
|
1438
1524
|
},
|
|
1439
1525
|
"api 🛑 Stop ⚠️ | review ": {
|
|
1526
|
+
"allow_failure": true,
|
|
1527
|
+
"artifacts": {
|
|
1528
|
+
"reports": {
|
|
1529
|
+
"dotenv": "gitlab_environment.env",
|
|
1530
|
+
},
|
|
1531
|
+
},
|
|
1440
1532
|
"environment": {
|
|
1441
1533
|
"action": "stop",
|
|
1442
|
-
"name": "review/
|
|
1443
|
-
"url": "
|
|
1534
|
+
"name": "review/$CI_COMMIT_REF_NAME/api",
|
|
1535
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
1444
1536
|
},
|
|
1445
1537
|
"image": "path/to/docker/gcloud:the-version",
|
|
1446
1538
|
"interruptible": true,
|
|
@@ -1454,40 +1546,41 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1454
1546
|
},
|
|
1455
1547
|
"rules": [
|
|
1456
1548
|
{
|
|
1457
|
-
"allow_failure": true,
|
|
1458
1549
|
"if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
|
|
1459
1550
|
"when": "on_success",
|
|
1460
1551
|
},
|
|
1461
1552
|
{
|
|
1462
|
-
"allow_failure": true,
|
|
1463
1553
|
"when": "manual",
|
|
1464
1554
|
},
|
|
1465
1555
|
],
|
|
1466
1556
|
"script": [
|
|
1557
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1558
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
1559
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1467
1560
|
"set +e",
|
|
1468
1561
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
1469
|
-
"gcloud run services delete pan-test-app-review-
|
|
1470
|
-
"echo "deleting database pan-test-app-review-
|
|
1562
|
+
"gcloud run services delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --project=google-project-id --region=europe-west6",
|
|
1563
|
+
"echo "deleting database pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api..."",
|
|
1471
1564
|
"echo "👆 this can take multiple attemps (3-5min), because google cloud run may still have a connection to the database after the cloud run service is shut down"",
|
|
1472
1565
|
"
|
|
1473
|
-
until gcloud sql databases delete pan-test-app-review-
|
|
1566
|
+
until gcloud sql databases delete pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api --instance=instancename --project projectId
|
|
1474
1567
|
do
|
|
1475
1568
|
echo "Trying again."
|
|
1476
1569
|
sleep 10
|
|
1477
1570
|
done
|
|
1478
1571
|
",
|
|
1479
|
-
"gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api
|
|
1572
|
+
"gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --quiet --delete-tags",
|
|
1480
1573
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
1481
1574
|
"set +e",
|
|
1482
1575
|
"gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api --quiet --delete-tags",
|
|
1483
1576
|
"set -e",
|
|
1484
1577
|
"echo Disabling component in Dependency Track",
|
|
1485
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https
|
|
1578
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
|
|
1486
1579
|
"set -e",
|
|
1580
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
1487
1581
|
],
|
|
1488
1582
|
"stage": "stop review",
|
|
1489
1583
|
"variables": {
|
|
1490
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
1491
1584
|
"GIT_STRATEGY": "none",
|
|
1492
1585
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1493
1586
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
@@ -1507,12 +1600,14 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1507
1600
|
],
|
|
1508
1601
|
},
|
|
1509
1602
|
"script": [
|
|
1603
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1604
|
+
"export APP_PATH="api"",
|
|
1605
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1510
1606
|
"cd api",
|
|
1511
1607
|
"yarn npm audit --environment production",
|
|
1512
1608
|
],
|
|
1513
1609
|
"stage": "test",
|
|
1514
1610
|
"variables": {
|
|
1515
|
-
"APP_PATH": "api",
|
|
1516
1611
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1517
1612
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
1518
1613
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -1546,6 +1641,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1546
1641
|
],
|
|
1547
1642
|
},
|
|
1548
1643
|
"script": [
|
|
1644
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1645
|
+
"export APP_PATH="api"",
|
|
1646
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1549
1647
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
1550
1648
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
1551
1649
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -1562,7 +1660,6 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1562
1660
|
],
|
|
1563
1661
|
"stage": "test",
|
|
1564
1662
|
"variables": {
|
|
1565
|
-
"APP_PATH": "api",
|
|
1566
1663
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1567
1664
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
1568
1665
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -1586,6 +1683,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1586
1683
|
],
|
|
1587
1684
|
},
|
|
1588
1685
|
"script": [
|
|
1686
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1687
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1589
1688
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
|
|
1590
1689
|
],
|
|
1591
1690
|
"stage": "build",
|
|
@@ -1619,6 +1718,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1619
1718
|
],
|
|
1620
1719
|
},
|
|
1621
1720
|
"script": [
|
|
1721
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1722
|
+
"export APP_PATH="api"",
|
|
1723
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1622
1724
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
1623
1725
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
1624
1726
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -1635,7 +1737,6 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1635
1737
|
],
|
|
1636
1738
|
"stage": "test",
|
|
1637
1739
|
"variables": {
|
|
1638
|
-
"APP_PATH": "api",
|
|
1639
1740
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1640
1741
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
1641
1742
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -1688,7 +1789,31 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1688
1789
|
],
|
|
1689
1790
|
},
|
|
1690
1791
|
"script": [
|
|
1691
|
-
"echo
|
|
1792
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1793
|
+
"export ENV_SHORT="review"",
|
|
1794
|
+
"export APP_DIR="api"",
|
|
1795
|
+
"export ENV_TYPE="review"",
|
|
1796
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
1797
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
1798
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
1799
|
+
"export HOST="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1800
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1801
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1802
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1803
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1804
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
1805
|
+
"export DB_NAME="pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"",
|
|
1806
|
+
"export DB_USER="my-user"",
|
|
1807
|
+
"export DB_PASSWORD="$CL_review_api_DB_PASSWORD"",
|
|
1808
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
1809
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
1810
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
1811
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
1812
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_review_worker_GCLOUD_DEPLOY_credentialsKey"",
|
|
1813
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix"",
|
|
1814
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
1815
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1816
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json",
|
|
1692
1817
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
1693
1818
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
1694
1819
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -1705,31 +1830,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1705
1830
|
],
|
|
1706
1831
|
"stage": "build",
|
|
1707
1832
|
"variables": {
|
|
1708
|
-
"APP_DIR": "api",
|
|
1709
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
1710
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
1711
|
-
"BUILD_INFO_ID": "some-id",
|
|
1712
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
1713
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
1714
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
1715
|
-
"DB_NAME": "pan-test-app-review-mr1234-api",
|
|
1716
|
-
"DB_PASSWORD": "$CL_review_api_DB_PASSWORD",
|
|
1717
|
-
"DB_USER": "my-user",
|
|
1718
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
1719
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
1720
|
-
"ENV_SHORT": "review",
|
|
1721
|
-
"ENV_TYPE": "review",
|
|
1722
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_review_worker_GCLOUD_DEPLOY_credentialsKey",
|
|
1723
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix",
|
|
1724
|
-
"HOST": "pan-test-app-review-mr1234-worker-unknown-host.example.com",
|
|
1725
|
-
"HOST_CANONICAL": "pan-test-app-review-mr1234-worker-unknown-host.example.com",
|
|
1726
|
-
"HOST_INTERNAL": "pan-test-app-review-mr1234-worker-unknown-host.example.com",
|
|
1727
1833
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1728
1834
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
1729
1835
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
1730
|
-
"ROOT_URL": "https://pan-test-app-review-mr1234-worker-unknown-host.example.com",
|
|
1731
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-review-mr1234-worker-unknown-host.example.com",
|
|
1732
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
1733
1836
|
},
|
|
1734
1837
|
},
|
|
1735
1838
|
"worker 🔨 docker | review ": {
|
|
@@ -1755,6 +1858,21 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1755
1858
|
],
|
|
1756
1859
|
},
|
|
1757
1860
|
"script": [
|
|
1861
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1862
|
+
"export APP_DIR="api"",
|
|
1863
|
+
"export DOCKER_DIR="."",
|
|
1864
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
1865
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/worker/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"",
|
|
1866
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker"",
|
|
1867
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
1868
|
+
"export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
|
|
1869
|
+
RUN yarn plugin import workspace-tools
|
|
1870
|
+
RUN yarn workspaces focus --production && yarn rebuild"",
|
|
1871
|
+
"export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
|
|
1872
|
+
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
1873
|
+
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1874
|
+
COPY --chown=node:node .yarn /app/.yarn"",
|
|
1875
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1758
1876
|
"ensureNodeDockerfile",
|
|
1759
1877
|
"echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
|
|
1760
1878
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_review_worker_GCLOUD_DEPLOY_credentialsKey")",
|
|
@@ -1779,24 +1897,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1779
1897
|
],
|
|
1780
1898
|
"stage": "build",
|
|
1781
1899
|
"variables": {
|
|
1782
|
-
"APP_DIR": "api",
|
|
1783
|
-
"DOCKERFILE_ADDITIONS": undefined,
|
|
1784
|
-
"DOCKERFILE_ADDITIONS_END": undefined,
|
|
1785
1900
|
"DOCKER_BUILDKIT": "1",
|
|
1786
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker",
|
|
1787
|
-
"DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
|
|
1788
|
-
RUN yarn plugin import workspace-tools
|
|
1789
|
-
RUN yarn workspaces focus --production && yarn rebuild",
|
|
1790
|
-
"DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node api/package.json /app/api/package.json
|
|
1791
|
-
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
1792
|
-
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1793
|
-
COPY --chown=node:node .yarn /app/.yarn",
|
|
1794
|
-
"DOCKER_DIR": ".",
|
|
1795
1901
|
"DOCKER_DRIVER": "overlay2",
|
|
1796
1902
|
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
1797
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/worker/mr1234",
|
|
1798
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
1799
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
1800
1903
|
"DOCKER_TLS_CERTDIR": "",
|
|
1801
1904
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1802
1905
|
"KUBERNETES_MEMORY_LIMIT": "2Gi",
|
|
@@ -1806,15 +1909,15 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
1806
1909
|
"worker 🚀 Deploy | review ": {
|
|
1807
1910
|
"allow_failure": false,
|
|
1808
1911
|
"artifacts": {
|
|
1809
|
-
"
|
|
1810
|
-
"
|
|
1811
|
-
|
|
1912
|
+
"reports": {
|
|
1913
|
+
"dotenv": "gitlab_environment.env",
|
|
1914
|
+
},
|
|
1812
1915
|
},
|
|
1813
1916
|
"environment": {
|
|
1814
1917
|
"auto_stop_in": "1 week",
|
|
1815
|
-
"name": "review/
|
|
1918
|
+
"name": "review/$CI_COMMIT_REF_NAME/worker",
|
|
1816
1919
|
"on_stop": "worker 🛑 Stop ⚠️ | review ",
|
|
1817
|
-
"url": "
|
|
1920
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
1818
1921
|
},
|
|
1819
1922
|
"image": "path/to/docker/gcloud:the-version",
|
|
1820
1923
|
"interruptible": true,
|
|
@@ -1857,103 +1960,125 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
1857
1960
|
},
|
|
1858
1961
|
],
|
|
1859
1962
|
"script": [
|
|
1963
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1964
|
+
"export ENV_SHORT="review"",
|
|
1965
|
+
"export APP_DIR="api"",
|
|
1966
|
+
"export ENV_TYPE="review"",
|
|
1967
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
1968
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
1969
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
1970
|
+
"export HOST="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1971
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1972
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1973
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1974
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1975
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
1976
|
+
"export DB_NAME="pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"",
|
|
1977
|
+
"export DB_USER="my-user"",
|
|
1978
|
+
"export DB_PASSWORD="$CL_review_api_DB_PASSWORD"",
|
|
1979
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
1980
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
1981
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
1982
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
1983
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_review_worker_GCLOUD_DEPLOY_credentialsKey"",
|
|
1984
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix"",
|
|
1985
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
1986
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
1987
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/worker/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"",
|
|
1988
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker"",
|
|
1989
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
1990
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
1991
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1860
1992
|
"echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
|
|
1861
1993
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_review_worker_GCLOUD_DEPLOY_credentialsKey")",
|
|
1862
1994
|
"export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
|
|
1863
1995
|
"echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
|
|
1864
1996
|
"echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
|
|
1997
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
|
|
1998
|
+
"cat > ____envvars.yaml <<EOF
|
|
1999
|
+
ENV_SHORT: |-
|
|
2000
|
+
review
|
|
2001
|
+
APP_DIR: |-
|
|
2002
|
+
api
|
|
2003
|
+
ENV_TYPE: |-
|
|
2004
|
+
review
|
|
2005
|
+
BUILD_INFO_BUILD_ID: |-
|
|
2006
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
|
|
2007
|
+
BUILD_INFO_BUILD_TIME: |-
|
|
2008
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
|
|
2009
|
+
BUILD_INFO_CURRENT_VERSION: |-
|
|
2010
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/ /')
|
|
2011
|
+
HOST: |-
|
|
2012
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2013
|
+
ROOT_URL: |-
|
|
2014
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2015
|
+
HOST_INTERNAL: |-
|
|
2016
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2017
|
+
HOST_CANONICAL: |-
|
|
2018
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2019
|
+
ROOT_URL_INTERNAL: |-
|
|
2020
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2021
|
+
CLOUD_SQL_INSTANCE_CONNECTION_NAME: |-
|
|
2022
|
+
projectId:region:instancename
|
|
2023
|
+
DB_NAME: |-
|
|
2024
|
+
$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | sed 's/^/ /')
|
|
2025
|
+
DB_USER: |-
|
|
2026
|
+
my-user
|
|
2027
|
+
DB_PASSWORD: |-
|
|
2028
|
+
$(printf %s "$CL_review_api_DB_PASSWORD" | sed 's/^/ /')
|
|
2029
|
+
DATABASE_URL: |-
|
|
2030
|
+
postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
|
|
2031
|
+
DATABASE_JDBC_URL: |-
|
|
2032
|
+
jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
|
|
2033
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
2034
|
+
google-project-id
|
|
2035
|
+
DEPLOY_CLOUD_RUN_REGION: |-
|
|
2036
|
+
europe-west6
|
|
2037
|
+
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
2038
|
+
$(printf %s "$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
|
|
2039
|
+
_ALL_ENV_VAR_KEYS: |-
|
|
2040
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
2041
|
+
|
|
2042
|
+
EOF
|
|
2043
|
+
",
|
|
2044
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
|
|
1865
2045
|
"echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
|
|
1866
|
-
"echo "$ENV_VARS" > ____envvars.yaml",
|
|
1867
2046
|
"set +e",
|
|
1868
2047
|
"echo "ensuring Database..."",
|
|
1869
|
-
"gcloud sql databases create pan-test-app-review-
|
|
2048
|
+
"gcloud sql databases create pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api --instance=instancename --project projectId",
|
|
1870
2049
|
"set -e",
|
|
1871
|
-
"gcloud run deploy pan-test-app-review-
|
|
2050
|
+
"gcloud run deploy $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker" | awk '{print tolower($0)}') --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/worker/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=worker,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-service-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker" | awk '{print tolower($0)}') --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
|
|
1872
2051
|
"echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
|
|
1873
2052
|
"echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
|
|
1874
|
-
"gcloud run revisions list --project=google-project-id --region=europe-west6 --service
|
|
1875
|
-
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/worker
|
|
2053
|
+
"gcloud run revisions list --project=google-project-id --region=europe-west6 --service=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker" | awk '{print tolower($0)}') --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done",
|
|
2054
|
+
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/worker/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/worker/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })@$version --quiet --delete-tags; done",
|
|
1876
2055
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker@$version --quiet --delete-tags; done",
|
|
1877
2056
|
"set +e",
|
|
1878
2057
|
"gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/worker --quiet --delete-tags",
|
|
1879
2058
|
"set -e",
|
|
1880
2059
|
"echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
|
|
1881
2060
|
"echo Uploading SBOM to Dependency Track",
|
|
1882
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/worker" "https
|
|
1883
|
-
|
|
1884
|
-
"services": [
|
|
1885
|
-
{
|
|
1886
|
-
"command": [
|
|
1887
|
-
"--tls=false",
|
|
1888
|
-
],
|
|
1889
|
-
"name": "docker:24.0.6-dind",
|
|
1890
|
-
},
|
|
2061
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/worker" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
|
|
2062
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
1891
2063
|
],
|
|
1892
2064
|
"stage": "deploy review",
|
|
1893
2065
|
"variables": {
|
|
1894
|
-
"APP_DIR": "api",
|
|
1895
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
1896
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
1897
|
-
"BUILD_INFO_ID": "some-id",
|
|
1898
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
1899
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
1900
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
1901
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
1902
|
-
"DB_NAME": "pan-test-app-review-mr1234-api",
|
|
1903
|
-
"DB_PASSWORD": "$CL_review_api_DB_PASSWORD",
|
|
1904
|
-
"DB_USER": "my-user",
|
|
1905
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
1906
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
1907
|
-
"DOCKER_BUILDKIT": "1",
|
|
1908
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker",
|
|
1909
|
-
"DOCKER_DRIVER": "overlay2",
|
|
1910
|
-
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
1911
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/worker/mr1234",
|
|
1912
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
1913
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
1914
|
-
"DOCKER_TLS_CERTDIR": "",
|
|
1915
|
-
"ENV_SHORT": "review",
|
|
1916
|
-
"ENV_TYPE": "review",
|
|
1917
|
-
"ENV_VARS": "ENV_SHORT: 'review'
|
|
1918
|
-
APP_DIR: 'api'
|
|
1919
|
-
ENV_TYPE: 'review'
|
|
1920
|
-
BUILD_INFO_ID: 'some-id'
|
|
1921
|
-
BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
|
|
1922
|
-
BUILD_INFO_CURRENT_VERSION: '3.2.1'
|
|
1923
|
-
HOST: 'pan-test-app-review-mr1234-worker-unknown-host.example.com'
|
|
1924
|
-
ROOT_URL: 'https://pan-test-app-review-mr1234-worker-unknown-host.example.com'
|
|
1925
|
-
HOST_CANONICAL: 'pan-test-app-review-mr1234-worker-unknown-host.example.com'
|
|
1926
|
-
ROOT_URL_INTERNAL: 'https://pan-test-app-review-mr1234-worker-unknown-host.example.com'
|
|
1927
|
-
HOST_INTERNAL: 'pan-test-app-review-mr1234-worker-unknown-host.example.com'
|
|
1928
|
-
CLOUD_SQL_INSTANCE_CONNECTION_NAME: 'projectId:region:instancename'
|
|
1929
|
-
DB_NAME: 'pan-test-app-review-mr1234-api'
|
|
1930
|
-
DB_USER: 'my-user'
|
|
1931
|
-
DB_PASSWORD: '$CL_review_api_DB_PASSWORD'
|
|
1932
|
-
DATABASE_URL: 'postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME'
|
|
1933
|
-
DATABASE_JDBC_URL: 'jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD'
|
|
1934
|
-
DEPLOY_CLOUD_RUN_PROJECT_ID: 'google-project-id'
|
|
1935
|
-
DEPLOY_CLOUD_RUN_REGION: 'europe-west6'
|
|
1936
|
-
GCLOUD_RUN_canonicalHostSuffix: '$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix'
|
|
1937
|
-
_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
|
|
1938
|
-
",
|
|
1939
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_review_worker_GCLOUD_DEPLOY_credentialsKey",
|
|
1940
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix",
|
|
1941
|
-
"HOST": "pan-test-app-review-mr1234-worker-unknown-host.example.com",
|
|
1942
|
-
"HOST_CANONICAL": "pan-test-app-review-mr1234-worker-unknown-host.example.com",
|
|
1943
|
-
"HOST_INTERNAL": "pan-test-app-review-mr1234-worker-unknown-host.example.com",
|
|
1944
2066
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1945
2067
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
1946
2068
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
1947
|
-
"ROOT_URL": "https://pan-test-app-review-mr1234-worker-unknown-host.example.com",
|
|
1948
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-review-mr1234-worker-unknown-host.example.com",
|
|
1949
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
1950
2069
|
},
|
|
1951
2070
|
},
|
|
1952
2071
|
"worker 🛑 Stop ⚠️ | review ": {
|
|
2072
|
+
"allow_failure": true,
|
|
2073
|
+
"artifacts": {
|
|
2074
|
+
"reports": {
|
|
2075
|
+
"dotenv": "gitlab_environment.env",
|
|
2076
|
+
},
|
|
2077
|
+
},
|
|
1953
2078
|
"environment": {
|
|
1954
2079
|
"action": "stop",
|
|
1955
|
-
"name": "review/
|
|
1956
|
-
"url": "
|
|
2080
|
+
"name": "review/$CI_COMMIT_REF_NAME/worker",
|
|
2081
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
1957
2082
|
},
|
|
1958
2083
|
"image": "path/to/docker/gcloud:the-version",
|
|
1959
2084
|
"interruptible": true,
|
|
@@ -1967,40 +2092,41 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1967
2092
|
},
|
|
1968
2093
|
"rules": [
|
|
1969
2094
|
{
|
|
1970
|
-
"allow_failure": true,
|
|
1971
2095
|
"if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
|
|
1972
2096
|
"when": "on_success",
|
|
1973
2097
|
},
|
|
1974
2098
|
{
|
|
1975
|
-
"allow_failure": true,
|
|
1976
2099
|
"when": "manual",
|
|
1977
2100
|
},
|
|
1978
2101
|
],
|
|
1979
2102
|
"script": [
|
|
2103
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2104
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
2105
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1980
2106
|
"set +e",
|
|
1981
2107
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_review_worker_GCLOUD_DEPLOY_credentialsKey")",
|
|
1982
|
-
"gcloud run services delete pan-test-app-review-
|
|
1983
|
-
"echo "deleting database pan-test-app-review-
|
|
2108
|
+
"gcloud run services delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker" | awk '{print tolower($0)}') --project=google-project-id --region=europe-west6",
|
|
2109
|
+
"echo "deleting database pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api..."",
|
|
1984
2110
|
"echo "👆 this can take multiple attemps (3-5min), because google cloud run may still have a connection to the database after the cloud run service is shut down"",
|
|
1985
2111
|
"
|
|
1986
|
-
until gcloud sql databases delete pan-test-app-review-
|
|
2112
|
+
until gcloud sql databases delete pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api --instance=instancename --project projectId
|
|
1987
2113
|
do
|
|
1988
2114
|
echo "Trying again."
|
|
1989
2115
|
sleep 10
|
|
1990
2116
|
done
|
|
1991
2117
|
",
|
|
1992
|
-
"gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/worker
|
|
2118
|
+
"gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/worker/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --quiet --delete-tags",
|
|
1993
2119
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker@$version --quiet --delete-tags; done",
|
|
1994
2120
|
"set +e",
|
|
1995
2121
|
"gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/worker --quiet --delete-tags",
|
|
1996
2122
|
"set -e",
|
|
1997
2123
|
"echo Disabling component in Dependency Track",
|
|
1998
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/worker" "https
|
|
2124
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/worker" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
|
|
1999
2125
|
"set -e",
|
|
2126
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-worker-$CL_review_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
2000
2127
|
],
|
|
2001
2128
|
"stage": "stop review",
|
|
2002
2129
|
"variables": {
|
|
2003
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
2004
2130
|
"GIT_STRATEGY": "none",
|
|
2005
2131
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2006
2132
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
@@ -2020,12 +2146,14 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2020
2146
|
],
|
|
2021
2147
|
},
|
|
2022
2148
|
"script": [
|
|
2149
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2150
|
+
"export APP_PATH="api"",
|
|
2151
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2023
2152
|
"cd api",
|
|
2024
2153
|
"yarn npm audit --environment production",
|
|
2025
2154
|
],
|
|
2026
2155
|
"stage": "test",
|
|
2027
2156
|
"variables": {
|
|
2028
|
-
"APP_PATH": "api",
|
|
2029
2157
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2030
2158
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
2031
2159
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -2059,6 +2187,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2059
2187
|
],
|
|
2060
2188
|
},
|
|
2061
2189
|
"script": [
|
|
2190
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2191
|
+
"export APP_PATH="api"",
|
|
2192
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2062
2193
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
2063
2194
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
2064
2195
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -2075,7 +2206,6 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2075
2206
|
],
|
|
2076
2207
|
"stage": "test",
|
|
2077
2208
|
"variables": {
|
|
2078
|
-
"APP_PATH": "api",
|
|
2079
2209
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2080
2210
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
2081
2211
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -2099,6 +2229,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2099
2229
|
],
|
|
2100
2230
|
},
|
|
2101
2231
|
"script": [
|
|
2232
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2233
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2102
2234
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
|
|
2103
2235
|
],
|
|
2104
2236
|
"stage": "build",
|
|
@@ -2151,7 +2283,7 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2151
2283
|
],
|
|
2152
2284
|
"variables": {
|
|
2153
2285
|
"FF_USE_FASTZIP": "true",
|
|
2154
|
-
"GIT_DEPTH": 1,
|
|
2286
|
+
"GIT_DEPTH": "1",
|
|
2155
2287
|
},
|
|
2156
2288
|
"workflow": {
|
|
2157
2289
|
"rules": [
|
|
@@ -2228,7 +2360,31 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2228
2360
|
],
|
|
2229
2361
|
},
|
|
2230
2362
|
"script": [
|
|
2231
|
-
"echo
|
|
2363
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2364
|
+
"export ENV_SHORT="prod"",
|
|
2365
|
+
"export APP_DIR="api"",
|
|
2366
|
+
"export ENV_TYPE="prod"",
|
|
2367
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
2368
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
2369
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
2370
|
+
"export HOST="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2371
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2372
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2373
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2374
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2375
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
2376
|
+
"export DB_NAME="pan-test-app-prod-api"",
|
|
2377
|
+
"export DB_USER="my-user"",
|
|
2378
|
+
"export DB_PASSWORD="$CL_prod_api_DB_PASSWORD"",
|
|
2379
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
2380
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
2381
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
2382
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
2383
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_prod_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
2384
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
2385
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
2386
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2387
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json",
|
|
2232
2388
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
2233
2389
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
2234
2390
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -2245,31 +2401,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2245
2401
|
],
|
|
2246
2402
|
"stage": "build",
|
|
2247
2403
|
"variables": {
|
|
2248
|
-
"APP_DIR": "api",
|
|
2249
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
2250
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
2251
|
-
"BUILD_INFO_ID": "some-id",
|
|
2252
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
2253
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
2254
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
2255
|
-
"DB_NAME": "pan-test-app-prod-api",
|
|
2256
|
-
"DB_PASSWORD": "$CL_prod_api_DB_PASSWORD",
|
|
2257
|
-
"DB_USER": "my-user",
|
|
2258
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
2259
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
2260
|
-
"ENV_SHORT": "prod",
|
|
2261
|
-
"ENV_TYPE": "prod",
|
|
2262
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey",
|
|
2263
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
2264
|
-
"HOST": "pan-test-app-prod-api-unknown-host.example.com",
|
|
2265
|
-
"HOST_CANONICAL": "pan-test-app-prod-api-unknown-host.example.com",
|
|
2266
|
-
"HOST_INTERNAL": "pan-test-app-prod-api-unknown-host.example.com",
|
|
2267
2404
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2268
2405
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
2269
2406
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
2270
|
-
"ROOT_URL": "https://pan-test-app-prod-api-unknown-host.example.com",
|
|
2271
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-prod-api-unknown-host.example.com",
|
|
2272
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
2273
2407
|
},
|
|
2274
2408
|
},
|
|
2275
2409
|
"api 🔨 app | stage ": {
|
|
@@ -2319,7 +2453,31 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2319
2453
|
],
|
|
2320
2454
|
},
|
|
2321
2455
|
"script": [
|
|
2322
|
-
"echo
|
|
2456
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2457
|
+
"export ENV_SHORT="stage"",
|
|
2458
|
+
"export APP_DIR="api"",
|
|
2459
|
+
"export ENV_TYPE="stage"",
|
|
2460
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
2461
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
2462
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
2463
|
+
"export HOST="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2464
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2465
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2466
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2467
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2468
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
2469
|
+
"export DB_NAME="pan-test-app-stage-api"",
|
|
2470
|
+
"export DB_USER="my-user"",
|
|
2471
|
+
"export DB_PASSWORD="$CL_stage_api_DB_PASSWORD"",
|
|
2472
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
2473
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
2474
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
2475
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
2476
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_stage_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
2477
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
2478
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
2479
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2480
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json",
|
|
2323
2481
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
2324
2482
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
2325
2483
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -2336,31 +2494,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2336
2494
|
],
|
|
2337
2495
|
"stage": "build",
|
|
2338
2496
|
"variables": {
|
|
2339
|
-
"APP_DIR": "api",
|
|
2340
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
2341
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
2342
|
-
"BUILD_INFO_ID": "some-id",
|
|
2343
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
2344
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
2345
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
2346
|
-
"DB_NAME": "pan-test-app-stage-api",
|
|
2347
|
-
"DB_PASSWORD": "$CL_stage_api_DB_PASSWORD",
|
|
2348
|
-
"DB_USER": "my-user",
|
|
2349
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
2350
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
2351
|
-
"ENV_SHORT": "stage",
|
|
2352
|
-
"ENV_TYPE": "stage",
|
|
2353
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey",
|
|
2354
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
2355
|
-
"HOST": "pan-test-app-stage-api-unknown-host.example.com",
|
|
2356
|
-
"HOST_CANONICAL": "pan-test-app-stage-api-unknown-host.example.com",
|
|
2357
|
-
"HOST_INTERNAL": "pan-test-app-stage-api-unknown-host.example.com",
|
|
2358
2497
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2359
2498
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
2360
2499
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
2361
|
-
"ROOT_URL": "https://pan-test-app-stage-api-unknown-host.example.com",
|
|
2362
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-stage-api-unknown-host.example.com",
|
|
2363
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
2364
2500
|
},
|
|
2365
2501
|
},
|
|
2366
2502
|
"api 🔨 docker | prod ": {
|
|
@@ -2386,6 +2522,21 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2386
2522
|
],
|
|
2387
2523
|
},
|
|
2388
2524
|
"script": [
|
|
2525
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2526
|
+
"export APP_DIR="api"",
|
|
2527
|
+
"export DOCKER_DIR="."",
|
|
2528
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
2529
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api"",
|
|
2530
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
|
|
2531
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
2532
|
+
"export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
|
|
2533
|
+
RUN yarn plugin import workspace-tools
|
|
2534
|
+
RUN yarn workspaces focus --production && yarn rebuild"",
|
|
2535
|
+
"export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
|
|
2536
|
+
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
2537
|
+
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
2538
|
+
COPY --chown=node:node .yarn /app/.yarn"",
|
|
2539
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2389
2540
|
"ensureNodeDockerfile",
|
|
2390
2541
|
"echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
|
|
2391
2542
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
@@ -2410,24 +2561,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2410
2561
|
],
|
|
2411
2562
|
"stage": "build",
|
|
2412
2563
|
"variables": {
|
|
2413
|
-
"APP_DIR": "api",
|
|
2414
|
-
"DOCKERFILE_ADDITIONS": undefined,
|
|
2415
|
-
"DOCKERFILE_ADDITIONS_END": undefined,
|
|
2416
2564
|
"DOCKER_BUILDKIT": "1",
|
|
2417
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api",
|
|
2418
|
-
"DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
|
|
2419
|
-
RUN yarn plugin import workspace-tools
|
|
2420
|
-
RUN yarn workspaces focus --production && yarn rebuild",
|
|
2421
|
-
"DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node api/package.json /app/api/package.json
|
|
2422
|
-
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
2423
|
-
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
2424
|
-
COPY --chown=node:node .yarn /app/.yarn",
|
|
2425
|
-
"DOCKER_DIR": ".",
|
|
2426
2565
|
"DOCKER_DRIVER": "overlay2",
|
|
2427
2566
|
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
2428
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api",
|
|
2429
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
2430
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
2431
2567
|
"DOCKER_TLS_CERTDIR": "",
|
|
2432
2568
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2433
2569
|
"KUBERNETES_MEMORY_LIMIT": "2Gi",
|
|
@@ -2457,6 +2593,21 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
2457
2593
|
],
|
|
2458
2594
|
},
|
|
2459
2595
|
"script": [
|
|
2596
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2597
|
+
"export APP_DIR="api"",
|
|
2598
|
+
"export DOCKER_DIR="."",
|
|
2599
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
2600
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api"",
|
|
2601
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
|
|
2602
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
2603
|
+
"export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
|
|
2604
|
+
RUN yarn plugin import workspace-tools
|
|
2605
|
+
RUN yarn workspaces focus --production && yarn rebuild"",
|
|
2606
|
+
"export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
|
|
2607
|
+
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
2608
|
+
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
2609
|
+
COPY --chown=node:node .yarn /app/.yarn"",
|
|
2610
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2460
2611
|
"ensureNodeDockerfile",
|
|
2461
2612
|
"echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
|
|
2462
2613
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
@@ -2481,24 +2632,9 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
2481
2632
|
],
|
|
2482
2633
|
"stage": "build",
|
|
2483
2634
|
"variables": {
|
|
2484
|
-
"APP_DIR": "api",
|
|
2485
|
-
"DOCKERFILE_ADDITIONS": undefined,
|
|
2486
|
-
"DOCKERFILE_ADDITIONS_END": undefined,
|
|
2487
2635
|
"DOCKER_BUILDKIT": "1",
|
|
2488
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api",
|
|
2489
|
-
"DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
|
|
2490
|
-
RUN yarn plugin import workspace-tools
|
|
2491
|
-
RUN yarn workspaces focus --production && yarn rebuild",
|
|
2492
|
-
"DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node api/package.json /app/api/package.json
|
|
2493
|
-
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
2494
|
-
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
2495
|
-
COPY --chown=node:node .yarn /app/.yarn",
|
|
2496
|
-
"DOCKER_DIR": ".",
|
|
2497
2636
|
"DOCKER_DRIVER": "overlay2",
|
|
2498
2637
|
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
2499
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api",
|
|
2500
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
2501
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
2502
2638
|
"DOCKER_TLS_CERTDIR": "",
|
|
2503
2639
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2504
2640
|
"KUBERNETES_MEMORY_LIMIT": "2Gi",
|
|
@@ -2508,15 +2644,15 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
2508
2644
|
"api 🚀 Deploy | prod ": {
|
|
2509
2645
|
"allow_failure": true,
|
|
2510
2646
|
"artifacts": {
|
|
2511
|
-
"
|
|
2512
|
-
"
|
|
2513
|
-
|
|
2647
|
+
"reports": {
|
|
2648
|
+
"dotenv": "gitlab_environment.env",
|
|
2649
|
+
},
|
|
2514
2650
|
},
|
|
2515
2651
|
"environment": {
|
|
2516
2652
|
"auto_stop_in": undefined,
|
|
2517
2653
|
"name": "prod/api",
|
|
2518
2654
|
"on_stop": "api 🛑 Stop ⚠️ | prod ",
|
|
2519
|
-
"url": "
|
|
2655
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
2520
2656
|
},
|
|
2521
2657
|
"image": "path/to/docker/gcloud:the-version",
|
|
2522
2658
|
"interruptible": true,
|
|
@@ -2547,13 +2683,89 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
2547
2683
|
},
|
|
2548
2684
|
],
|
|
2549
2685
|
"script": [
|
|
2686
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2687
|
+
"export ENV_SHORT="prod"",
|
|
2688
|
+
"export APP_DIR="api"",
|
|
2689
|
+
"export ENV_TYPE="prod"",
|
|
2690
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
2691
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
2692
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
2693
|
+
"export HOST="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2694
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2695
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2696
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2697
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2698
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
2699
|
+
"export DB_NAME="pan-test-app-prod-api"",
|
|
2700
|
+
"export DB_USER="my-user"",
|
|
2701
|
+
"export DB_PASSWORD="$CL_prod_api_DB_PASSWORD"",
|
|
2702
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
2703
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
2704
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
2705
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
2706
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_prod_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
2707
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
2708
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
2709
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
2710
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api"",
|
|
2711
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
|
|
2712
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
2713
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
2714
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2550
2715
|
"echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
|
|
2551
2716
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
2552
2717
|
"export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
|
|
2553
2718
|
"echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
|
|
2554
2719
|
"echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
|
|
2720
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
|
|
2721
|
+
"cat > ____envvars.yaml <<EOF
|
|
2722
|
+
ENV_SHORT: |-
|
|
2723
|
+
prod
|
|
2724
|
+
APP_DIR: |-
|
|
2725
|
+
api
|
|
2726
|
+
ENV_TYPE: |-
|
|
2727
|
+
prod
|
|
2728
|
+
BUILD_INFO_BUILD_ID: |-
|
|
2729
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
|
|
2730
|
+
BUILD_INFO_BUILD_TIME: |-
|
|
2731
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
|
|
2732
|
+
BUILD_INFO_CURRENT_VERSION: |-
|
|
2733
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/ /')
|
|
2734
|
+
HOST: |-
|
|
2735
|
+
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2736
|
+
ROOT_URL: |-
|
|
2737
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2738
|
+
HOST_INTERNAL: |-
|
|
2739
|
+
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2740
|
+
HOST_CANONICAL: |-
|
|
2741
|
+
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2742
|
+
ROOT_URL_INTERNAL: |-
|
|
2743
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2744
|
+
CLOUD_SQL_INSTANCE_CONNECTION_NAME: |-
|
|
2745
|
+
projectId:region:instancename
|
|
2746
|
+
DB_NAME: |-
|
|
2747
|
+
pan-test-app-prod-api
|
|
2748
|
+
DB_USER: |-
|
|
2749
|
+
my-user
|
|
2750
|
+
DB_PASSWORD: |-
|
|
2751
|
+
$(printf %s "$CL_prod_api_DB_PASSWORD" | sed 's/^/ /')
|
|
2752
|
+
DATABASE_URL: |-
|
|
2753
|
+
postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
|
|
2754
|
+
DATABASE_JDBC_URL: |-
|
|
2755
|
+
jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
|
|
2756
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
2757
|
+
google-project-id
|
|
2758
|
+
DEPLOY_CLOUD_RUN_REGION: |-
|
|
2759
|
+
europe-west6
|
|
2760
|
+
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
2761
|
+
$(printf %s "$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
|
|
2762
|
+
_ALL_ENV_VAR_KEYS: |-
|
|
2763
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
2764
|
+
|
|
2765
|
+
EOF
|
|
2766
|
+
",
|
|
2767
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
|
|
2555
2768
|
"echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
|
|
2556
|
-
"echo "$ENV_VARS" > ____envvars.yaml",
|
|
2557
2769
|
"set +e",
|
|
2558
2770
|
"echo "ensuring Database..."",
|
|
2559
2771
|
"gcloud sql databases create pan-test-app-prod-api --instance=instancename --project projectId",
|
|
@@ -2566,88 +2778,28 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
2566
2778
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
2567
2779
|
"echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
|
|
2568
2780
|
"echo Uploading SBOM to Dependency Track",
|
|
2569
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https
|
|
2570
|
-
|
|
2571
|
-
"services": [
|
|
2572
|
-
{
|
|
2573
|
-
"command": [
|
|
2574
|
-
"--tls=false",
|
|
2575
|
-
],
|
|
2576
|
-
"name": "docker:24.0.6-dind",
|
|
2577
|
-
},
|
|
2781
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
|
|
2782
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
2578
2783
|
],
|
|
2579
2784
|
"stage": "deploy prod",
|
|
2580
2785
|
"variables": {
|
|
2581
|
-
"APP_DIR": "api",
|
|
2582
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
2583
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
2584
|
-
"BUILD_INFO_ID": "some-id",
|
|
2585
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
2586
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
2587
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
2588
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
2589
|
-
"DB_NAME": "pan-test-app-prod-api",
|
|
2590
|
-
"DB_PASSWORD": "$CL_prod_api_DB_PASSWORD",
|
|
2591
|
-
"DB_USER": "my-user",
|
|
2592
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
2593
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
2594
|
-
"DOCKER_BUILDKIT": "1",
|
|
2595
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api",
|
|
2596
|
-
"DOCKER_DRIVER": "overlay2",
|
|
2597
|
-
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
2598
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api",
|
|
2599
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
2600
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
2601
|
-
"DOCKER_TLS_CERTDIR": "",
|
|
2602
|
-
"ENV_SHORT": "prod",
|
|
2603
|
-
"ENV_TYPE": "prod",
|
|
2604
|
-
"ENV_VARS": "ENV_SHORT: 'prod'
|
|
2605
|
-
APP_DIR: 'api'
|
|
2606
|
-
ENV_TYPE: 'prod'
|
|
2607
|
-
BUILD_INFO_ID: 'some-id'
|
|
2608
|
-
BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
|
|
2609
|
-
BUILD_INFO_CURRENT_VERSION: '3.2.1'
|
|
2610
|
-
HOST: 'pan-test-app-prod-api-unknown-host.example.com'
|
|
2611
|
-
ROOT_URL: 'https://pan-test-app-prod-api-unknown-host.example.com'
|
|
2612
|
-
HOST_CANONICAL: 'pan-test-app-prod-api-unknown-host.example.com'
|
|
2613
|
-
ROOT_URL_INTERNAL: 'https://pan-test-app-prod-api-unknown-host.example.com'
|
|
2614
|
-
HOST_INTERNAL: 'pan-test-app-prod-api-unknown-host.example.com'
|
|
2615
|
-
CLOUD_SQL_INSTANCE_CONNECTION_NAME: 'projectId:region:instancename'
|
|
2616
|
-
DB_NAME: 'pan-test-app-prod-api'
|
|
2617
|
-
DB_USER: 'my-user'
|
|
2618
|
-
DB_PASSWORD: '$CL_prod_api_DB_PASSWORD'
|
|
2619
|
-
DATABASE_URL: 'postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME'
|
|
2620
|
-
DATABASE_JDBC_URL: 'jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD'
|
|
2621
|
-
DEPLOY_CLOUD_RUN_PROJECT_ID: 'google-project-id'
|
|
2622
|
-
DEPLOY_CLOUD_RUN_REGION: 'europe-west6'
|
|
2623
|
-
GCLOUD_RUN_canonicalHostSuffix: '$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix'
|
|
2624
|
-
_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
|
|
2625
|
-
",
|
|
2626
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey",
|
|
2627
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
2628
|
-
"HOST": "pan-test-app-prod-api-unknown-host.example.com",
|
|
2629
|
-
"HOST_CANONICAL": "pan-test-app-prod-api-unknown-host.example.com",
|
|
2630
|
-
"HOST_INTERNAL": "pan-test-app-prod-api-unknown-host.example.com",
|
|
2631
2786
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2632
2787
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
2633
2788
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
2634
|
-
"ROOT_URL": "https://pan-test-app-prod-api-unknown-host.example.com",
|
|
2635
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-prod-api-unknown-host.example.com",
|
|
2636
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
2637
2789
|
},
|
|
2638
2790
|
},
|
|
2639
2791
|
"api 🚀 Deploy | stage ": {
|
|
2640
2792
|
"allow_failure": false,
|
|
2641
2793
|
"artifacts": {
|
|
2642
|
-
"
|
|
2643
|
-
"
|
|
2644
|
-
|
|
2794
|
+
"reports": {
|
|
2795
|
+
"dotenv": "gitlab_environment.env",
|
|
2796
|
+
},
|
|
2645
2797
|
},
|
|
2646
2798
|
"environment": {
|
|
2647
2799
|
"auto_stop_in": undefined,
|
|
2648
2800
|
"name": "stage/api",
|
|
2649
2801
|
"on_stop": "api 🛑 Stop ⚠️ | stage ",
|
|
2650
|
-
"url": "
|
|
2802
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
2651
2803
|
},
|
|
2652
2804
|
"image": "path/to/docker/gcloud:the-version",
|
|
2653
2805
|
"interruptible": true,
|
|
@@ -2678,13 +2830,89 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2678
2830
|
},
|
|
2679
2831
|
],
|
|
2680
2832
|
"script": [
|
|
2833
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2834
|
+
"export ENV_SHORT="stage"",
|
|
2835
|
+
"export APP_DIR="api"",
|
|
2836
|
+
"export ENV_TYPE="stage"",
|
|
2837
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
2838
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
2839
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
2840
|
+
"export HOST="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2841
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2842
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2843
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2844
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2845
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
2846
|
+
"export DB_NAME="pan-test-app-stage-api"",
|
|
2847
|
+
"export DB_USER="my-user"",
|
|
2848
|
+
"export DB_PASSWORD="$CL_stage_api_DB_PASSWORD"",
|
|
2849
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
2850
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
2851
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
2852
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
2853
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_stage_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
2854
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
2855
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
2856
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
2857
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api"",
|
|
2858
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
|
|
2859
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
2860
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
2861
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2681
2862
|
"echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
|
|
2682
2863
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
2683
2864
|
"export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
|
|
2684
2865
|
"echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
|
|
2685
2866
|
"echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
|
|
2867
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
|
|
2868
|
+
"cat > ____envvars.yaml <<EOF
|
|
2869
|
+
ENV_SHORT: |-
|
|
2870
|
+
stage
|
|
2871
|
+
APP_DIR: |-
|
|
2872
|
+
api
|
|
2873
|
+
ENV_TYPE: |-
|
|
2874
|
+
stage
|
|
2875
|
+
BUILD_INFO_BUILD_ID: |-
|
|
2876
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
|
|
2877
|
+
BUILD_INFO_BUILD_TIME: |-
|
|
2878
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
|
|
2879
|
+
BUILD_INFO_CURRENT_VERSION: |-
|
|
2880
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/ /')
|
|
2881
|
+
HOST: |-
|
|
2882
|
+
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2883
|
+
ROOT_URL: |-
|
|
2884
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2885
|
+
HOST_INTERNAL: |-
|
|
2886
|
+
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2887
|
+
HOST_CANONICAL: |-
|
|
2888
|
+
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2889
|
+
ROOT_URL_INTERNAL: |-
|
|
2890
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2891
|
+
CLOUD_SQL_INSTANCE_CONNECTION_NAME: |-
|
|
2892
|
+
projectId:region:instancename
|
|
2893
|
+
DB_NAME: |-
|
|
2894
|
+
pan-test-app-stage-api
|
|
2895
|
+
DB_USER: |-
|
|
2896
|
+
my-user
|
|
2897
|
+
DB_PASSWORD: |-
|
|
2898
|
+
$(printf %s "$CL_stage_api_DB_PASSWORD" | sed 's/^/ /')
|
|
2899
|
+
DATABASE_URL: |-
|
|
2900
|
+
postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
|
|
2901
|
+
DATABASE_JDBC_URL: |-
|
|
2902
|
+
jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
|
|
2903
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
2904
|
+
google-project-id
|
|
2905
|
+
DEPLOY_CLOUD_RUN_REGION: |-
|
|
2906
|
+
europe-west6
|
|
2907
|
+
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
2908
|
+
$(printf %s "$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
|
|
2909
|
+
_ALL_ENV_VAR_KEYS: |-
|
|
2910
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
2911
|
+
|
|
2912
|
+
EOF
|
|
2913
|
+
",
|
|
2914
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
|
|
2686
2915
|
"echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
|
|
2687
|
-
"echo "$ENV_VARS" > ____envvars.yaml",
|
|
2688
2916
|
"set +e",
|
|
2689
2917
|
"echo "ensuring Database..."",
|
|
2690
2918
|
"gcloud sql databases create pan-test-app-stage-api --instance=instancename --project projectId",
|
|
@@ -2697,81 +2925,27 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2697
2925
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
2698
2926
|
"echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
|
|
2699
2927
|
"echo Uploading SBOM to Dependency Track",
|
|
2700
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https
|
|
2701
|
-
|
|
2702
|
-
"services": [
|
|
2703
|
-
{
|
|
2704
|
-
"command": [
|
|
2705
|
-
"--tls=false",
|
|
2706
|
-
],
|
|
2707
|
-
"name": "docker:24.0.6-dind",
|
|
2708
|
-
},
|
|
2928
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
|
|
2929
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
2709
2930
|
],
|
|
2710
2931
|
"stage": "deploy stage",
|
|
2711
2932
|
"variables": {
|
|
2712
|
-
"APP_DIR": "api",
|
|
2713
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
2714
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
2715
|
-
"BUILD_INFO_ID": "some-id",
|
|
2716
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
2717
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
2718
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
2719
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
2720
|
-
"DB_NAME": "pan-test-app-stage-api",
|
|
2721
|
-
"DB_PASSWORD": "$CL_stage_api_DB_PASSWORD",
|
|
2722
|
-
"DB_USER": "my-user",
|
|
2723
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
2724
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
2725
|
-
"DOCKER_BUILDKIT": "1",
|
|
2726
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api",
|
|
2727
|
-
"DOCKER_DRIVER": "overlay2",
|
|
2728
|
-
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
2729
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api",
|
|
2730
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
2731
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
2732
|
-
"DOCKER_TLS_CERTDIR": "",
|
|
2733
|
-
"ENV_SHORT": "stage",
|
|
2734
|
-
"ENV_TYPE": "stage",
|
|
2735
|
-
"ENV_VARS": "ENV_SHORT: 'stage'
|
|
2736
|
-
APP_DIR: 'api'
|
|
2737
|
-
ENV_TYPE: 'stage'
|
|
2738
|
-
BUILD_INFO_ID: 'some-id'
|
|
2739
|
-
BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
|
|
2740
|
-
BUILD_INFO_CURRENT_VERSION: '3.2.1'
|
|
2741
|
-
HOST: 'pan-test-app-stage-api-unknown-host.example.com'
|
|
2742
|
-
ROOT_URL: 'https://pan-test-app-stage-api-unknown-host.example.com'
|
|
2743
|
-
HOST_CANONICAL: 'pan-test-app-stage-api-unknown-host.example.com'
|
|
2744
|
-
ROOT_URL_INTERNAL: 'https://pan-test-app-stage-api-unknown-host.example.com'
|
|
2745
|
-
HOST_INTERNAL: 'pan-test-app-stage-api-unknown-host.example.com'
|
|
2746
|
-
CLOUD_SQL_INSTANCE_CONNECTION_NAME: 'projectId:region:instancename'
|
|
2747
|
-
DB_NAME: 'pan-test-app-stage-api'
|
|
2748
|
-
DB_USER: 'my-user'
|
|
2749
|
-
DB_PASSWORD: '$CL_stage_api_DB_PASSWORD'
|
|
2750
|
-
DATABASE_URL: 'postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME'
|
|
2751
|
-
DATABASE_JDBC_URL: 'jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD'
|
|
2752
|
-
DEPLOY_CLOUD_RUN_PROJECT_ID: 'google-project-id'
|
|
2753
|
-
DEPLOY_CLOUD_RUN_REGION: 'europe-west6'
|
|
2754
|
-
GCLOUD_RUN_canonicalHostSuffix: '$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix'
|
|
2755
|
-
_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
|
|
2756
|
-
",
|
|
2757
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey",
|
|
2758
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
2759
|
-
"HOST": "pan-test-app-stage-api-unknown-host.example.com",
|
|
2760
|
-
"HOST_CANONICAL": "pan-test-app-stage-api-unknown-host.example.com",
|
|
2761
|
-
"HOST_INTERNAL": "pan-test-app-stage-api-unknown-host.example.com",
|
|
2762
2933
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2763
2934
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
2764
2935
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
2765
|
-
"ROOT_URL": "https://pan-test-app-stage-api-unknown-host.example.com",
|
|
2766
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-stage-api-unknown-host.example.com",
|
|
2767
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
2768
2936
|
},
|
|
2769
2937
|
},
|
|
2770
2938
|
"api 🛑 Stop ⚠️ | prod ": {
|
|
2939
|
+
"allow_failure": true,
|
|
2940
|
+
"artifacts": {
|
|
2941
|
+
"reports": {
|
|
2942
|
+
"dotenv": "gitlab_environment.env",
|
|
2943
|
+
},
|
|
2944
|
+
},
|
|
2771
2945
|
"environment": {
|
|
2772
2946
|
"action": "stop",
|
|
2773
2947
|
"name": "prod/api",
|
|
2774
|
-
"url": "
|
|
2948
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
2775
2949
|
},
|
|
2776
2950
|
"image": "path/to/docker/gcloud:the-version",
|
|
2777
2951
|
"interruptible": true,
|
|
@@ -2785,28 +2959,29 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2785
2959
|
},
|
|
2786
2960
|
"rules": [
|
|
2787
2961
|
{
|
|
2788
|
-
"allow_failure": true,
|
|
2789
2962
|
"if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
|
|
2790
2963
|
"when": "on_success",
|
|
2791
2964
|
},
|
|
2792
2965
|
{
|
|
2793
|
-
"allow_failure": true,
|
|
2794
2966
|
"when": "manual",
|
|
2795
2967
|
},
|
|
2796
2968
|
],
|
|
2797
2969
|
"script": [
|
|
2970
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2971
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
2972
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2798
2973
|
"set +e",
|
|
2799
2974
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
2800
2975
|
"gcloud run services delete pan-test-app-prod-api --project=google-project-id --region=europe-west6",
|
|
2801
2976
|
"gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api --quiet --delete-tags",
|
|
2802
2977
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
2803
2978
|
"echo Disabling component in Dependency Track",
|
|
2804
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https
|
|
2979
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
|
|
2805
2980
|
"set -e",
|
|
2981
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
2806
2982
|
],
|
|
2807
2983
|
"stage": "stop prod",
|
|
2808
2984
|
"variables": {
|
|
2809
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
2810
2985
|
"GIT_STRATEGY": "none",
|
|
2811
2986
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2812
2987
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
@@ -2814,10 +2989,16 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2814
2989
|
},
|
|
2815
2990
|
},
|
|
2816
2991
|
"api 🛑 Stop ⚠️ | stage ": {
|
|
2992
|
+
"allow_failure": true,
|
|
2993
|
+
"artifacts": {
|
|
2994
|
+
"reports": {
|
|
2995
|
+
"dotenv": "gitlab_environment.env",
|
|
2996
|
+
},
|
|
2997
|
+
},
|
|
2817
2998
|
"environment": {
|
|
2818
2999
|
"action": "stop",
|
|
2819
3000
|
"name": "stage/api",
|
|
2820
|
-
"url": "
|
|
3001
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
2821
3002
|
},
|
|
2822
3003
|
"image": "path/to/docker/gcloud:the-version",
|
|
2823
3004
|
"interruptible": true,
|
|
@@ -2831,28 +3012,29 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2831
3012
|
},
|
|
2832
3013
|
"rules": [
|
|
2833
3014
|
{
|
|
2834
|
-
"allow_failure": true,
|
|
2835
3015
|
"if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
|
|
2836
3016
|
"when": "on_success",
|
|
2837
3017
|
},
|
|
2838
3018
|
{
|
|
2839
|
-
"allow_failure": true,
|
|
2840
3019
|
"when": "manual",
|
|
2841
3020
|
},
|
|
2842
3021
|
],
|
|
2843
3022
|
"script": [
|
|
3023
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3024
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
3025
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2844
3026
|
"set +e",
|
|
2845
3027
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
2846
3028
|
"gcloud run services delete pan-test-app-stage-api --project=google-project-id --region=europe-west6",
|
|
2847
3029
|
"gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api --quiet --delete-tags",
|
|
2848
3030
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
2849
3031
|
"echo Disabling component in Dependency Track",
|
|
2850
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https
|
|
3032
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
|
|
2851
3033
|
"set -e",
|
|
3034
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
2852
3035
|
],
|
|
2853
3036
|
"stage": "stop stage",
|
|
2854
3037
|
"variables": {
|
|
2855
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
2856
3038
|
"GIT_STRATEGY": "none",
|
|
2857
3039
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2858
3040
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
@@ -2877,6 +3059,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2877
3059
|
],
|
|
2878
3060
|
},
|
|
2879
3061
|
"script": [
|
|
3062
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3063
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2880
3064
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
|
|
2881
3065
|
],
|
|
2882
3066
|
"stage": "build",
|
|
@@ -2900,6 +3084,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2900
3084
|
],
|
|
2901
3085
|
},
|
|
2902
3086
|
"script": [
|
|
3087
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3088
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2903
3089
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
|
|
2904
3090
|
],
|
|
2905
3091
|
"stage": "build",
|
|
@@ -2952,7 +3138,31 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2952
3138
|
],
|
|
2953
3139
|
},
|
|
2954
3140
|
"script": [
|
|
2955
|
-
"echo
|
|
3141
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3142
|
+
"export ENV_SHORT="prod"",
|
|
3143
|
+
"export APP_DIR="api"",
|
|
3144
|
+
"export ENV_TYPE="prod"",
|
|
3145
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
3146
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
3147
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
3148
|
+
"export HOST="$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3149
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3150
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3151
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3152
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3153
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
3154
|
+
"export DB_NAME="pan-test-app-prod-api"",
|
|
3155
|
+
"export DB_USER="my-user"",
|
|
3156
|
+
"export DB_PASSWORD="$CL_prod_api_DB_PASSWORD"",
|
|
3157
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
3158
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
3159
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
3160
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
3161
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_prod_worker_GCLOUD_DEPLOY_credentialsKey"",
|
|
3162
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix"",
|
|
3163
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
3164
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
3165
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json",
|
|
2956
3166
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
2957
3167
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
2958
3168
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -2969,31 +3179,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2969
3179
|
],
|
|
2970
3180
|
"stage": "build",
|
|
2971
3181
|
"variables": {
|
|
2972
|
-
"APP_DIR": "api",
|
|
2973
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
2974
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
2975
|
-
"BUILD_INFO_ID": "some-id",
|
|
2976
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
2977
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
2978
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
2979
|
-
"DB_NAME": "pan-test-app-prod-api",
|
|
2980
|
-
"DB_PASSWORD": "$CL_prod_api_DB_PASSWORD",
|
|
2981
|
-
"DB_USER": "my-user",
|
|
2982
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
2983
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
2984
|
-
"ENV_SHORT": "prod",
|
|
2985
|
-
"ENV_TYPE": "prod",
|
|
2986
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_prod_worker_GCLOUD_DEPLOY_credentialsKey",
|
|
2987
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix",
|
|
2988
|
-
"HOST": "pan-test-app-prod-worker-unknown-host.example.com",
|
|
2989
|
-
"HOST_CANONICAL": "pan-test-app-prod-worker-unknown-host.example.com",
|
|
2990
|
-
"HOST_INTERNAL": "pan-test-app-prod-worker-unknown-host.example.com",
|
|
2991
3182
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2992
3183
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
2993
3184
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
2994
|
-
"ROOT_URL": "https://pan-test-app-prod-worker-unknown-host.example.com",
|
|
2995
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-prod-worker-unknown-host.example.com",
|
|
2996
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
2997
3185
|
},
|
|
2998
3186
|
},
|
|
2999
3187
|
"worker 🔨 app | stage ": {
|
|
@@ -3043,7 +3231,31 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
3043
3231
|
],
|
|
3044
3232
|
},
|
|
3045
3233
|
"script": [
|
|
3046
|
-
"echo
|
|
3234
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3235
|
+
"export ENV_SHORT="stage"",
|
|
3236
|
+
"export APP_DIR="api"",
|
|
3237
|
+
"export ENV_TYPE="stage"",
|
|
3238
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
3239
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
3240
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
3241
|
+
"export HOST="$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3242
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3243
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3244
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3245
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3246
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
3247
|
+
"export DB_NAME="pan-test-app-stage-api"",
|
|
3248
|
+
"export DB_USER="my-user"",
|
|
3249
|
+
"export DB_PASSWORD="$CL_stage_api_DB_PASSWORD"",
|
|
3250
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
3251
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
3252
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
3253
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
3254
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_stage_worker_GCLOUD_DEPLOY_credentialsKey"",
|
|
3255
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix"",
|
|
3256
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
3257
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
3258
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json",
|
|
3047
3259
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
3048
3260
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
3049
3261
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -3060,31 +3272,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
3060
3272
|
],
|
|
3061
3273
|
"stage": "build",
|
|
3062
3274
|
"variables": {
|
|
3063
|
-
"APP_DIR": "api",
|
|
3064
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
3065
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
3066
|
-
"BUILD_INFO_ID": "some-id",
|
|
3067
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
3068
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
3069
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
3070
|
-
"DB_NAME": "pan-test-app-stage-api",
|
|
3071
|
-
"DB_PASSWORD": "$CL_stage_api_DB_PASSWORD",
|
|
3072
|
-
"DB_USER": "my-user",
|
|
3073
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
3074
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
3075
|
-
"ENV_SHORT": "stage",
|
|
3076
|
-
"ENV_TYPE": "stage",
|
|
3077
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_stage_worker_GCLOUD_DEPLOY_credentialsKey",
|
|
3078
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix",
|
|
3079
|
-
"HOST": "pan-test-app-stage-worker-unknown-host.example.com",
|
|
3080
|
-
"HOST_CANONICAL": "pan-test-app-stage-worker-unknown-host.example.com",
|
|
3081
|
-
"HOST_INTERNAL": "pan-test-app-stage-worker-unknown-host.example.com",
|
|
3082
3275
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
3083
3276
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
3084
3277
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
3085
|
-
"ROOT_URL": "https://pan-test-app-stage-worker-unknown-host.example.com",
|
|
3086
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-stage-worker-unknown-host.example.com",
|
|
3087
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
3088
3278
|
},
|
|
3089
3279
|
},
|
|
3090
3280
|
"worker 🔨 docker | prod ": {
|
|
@@ -3110,6 +3300,21 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
3110
3300
|
],
|
|
3111
3301
|
},
|
|
3112
3302
|
"script": [
|
|
3303
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3304
|
+
"export APP_DIR="api"",
|
|
3305
|
+
"export DOCKER_DIR="."",
|
|
3306
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
3307
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/worker"",
|
|
3308
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker"",
|
|
3309
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
3310
|
+
"export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
|
|
3311
|
+
RUN yarn plugin import workspace-tools
|
|
3312
|
+
RUN yarn workspaces focus --production && yarn rebuild"",
|
|
3313
|
+
"export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
|
|
3314
|
+
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
3315
|
+
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
3316
|
+
COPY --chown=node:node .yarn /app/.yarn"",
|
|
3317
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
3113
3318
|
"ensureNodeDockerfile",
|
|
3114
3319
|
"echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
|
|
3115
3320
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_prod_worker_GCLOUD_DEPLOY_credentialsKey")",
|
|
@@ -3134,24 +3339,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
3134
3339
|
],
|
|
3135
3340
|
"stage": "build",
|
|
3136
3341
|
"variables": {
|
|
3137
|
-
"APP_DIR": "api",
|
|
3138
|
-
"DOCKERFILE_ADDITIONS": undefined,
|
|
3139
|
-
"DOCKERFILE_ADDITIONS_END": undefined,
|
|
3140
3342
|
"DOCKER_BUILDKIT": "1",
|
|
3141
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker",
|
|
3142
|
-
"DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
|
|
3143
|
-
RUN yarn plugin import workspace-tools
|
|
3144
|
-
RUN yarn workspaces focus --production && yarn rebuild",
|
|
3145
|
-
"DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node api/package.json /app/api/package.json
|
|
3146
|
-
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
3147
|
-
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
3148
|
-
COPY --chown=node:node .yarn /app/.yarn",
|
|
3149
|
-
"DOCKER_DIR": ".",
|
|
3150
3343
|
"DOCKER_DRIVER": "overlay2",
|
|
3151
3344
|
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
3152
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/worker",
|
|
3153
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
3154
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
3155
3345
|
"DOCKER_TLS_CERTDIR": "",
|
|
3156
3346
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
3157
3347
|
"KUBERNETES_MEMORY_LIMIT": "2Gi",
|
|
@@ -3181,6 +3371,21 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
3181
3371
|
],
|
|
3182
3372
|
},
|
|
3183
3373
|
"script": [
|
|
3374
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3375
|
+
"export APP_DIR="api"",
|
|
3376
|
+
"export DOCKER_DIR="."",
|
|
3377
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
3378
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/worker"",
|
|
3379
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker"",
|
|
3380
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
3381
|
+
"export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
|
|
3382
|
+
RUN yarn plugin import workspace-tools
|
|
3383
|
+
RUN yarn workspaces focus --production && yarn rebuild"",
|
|
3384
|
+
"export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
|
|
3385
|
+
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
3386
|
+
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
3387
|
+
COPY --chown=node:node .yarn /app/.yarn"",
|
|
3388
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
3184
3389
|
"ensureNodeDockerfile",
|
|
3185
3390
|
"echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
|
|
3186
3391
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_stage_worker_GCLOUD_DEPLOY_credentialsKey")",
|
|
@@ -3205,24 +3410,9 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
3205
3410
|
],
|
|
3206
3411
|
"stage": "build",
|
|
3207
3412
|
"variables": {
|
|
3208
|
-
"APP_DIR": "api",
|
|
3209
|
-
"DOCKERFILE_ADDITIONS": undefined,
|
|
3210
|
-
"DOCKERFILE_ADDITIONS_END": undefined,
|
|
3211
3413
|
"DOCKER_BUILDKIT": "1",
|
|
3212
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker",
|
|
3213
|
-
"DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
|
|
3214
|
-
RUN yarn plugin import workspace-tools
|
|
3215
|
-
RUN yarn workspaces focus --production && yarn rebuild",
|
|
3216
|
-
"DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node api/package.json /app/api/package.json
|
|
3217
|
-
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
3218
|
-
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
3219
|
-
COPY --chown=node:node .yarn /app/.yarn",
|
|
3220
|
-
"DOCKER_DIR": ".",
|
|
3221
3414
|
"DOCKER_DRIVER": "overlay2",
|
|
3222
3415
|
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
3223
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/worker",
|
|
3224
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
3225
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
3226
3416
|
"DOCKER_TLS_CERTDIR": "",
|
|
3227
3417
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
3228
3418
|
"KUBERNETES_MEMORY_LIMIT": "2Gi",
|
|
@@ -3232,15 +3422,15 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
3232
3422
|
"worker 🚀 Deploy | prod ": {
|
|
3233
3423
|
"allow_failure": true,
|
|
3234
3424
|
"artifacts": {
|
|
3235
|
-
"
|
|
3236
|
-
"
|
|
3237
|
-
|
|
3425
|
+
"reports": {
|
|
3426
|
+
"dotenv": "gitlab_environment.env",
|
|
3427
|
+
},
|
|
3238
3428
|
},
|
|
3239
3429
|
"environment": {
|
|
3240
3430
|
"auto_stop_in": undefined,
|
|
3241
3431
|
"name": "prod/worker",
|
|
3242
3432
|
"on_stop": "worker 🛑 Stop ⚠️ | prod ",
|
|
3243
|
-
"url": "
|
|
3433
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
3244
3434
|
},
|
|
3245
3435
|
"image": "path/to/docker/gcloud:the-version",
|
|
3246
3436
|
"interruptible": true,
|
|
@@ -3271,13 +3461,89 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
3271
3461
|
},
|
|
3272
3462
|
],
|
|
3273
3463
|
"script": [
|
|
3464
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3465
|
+
"export ENV_SHORT="prod"",
|
|
3466
|
+
"export APP_DIR="api"",
|
|
3467
|
+
"export ENV_TYPE="prod"",
|
|
3468
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
3469
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
3470
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
3471
|
+
"export HOST="$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3472
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3473
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3474
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3475
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3476
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
3477
|
+
"export DB_NAME="pan-test-app-prod-api"",
|
|
3478
|
+
"export DB_USER="my-user"",
|
|
3479
|
+
"export DB_PASSWORD="$CL_prod_api_DB_PASSWORD"",
|
|
3480
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
3481
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
3482
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
3483
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
3484
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_prod_worker_GCLOUD_DEPLOY_credentialsKey"",
|
|
3485
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix"",
|
|
3486
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
3487
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
3488
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/worker"",
|
|
3489
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker"",
|
|
3490
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
3491
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
3492
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
3274
3493
|
"echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
|
|
3275
3494
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_prod_worker_GCLOUD_DEPLOY_credentialsKey")",
|
|
3276
3495
|
"export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
|
|
3277
3496
|
"echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
|
|
3278
3497
|
"echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
|
|
3498
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
|
|
3499
|
+
"cat > ____envvars.yaml <<EOF
|
|
3500
|
+
ENV_SHORT: |-
|
|
3501
|
+
prod
|
|
3502
|
+
APP_DIR: |-
|
|
3503
|
+
api
|
|
3504
|
+
ENV_TYPE: |-
|
|
3505
|
+
prod
|
|
3506
|
+
BUILD_INFO_BUILD_ID: |-
|
|
3507
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
|
|
3508
|
+
BUILD_INFO_BUILD_TIME: |-
|
|
3509
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
|
|
3510
|
+
BUILD_INFO_CURRENT_VERSION: |-
|
|
3511
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/ /')
|
|
3512
|
+
HOST: |-
|
|
3513
|
+
$(printf %s "$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
3514
|
+
ROOT_URL: |-
|
|
3515
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
3516
|
+
HOST_INTERNAL: |-
|
|
3517
|
+
$(printf %s "$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
3518
|
+
HOST_CANONICAL: |-
|
|
3519
|
+
$(printf %s "$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
3520
|
+
ROOT_URL_INTERNAL: |-
|
|
3521
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
3522
|
+
CLOUD_SQL_INSTANCE_CONNECTION_NAME: |-
|
|
3523
|
+
projectId:region:instancename
|
|
3524
|
+
DB_NAME: |-
|
|
3525
|
+
pan-test-app-prod-api
|
|
3526
|
+
DB_USER: |-
|
|
3527
|
+
my-user
|
|
3528
|
+
DB_PASSWORD: |-
|
|
3529
|
+
$(printf %s "$CL_prod_api_DB_PASSWORD" | sed 's/^/ /')
|
|
3530
|
+
DATABASE_URL: |-
|
|
3531
|
+
postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
|
|
3532
|
+
DATABASE_JDBC_URL: |-
|
|
3533
|
+
jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
|
|
3534
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
3535
|
+
google-project-id
|
|
3536
|
+
DEPLOY_CLOUD_RUN_REGION: |-
|
|
3537
|
+
europe-west6
|
|
3538
|
+
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
3539
|
+
$(printf %s "$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
|
|
3540
|
+
_ALL_ENV_VAR_KEYS: |-
|
|
3541
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
3542
|
+
|
|
3543
|
+
EOF
|
|
3544
|
+
",
|
|
3545
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
|
|
3279
3546
|
"echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
|
|
3280
|
-
"echo "$ENV_VARS" > ____envvars.yaml",
|
|
3281
3547
|
"set +e",
|
|
3282
3548
|
"echo "ensuring Database..."",
|
|
3283
3549
|
"gcloud sql databases create pan-test-app-prod-api --instance=instancename --project projectId",
|
|
@@ -3290,88 +3556,28 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
3290
3556
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker@$version --quiet --delete-tags; done",
|
|
3291
3557
|
"echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
|
|
3292
3558
|
"echo Uploading SBOM to Dependency Track",
|
|
3293
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/worker" "https
|
|
3294
|
-
|
|
3295
|
-
"services": [
|
|
3296
|
-
{
|
|
3297
|
-
"command": [
|
|
3298
|
-
"--tls=false",
|
|
3299
|
-
],
|
|
3300
|
-
"name": "docker:24.0.6-dind",
|
|
3301
|
-
},
|
|
3559
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/worker" "https://$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
|
|
3560
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
3302
3561
|
],
|
|
3303
3562
|
"stage": "deploy prod",
|
|
3304
3563
|
"variables": {
|
|
3305
|
-
"APP_DIR": "api",
|
|
3306
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
3307
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
3308
|
-
"BUILD_INFO_ID": "some-id",
|
|
3309
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
3310
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
3311
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
3312
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
3313
|
-
"DB_NAME": "pan-test-app-prod-api",
|
|
3314
|
-
"DB_PASSWORD": "$CL_prod_api_DB_PASSWORD",
|
|
3315
|
-
"DB_USER": "my-user",
|
|
3316
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
3317
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
3318
|
-
"DOCKER_BUILDKIT": "1",
|
|
3319
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker",
|
|
3320
|
-
"DOCKER_DRIVER": "overlay2",
|
|
3321
|
-
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
3322
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/worker",
|
|
3323
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
3324
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
3325
|
-
"DOCKER_TLS_CERTDIR": "",
|
|
3326
|
-
"ENV_SHORT": "prod",
|
|
3327
|
-
"ENV_TYPE": "prod",
|
|
3328
|
-
"ENV_VARS": "ENV_SHORT: 'prod'
|
|
3329
|
-
APP_DIR: 'api'
|
|
3330
|
-
ENV_TYPE: 'prod'
|
|
3331
|
-
BUILD_INFO_ID: 'some-id'
|
|
3332
|
-
BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
|
|
3333
|
-
BUILD_INFO_CURRENT_VERSION: '3.2.1'
|
|
3334
|
-
HOST: 'pan-test-app-prod-worker-unknown-host.example.com'
|
|
3335
|
-
ROOT_URL: 'https://pan-test-app-prod-worker-unknown-host.example.com'
|
|
3336
|
-
HOST_CANONICAL: 'pan-test-app-prod-worker-unknown-host.example.com'
|
|
3337
|
-
ROOT_URL_INTERNAL: 'https://pan-test-app-prod-worker-unknown-host.example.com'
|
|
3338
|
-
HOST_INTERNAL: 'pan-test-app-prod-worker-unknown-host.example.com'
|
|
3339
|
-
CLOUD_SQL_INSTANCE_CONNECTION_NAME: 'projectId:region:instancename'
|
|
3340
|
-
DB_NAME: 'pan-test-app-prod-api'
|
|
3341
|
-
DB_USER: 'my-user'
|
|
3342
|
-
DB_PASSWORD: '$CL_prod_api_DB_PASSWORD'
|
|
3343
|
-
DATABASE_URL: 'postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME'
|
|
3344
|
-
DATABASE_JDBC_URL: 'jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD'
|
|
3345
|
-
DEPLOY_CLOUD_RUN_PROJECT_ID: 'google-project-id'
|
|
3346
|
-
DEPLOY_CLOUD_RUN_REGION: 'europe-west6'
|
|
3347
|
-
GCLOUD_RUN_canonicalHostSuffix: '$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix'
|
|
3348
|
-
_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
|
|
3349
|
-
",
|
|
3350
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_prod_worker_GCLOUD_DEPLOY_credentialsKey",
|
|
3351
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix",
|
|
3352
|
-
"HOST": "pan-test-app-prod-worker-unknown-host.example.com",
|
|
3353
|
-
"HOST_CANONICAL": "pan-test-app-prod-worker-unknown-host.example.com",
|
|
3354
|
-
"HOST_INTERNAL": "pan-test-app-prod-worker-unknown-host.example.com",
|
|
3355
3564
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
3356
3565
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
3357
3566
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
3358
|
-
"ROOT_URL": "https://pan-test-app-prod-worker-unknown-host.example.com",
|
|
3359
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-prod-worker-unknown-host.example.com",
|
|
3360
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
3361
3567
|
},
|
|
3362
3568
|
},
|
|
3363
3569
|
"worker 🚀 Deploy | stage ": {
|
|
3364
3570
|
"allow_failure": false,
|
|
3365
3571
|
"artifacts": {
|
|
3366
|
-
"
|
|
3367
|
-
"
|
|
3368
|
-
|
|
3572
|
+
"reports": {
|
|
3573
|
+
"dotenv": "gitlab_environment.env",
|
|
3574
|
+
},
|
|
3369
3575
|
},
|
|
3370
3576
|
"environment": {
|
|
3371
3577
|
"auto_stop_in": undefined,
|
|
3372
3578
|
"name": "stage/worker",
|
|
3373
3579
|
"on_stop": "worker 🛑 Stop ⚠️ | stage ",
|
|
3374
|
-
"url": "
|
|
3580
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
3375
3581
|
},
|
|
3376
3582
|
"image": "path/to/docker/gcloud:the-version",
|
|
3377
3583
|
"interruptible": true,
|
|
@@ -3402,13 +3608,89 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
3402
3608
|
},
|
|
3403
3609
|
],
|
|
3404
3610
|
"script": [
|
|
3611
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3612
|
+
"export ENV_SHORT="stage"",
|
|
3613
|
+
"export APP_DIR="api"",
|
|
3614
|
+
"export ENV_TYPE="stage"",
|
|
3615
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
3616
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
3617
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
3618
|
+
"export HOST="$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3619
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3620
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3621
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3622
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
3623
|
+
"export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
|
|
3624
|
+
"export DB_NAME="pan-test-app-stage-api"",
|
|
3625
|
+
"export DB_USER="my-user"",
|
|
3626
|
+
"export DB_PASSWORD="$CL_stage_api_DB_PASSWORD"",
|
|
3627
|
+
"export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
|
|
3628
|
+
"export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
|
|
3629
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
|
|
3630
|
+
"export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
|
|
3631
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_stage_worker_GCLOUD_DEPLOY_credentialsKey"",
|
|
3632
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix"",
|
|
3633
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
3634
|
+
"export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
|
|
3635
|
+
"export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/worker"",
|
|
3636
|
+
"export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker"",
|
|
3637
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
3638
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
3639
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
3405
3640
|
"echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
|
|
3406
3641
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_stage_worker_GCLOUD_DEPLOY_credentialsKey")",
|
|
3407
3642
|
"export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
|
|
3408
3643
|
"echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
|
|
3409
3644
|
"echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
|
|
3645
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
|
|
3646
|
+
"cat > ____envvars.yaml <<EOF
|
|
3647
|
+
ENV_SHORT: |-
|
|
3648
|
+
stage
|
|
3649
|
+
APP_DIR: |-
|
|
3650
|
+
api
|
|
3651
|
+
ENV_TYPE: |-
|
|
3652
|
+
stage
|
|
3653
|
+
BUILD_INFO_BUILD_ID: |-
|
|
3654
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
|
|
3655
|
+
BUILD_INFO_BUILD_TIME: |-
|
|
3656
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
|
|
3657
|
+
BUILD_INFO_CURRENT_VERSION: |-
|
|
3658
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/ /')
|
|
3659
|
+
HOST: |-
|
|
3660
|
+
$(printf %s "$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
3661
|
+
ROOT_URL: |-
|
|
3662
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
3663
|
+
HOST_INTERNAL: |-
|
|
3664
|
+
$(printf %s "$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
3665
|
+
HOST_CANONICAL: |-
|
|
3666
|
+
$(printf %s "$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
3667
|
+
ROOT_URL_INTERNAL: |-
|
|
3668
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
3669
|
+
CLOUD_SQL_INSTANCE_CONNECTION_NAME: |-
|
|
3670
|
+
projectId:region:instancename
|
|
3671
|
+
DB_NAME: |-
|
|
3672
|
+
pan-test-app-stage-api
|
|
3673
|
+
DB_USER: |-
|
|
3674
|
+
my-user
|
|
3675
|
+
DB_PASSWORD: |-
|
|
3676
|
+
$(printf %s "$CL_stage_api_DB_PASSWORD" | sed 's/^/ /')
|
|
3677
|
+
DATABASE_URL: |-
|
|
3678
|
+
postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
|
|
3679
|
+
DATABASE_JDBC_URL: |-
|
|
3680
|
+
jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
|
|
3681
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
3682
|
+
google-project-id
|
|
3683
|
+
DEPLOY_CLOUD_RUN_REGION: |-
|
|
3684
|
+
europe-west6
|
|
3685
|
+
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
3686
|
+
$(printf %s "$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
|
|
3687
|
+
_ALL_ENV_VAR_KEYS: |-
|
|
3688
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
3689
|
+
|
|
3690
|
+
EOF
|
|
3691
|
+
",
|
|
3692
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
|
|
3410
3693
|
"echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
|
|
3411
|
-
"echo "$ENV_VARS" > ____envvars.yaml",
|
|
3412
3694
|
"set +e",
|
|
3413
3695
|
"echo "ensuring Database..."",
|
|
3414
3696
|
"gcloud sql databases create pan-test-app-stage-api --instance=instancename --project projectId",
|
|
@@ -3421,81 +3703,27 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
3421
3703
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker@$version --quiet --delete-tags; done",
|
|
3422
3704
|
"echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
|
|
3423
3705
|
"echo Uploading SBOM to Dependency Track",
|
|
3424
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/worker" "https
|
|
3425
|
-
|
|
3426
|
-
"services": [
|
|
3427
|
-
{
|
|
3428
|
-
"command": [
|
|
3429
|
-
"--tls=false",
|
|
3430
|
-
],
|
|
3431
|
-
"name": "docker:24.0.6-dind",
|
|
3432
|
-
},
|
|
3706
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/worker" "https://$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
|
|
3707
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
3433
3708
|
],
|
|
3434
3709
|
"stage": "deploy stage",
|
|
3435
3710
|
"variables": {
|
|
3436
|
-
"APP_DIR": "api",
|
|
3437
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
3438
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
3439
|
-
"BUILD_INFO_ID": "some-id",
|
|
3440
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
3441
|
-
"CLOUD_SQL_INSTANCE_CONNECTION_NAME": "projectId:region:instancename",
|
|
3442
|
-
"DATABASE_JDBC_URL": "jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD",
|
|
3443
|
-
"DATABASE_URL": "postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME",
|
|
3444
|
-
"DB_NAME": "pan-test-app-stage-api",
|
|
3445
|
-
"DB_PASSWORD": "$CL_stage_api_DB_PASSWORD",
|
|
3446
|
-
"DB_USER": "my-user",
|
|
3447
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "google-project-id",
|
|
3448
|
-
"DEPLOY_CLOUD_RUN_REGION": "europe-west6",
|
|
3449
|
-
"DOCKER_BUILDKIT": "1",
|
|
3450
|
-
"DOCKER_CACHE_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker",
|
|
3451
|
-
"DOCKER_DRIVER": "overlay2",
|
|
3452
|
-
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
3453
|
-
"DOCKER_IMAGE": "europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/worker",
|
|
3454
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
3455
|
-
"DOCKER_REGISTRY": "europe-west6-docker.pkg.dev",
|
|
3456
|
-
"DOCKER_TLS_CERTDIR": "",
|
|
3457
|
-
"ENV_SHORT": "stage",
|
|
3458
|
-
"ENV_TYPE": "stage",
|
|
3459
|
-
"ENV_VARS": "ENV_SHORT: 'stage'
|
|
3460
|
-
APP_DIR: 'api'
|
|
3461
|
-
ENV_TYPE: 'stage'
|
|
3462
|
-
BUILD_INFO_ID: 'some-id'
|
|
3463
|
-
BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
|
|
3464
|
-
BUILD_INFO_CURRENT_VERSION: '3.2.1'
|
|
3465
|
-
HOST: 'pan-test-app-stage-worker-unknown-host.example.com'
|
|
3466
|
-
ROOT_URL: 'https://pan-test-app-stage-worker-unknown-host.example.com'
|
|
3467
|
-
HOST_CANONICAL: 'pan-test-app-stage-worker-unknown-host.example.com'
|
|
3468
|
-
ROOT_URL_INTERNAL: 'https://pan-test-app-stage-worker-unknown-host.example.com'
|
|
3469
|
-
HOST_INTERNAL: 'pan-test-app-stage-worker-unknown-host.example.com'
|
|
3470
|
-
CLOUD_SQL_INSTANCE_CONNECTION_NAME: 'projectId:region:instancename'
|
|
3471
|
-
DB_NAME: 'pan-test-app-stage-api'
|
|
3472
|
-
DB_USER: 'my-user'
|
|
3473
|
-
DB_PASSWORD: '$CL_stage_api_DB_PASSWORD'
|
|
3474
|
-
DATABASE_URL: 'postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME'
|
|
3475
|
-
DATABASE_JDBC_URL: 'jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD'
|
|
3476
|
-
DEPLOY_CLOUD_RUN_PROJECT_ID: 'google-project-id'
|
|
3477
|
-
DEPLOY_CLOUD_RUN_REGION: 'europe-west6'
|
|
3478
|
-
GCLOUD_RUN_canonicalHostSuffix: '$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix'
|
|
3479
|
-
_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
|
|
3480
|
-
",
|
|
3481
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_stage_worker_GCLOUD_DEPLOY_credentialsKey",
|
|
3482
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix",
|
|
3483
|
-
"HOST": "pan-test-app-stage-worker-unknown-host.example.com",
|
|
3484
|
-
"HOST_CANONICAL": "pan-test-app-stage-worker-unknown-host.example.com",
|
|
3485
|
-
"HOST_INTERNAL": "pan-test-app-stage-worker-unknown-host.example.com",
|
|
3486
3711
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
3487
3712
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
3488
3713
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
3489
|
-
"ROOT_URL": "https://pan-test-app-stage-worker-unknown-host.example.com",
|
|
3490
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-stage-worker-unknown-host.example.com",
|
|
3491
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
3492
3714
|
},
|
|
3493
3715
|
},
|
|
3494
3716
|
"worker 🛑 Stop ⚠️ | prod ": {
|
|
3717
|
+
"allow_failure": true,
|
|
3718
|
+
"artifacts": {
|
|
3719
|
+
"reports": {
|
|
3720
|
+
"dotenv": "gitlab_environment.env",
|
|
3721
|
+
},
|
|
3722
|
+
},
|
|
3495
3723
|
"environment": {
|
|
3496
3724
|
"action": "stop",
|
|
3497
3725
|
"name": "prod/worker",
|
|
3498
|
-
"url": "
|
|
3726
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
3499
3727
|
},
|
|
3500
3728
|
"image": "path/to/docker/gcloud:the-version",
|
|
3501
3729
|
"interruptible": true,
|
|
@@ -3509,28 +3737,29 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
3509
3737
|
},
|
|
3510
3738
|
"rules": [
|
|
3511
3739
|
{
|
|
3512
|
-
"allow_failure": true,
|
|
3513
3740
|
"if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
|
|
3514
3741
|
"when": "on_success",
|
|
3515
3742
|
},
|
|
3516
3743
|
{
|
|
3517
|
-
"allow_failure": true,
|
|
3518
3744
|
"when": "manual",
|
|
3519
3745
|
},
|
|
3520
3746
|
],
|
|
3521
3747
|
"script": [
|
|
3748
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3749
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
3750
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
3522
3751
|
"set +e",
|
|
3523
3752
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_prod_worker_GCLOUD_DEPLOY_credentialsKey")",
|
|
3524
3753
|
"gcloud run services delete pan-test-app-prod-worker --project=google-project-id --region=europe-west6",
|
|
3525
3754
|
"gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/worker --quiet --delete-tags",
|
|
3526
3755
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker@$version --quiet --delete-tags; done",
|
|
3527
3756
|
"echo Disabling component in Dependency Track",
|
|
3528
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/worker" "https
|
|
3757
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/worker" "https://$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
|
|
3529
3758
|
"set -e",
|
|
3759
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-worker-$CL_prod_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
3530
3760
|
],
|
|
3531
3761
|
"stage": "stop prod",
|
|
3532
3762
|
"variables": {
|
|
3533
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
3534
3763
|
"GIT_STRATEGY": "none",
|
|
3535
3764
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
3536
3765
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
@@ -3538,10 +3767,16 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
3538
3767
|
},
|
|
3539
3768
|
},
|
|
3540
3769
|
"worker 🛑 Stop ⚠️ | stage ": {
|
|
3770
|
+
"allow_failure": true,
|
|
3771
|
+
"artifacts": {
|
|
3772
|
+
"reports": {
|
|
3773
|
+
"dotenv": "gitlab_environment.env",
|
|
3774
|
+
},
|
|
3775
|
+
},
|
|
3541
3776
|
"environment": {
|
|
3542
3777
|
"action": "stop",
|
|
3543
3778
|
"name": "stage/worker",
|
|
3544
|
-
"url": "
|
|
3779
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
3545
3780
|
},
|
|
3546
3781
|
"image": "path/to/docker/gcloud:the-version",
|
|
3547
3782
|
"interruptible": true,
|
|
@@ -3555,28 +3790,29 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
3555
3790
|
},
|
|
3556
3791
|
"rules": [
|
|
3557
3792
|
{
|
|
3558
|
-
"allow_failure": true,
|
|
3559
3793
|
"if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
|
|
3560
3794
|
"when": "on_success",
|
|
3561
3795
|
},
|
|
3562
3796
|
{
|
|
3563
|
-
"allow_failure": true,
|
|
3564
3797
|
"when": "manual",
|
|
3565
3798
|
},
|
|
3566
3799
|
],
|
|
3567
3800
|
"script": [
|
|
3801
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3802
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
3803
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
3568
3804
|
"set +e",
|
|
3569
3805
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_stage_worker_GCLOUD_DEPLOY_credentialsKey")",
|
|
3570
3806
|
"gcloud run services delete pan-test-app-stage-worker --project=google-project-id --region=europe-west6",
|
|
3571
3807
|
"gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/worker --quiet --delete-tags",
|
|
3572
3808
|
"gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/worker@$version --quiet --delete-tags; done",
|
|
3573
3809
|
"echo Disabling component in Dependency Track",
|
|
3574
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/worker" "https
|
|
3810
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/worker" "https://$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
|
|
3575
3811
|
"set -e",
|
|
3812
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-worker-$CL_stage_worker_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
3576
3813
|
],
|
|
3577
3814
|
"stage": "stop stage",
|
|
3578
3815
|
"variables": {
|
|
3579
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
3580
3816
|
"GIT_STRATEGY": "none",
|
|
3581
3817
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
3582
3818
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
@@ -3601,6 +3837,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
3601
3837
|
],
|
|
3602
3838
|
},
|
|
3603
3839
|
"script": [
|
|
3840
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3841
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
3604
3842
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
|
|
3605
3843
|
],
|
|
3606
3844
|
"stage": "build",
|
|
@@ -3624,6 +3862,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
3624
3862
|
],
|
|
3625
3863
|
},
|
|
3626
3864
|
"script": [
|
|
3865
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3866
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
3627
3867
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
|
|
3628
3868
|
],
|
|
3629
3869
|
"stage": "build",
|
|
@@ -3676,7 +3916,7 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
3676
3916
|
],
|
|
3677
3917
|
"variables": {
|
|
3678
3918
|
"FF_USE_FASTZIP": "true",
|
|
3679
|
-
"GIT_DEPTH": 1,
|
|
3919
|
+
"GIT_DEPTH": "1",
|
|
3680
3920
|
},
|
|
3681
3921
|
"workflow": {
|
|
3682
3922
|
"rules": [
|