@catladder/pipeline 1.144.1 โ 1.146.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bash/BashExpression.d.ts +40 -0
- package/dist/bash/BashExpression.js +124 -0
- package/dist/bash/bashExpressionPerPipelineType.d.ts +6 -0
- package/dist/bash/bashExpressionPerPipelineType.js +11 -0
- package/dist/bash/bashYaml.d.ts +10 -0
- package/dist/bash/bashYaml.js +46 -0
- package/dist/bash/getInjectVarsScript.d.ts +2 -0
- package/dist/bash/getInjectVarsScript.js +45 -0
- package/dist/bash/replaceAsync.d.ts +2 -0
- package/dist/{pipeline/commitInfo/getCommitInfo.js โ bash/replaceAsync.js} +49 -21
- package/dist/build/base/__tests__/createArtifactsConfig.test.js +3 -1
- package/dist/build/base/constants.js +3 -1
- package/dist/build/base/createAppBuildJob.d.ts +2 -1
- package/dist/build/base/createAppBuildJob.js +10 -6
- package/dist/build/base/createArtifactsConfig.d.ts +1 -1
- package/dist/build/base/createArtifactsConfig.js +3 -1
- package/dist/build/base/index.js +3 -1
- package/dist/build/base/writeBuildInfo.js +4 -3
- package/dist/build/base/writeDotEnv.js +12 -3
- package/dist/build/custom/__tests__/testJob.test.js +3 -1
- package/dist/build/custom/buildJob.js +4 -12
- package/dist/build/custom/index.js +3 -1
- package/dist/build/custom/testJob.d.ts +1 -1
- package/dist/build/custom/testJob.js +18 -14
- package/dist/build/docker.d.ts +5 -31
- package/dist/build/docker.js +16 -9
- package/dist/build/index.d.ts +1 -1
- package/dist/build/index.js +13 -7
- package/dist/build/node/buildJob.js +4 -12
- package/dist/build/node/cache.js +6 -3
- package/dist/build/node/constants.js +3 -1
- package/dist/build/node/index.js +3 -1
- package/dist/build/node/meteor.js +5 -2
- package/dist/build/node/testJob.js +18 -14
- package/dist/build/node/yarn.d.ts +3 -2
- package/dist/build/node/yarn.js +6 -3
- package/dist/build/rails/build.js +3 -1
- package/dist/build/rails/index.js +3 -1
- package/dist/build/rails/test.js +15 -11
- package/dist/build/sbom.js +3 -1
- package/dist/build/types.d.ts +24 -18
- package/dist/build/types.js +3 -1
- package/dist/bundles/catladder-gitlab/index.js +3 -3
- package/dist/catladder-gitlab.js +10 -54
- package/dist/config/__tests__/configruedEnvs.test.js +3 -1
- package/dist/config/configruedEnvs.js +3 -1
- package/dist/config/index.js +13 -7
- package/dist/config/readConfig.js +6 -5
- package/dist/constants.js +5 -3
- package/dist/context/__tests__/resolveReferences.test.js +40 -8
- package/dist/context/getBuildInfoVariables.d.ts +7 -0
- package/dist/context/getBuildInfoVariables.js +29 -0
- package/dist/context/getEnvConfig.js +3 -1
- package/dist/context/getEnvType.js +3 -1
- package/dist/context/getEnvironment.d.ts +3 -3
- package/dist/context/getEnvironment.js +10 -14
- package/dist/context/getEnvironmentContext.d.ts +7 -3
- package/dist/context/getEnvironmentContext.js +21 -11
- package/dist/context/getEnvironmentVariables.d.ts +26 -5
- package/dist/context/getEnvironmentVariables.js +40 -25
- package/dist/context/getLabels.js +4 -2
- package/dist/context/getReviewSlug.d.ts +4 -0
- package/dist/context/getReviewSlug.js +22 -0
- package/dist/context/index.d.ts +12 -3
- package/dist/context/index.js +21 -15
- package/dist/context/resolveReferences.d.ts +3 -1
- package/dist/context/resolveReferences.js +53 -21
- package/dist/context/transformJobOnlyVars.d.ts +5 -2
- package/dist/context/transformJobOnlyVars.js +4 -2
- package/dist/context/utils/envVars.d.ts +1 -1
- package/dist/context/utils/envVars.js +5 -2
- package/dist/defaults/index.js +3 -1
- package/dist/deploy/base/deploy.d.ts +1 -1
- package/dist/deploy/base/deploy.js +12 -11
- package/dist/deploy/base/index.js +3 -1
- package/dist/deploy/base/rollback.d.ts +1 -1
- package/dist/deploy/base/rollback.js +13 -9
- package/dist/deploy/base/stop.d.ts +1 -1
- package/dist/deploy/base/stop.js +16 -11
- package/dist/deploy/base/types.d.ts +1 -1
- package/dist/deploy/base/types.js +3 -1
- package/dist/deploy/base/variables.js +3 -1
- package/dist/deploy/cloudRun/artifactsRegistry.d.ts +2 -1
- package/dist/deploy/cloudRun/artifactsRegistry.js +6 -4
- package/dist/deploy/cloudRun/cleanup.js +3 -1
- package/dist/deploy/cloudRun/cloudRunRevisions.js +3 -1
- package/dist/deploy/cloudRun/createJobs/cloudRunJobs.js +8 -5
- package/dist/deploy/cloudRun/createJobs/cloudRunServices.d.ts +2 -2
- package/dist/deploy/cloudRun/createJobs/cloudRunServices.js +6 -3
- package/dist/deploy/cloudRun/createJobs/common.d.ts +3 -3
- package/dist/deploy/cloudRun/createJobs/common.js +3 -1
- package/dist/deploy/cloudRun/createJobs/constants.d.ts +1 -0
- package/dist/deploy/cloudRun/createJobs/constants.js +7 -0
- package/dist/deploy/cloudRun/createJobs/getCloudRunDeployScripts.js +10 -4
- package/dist/deploy/cloudRun/createJobs/getCloudRunStopScripts.js +3 -1
- package/dist/deploy/cloudRun/createJobs/index.js +25 -8
- package/dist/deploy/cloudRun/createJobs/volumes.js +3 -1
- package/dist/deploy/cloudRun/index.js +5 -3
- package/dist/deploy/cloudRun/utils/createArgsString.d.ts +2 -1
- package/dist/deploy/cloudRun/utils/createArgsString.js +3 -1
- package/dist/deploy/cloudRun/utils/database.js +13 -13
- package/dist/deploy/cloudRun/utils/gcloudServiceAccountLoginCommands.js +3 -1
- package/dist/deploy/cloudRun/utils/getServiceName.d.ts +1 -1
- package/dist/deploy/cloudRun/utils/getServiceName.js +3 -1
- package/dist/deploy/cloudRun/utils/jobName.d.ts +2 -1
- package/dist/deploy/cloudRun/utils/jobName.js +4 -2
- package/dist/deploy/cloudRun/utils/removeFirstLinesFromCommandOutput.js +3 -1
- package/dist/deploy/cloudSql/utils.d.ts +2 -1
- package/dist/deploy/cloudSql/utils.js +7 -2
- package/dist/deploy/custom/deployJob.js +3 -1
- package/dist/deploy/custom/index.js +3 -1
- package/dist/deploy/dockerTag/deployJob.js +3 -1
- package/dist/deploy/dockerTag/index.js +3 -1
- package/dist/deploy/index.d.ts +4 -3
- package/dist/deploy/index.js +13 -7
- package/dist/deploy/kubernetes/additionalSecretKeys.js +3 -1
- package/dist/deploy/kubernetes/cloudSql/index.d.ts +3 -2
- package/dist/deploy/kubernetes/cloudSql/index.js +6 -4
- package/dist/deploy/kubernetes/deployJob.js +22 -15
- package/dist/deploy/kubernetes/index.js +51 -14
- package/dist/deploy/kubernetes/kubeEnv.d.ts +3 -2
- package/dist/deploy/kubernetes/kubeEnv.js +7 -4
- package/dist/deploy/kubernetes/kubeValues.d.ts +2 -2
- package/dist/deploy/kubernetes/kubeValues.js +4 -5
- package/dist/deploy/kubernetes/mongodb.js +3 -1
- package/dist/deploy/kubernetes/processSecretsAsFiles.d.ts +2 -1
- package/dist/deploy/kubernetes/processSecretsAsFiles.js +3 -1
- package/dist/deploy/sbom.js +3 -1
- package/dist/deploy/types/base.d.ts +8 -2
- package/dist/deploy/types/base.js +3 -1
- package/dist/deploy/types/custom.d.ts +1 -1
- package/dist/deploy/types/custom.js +3 -1
- package/dist/deploy/types/dockerTag.d.ts +1 -1
- package/dist/deploy/types/dockerTag.js +3 -1
- package/dist/deploy/types/googleCloudRun.d.ts +19 -18
- package/dist/deploy/types/googleCloudRun.js +3 -1
- package/dist/deploy/types/index.d.ts +6 -6
- package/dist/deploy/types/index.js +13 -7
- package/dist/deploy/types/kubernetes.d.ts +22 -22
- package/dist/deploy/types/kubernetes.js +3 -1
- package/dist/deploy/utils.js +3 -1
- package/dist/index.d.ts +3 -2
- package/dist/index.js +16 -9
- package/dist/packageInfos.d.ts +2 -0
- package/dist/packageInfos.js +14 -0
- package/dist/pipeline/createAllJobs.d.ts +13 -5
- package/dist/pipeline/createAllJobs.js +21 -10
- package/dist/pipeline/createChildPipeline.d.ts +1 -1
- package/dist/pipeline/createChildPipeline.js +24 -7
- package/dist/pipeline/createJobsForComponent.d.ts +3 -3
- package/dist/pipeline/createJobsForComponent.js +19 -18
- package/dist/pipeline/createMainPipeline.d.ts +3 -0
- package/dist/pipeline/createMainPipeline.js +248 -0
- package/dist/pipeline/generatePipelineFiles.d.ts +2 -0
- package/dist/pipeline/generatePipelineFiles.js +178 -0
- package/dist/pipeline/getPipelineStages.js +3 -1
- package/dist/pipeline/gitlab/createGitlabJobs.d.ts +15 -5
- package/dist/pipeline/gitlab/createGitlabJobs.js +98 -25
- package/dist/pipeline/gitlab/createGitlabPipeline.d.ts +7 -2
- package/dist/pipeline/gitlab/createGitlabPipeline.js +34 -17
- package/dist/pipeline/gitlab/getPipelineTriggerForGitlabChildPipeline.d.ts +1 -0
- package/dist/pipeline/gitlab/getPipelineTriggerForGitlabChildPipeline.js +29 -0
- package/dist/pipeline/gitlab/gitlabReleaseJobs.d.ts +33 -0
- package/dist/pipeline/gitlab/gitlabReleaseJobs.js +24 -0
- package/dist/pipeline/index.d.ts +3 -1
- package/dist/pipeline/index.js +16 -8
- package/dist/pipeline/packageManager.js +4 -2
- package/dist/pipeline/yarn/yarnUtils.js +6 -4
- package/dist/rules/index.d.ts +4 -1
- package/dist/rules/index.js +25 -18
- package/dist/runner/index.d.ts +1 -1
- package/dist/runner/index.js +3 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/dist/types/config.d.ts +18 -15
- package/dist/types/config.js +5 -2
- package/dist/types/context.d.ts +37 -32
- package/dist/types/context.js +3 -1
- package/dist/types/environmentContext.d.ts +11 -7
- package/dist/types/environmentContext.js +3 -1
- package/dist/types/gitlab-ci-yml.d.ts +30 -30
- package/dist/types/gitlab-ci-yml.js +3 -2
- package/dist/types/gitlab-types.d.ts +4 -6
- package/dist/types/gitlab-types.js +3 -1
- package/dist/types/index.js +13 -7
- package/dist/types/jobs.d.ts +23 -6
- package/dist/types/jobs.js +3 -1
- package/dist/types/pipeline.d.ts +4 -3
- package/dist/types/pipeline.js +3 -1
- package/dist/types/utils.d.ts +1 -1
- package/dist/types/utils.js +3 -1
- package/dist/utils/gitlab.js +3 -1
- package/dist/utils/index.d.ts +1 -1
- package/dist/utils/index.js +3 -1
- package/dist/utils/writeFiles.d.ts +7 -0
- package/dist/{pipeline/commitInfo/getBuildId.js โ utils/writeFiles.js} +39 -22
- package/examples/__snapshots__/cloud-run-memory-limit.ts.snap +480 -384
- package/examples/__snapshots__/cloud-run-meteor-with-worker.ts.snap +462 -366
- package/examples/__snapshots__/cloud-run-no-cpu-throttling.ts.snap +480 -384
- package/examples/__snapshots__/cloud-run-no-service.ts.snap +501 -393
- package/examples/__snapshots__/cloud-run-non-public.ts.snap +480 -384
- package/examples/__snapshots__/cloud-run-post-stop-job.ts.snap +489 -392
- package/examples/__snapshots__/cloud-run-service-gen2.ts.snap +480 -384
- package/examples/__snapshots__/cloud-run-service-with-volumes.ts.snap +501 -401
- package/examples/__snapshots__/cloud-run-with-sql-reuse-db.ts.snap +1155 -915
- package/examples/__snapshots__/cloud-run-with-sql.ts.snap +1116 -888
- package/examples/__snapshots__/cloud-run-with-worker.ts.snap +482 -386
- package/examples/__snapshots__/custom-build-job-with-tests.ts.snap +452 -356
- package/examples/__snapshots__/custom-build-job.ts.snap +434 -350
- package/examples/__snapshots__/custom-deploy.ts.snap +319 -223
- package/examples/__snapshots__/custom-envs.ts.snap +123 -81
- package/examples/__snapshots__/custom-sbom-java.ts.snap +434 -350
- package/examples/__snapshots__/kubernetes-application-customization.ts.snap +846 -969
- package/examples/__snapshots__/kubernetes-with-cloud-sql-legacy.ts.snap +886 -957
- package/examples/__snapshots__/kubernetes-with-cloud-sql.ts.snap +894 -969
- package/examples/__snapshots__/kubernetes-with-jobs.ts.snap +1626 -1728
- package/examples/__snapshots__/kubernetes-with-mongodb.ts.snap +974 -1137
- package/examples/__snapshots__/local-dot-env.ts.snap +480 -384
- package/examples/__snapshots__/meteor-kubernetes.ts.snap +906 -1069
- package/examples/__snapshots__/multiline-var.ts.snap +4500 -0
- package/examples/__snapshots__/native-app.ts.snap +706 -578
- package/examples/__snapshots__/node-build-with-custom-image.ts.snap +480 -384
- package/examples/__snapshots__/node-build-with-docker-additions.ts.snap +488 -384
- package/examples/__snapshots__/rails-k8s-with-worker.ts.snap +1656 -1942
- package/examples/__snapshots__/wait-for-other-deploy.ts.snap +287 -231
- package/examples/__utils__/helpers.ts +2 -2
- package/examples/custom-deploy.ts +7 -7
- package/examples/multiline-var.ts +64 -0
- package/package.json +5 -8
- package/scripts/generate-gitlab-ci-types.ts +2 -2
- package/src/bash/BashExpression.ts +81 -0
- package/src/bash/bashExpressionPerPipelineType.ts +16 -0
- package/src/bash/bashYaml.ts +46 -0
- package/src/bash/getInjectVarsScript.ts +12 -0
- package/src/bash/replaceAsync.ts +50 -0
- package/src/build/base/__tests__/createArtifactsConfig.test.ts +3 -3
- package/src/build/base/createAppBuildJob.ts +8 -4
- package/src/build/base/createArtifactsConfig.ts +2 -2
- package/src/build/base/index.ts +1 -1
- package/src/build/base/writeBuildInfo.ts +1 -1
- package/src/build/base/writeDotEnv.ts +6 -1
- package/src/build/custom/__tests__/testJob.test.ts +1 -1
- package/src/build/custom/buildJob.ts +4 -6
- package/src/build/custom/testJob.ts +6 -5
- package/src/build/docker.ts +21 -13
- package/src/build/index.ts +1 -1
- package/src/build/node/buildJob.ts +3 -5
- package/src/build/node/cache.ts +4 -4
- package/src/build/node/meteor.ts +1 -1
- package/src/build/node/testJob.ts +6 -5
- package/src/build/node/yarn.ts +14 -9
- package/src/build/rails/test.ts +2 -1
- package/src/build/types.ts +8 -1
- package/src/catladder-gitlab.ts +8 -55
- package/src/config/configruedEnvs.ts +6 -6
- package/src/config/readConfig.ts +4 -5
- package/src/constants.ts +5 -2
- package/src/context/__tests__/resolveReferences.test.ts +11 -6
- package/src/context/getBuildInfoVariables.ts +40 -0
- package/src/context/getEnvConfig.ts +1 -1
- package/src/context/getEnvType.ts +1 -1
- package/src/context/getEnvironment.ts +7 -30
- package/src/context/getEnvironmentContext.ts +25 -29
- package/src/context/getEnvironmentVariables.ts +72 -47
- package/src/context/getReviewSlug.ts +27 -0
- package/src/context/index.ts +26 -25
- package/src/context/resolveReferences.ts +40 -17
- package/src/context/transformJobOnlyVars.ts +6 -3
- package/src/context/utils/envVars.ts +5 -4
- package/src/deploy/base/deploy.ts +25 -23
- package/src/deploy/base/index.ts +1 -1
- package/src/deploy/base/rollback.ts +9 -11
- package/src/deploy/base/stop.ts +9 -10
- package/src/deploy/cloudRun/artifactsRegistry.ts +13 -8
- package/src/deploy/cloudRun/cleanup.ts +3 -3
- package/src/deploy/cloudRun/cloudRunRevisions.ts +3 -3
- package/src/deploy/cloudRun/createJobs/cloudRunJobs.ts +22 -17
- package/src/deploy/cloudRun/createJobs/cloudRunServices.ts +7 -6
- package/src/deploy/cloudRun/createJobs/common.ts +1 -1
- package/src/deploy/cloudRun/createJobs/constants.ts +1 -0
- package/src/deploy/cloudRun/createJobs/getCloudRunDeployScripts.ts +25 -7
- package/src/deploy/cloudRun/createJobs/getCloudRunStopScripts.ts +1 -1
- package/src/deploy/cloudRun/createJobs/index.ts +18 -9
- package/src/deploy/cloudRun/createJobs/volumes.ts +2 -2
- package/src/deploy/cloudRun/index.ts +22 -10
- package/src/deploy/cloudRun/utils/createArgsString.ts +3 -2
- package/src/deploy/cloudRun/utils/database.ts +7 -7
- package/src/deploy/cloudRun/utils/gcloudServiceAccountLoginCommands.ts +1 -1
- package/src/deploy/cloudRun/utils/jobName.ts +7 -2
- package/src/deploy/cloudRun/utils/removeFirstLinesFromCommandOutput.ts +1 -1
- package/src/deploy/cloudSql/utils.ts +13 -10
- package/src/deploy/index.ts +5 -4
- package/src/deploy/kubernetes/cloudSql/index.ts +6 -5
- package/src/deploy/kubernetes/deployJob.ts +28 -14
- package/src/deploy/kubernetes/index.ts +15 -8
- package/src/deploy/kubernetes/kubeEnv.ts +9 -7
- package/src/deploy/kubernetes/kubeValues.ts +5 -6
- package/src/deploy/kubernetes/mongodb.ts +1 -1
- package/src/deploy/kubernetes/processSecretsAsFiles.ts +5 -4
- package/src/deploy/types/base.ts +6 -0
- package/src/deploy/types/googleCloudRun.ts +2 -0
- package/src/deploy/utils.ts +2 -2
- package/src/index.ts +2 -1
- package/src/packageInfos.ts +10 -0
- package/src/pipeline/createAllJobs.ts +28 -14
- package/src/pipeline/createChildPipeline.ts +20 -9
- package/src/pipeline/createJobsForComponent.ts +15 -23
- package/src/pipeline/createMainPipeline.ts +91 -0
- package/src/pipeline/generatePipelineFiles.ts +29 -0
- package/src/pipeline/getPipelineStages.ts +1 -1
- package/src/pipeline/gitlab/createGitlabJobs.ts +182 -59
- package/src/pipeline/gitlab/createGitlabPipeline.ts +16 -14
- package/src/pipeline/gitlab/getPipelineTriggerForGitlabChildPipeline.ts +46 -0
- package/src/pipeline/gitlab/gitlabReleaseJobs.ts +20 -0
- package/src/pipeline/index.ts +2 -0
- package/src/pipeline/packageManager.ts +2 -2
- package/src/pipeline/yarn/yarnUtils.ts +7 -7
- package/src/rules/index.ts +15 -9
- package/src/types/config.ts +12 -3
- package/src/types/context.ts +39 -26
- package/src/types/environmentContext.ts +13 -7
- package/src/types/gitlab-ci-yml.ts +0 -1
- package/src/types/gitlab-types.ts +5 -4
- package/src/types/jobs.ts +29 -4
- package/src/types/pipeline.ts +4 -0
- package/src/types/utils.ts +4 -4
- package/src/utils/gitlab.ts +1 -1
- package/src/utils/index.ts +2 -2
- package/src/utils/writeFiles.ts +40 -0
- package/dist/deploy/cloudRun/createJobs/variables.d.ts +0 -5
- package/dist/deploy/cloudRun/createJobs/variables.js +0 -19
- package/dist/pipeline/commitInfo/getBuildId.d.ts +0 -6
- package/dist/pipeline/commitInfo/getCommitInfo.d.ts +0 -2
- package/src/deploy/cloudRun/createJobs/variables.ts +0 -21
- package/src/pipeline/commitInfo/getBuildId.ts +0 -17
- package/src/pipeline/commitInfo/getCommitInfo.ts +0 -15
|
@@ -33,6 +33,9 @@ exports[`matches snapshot 1`] = `
|
|
|
33
33
|
],
|
|
34
34
|
},
|
|
35
35
|
"script": [
|
|
36
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
37
|
+
"export APP_PATH="api"",
|
|
38
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
36
39
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
37
40
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
38
41
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -49,7 +52,6 @@ exports[`matches snapshot 1`] = `
|
|
|
49
52
|
],
|
|
50
53
|
"stage": "test",
|
|
51
54
|
"variables": {
|
|
52
|
-
"APP_PATH": "api",
|
|
53
55
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
54
56
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
55
57
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -102,7 +104,25 @@ exports[`matches snapshot 1`] = `
|
|
|
102
104
|
],
|
|
103
105
|
},
|
|
104
106
|
"script": [
|
|
105
|
-
"echo
|
|
107
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
108
|
+
"export ENV_SHORT="dev"",
|
|
109
|
+
"export APP_DIR="api"",
|
|
110
|
+
"export ENV_TYPE="dev"",
|
|
111
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
112
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
113
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
114
|
+
"export HOST="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
115
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
116
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
117
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
118
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
119
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
|
|
120
|
+
"export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
|
|
121
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_dev_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
122
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
123
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
124
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
125
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json",
|
|
106
126
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
107
127
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
108
128
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -119,25 +139,9 @@ exports[`matches snapshot 1`] = `
|
|
|
119
139
|
],
|
|
120
140
|
"stage": "build",
|
|
121
141
|
"variables": {
|
|
122
|
-
"APP_DIR": "api",
|
|
123
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
124
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
125
|
-
"BUILD_INFO_ID": "some-id",
|
|
126
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
|
|
127
|
-
"DEPLOY_CLOUD_RUN_REGION": "asia-east1",
|
|
128
|
-
"ENV_SHORT": "dev",
|
|
129
|
-
"ENV_TYPE": "dev",
|
|
130
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey",
|
|
131
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
132
|
-
"HOST": "pan-test-app-dev-api-unknown-host.example.com",
|
|
133
|
-
"HOST_CANONICAL": "pan-test-app-dev-api-unknown-host.example.com",
|
|
134
|
-
"HOST_INTERNAL": "pan-test-app-dev-api-unknown-host.example.com",
|
|
135
142
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
136
143
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
137
144
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
138
|
-
"ROOT_URL": "https://pan-test-app-dev-api-unknown-host.example.com",
|
|
139
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-dev-api-unknown-host.example.com",
|
|
140
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
141
145
|
},
|
|
142
146
|
},
|
|
143
147
|
"api ๐จ docker | dev ": {
|
|
@@ -163,6 +167,21 @@ exports[`matches snapshot 1`] = `
|
|
|
163
167
|
],
|
|
164
168
|
},
|
|
165
169
|
"script": [
|
|
170
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
171
|
+
"export APP_DIR="api"",
|
|
172
|
+
"export DOCKER_DIR="."",
|
|
173
|
+
"export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
|
|
174
|
+
"export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/api"",
|
|
175
|
+
"export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api"",
|
|
176
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
177
|
+
"export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
|
|
178
|
+
RUN yarn plugin import workspace-tools
|
|
179
|
+
RUN yarn workspaces focus --production && yarn rebuild"",
|
|
180
|
+
"export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
|
|
181
|
+
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
182
|
+
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
183
|
+
COPY --chown=node:node .yarn /app/.yarn"",
|
|
184
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
166
185
|
"ensureNodeDockerfile",
|
|
167
186
|
"echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
|
|
168
187
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
@@ -187,24 +206,9 @@ exports[`matches snapshot 1`] = `
|
|
|
187
206
|
],
|
|
188
207
|
"stage": "build",
|
|
189
208
|
"variables": {
|
|
190
|
-
"APP_DIR": "api",
|
|
191
|
-
"DOCKERFILE_ADDITIONS": undefined,
|
|
192
|
-
"DOCKERFILE_ADDITIONS_END": undefined,
|
|
193
209
|
"DOCKER_BUILDKIT": "1",
|
|
194
|
-
"DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api",
|
|
195
|
-
"DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
|
|
196
|
-
RUN yarn plugin import workspace-tools
|
|
197
|
-
RUN yarn workspaces focus --production && yarn rebuild",
|
|
198
|
-
"DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node api/package.json /app/api/package.json
|
|
199
|
-
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
200
|
-
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
201
|
-
COPY --chown=node:node .yarn /app/.yarn",
|
|
202
|
-
"DOCKER_DIR": ".",
|
|
203
210
|
"DOCKER_DRIVER": "overlay2",
|
|
204
211
|
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
205
|
-
"DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/api",
|
|
206
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
207
|
-
"DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
|
|
208
212
|
"DOCKER_TLS_CERTDIR": "",
|
|
209
213
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
210
214
|
"KUBERNETES_MEMORY_LIMIT": "2Gi",
|
|
@@ -214,15 +218,15 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
214
218
|
"api ๐ Deploy | dev ": {
|
|
215
219
|
"allow_failure": false,
|
|
216
220
|
"artifacts": {
|
|
217
|
-
"
|
|
218
|
-
"
|
|
219
|
-
|
|
221
|
+
"reports": {
|
|
222
|
+
"dotenv": "gitlab_environment.env",
|
|
223
|
+
},
|
|
220
224
|
},
|
|
221
225
|
"environment": {
|
|
222
226
|
"auto_stop_in": "4 weeks",
|
|
223
227
|
"name": "dev/api",
|
|
224
228
|
"on_stop": "api ๐ Stop โ ๏ธ | dev ",
|
|
225
|
-
"url": "
|
|
229
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
226
230
|
},
|
|
227
231
|
"image": "path/to/docker/gcloud:the-version",
|
|
228
232
|
"interruptible": true,
|
|
@@ -265,13 +269,71 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
265
269
|
},
|
|
266
270
|
],
|
|
267
271
|
"script": [
|
|
272
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
273
|
+
"export ENV_SHORT="dev"",
|
|
274
|
+
"export APP_DIR="api"",
|
|
275
|
+
"export ENV_TYPE="dev"",
|
|
276
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
277
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
278
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
279
|
+
"export HOST="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
280
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
281
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
282
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
283
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
284
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
|
|
285
|
+
"export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
|
|
286
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_dev_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
287
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
288
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
289
|
+
"export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
|
|
290
|
+
"export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/api"",
|
|
291
|
+
"export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api"",
|
|
292
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
293
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
294
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
268
295
|
"echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
|
|
269
296
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
270
297
|
"export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")",
|
|
271
298
|
"echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
|
|
272
299
|
"echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
|
|
300
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
|
|
301
|
+
"cat > ____envvars.yaml <<EOF
|
|
302
|
+
ENV_SHORT: |-
|
|
303
|
+
dev
|
|
304
|
+
APP_DIR: |-
|
|
305
|
+
api
|
|
306
|
+
ENV_TYPE: |-
|
|
307
|
+
dev
|
|
308
|
+
BUILD_INFO_BUILD_ID: |-
|
|
309
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
|
|
310
|
+
BUILD_INFO_BUILD_TIME: |-
|
|
311
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
|
|
312
|
+
BUILD_INFO_CURRENT_VERSION: |-
|
|
313
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/ /')
|
|
314
|
+
HOST: |-
|
|
315
|
+
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
316
|
+
ROOT_URL: |-
|
|
317
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
318
|
+
HOST_INTERNAL: |-
|
|
319
|
+
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
320
|
+
HOST_CANONICAL: |-
|
|
321
|
+
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
322
|
+
ROOT_URL_INTERNAL: |-
|
|
323
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
324
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
325
|
+
asdf
|
|
326
|
+
DEPLOY_CLOUD_RUN_REGION: |-
|
|
327
|
+
asia-east1
|
|
328
|
+
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
329
|
+
$(printf %s "$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
|
|
330
|
+
_ALL_ENV_VAR_KEYS: |-
|
|
331
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
332
|
+
|
|
333
|
+
EOF
|
|
334
|
+
",
|
|
335
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
|
|
273
336
|
"echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
|
|
274
|
-
"echo "$ENV_VARS" > ____envvars.yaml",
|
|
275
337
|
"gcloud run deploy pan-test-app-dev-api --command="yarn,start" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/api:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=dev,env-name=dev,build-type=node,cloud-run-service-name=pan-test-app-dev-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
|
|
276
338
|
"echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
|
|
277
339
|
"echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
|
|
@@ -280,69 +342,27 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
280
342
|
"gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
281
343
|
"echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
|
|
282
344
|
"echo Uploading SBOM to Dependency Track",
|
|
283
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https
|
|
284
|
-
|
|
285
|
-
"services": [
|
|
286
|
-
{
|
|
287
|
-
"command": [
|
|
288
|
-
"--tls=false",
|
|
289
|
-
],
|
|
290
|
-
"name": "docker:24.0.6-dind",
|
|
291
|
-
},
|
|
345
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
|
|
346
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
292
347
|
],
|
|
293
348
|
"stage": "deploy dev",
|
|
294
349
|
"variables": {
|
|
295
|
-
"APP_DIR": "api",
|
|
296
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
297
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
298
|
-
"BUILD_INFO_ID": "some-id",
|
|
299
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
300
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
|
|
301
|
-
"DEPLOY_CLOUD_RUN_REGION": "asia-east1",
|
|
302
|
-
"DOCKER_BUILDKIT": "1",
|
|
303
|
-
"DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api",
|
|
304
|
-
"DOCKER_DRIVER": "overlay2",
|
|
305
|
-
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
306
|
-
"DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/api",
|
|
307
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
308
|
-
"DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
|
|
309
|
-
"DOCKER_TLS_CERTDIR": "",
|
|
310
|
-
"ENV_SHORT": "dev",
|
|
311
|
-
"ENV_TYPE": "dev",
|
|
312
|
-
"ENV_VARS": "ENV_SHORT: 'dev'
|
|
313
|
-
APP_DIR: 'api'
|
|
314
|
-
ENV_TYPE: 'dev'
|
|
315
|
-
BUILD_INFO_ID: 'some-id'
|
|
316
|
-
BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
|
|
317
|
-
BUILD_INFO_CURRENT_VERSION: '3.2.1'
|
|
318
|
-
HOST: 'pan-test-app-dev-api-unknown-host.example.com'
|
|
319
|
-
ROOT_URL: 'https://pan-test-app-dev-api-unknown-host.example.com'
|
|
320
|
-
HOST_CANONICAL: 'pan-test-app-dev-api-unknown-host.example.com'
|
|
321
|
-
ROOT_URL_INTERNAL: 'https://pan-test-app-dev-api-unknown-host.example.com'
|
|
322
|
-
HOST_INTERNAL: 'pan-test-app-dev-api-unknown-host.example.com'
|
|
323
|
-
DEPLOY_CLOUD_RUN_PROJECT_ID: 'asdf'
|
|
324
|
-
DEPLOY_CLOUD_RUN_REGION: 'asia-east1'
|
|
325
|
-
GCLOUD_RUN_canonicalHostSuffix: '$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix'
|
|
326
|
-
_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
|
|
327
|
-
",
|
|
328
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey",
|
|
329
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
330
|
-
"HOST": "pan-test-app-dev-api-unknown-host.example.com",
|
|
331
|
-
"HOST_CANONICAL": "pan-test-app-dev-api-unknown-host.example.com",
|
|
332
|
-
"HOST_INTERNAL": "pan-test-app-dev-api-unknown-host.example.com",
|
|
333
350
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
334
351
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
335
352
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
336
|
-
"ROOT_URL": "https://pan-test-app-dev-api-unknown-host.example.com",
|
|
337
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-dev-api-unknown-host.example.com",
|
|
338
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
339
353
|
},
|
|
340
354
|
},
|
|
341
355
|
"api ๐ Stop โ ๏ธ | dev ": {
|
|
356
|
+
"allow_failure": true,
|
|
357
|
+
"artifacts": {
|
|
358
|
+
"reports": {
|
|
359
|
+
"dotenv": "gitlab_environment.env",
|
|
360
|
+
},
|
|
361
|
+
},
|
|
342
362
|
"environment": {
|
|
343
363
|
"action": "stop",
|
|
344
364
|
"name": "dev/api",
|
|
345
|
-
"url": "
|
|
365
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
346
366
|
},
|
|
347
367
|
"image": "path/to/docker/gcloud:the-version",
|
|
348
368
|
"interruptible": true,
|
|
@@ -356,28 +376,29 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
356
376
|
},
|
|
357
377
|
"rules": [
|
|
358
378
|
{
|
|
359
|
-
"allow_failure": true,
|
|
360
379
|
"if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
|
|
361
380
|
"when": "on_success",
|
|
362
381
|
},
|
|
363
382
|
{
|
|
364
|
-
"allow_failure": true,
|
|
365
383
|
"when": "manual",
|
|
366
384
|
},
|
|
367
385
|
],
|
|
368
386
|
"script": [
|
|
387
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
388
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
389
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
369
390
|
"set +e",
|
|
370
391
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
371
392
|
"gcloud run services delete pan-test-app-dev-api --project=asdf --region=asia-east1",
|
|
372
393
|
"gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/api --quiet --delete-tags",
|
|
373
394
|
"gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
374
395
|
"echo Disabling component in Dependency Track",
|
|
375
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https
|
|
396
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
|
|
376
397
|
"set -e",
|
|
398
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
377
399
|
],
|
|
378
400
|
"stage": "stop dev",
|
|
379
401
|
"variables": {
|
|
380
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
381
402
|
"GIT_STRATEGY": "none",
|
|
382
403
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
383
404
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
@@ -397,12 +418,14 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
397
418
|
],
|
|
398
419
|
},
|
|
399
420
|
"script": [
|
|
421
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
422
|
+
"export APP_PATH="api"",
|
|
423
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
400
424
|
"cd api",
|
|
401
425
|
"yarn npm audit --environment production",
|
|
402
426
|
],
|
|
403
427
|
"stage": "test",
|
|
404
428
|
"variables": {
|
|
405
|
-
"APP_PATH": "api",
|
|
406
429
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
407
430
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
408
431
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -436,6 +459,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
436
459
|
],
|
|
437
460
|
},
|
|
438
461
|
"script": [
|
|
462
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
463
|
+
"export APP_PATH="api"",
|
|
464
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
439
465
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
440
466
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
441
467
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -452,7 +478,6 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
452
478
|
],
|
|
453
479
|
"stage": "test",
|
|
454
480
|
"variables": {
|
|
455
|
-
"APP_PATH": "api",
|
|
456
481
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
457
482
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
458
483
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -476,6 +501,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
476
501
|
],
|
|
477
502
|
},
|
|
478
503
|
"script": [
|
|
504
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
505
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
479
506
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
|
|
480
507
|
],
|
|
481
508
|
"stage": "build",
|
|
@@ -509,6 +536,11 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
509
536
|
],
|
|
510
537
|
},
|
|
511
538
|
"script": [
|
|
539
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
540
|
+
"export APP_PATH="app"",
|
|
541
|
+
"export LC_A="L=en_US.UTF-8"",
|
|
542
|
+
"export LANG="en_US.UTF-8"",
|
|
543
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
512
544
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
513
545
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
514
546
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -525,12 +557,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
525
557
|
],
|
|
526
558
|
"stage": "test",
|
|
527
559
|
"variables": {
|
|
528
|
-
"APP_PATH": "app",
|
|
529
560
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
530
561
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
531
562
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
532
|
-
"LANG": "en_US.UTF-8",
|
|
533
|
-
"LC_A": "L=en_US.UTF-8",
|
|
534
563
|
},
|
|
535
564
|
},
|
|
536
565
|
"app ๐จ app | dev ": {
|
|
@@ -590,24 +619,45 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
590
619
|
],
|
|
591
620
|
},
|
|
592
621
|
"script": [
|
|
622
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
623
|
+
"export ENV_SHORT="dev"",
|
|
624
|
+
"export APP_DIR="app"",
|
|
625
|
+
"export ENV_TYPE="dev"",
|
|
626
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
627
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
628
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
629
|
+
"export HOST="unknown-host.example.com"",
|
|
630
|
+
"export ROOT_URL="https://unknown-host.example.com"",
|
|
631
|
+
"export HOST_INTERNAL="unknown-host.example.com"",
|
|
632
|
+
"export HOST_CANONICAL="unknown-host.example.com"",
|
|
633
|
+
"export ROOT_URL_INTERNAL="https://unknown-host.example.com"",
|
|
634
|
+
"export APP_STORE_CONNECT_API_KEY_CONTENT="$CL_dev_app_APP_STORE_CONNECT_API_KEY_CONTENT"",
|
|
635
|
+
"export APP_STORE_CONNECT_ISSUER_ID="$CL_dev_app_APP_STORE_CONNECT_ISSUER_ID"",
|
|
636
|
+
"export APP_STORE_CONNECT_API_KEY_ID="$CL_dev_app_APP_STORE_CONNECT_API_KEY_ID"",
|
|
637
|
+
"export GRAPHQL_URL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"",
|
|
638
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"APP_STORE_CONNECT_API_KEY_CONTENT\\",\\"APP_STORE_CONNECT_ISSUER_ID\\",\\"APP_STORE_CONNECT_API_KEY_ID\\",\\"GRAPHQL_URL\\"]"",
|
|
639
|
+
"export LC_A="L=en_US.UTF-8"",
|
|
640
|
+
"export LANG="en_US.UTF-8"",
|
|
641
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
593
642
|
"cat <<EOF > app/.env
|
|
594
643
|
ENV_SHORT=dev
|
|
595
644
|
APP_DIR=app
|
|
596
645
|
ENV_TYPE=dev
|
|
597
|
-
|
|
598
|
-
BUILD_INFO_BUILD_TIME
|
|
599
|
-
BUILD_INFO_CURRENT_VERSION
|
|
646
|
+
BUILD_INFO_BUILD_ID=$(git describe --tags 2>/dev/null || git rev-parse HEAD)
|
|
647
|
+
BUILD_INFO_BUILD_TIME=$CI_JOB_STARTED_AT
|
|
648
|
+
BUILD_INFO_CURRENT_VERSION=$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")
|
|
600
649
|
HOST=unknown-host.example.com
|
|
601
650
|
ROOT_URL=https://unknown-host.example.com
|
|
651
|
+
HOST_INTERNAL=unknown-host.example.com
|
|
602
652
|
HOST_CANONICAL=unknown-host.example.com
|
|
603
653
|
ROOT_URL_INTERNAL=https://unknown-host.example.com
|
|
604
654
|
APP_STORE_CONNECT_API_KEY_CONTENT=$CL_dev_app_APP_STORE_CONNECT_API_KEY_CONTENT
|
|
605
655
|
APP_STORE_CONNECT_ISSUER_ID=$CL_dev_app_APP_STORE_CONNECT_ISSUER_ID
|
|
606
656
|
APP_STORE_CONNECT_API_KEY_ID=$CL_dev_app_APP_STORE_CONNECT_API_KEY_ID
|
|
607
|
-
GRAPHQL_URL=https
|
|
608
|
-
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","
|
|
657
|
+
GRAPHQL_URL=https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql
|
|
658
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","APP_STORE_CONNECT_API_KEY_CONTENT","APP_STORE_CONNECT_ISSUER_ID","APP_STORE_CONNECT_API_KEY_ID","GRAPHQL_URL"]
|
|
609
659
|
EOF",
|
|
610
|
-
"echo '{"id":"
|
|
660
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json",
|
|
611
661
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
612
662
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
613
663
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -631,26 +681,9 @@ EOF",
|
|
|
631
681
|
"mac-runner",
|
|
632
682
|
],
|
|
633
683
|
"variables": {
|
|
634
|
-
"APP_DIR": "app",
|
|
635
|
-
"APP_STORE_CONNECT_API_KEY_CONTENT": "$CL_dev_app_APP_STORE_CONNECT_API_KEY_CONTENT",
|
|
636
|
-
"APP_STORE_CONNECT_API_KEY_ID": "$CL_dev_app_APP_STORE_CONNECT_API_KEY_ID",
|
|
637
|
-
"APP_STORE_CONNECT_ISSUER_ID": "$CL_dev_app_APP_STORE_CONNECT_ISSUER_ID",
|
|
638
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
639
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
640
|
-
"BUILD_INFO_ID": "some-id",
|
|
641
|
-
"ENV_SHORT": "dev",
|
|
642
|
-
"ENV_TYPE": "dev",
|
|
643
|
-
"GRAPHQL_URL": "https://pan-test-app-dev-api-unknown-host.example.com/graphql",
|
|
644
|
-
"HOST": "unknown-host.example.com",
|
|
645
|
-
"HOST_CANONICAL": "unknown-host.example.com",
|
|
646
684
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
647
685
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
648
686
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
649
|
-
"LANG": "en_US.UTF-8",
|
|
650
|
-
"LC_A": "L=en_US.UTF-8",
|
|
651
|
-
"ROOT_URL": "https://unknown-host.example.com",
|
|
652
|
-
"ROOT_URL_INTERNAL": "https://unknown-host.example.com",
|
|
653
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","APP_STORE_CONNECT_API_KEY_CONTENT","APP_STORE_CONNECT_ISSUER_ID","APP_STORE_CONNECT_API_KEY_ID","GRAPHQL_URL"]",
|
|
654
687
|
},
|
|
655
688
|
},
|
|
656
689
|
"app ๐ Deploy | dev ": {
|
|
@@ -667,10 +700,6 @@ EOF",
|
|
|
667
700
|
],
|
|
668
701
|
},
|
|
669
702
|
],
|
|
670
|
-
"environment": {
|
|
671
|
-
"name": "dev/app",
|
|
672
|
-
"url": "https://unknown-host.example.com",
|
|
673
|
-
},
|
|
674
703
|
"image": "path/to/docker/jobs-default:the-version",
|
|
675
704
|
"interruptible": true,
|
|
676
705
|
"needs": [
|
|
@@ -708,6 +737,26 @@ EOF",
|
|
|
708
737
|
},
|
|
709
738
|
],
|
|
710
739
|
"script": [
|
|
740
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
741
|
+
"export ENV_SHORT="dev"",
|
|
742
|
+
"export APP_DIR="app"",
|
|
743
|
+
"export ENV_TYPE="dev"",
|
|
744
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
745
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
746
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
747
|
+
"export HOST="unknown-host.example.com"",
|
|
748
|
+
"export ROOT_URL="https://unknown-host.example.com"",
|
|
749
|
+
"export HOST_INTERNAL="unknown-host.example.com"",
|
|
750
|
+
"export HOST_CANONICAL="unknown-host.example.com"",
|
|
751
|
+
"export ROOT_URL_INTERNAL="https://unknown-host.example.com"",
|
|
752
|
+
"export APP_STORE_CONNECT_API_KEY_CONTENT="$CL_dev_app_APP_STORE_CONNECT_API_KEY_CONTENT"",
|
|
753
|
+
"export APP_STORE_CONNECT_ISSUER_ID="$CL_dev_app_APP_STORE_CONNECT_ISSUER_ID"",
|
|
754
|
+
"export APP_STORE_CONNECT_API_KEY_ID="$CL_dev_app_APP_STORE_CONNECT_API_KEY_ID"",
|
|
755
|
+
"export GRAPHQL_URL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"",
|
|
756
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"APP_STORE_CONNECT_API_KEY_CONTENT\\",\\"APP_STORE_CONNECT_ISSUER_ID\\",\\"APP_STORE_CONNECT_API_KEY_ID\\",\\"GRAPHQL_URL\\"]"",
|
|
757
|
+
"export LC_A="L=en_US.UTF-8"",
|
|
758
|
+
"export LANG="en_US.UTF-8"",
|
|
759
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
711
760
|
"cd app",
|
|
712
761
|
"bundle config set --local path 'vendor/ruby'",
|
|
713
762
|
"gem install bundler",
|
|
@@ -721,26 +770,9 @@ EOF",
|
|
|
721
770
|
"mac-runner",
|
|
722
771
|
],
|
|
723
772
|
"variables": {
|
|
724
|
-
"APP_DIR": "app",
|
|
725
|
-
"APP_STORE_CONNECT_API_KEY_CONTENT": "$CL_dev_app_APP_STORE_CONNECT_API_KEY_CONTENT",
|
|
726
|
-
"APP_STORE_CONNECT_API_KEY_ID": "$CL_dev_app_APP_STORE_CONNECT_API_KEY_ID",
|
|
727
|
-
"APP_STORE_CONNECT_ISSUER_ID": "$CL_dev_app_APP_STORE_CONNECT_ISSUER_ID",
|
|
728
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
729
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
730
|
-
"BUILD_INFO_ID": "some-id",
|
|
731
|
-
"ENV_SHORT": "dev",
|
|
732
|
-
"ENV_TYPE": "dev",
|
|
733
|
-
"GRAPHQL_URL": "https://pan-test-app-dev-api-unknown-host.example.com/graphql",
|
|
734
|
-
"HOST": "unknown-host.example.com",
|
|
735
|
-
"HOST_CANONICAL": "unknown-host.example.com",
|
|
736
773
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
737
774
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
738
775
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
739
|
-
"LANG": "en_US.UTF-8",
|
|
740
|
-
"LC_A": "L=en_US.UTF-8",
|
|
741
|
-
"ROOT_URL": "https://unknown-host.example.com",
|
|
742
|
-
"ROOT_URL_INTERNAL": "https://unknown-host.example.com",
|
|
743
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","APP_STORE_CONNECT_API_KEY_CONTENT","APP_STORE_CONNECT_ISSUER_ID","APP_STORE_CONNECT_API_KEY_ID","GRAPHQL_URL"]",
|
|
744
776
|
},
|
|
745
777
|
},
|
|
746
778
|
"app ๐ก audit": {
|
|
@@ -756,17 +788,19 @@ EOF",
|
|
|
756
788
|
],
|
|
757
789
|
},
|
|
758
790
|
"script": [
|
|
791
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
792
|
+
"export APP_PATH="app"",
|
|
793
|
+
"export LC_A="L=en_US.UTF-8"",
|
|
794
|
+
"export LANG="en_US.UTF-8"",
|
|
795
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
759
796
|
"cd app",
|
|
760
797
|
"yarn npm audit --environment production",
|
|
761
798
|
],
|
|
762
799
|
"stage": "test",
|
|
763
800
|
"variables": {
|
|
764
|
-
"APP_PATH": "app",
|
|
765
801
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
766
802
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
767
803
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
768
|
-
"LANG": "en_US.UTF-8",
|
|
769
|
-
"LC_A": "L=en_US.UTF-8",
|
|
770
804
|
},
|
|
771
805
|
},
|
|
772
806
|
"app ๐งช test": {
|
|
@@ -797,6 +831,11 @@ EOF",
|
|
|
797
831
|
],
|
|
798
832
|
},
|
|
799
833
|
"script": [
|
|
834
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
835
|
+
"export APP_PATH="app"",
|
|
836
|
+
"export LC_A="L=en_US.UTF-8"",
|
|
837
|
+
"export LANG="en_US.UTF-8"",
|
|
838
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
800
839
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
801
840
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
802
841
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -813,12 +852,9 @@ EOF",
|
|
|
813
852
|
],
|
|
814
853
|
"stage": "test",
|
|
815
854
|
"variables": {
|
|
816
|
-
"APP_PATH": "app",
|
|
817
855
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
818
856
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
819
857
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
820
|
-
"LANG": "en_US.UTF-8",
|
|
821
|
-
"LC_A": "L=en_US.UTF-8",
|
|
822
858
|
},
|
|
823
859
|
},
|
|
824
860
|
"app ๐งพ sbom | dev ": {
|
|
@@ -839,6 +875,8 @@ EOF",
|
|
|
839
875
|
],
|
|
840
876
|
},
|
|
841
877
|
"script": [
|
|
878
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
879
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
842
880
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" app",
|
|
843
881
|
],
|
|
844
882
|
"stage": "build",
|
|
@@ -891,7 +929,7 @@ EOF",
|
|
|
891
929
|
],
|
|
892
930
|
"variables": {
|
|
893
931
|
"FF_USE_FASTZIP": "true",
|
|
894
|
-
"GIT_DEPTH": 1,
|
|
932
|
+
"GIT_DEPTH": "1",
|
|
895
933
|
},
|
|
896
934
|
"workflow": {
|
|
897
935
|
"rules": [
|
|
@@ -949,6 +987,9 @@ EOF",
|
|
|
949
987
|
],
|
|
950
988
|
},
|
|
951
989
|
"script": [
|
|
990
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
991
|
+
"export APP_PATH="api"",
|
|
992
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
952
993
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
953
994
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
954
995
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -965,7 +1006,6 @@ EOF",
|
|
|
965
1006
|
],
|
|
966
1007
|
"stage": "test",
|
|
967
1008
|
"variables": {
|
|
968
|
-
"APP_PATH": "api",
|
|
969
1009
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
970
1010
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
971
1011
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -1018,7 +1058,25 @@ EOF",
|
|
|
1018
1058
|
],
|
|
1019
1059
|
},
|
|
1020
1060
|
"script": [
|
|
1021
|
-
"echo
|
|
1061
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1062
|
+
"export ENV_SHORT="review"",
|
|
1063
|
+
"export APP_DIR="api"",
|
|
1064
|
+
"export ENV_TYPE="review"",
|
|
1065
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
1066
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
1067
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
1068
|
+
"export HOST="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1069
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1070
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1071
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1072
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1073
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
|
|
1074
|
+
"export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
|
|
1075
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_review_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
1076
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_review_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
1077
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
1078
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1079
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json",
|
|
1022
1080
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
1023
1081
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
1024
1082
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -1035,25 +1093,9 @@ EOF",
|
|
|
1035
1093
|
],
|
|
1036
1094
|
"stage": "build",
|
|
1037
1095
|
"variables": {
|
|
1038
|
-
"APP_DIR": "api",
|
|
1039
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
1040
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
1041
|
-
"BUILD_INFO_ID": "some-id",
|
|
1042
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
|
|
1043
|
-
"DEPLOY_CLOUD_RUN_REGION": "asia-east1",
|
|
1044
|
-
"ENV_SHORT": "review",
|
|
1045
|
-
"ENV_TYPE": "review",
|
|
1046
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_review_api_GCLOUD_DEPLOY_credentialsKey",
|
|
1047
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_review_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
1048
|
-
"HOST": "pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1049
|
-
"HOST_CANONICAL": "pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1050
|
-
"HOST_INTERNAL": "pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1051
1096
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1052
1097
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
1053
1098
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
1054
|
-
"ROOT_URL": "https://pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1055
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1056
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
1057
1099
|
},
|
|
1058
1100
|
},
|
|
1059
1101
|
"api ๐จ docker | review ": {
|
|
@@ -1079,6 +1121,21 @@ EOF",
|
|
|
1079
1121
|
],
|
|
1080
1122
|
},
|
|
1081
1123
|
"script": [
|
|
1124
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1125
|
+
"export APP_DIR="api"",
|
|
1126
|
+
"export DOCKER_DIR="."",
|
|
1127
|
+
"export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
|
|
1128
|
+
"export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"",
|
|
1129
|
+
"export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api"",
|
|
1130
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
1131
|
+
"export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
|
|
1132
|
+
RUN yarn plugin import workspace-tools
|
|
1133
|
+
RUN yarn workspaces focus --production && yarn rebuild"",
|
|
1134
|
+
"export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
|
|
1135
|
+
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
1136
|
+
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1137
|
+
COPY --chown=node:node .yarn /app/.yarn"",
|
|
1138
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1082
1139
|
"ensureNodeDockerfile",
|
|
1083
1140
|
"echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
|
|
1084
1141
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
@@ -1103,24 +1160,9 @@ EOF",
|
|
|
1103
1160
|
],
|
|
1104
1161
|
"stage": "build",
|
|
1105
1162
|
"variables": {
|
|
1106
|
-
"APP_DIR": "api",
|
|
1107
|
-
"DOCKERFILE_ADDITIONS": undefined,
|
|
1108
|
-
"DOCKERFILE_ADDITIONS_END": undefined,
|
|
1109
1163
|
"DOCKER_BUILDKIT": "1",
|
|
1110
|
-
"DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api",
|
|
1111
|
-
"DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
|
|
1112
|
-
RUN yarn plugin import workspace-tools
|
|
1113
|
-
RUN yarn workspaces focus --production && yarn rebuild",
|
|
1114
|
-
"DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node api/package.json /app/api/package.json
|
|
1115
|
-
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
1116
|
-
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1117
|
-
COPY --chown=node:node .yarn /app/.yarn",
|
|
1118
|
-
"DOCKER_DIR": ".",
|
|
1119
1164
|
"DOCKER_DRIVER": "overlay2",
|
|
1120
1165
|
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
1121
|
-
"DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api/mr1234",
|
|
1122
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
1123
|
-
"DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
|
|
1124
1166
|
"DOCKER_TLS_CERTDIR": "",
|
|
1125
1167
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1126
1168
|
"KUBERNETES_MEMORY_LIMIT": "2Gi",
|
|
@@ -1130,15 +1172,15 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
1130
1172
|
"api ๐ Deploy | review ": {
|
|
1131
1173
|
"allow_failure": false,
|
|
1132
1174
|
"artifacts": {
|
|
1133
|
-
"
|
|
1134
|
-
"
|
|
1135
|
-
|
|
1175
|
+
"reports": {
|
|
1176
|
+
"dotenv": "gitlab_environment.env",
|
|
1177
|
+
},
|
|
1136
1178
|
},
|
|
1137
1179
|
"environment": {
|
|
1138
1180
|
"auto_stop_in": "1 week",
|
|
1139
|
-
"name": "review/
|
|
1181
|
+
"name": "review/$CI_COMMIT_REF_NAME/api",
|
|
1140
1182
|
"on_stop": "api ๐ Stop โ ๏ธ | review ",
|
|
1141
|
-
"url": "
|
|
1183
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
1142
1184
|
},
|
|
1143
1185
|
"image": "path/to/docker/gcloud:the-version",
|
|
1144
1186
|
"interruptible": true,
|
|
@@ -1181,87 +1223,103 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
1181
1223
|
},
|
|
1182
1224
|
],
|
|
1183
1225
|
"script": [
|
|
1226
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1227
|
+
"export ENV_SHORT="review"",
|
|
1228
|
+
"export APP_DIR="api"",
|
|
1229
|
+
"export ENV_TYPE="review"",
|
|
1230
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
1231
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
1232
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
1233
|
+
"export HOST="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1234
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1235
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1236
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1237
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1238
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
|
|
1239
|
+
"export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
|
|
1240
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_review_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
1241
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_review_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
1242
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
1243
|
+
"export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
|
|
1244
|
+
"export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"",
|
|
1245
|
+
"export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api"",
|
|
1246
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
1247
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
1248
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1184
1249
|
"echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
|
|
1185
1250
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
1186
1251
|
"export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")",
|
|
1187
1252
|
"echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
|
|
1188
1253
|
"echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
|
|
1254
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
|
|
1255
|
+
"cat > ____envvars.yaml <<EOF
|
|
1256
|
+
ENV_SHORT: |-
|
|
1257
|
+
review
|
|
1258
|
+
APP_DIR: |-
|
|
1259
|
+
api
|
|
1260
|
+
ENV_TYPE: |-
|
|
1261
|
+
review
|
|
1262
|
+
BUILD_INFO_BUILD_ID: |-
|
|
1263
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
|
|
1264
|
+
BUILD_INFO_BUILD_TIME: |-
|
|
1265
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
|
|
1266
|
+
BUILD_INFO_CURRENT_VERSION: |-
|
|
1267
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/ /')
|
|
1268
|
+
HOST: |-
|
|
1269
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1270
|
+
ROOT_URL: |-
|
|
1271
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1272
|
+
HOST_INTERNAL: |-
|
|
1273
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1274
|
+
HOST_CANONICAL: |-
|
|
1275
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1276
|
+
ROOT_URL_INTERNAL: |-
|
|
1277
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1278
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
1279
|
+
asdf
|
|
1280
|
+
DEPLOY_CLOUD_RUN_REGION: |-
|
|
1281
|
+
asia-east1
|
|
1282
|
+
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
1283
|
+
$(printf %s "$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
|
|
1284
|
+
_ALL_ENV_VAR_KEYS: |-
|
|
1285
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
1286
|
+
|
|
1287
|
+
EOF
|
|
1288
|
+
",
|
|
1289
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
|
|
1189
1290
|
"echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
|
|
1190
|
-
"echo "$
|
|
1191
|
-
"gcloud run deploy pan-test-app-review-mr1234-api --command="yarn,start" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api/mr1234:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-service-name=pan-test-app-review-mr1234-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
|
|
1291
|
+
"gcloud run deploy $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --command="yarn,start" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-service-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
|
|
1192
1292
|
"echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
|
|
1193
1293
|
"echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
|
|
1194
|
-
"gcloud run revisions list --project=asdf --region=asia-east1 --service
|
|
1195
|
-
"gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api
|
|
1294
|
+
"gcloud run revisions list --project=asdf --region=asia-east1 --service=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done",
|
|
1295
|
+
"gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })@$version --quiet --delete-tags; done",
|
|
1196
1296
|
"gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
1197
1297
|
"set +e",
|
|
1198
1298
|
"gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api --quiet --delete-tags",
|
|
1199
1299
|
"set -e",
|
|
1200
1300
|
"echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
|
|
1201
1301
|
"echo Uploading SBOM to Dependency Track",
|
|
1202
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https
|
|
1203
|
-
|
|
1204
|
-
"services": [
|
|
1205
|
-
{
|
|
1206
|
-
"command": [
|
|
1207
|
-
"--tls=false",
|
|
1208
|
-
],
|
|
1209
|
-
"name": "docker:24.0.6-dind",
|
|
1210
|
-
},
|
|
1302
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
|
|
1303
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
1211
1304
|
],
|
|
1212
1305
|
"stage": "deploy review",
|
|
1213
1306
|
"variables": {
|
|
1214
|
-
"APP_DIR": "api",
|
|
1215
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
1216
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
1217
|
-
"BUILD_INFO_ID": "some-id",
|
|
1218
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
1219
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
|
|
1220
|
-
"DEPLOY_CLOUD_RUN_REGION": "asia-east1",
|
|
1221
|
-
"DOCKER_BUILDKIT": "1",
|
|
1222
|
-
"DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api",
|
|
1223
|
-
"DOCKER_DRIVER": "overlay2",
|
|
1224
|
-
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
1225
|
-
"DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api/mr1234",
|
|
1226
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
1227
|
-
"DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
|
|
1228
|
-
"DOCKER_TLS_CERTDIR": "",
|
|
1229
|
-
"ENV_SHORT": "review",
|
|
1230
|
-
"ENV_TYPE": "review",
|
|
1231
|
-
"ENV_VARS": "ENV_SHORT: 'review'
|
|
1232
|
-
APP_DIR: 'api'
|
|
1233
|
-
ENV_TYPE: 'review'
|
|
1234
|
-
BUILD_INFO_ID: 'some-id'
|
|
1235
|
-
BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
|
|
1236
|
-
BUILD_INFO_CURRENT_VERSION: '3.2.1'
|
|
1237
|
-
HOST: 'pan-test-app-review-mr1234-api-unknown-host.example.com'
|
|
1238
|
-
ROOT_URL: 'https://pan-test-app-review-mr1234-api-unknown-host.example.com'
|
|
1239
|
-
HOST_CANONICAL: 'pan-test-app-review-mr1234-api-unknown-host.example.com'
|
|
1240
|
-
ROOT_URL_INTERNAL: 'https://pan-test-app-review-mr1234-api-unknown-host.example.com'
|
|
1241
|
-
HOST_INTERNAL: 'pan-test-app-review-mr1234-api-unknown-host.example.com'
|
|
1242
|
-
DEPLOY_CLOUD_RUN_PROJECT_ID: 'asdf'
|
|
1243
|
-
DEPLOY_CLOUD_RUN_REGION: 'asia-east1'
|
|
1244
|
-
GCLOUD_RUN_canonicalHostSuffix: '$CL_review_api_GCLOUD_RUN_canonicalHostSuffix'
|
|
1245
|
-
_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
|
|
1246
|
-
",
|
|
1247
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_review_api_GCLOUD_DEPLOY_credentialsKey",
|
|
1248
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_review_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
1249
|
-
"HOST": "pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1250
|
-
"HOST_CANONICAL": "pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1251
|
-
"HOST_INTERNAL": "pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1252
1307
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1253
1308
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
1254
1309
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
1255
|
-
"ROOT_URL": "https://pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1256
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-review-mr1234-api-unknown-host.example.com",
|
|
1257
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
1258
1310
|
},
|
|
1259
1311
|
},
|
|
1260
1312
|
"api ๐ Stop โ ๏ธ | review ": {
|
|
1313
|
+
"allow_failure": true,
|
|
1314
|
+
"artifacts": {
|
|
1315
|
+
"reports": {
|
|
1316
|
+
"dotenv": "gitlab_environment.env",
|
|
1317
|
+
},
|
|
1318
|
+
},
|
|
1261
1319
|
"environment": {
|
|
1262
1320
|
"action": "stop",
|
|
1263
|
-
"name": "review/
|
|
1264
|
-
"url": "
|
|
1321
|
+
"name": "review/$CI_COMMIT_REF_NAME/api",
|
|
1322
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
1265
1323
|
},
|
|
1266
1324
|
"image": "path/to/docker/gcloud:the-version",
|
|
1267
1325
|
"interruptible": true,
|
|
@@ -1275,31 +1333,32 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1275
1333
|
},
|
|
1276
1334
|
"rules": [
|
|
1277
1335
|
{
|
|
1278
|
-
"allow_failure": true,
|
|
1279
1336
|
"if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
|
|
1280
1337
|
"when": "on_success",
|
|
1281
1338
|
},
|
|
1282
1339
|
{
|
|
1283
|
-
"allow_failure": true,
|
|
1284
1340
|
"when": "manual",
|
|
1285
1341
|
},
|
|
1286
1342
|
],
|
|
1287
1343
|
"script": [
|
|
1344
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1345
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
1346
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1288
1347
|
"set +e",
|
|
1289
1348
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
1290
|
-
"gcloud run services delete pan-test-app-review-
|
|
1291
|
-
"gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api
|
|
1349
|
+
"gcloud run services delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --project=asdf --region=asia-east1",
|
|
1350
|
+
"gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --quiet --delete-tags",
|
|
1292
1351
|
"gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
1293
1352
|
"set +e",
|
|
1294
1353
|
"gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api --quiet --delete-tags",
|
|
1295
1354
|
"set -e",
|
|
1296
1355
|
"echo Disabling component in Dependency Track",
|
|
1297
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https
|
|
1356
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
|
|
1298
1357
|
"set -e",
|
|
1358
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
1299
1359
|
],
|
|
1300
1360
|
"stage": "stop review",
|
|
1301
1361
|
"variables": {
|
|
1302
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
1303
1362
|
"GIT_STRATEGY": "none",
|
|
1304
1363
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1305
1364
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
@@ -1319,12 +1378,14 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1319
1378
|
],
|
|
1320
1379
|
},
|
|
1321
1380
|
"script": [
|
|
1381
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1382
|
+
"export APP_PATH="api"",
|
|
1383
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1322
1384
|
"cd api",
|
|
1323
1385
|
"yarn npm audit --environment production",
|
|
1324
1386
|
],
|
|
1325
1387
|
"stage": "test",
|
|
1326
1388
|
"variables": {
|
|
1327
|
-
"APP_PATH": "api",
|
|
1328
1389
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1329
1390
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
1330
1391
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -1358,6 +1419,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1358
1419
|
],
|
|
1359
1420
|
},
|
|
1360
1421
|
"script": [
|
|
1422
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1423
|
+
"export APP_PATH="api"",
|
|
1424
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1361
1425
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
1362
1426
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
1363
1427
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -1374,7 +1438,6 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1374
1438
|
],
|
|
1375
1439
|
"stage": "test",
|
|
1376
1440
|
"variables": {
|
|
1377
|
-
"APP_PATH": "api",
|
|
1378
1441
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1379
1442
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
1380
1443
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
@@ -1398,6 +1461,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1398
1461
|
],
|
|
1399
1462
|
},
|
|
1400
1463
|
"script": [
|
|
1464
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1465
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1401
1466
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
|
|
1402
1467
|
],
|
|
1403
1468
|
"stage": "build",
|
|
@@ -1431,6 +1496,11 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1431
1496
|
],
|
|
1432
1497
|
},
|
|
1433
1498
|
"script": [
|
|
1499
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1500
|
+
"export APP_PATH="app"",
|
|
1501
|
+
"export LC_A="L=en_US.UTF-8"",
|
|
1502
|
+
"export LANG="en_US.UTF-8"",
|
|
1503
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1434
1504
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
1435
1505
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
1436
1506
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -1447,12 +1517,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1447
1517
|
],
|
|
1448
1518
|
"stage": "test",
|
|
1449
1519
|
"variables": {
|
|
1450
|
-
"APP_PATH": "app",
|
|
1451
1520
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1452
1521
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
1453
1522
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
1454
|
-
"LANG": "en_US.UTF-8",
|
|
1455
|
-
"LC_A": "L=en_US.UTF-8",
|
|
1456
1523
|
},
|
|
1457
1524
|
},
|
|
1458
1525
|
"app ๐จ app | review ": {
|
|
@@ -1512,24 +1579,45 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
1512
1579
|
],
|
|
1513
1580
|
},
|
|
1514
1581
|
"script": [
|
|
1582
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1583
|
+
"export ENV_SHORT="review"",
|
|
1584
|
+
"export APP_DIR="app"",
|
|
1585
|
+
"export ENV_TYPE="review"",
|
|
1586
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
1587
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
1588
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
1589
|
+
"export HOST="unknown-host.example.com"",
|
|
1590
|
+
"export ROOT_URL="https://unknown-host.example.com"",
|
|
1591
|
+
"export HOST_INTERNAL="unknown-host.example.com"",
|
|
1592
|
+
"export HOST_CANONICAL="unknown-host.example.com"",
|
|
1593
|
+
"export ROOT_URL_INTERNAL="https://unknown-host.example.com"",
|
|
1594
|
+
"export APP_STORE_CONNECT_API_KEY_CONTENT="$CL_review_app_APP_STORE_CONNECT_API_KEY_CONTENT"",
|
|
1595
|
+
"export APP_STORE_CONNECT_ISSUER_ID="$CL_review_app_APP_STORE_CONNECT_ISSUER_ID"",
|
|
1596
|
+
"export APP_STORE_CONNECT_API_KEY_ID="$CL_review_app_APP_STORE_CONNECT_API_KEY_ID"",
|
|
1597
|
+
"export GRAPHQL_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"",
|
|
1598
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"APP_STORE_CONNECT_API_KEY_CONTENT\\",\\"APP_STORE_CONNECT_ISSUER_ID\\",\\"APP_STORE_CONNECT_API_KEY_ID\\",\\"GRAPHQL_URL\\"]"",
|
|
1599
|
+
"export LC_A="L=en_US.UTF-8"",
|
|
1600
|
+
"export LANG="en_US.UTF-8"",
|
|
1601
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1515
1602
|
"cat <<EOF > app/.env
|
|
1516
1603
|
ENV_SHORT=review
|
|
1517
1604
|
APP_DIR=app
|
|
1518
1605
|
ENV_TYPE=review
|
|
1519
|
-
|
|
1520
|
-
BUILD_INFO_BUILD_TIME
|
|
1521
|
-
BUILD_INFO_CURRENT_VERSION
|
|
1606
|
+
BUILD_INFO_BUILD_ID=$(git describe --tags 2>/dev/null || git rev-parse HEAD)
|
|
1607
|
+
BUILD_INFO_BUILD_TIME=$CI_JOB_STARTED_AT
|
|
1608
|
+
BUILD_INFO_CURRENT_VERSION=$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")
|
|
1522
1609
|
HOST=unknown-host.example.com
|
|
1523
1610
|
ROOT_URL=https://unknown-host.example.com
|
|
1611
|
+
HOST_INTERNAL=unknown-host.example.com
|
|
1524
1612
|
HOST_CANONICAL=unknown-host.example.com
|
|
1525
1613
|
ROOT_URL_INTERNAL=https://unknown-host.example.com
|
|
1526
1614
|
APP_STORE_CONNECT_API_KEY_CONTENT=$CL_review_app_APP_STORE_CONNECT_API_KEY_CONTENT
|
|
1527
1615
|
APP_STORE_CONNECT_ISSUER_ID=$CL_review_app_APP_STORE_CONNECT_ISSUER_ID
|
|
1528
1616
|
APP_STORE_CONNECT_API_KEY_ID=$CL_review_app_APP_STORE_CONNECT_API_KEY_ID
|
|
1529
|
-
GRAPHQL_URL=https
|
|
1530
|
-
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","
|
|
1617
|
+
GRAPHQL_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql
|
|
1618
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","APP_STORE_CONNECT_API_KEY_CONTENT","APP_STORE_CONNECT_ISSUER_ID","APP_STORE_CONNECT_API_KEY_ID","GRAPHQL_URL"]
|
|
1531
1619
|
EOF",
|
|
1532
|
-
"echo '{"id":"
|
|
1620
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json",
|
|
1533
1621
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
1534
1622
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
1535
1623
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -1553,26 +1641,9 @@ EOF",
|
|
|
1553
1641
|
"mac-runner",
|
|
1554
1642
|
],
|
|
1555
1643
|
"variables": {
|
|
1556
|
-
"APP_DIR": "app",
|
|
1557
|
-
"APP_STORE_CONNECT_API_KEY_CONTENT": "$CL_review_app_APP_STORE_CONNECT_API_KEY_CONTENT",
|
|
1558
|
-
"APP_STORE_CONNECT_API_KEY_ID": "$CL_review_app_APP_STORE_CONNECT_API_KEY_ID",
|
|
1559
|
-
"APP_STORE_CONNECT_ISSUER_ID": "$CL_review_app_APP_STORE_CONNECT_ISSUER_ID",
|
|
1560
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
1561
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
1562
|
-
"BUILD_INFO_ID": "some-id",
|
|
1563
|
-
"ENV_SHORT": "review",
|
|
1564
|
-
"ENV_TYPE": "review",
|
|
1565
|
-
"GRAPHQL_URL": "https://pan-test-app-review-mr1234-api-unknown-host.example.com/graphql",
|
|
1566
|
-
"HOST": "unknown-host.example.com",
|
|
1567
|
-
"HOST_CANONICAL": "unknown-host.example.com",
|
|
1568
1644
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1569
1645
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
1570
1646
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
1571
|
-
"LANG": "en_US.UTF-8",
|
|
1572
|
-
"LC_A": "L=en_US.UTF-8",
|
|
1573
|
-
"ROOT_URL": "https://unknown-host.example.com",
|
|
1574
|
-
"ROOT_URL_INTERNAL": "https://unknown-host.example.com",
|
|
1575
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","APP_STORE_CONNECT_API_KEY_CONTENT","APP_STORE_CONNECT_ISSUER_ID","APP_STORE_CONNECT_API_KEY_ID","GRAPHQL_URL"]",
|
|
1576
1647
|
},
|
|
1577
1648
|
},
|
|
1578
1649
|
"app ๐ Deploy | review ": {
|
|
@@ -1589,10 +1660,6 @@ EOF",
|
|
|
1589
1660
|
],
|
|
1590
1661
|
},
|
|
1591
1662
|
],
|
|
1592
|
-
"environment": {
|
|
1593
|
-
"name": "review/some-commit/app",
|
|
1594
|
-
"url": "https://unknown-host.example.com",
|
|
1595
|
-
},
|
|
1596
1663
|
"image": "path/to/docker/jobs-default:the-version",
|
|
1597
1664
|
"interruptible": true,
|
|
1598
1665
|
"needs": [
|
|
@@ -1630,6 +1697,26 @@ EOF",
|
|
|
1630
1697
|
},
|
|
1631
1698
|
],
|
|
1632
1699
|
"script": [
|
|
1700
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1701
|
+
"export ENV_SHORT="review"",
|
|
1702
|
+
"export APP_DIR="app"",
|
|
1703
|
+
"export ENV_TYPE="review"",
|
|
1704
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
1705
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
1706
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
1707
|
+
"export HOST="unknown-host.example.com"",
|
|
1708
|
+
"export ROOT_URL="https://unknown-host.example.com"",
|
|
1709
|
+
"export HOST_INTERNAL="unknown-host.example.com"",
|
|
1710
|
+
"export HOST_CANONICAL="unknown-host.example.com"",
|
|
1711
|
+
"export ROOT_URL_INTERNAL="https://unknown-host.example.com"",
|
|
1712
|
+
"export APP_STORE_CONNECT_API_KEY_CONTENT="$CL_review_app_APP_STORE_CONNECT_API_KEY_CONTENT"",
|
|
1713
|
+
"export APP_STORE_CONNECT_ISSUER_ID="$CL_review_app_APP_STORE_CONNECT_ISSUER_ID"",
|
|
1714
|
+
"export APP_STORE_CONNECT_API_KEY_ID="$CL_review_app_APP_STORE_CONNECT_API_KEY_ID"",
|
|
1715
|
+
"export GRAPHQL_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"",
|
|
1716
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"APP_STORE_CONNECT_API_KEY_CONTENT\\",\\"APP_STORE_CONNECT_ISSUER_ID\\",\\"APP_STORE_CONNECT_API_KEY_ID\\",\\"GRAPHQL_URL\\"]"",
|
|
1717
|
+
"export LC_A="L=en_US.UTF-8"",
|
|
1718
|
+
"export LANG="en_US.UTF-8"",
|
|
1719
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1633
1720
|
"cd app",
|
|
1634
1721
|
"bundle config set --local path 'vendor/ruby'",
|
|
1635
1722
|
"gem install bundler",
|
|
@@ -1643,26 +1730,9 @@ EOF",
|
|
|
1643
1730
|
"mac-runner",
|
|
1644
1731
|
],
|
|
1645
1732
|
"variables": {
|
|
1646
|
-
"APP_DIR": "app",
|
|
1647
|
-
"APP_STORE_CONNECT_API_KEY_CONTENT": "$CL_review_app_APP_STORE_CONNECT_API_KEY_CONTENT",
|
|
1648
|
-
"APP_STORE_CONNECT_API_KEY_ID": "$CL_review_app_APP_STORE_CONNECT_API_KEY_ID",
|
|
1649
|
-
"APP_STORE_CONNECT_ISSUER_ID": "$CL_review_app_APP_STORE_CONNECT_ISSUER_ID",
|
|
1650
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
1651
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
1652
|
-
"BUILD_INFO_ID": "some-id",
|
|
1653
|
-
"ENV_SHORT": "review",
|
|
1654
|
-
"ENV_TYPE": "review",
|
|
1655
|
-
"GRAPHQL_URL": "https://pan-test-app-review-mr1234-api-unknown-host.example.com/graphql",
|
|
1656
|
-
"HOST": "unknown-host.example.com",
|
|
1657
|
-
"HOST_CANONICAL": "unknown-host.example.com",
|
|
1658
1733
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1659
1734
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
1660
1735
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
1661
|
-
"LANG": "en_US.UTF-8",
|
|
1662
|
-
"LC_A": "L=en_US.UTF-8",
|
|
1663
|
-
"ROOT_URL": "https://unknown-host.example.com",
|
|
1664
|
-
"ROOT_URL_INTERNAL": "https://unknown-host.example.com",
|
|
1665
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","APP_STORE_CONNECT_API_KEY_CONTENT","APP_STORE_CONNECT_ISSUER_ID","APP_STORE_CONNECT_API_KEY_ID","GRAPHQL_URL"]",
|
|
1666
1736
|
},
|
|
1667
1737
|
},
|
|
1668
1738
|
"app ๐ก audit": {
|
|
@@ -1678,17 +1748,19 @@ EOF",
|
|
|
1678
1748
|
],
|
|
1679
1749
|
},
|
|
1680
1750
|
"script": [
|
|
1751
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1752
|
+
"export APP_PATH="app"",
|
|
1753
|
+
"export LC_A="L=en_US.UTF-8"",
|
|
1754
|
+
"export LANG="en_US.UTF-8"",
|
|
1755
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1681
1756
|
"cd app",
|
|
1682
1757
|
"yarn npm audit --environment production",
|
|
1683
1758
|
],
|
|
1684
1759
|
"stage": "test",
|
|
1685
1760
|
"variables": {
|
|
1686
|
-
"APP_PATH": "app",
|
|
1687
1761
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1688
1762
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
1689
1763
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
1690
|
-
"LANG": "en_US.UTF-8",
|
|
1691
|
-
"LC_A": "L=en_US.UTF-8",
|
|
1692
1764
|
},
|
|
1693
1765
|
},
|
|
1694
1766
|
"app ๐งช test": {
|
|
@@ -1719,6 +1791,11 @@ EOF",
|
|
|
1719
1791
|
],
|
|
1720
1792
|
},
|
|
1721
1793
|
"script": [
|
|
1794
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1795
|
+
"export APP_PATH="app"",
|
|
1796
|
+
"export LC_A="L=en_US.UTF-8"",
|
|
1797
|
+
"export LANG="en_US.UTF-8"",
|
|
1798
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1722
1799
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
1723
1800
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
1724
1801
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -1735,12 +1812,9 @@ EOF",
|
|
|
1735
1812
|
],
|
|
1736
1813
|
"stage": "test",
|
|
1737
1814
|
"variables": {
|
|
1738
|
-
"APP_PATH": "app",
|
|
1739
1815
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1740
1816
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
1741
1817
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
1742
|
-
"LANG": "en_US.UTF-8",
|
|
1743
|
-
"LC_A": "L=en_US.UTF-8",
|
|
1744
1818
|
},
|
|
1745
1819
|
},
|
|
1746
1820
|
"app ๐งพ sbom | review ": {
|
|
@@ -1761,6 +1835,8 @@ EOF",
|
|
|
1761
1835
|
],
|
|
1762
1836
|
},
|
|
1763
1837
|
"script": [
|
|
1838
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1839
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1764
1840
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" app",
|
|
1765
1841
|
],
|
|
1766
1842
|
"stage": "build",
|
|
@@ -1813,7 +1889,7 @@ EOF",
|
|
|
1813
1889
|
],
|
|
1814
1890
|
"variables": {
|
|
1815
1891
|
"FF_USE_FASTZIP": "true",
|
|
1816
|
-
"GIT_DEPTH": 1,
|
|
1892
|
+
"GIT_DEPTH": "1",
|
|
1817
1893
|
},
|
|
1818
1894
|
"workflow": {
|
|
1819
1895
|
"rules": [
|
|
@@ -1890,7 +1966,25 @@ EOF",
|
|
|
1890
1966
|
],
|
|
1891
1967
|
},
|
|
1892
1968
|
"script": [
|
|
1893
|
-
"echo
|
|
1969
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
1970
|
+
"export ENV_SHORT="prod"",
|
|
1971
|
+
"export APP_DIR="api"",
|
|
1972
|
+
"export ENV_TYPE="prod"",
|
|
1973
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
1974
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
1975
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
1976
|
+
"export HOST="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1977
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1978
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1979
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1980
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
1981
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
|
|
1982
|
+
"export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
|
|
1983
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_prod_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
1984
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
1985
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
1986
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
1987
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json",
|
|
1894
1988
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
1895
1989
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
1896
1990
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -1907,25 +2001,9 @@ EOF",
|
|
|
1907
2001
|
],
|
|
1908
2002
|
"stage": "build",
|
|
1909
2003
|
"variables": {
|
|
1910
|
-
"APP_DIR": "api",
|
|
1911
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
1912
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
1913
|
-
"BUILD_INFO_ID": "some-id",
|
|
1914
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
|
|
1915
|
-
"DEPLOY_CLOUD_RUN_REGION": "asia-east1",
|
|
1916
|
-
"ENV_SHORT": "prod",
|
|
1917
|
-
"ENV_TYPE": "prod",
|
|
1918
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey",
|
|
1919
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
1920
|
-
"HOST": "pan-test-app-prod-api-unknown-host.example.com",
|
|
1921
|
-
"HOST_CANONICAL": "pan-test-app-prod-api-unknown-host.example.com",
|
|
1922
|
-
"HOST_INTERNAL": "pan-test-app-prod-api-unknown-host.example.com",
|
|
1923
2004
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
1924
2005
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
1925
2006
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
1926
|
-
"ROOT_URL": "https://pan-test-app-prod-api-unknown-host.example.com",
|
|
1927
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-prod-api-unknown-host.example.com",
|
|
1928
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
1929
2007
|
},
|
|
1930
2008
|
},
|
|
1931
2009
|
"api ๐จ app | stage ": {
|
|
@@ -1975,7 +2053,25 @@ EOF",
|
|
|
1975
2053
|
],
|
|
1976
2054
|
},
|
|
1977
2055
|
"script": [
|
|
1978
|
-
"echo
|
|
2056
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2057
|
+
"export ENV_SHORT="stage"",
|
|
2058
|
+
"export APP_DIR="api"",
|
|
2059
|
+
"export ENV_TYPE="stage"",
|
|
2060
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
2061
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
2062
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
2063
|
+
"export HOST="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2064
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2065
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2066
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2067
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2068
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
|
|
2069
|
+
"export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
|
|
2070
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_stage_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
2071
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
2072
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
2073
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2074
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json",
|
|
1979
2075
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
1980
2076
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
1981
2077
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -1992,25 +2088,9 @@ EOF",
|
|
|
1992
2088
|
],
|
|
1993
2089
|
"stage": "build",
|
|
1994
2090
|
"variables": {
|
|
1995
|
-
"APP_DIR": "api",
|
|
1996
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
1997
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
1998
|
-
"BUILD_INFO_ID": "some-id",
|
|
1999
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
|
|
2000
|
-
"DEPLOY_CLOUD_RUN_REGION": "asia-east1",
|
|
2001
|
-
"ENV_SHORT": "stage",
|
|
2002
|
-
"ENV_TYPE": "stage",
|
|
2003
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey",
|
|
2004
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
2005
|
-
"HOST": "pan-test-app-stage-api-unknown-host.example.com",
|
|
2006
|
-
"HOST_CANONICAL": "pan-test-app-stage-api-unknown-host.example.com",
|
|
2007
|
-
"HOST_INTERNAL": "pan-test-app-stage-api-unknown-host.example.com",
|
|
2008
2091
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2009
2092
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
2010
2093
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
2011
|
-
"ROOT_URL": "https://pan-test-app-stage-api-unknown-host.example.com",
|
|
2012
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-stage-api-unknown-host.example.com",
|
|
2013
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
2014
2094
|
},
|
|
2015
2095
|
},
|
|
2016
2096
|
"api ๐จ docker | prod ": {
|
|
@@ -2036,6 +2116,21 @@ EOF",
|
|
|
2036
2116
|
],
|
|
2037
2117
|
},
|
|
2038
2118
|
"script": [
|
|
2119
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2120
|
+
"export APP_DIR="api"",
|
|
2121
|
+
"export DOCKER_DIR="."",
|
|
2122
|
+
"export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
|
|
2123
|
+
"export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/api"",
|
|
2124
|
+
"export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api"",
|
|
2125
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
2126
|
+
"export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
|
|
2127
|
+
RUN yarn plugin import workspace-tools
|
|
2128
|
+
RUN yarn workspaces focus --production && yarn rebuild"",
|
|
2129
|
+
"export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
|
|
2130
|
+
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
2131
|
+
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
2132
|
+
COPY --chown=node:node .yarn /app/.yarn"",
|
|
2133
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2039
2134
|
"ensureNodeDockerfile",
|
|
2040
2135
|
"echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
|
|
2041
2136
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
@@ -2060,24 +2155,9 @@ EOF",
|
|
|
2060
2155
|
],
|
|
2061
2156
|
"stage": "build",
|
|
2062
2157
|
"variables": {
|
|
2063
|
-
"APP_DIR": "api",
|
|
2064
|
-
"DOCKERFILE_ADDITIONS": undefined,
|
|
2065
|
-
"DOCKERFILE_ADDITIONS_END": undefined,
|
|
2066
2158
|
"DOCKER_BUILDKIT": "1",
|
|
2067
|
-
"DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api",
|
|
2068
|
-
"DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
|
|
2069
|
-
RUN yarn plugin import workspace-tools
|
|
2070
|
-
RUN yarn workspaces focus --production && yarn rebuild",
|
|
2071
|
-
"DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node api/package.json /app/api/package.json
|
|
2072
|
-
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
2073
|
-
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
2074
|
-
COPY --chown=node:node .yarn /app/.yarn",
|
|
2075
|
-
"DOCKER_DIR": ".",
|
|
2076
2159
|
"DOCKER_DRIVER": "overlay2",
|
|
2077
2160
|
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
2078
|
-
"DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/api",
|
|
2079
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
2080
|
-
"DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
|
|
2081
2161
|
"DOCKER_TLS_CERTDIR": "",
|
|
2082
2162
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2083
2163
|
"KUBERNETES_MEMORY_LIMIT": "2Gi",
|
|
@@ -2107,6 +2187,21 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
2107
2187
|
],
|
|
2108
2188
|
},
|
|
2109
2189
|
"script": [
|
|
2190
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2191
|
+
"export APP_DIR="api"",
|
|
2192
|
+
"export DOCKER_DIR="."",
|
|
2193
|
+
"export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
|
|
2194
|
+
"export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/api"",
|
|
2195
|
+
"export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api"",
|
|
2196
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
2197
|
+
"export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
|
|
2198
|
+
RUN yarn plugin import workspace-tools
|
|
2199
|
+
RUN yarn workspaces focus --production && yarn rebuild"",
|
|
2200
|
+
"export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
|
|
2201
|
+
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
2202
|
+
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
2203
|
+
COPY --chown=node:node .yarn /app/.yarn"",
|
|
2204
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2110
2205
|
"ensureNodeDockerfile",
|
|
2111
2206
|
"echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
|
|
2112
2207
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
@@ -2131,24 +2226,9 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
2131
2226
|
],
|
|
2132
2227
|
"stage": "build",
|
|
2133
2228
|
"variables": {
|
|
2134
|
-
"APP_DIR": "api",
|
|
2135
|
-
"DOCKERFILE_ADDITIONS": undefined,
|
|
2136
|
-
"DOCKERFILE_ADDITIONS_END": undefined,
|
|
2137
2229
|
"DOCKER_BUILDKIT": "1",
|
|
2138
|
-
"DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api",
|
|
2139
|
-
"DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
|
|
2140
|
-
RUN yarn plugin import workspace-tools
|
|
2141
|
-
RUN yarn workspaces focus --production && yarn rebuild",
|
|
2142
|
-
"DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node api/package.json /app/api/package.json
|
|
2143
|
-
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
2144
|
-
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
2145
|
-
COPY --chown=node:node .yarn /app/.yarn",
|
|
2146
|
-
"DOCKER_DIR": ".",
|
|
2147
2230
|
"DOCKER_DRIVER": "overlay2",
|
|
2148
2231
|
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
2149
|
-
"DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/api",
|
|
2150
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
2151
|
-
"DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
|
|
2152
2232
|
"DOCKER_TLS_CERTDIR": "",
|
|
2153
2233
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2154
2234
|
"KUBERNETES_MEMORY_LIMIT": "2Gi",
|
|
@@ -2158,15 +2238,15 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
2158
2238
|
"api ๐ Deploy | prod ": {
|
|
2159
2239
|
"allow_failure": true,
|
|
2160
2240
|
"artifacts": {
|
|
2161
|
-
"
|
|
2162
|
-
"
|
|
2163
|
-
|
|
2241
|
+
"reports": {
|
|
2242
|
+
"dotenv": "gitlab_environment.env",
|
|
2243
|
+
},
|
|
2164
2244
|
},
|
|
2165
2245
|
"environment": {
|
|
2166
2246
|
"auto_stop_in": undefined,
|
|
2167
2247
|
"name": "prod/api",
|
|
2168
2248
|
"on_stop": "api ๐ Stop โ ๏ธ | prod ",
|
|
2169
|
-
"url": "
|
|
2249
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
2170
2250
|
},
|
|
2171
2251
|
"image": "path/to/docker/gcloud:the-version",
|
|
2172
2252
|
"interruptible": true,
|
|
@@ -2197,13 +2277,71 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
2197
2277
|
},
|
|
2198
2278
|
],
|
|
2199
2279
|
"script": [
|
|
2280
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2281
|
+
"export ENV_SHORT="prod"",
|
|
2282
|
+
"export APP_DIR="api"",
|
|
2283
|
+
"export ENV_TYPE="prod"",
|
|
2284
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
2285
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
2286
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
2287
|
+
"export HOST="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2288
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2289
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2290
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2291
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2292
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
|
|
2293
|
+
"export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
|
|
2294
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_prod_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
2295
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
2296
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
2297
|
+
"export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
|
|
2298
|
+
"export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/api"",
|
|
2299
|
+
"export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api"",
|
|
2300
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
2301
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
2302
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2200
2303
|
"echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
|
|
2201
2304
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
2202
2305
|
"export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")",
|
|
2203
2306
|
"echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
|
|
2204
2307
|
"echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
|
|
2308
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
|
|
2309
|
+
"cat > ____envvars.yaml <<EOF
|
|
2310
|
+
ENV_SHORT: |-
|
|
2311
|
+
prod
|
|
2312
|
+
APP_DIR: |-
|
|
2313
|
+
api
|
|
2314
|
+
ENV_TYPE: |-
|
|
2315
|
+
prod
|
|
2316
|
+
BUILD_INFO_BUILD_ID: |-
|
|
2317
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
|
|
2318
|
+
BUILD_INFO_BUILD_TIME: |-
|
|
2319
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
|
|
2320
|
+
BUILD_INFO_CURRENT_VERSION: |-
|
|
2321
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/ /')
|
|
2322
|
+
HOST: |-
|
|
2323
|
+
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2324
|
+
ROOT_URL: |-
|
|
2325
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2326
|
+
HOST_INTERNAL: |-
|
|
2327
|
+
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2328
|
+
HOST_CANONICAL: |-
|
|
2329
|
+
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2330
|
+
ROOT_URL_INTERNAL: |-
|
|
2331
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2332
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
2333
|
+
asdf
|
|
2334
|
+
DEPLOY_CLOUD_RUN_REGION: |-
|
|
2335
|
+
asia-east1
|
|
2336
|
+
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
2337
|
+
$(printf %s "$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
|
|
2338
|
+
_ALL_ENV_VAR_KEYS: |-
|
|
2339
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
2340
|
+
|
|
2341
|
+
EOF
|
|
2342
|
+
",
|
|
2343
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
|
|
2205
2344
|
"echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
|
|
2206
|
-
"echo "$ENV_VARS" > ____envvars.yaml",
|
|
2207
2345
|
"gcloud run deploy pan-test-app-prod-api --command="yarn,start" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/api:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=prod,env-name=prod,build-type=node,cloud-run-service-name=pan-test-app-prod-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
|
|
2208
2346
|
"echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
|
|
2209
2347
|
"echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
|
|
@@ -2212,76 +2350,28 @@ COPY --chown=node:node .yarn /app/.yarn",
|
|
|
2212
2350
|
"gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
2213
2351
|
"echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
|
|
2214
2352
|
"echo Uploading SBOM to Dependency Track",
|
|
2215
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https
|
|
2216
|
-
|
|
2217
|
-
"services": [
|
|
2218
|
-
{
|
|
2219
|
-
"command": [
|
|
2220
|
-
"--tls=false",
|
|
2221
|
-
],
|
|
2222
|
-
"name": "docker:24.0.6-dind",
|
|
2223
|
-
},
|
|
2353
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
|
|
2354
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
2224
2355
|
],
|
|
2225
2356
|
"stage": "deploy prod",
|
|
2226
2357
|
"variables": {
|
|
2227
|
-
"APP_DIR": "api",
|
|
2228
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
2229
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
2230
|
-
"BUILD_INFO_ID": "some-id",
|
|
2231
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
2232
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
|
|
2233
|
-
"DEPLOY_CLOUD_RUN_REGION": "asia-east1",
|
|
2234
|
-
"DOCKER_BUILDKIT": "1",
|
|
2235
|
-
"DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api",
|
|
2236
|
-
"DOCKER_DRIVER": "overlay2",
|
|
2237
|
-
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
2238
|
-
"DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/api",
|
|
2239
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
2240
|
-
"DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
|
|
2241
|
-
"DOCKER_TLS_CERTDIR": "",
|
|
2242
|
-
"ENV_SHORT": "prod",
|
|
2243
|
-
"ENV_TYPE": "prod",
|
|
2244
|
-
"ENV_VARS": "ENV_SHORT: 'prod'
|
|
2245
|
-
APP_DIR: 'api'
|
|
2246
|
-
ENV_TYPE: 'prod'
|
|
2247
|
-
BUILD_INFO_ID: 'some-id'
|
|
2248
|
-
BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
|
|
2249
|
-
BUILD_INFO_CURRENT_VERSION: '3.2.1'
|
|
2250
|
-
HOST: 'pan-test-app-prod-api-unknown-host.example.com'
|
|
2251
|
-
ROOT_URL: 'https://pan-test-app-prod-api-unknown-host.example.com'
|
|
2252
|
-
HOST_CANONICAL: 'pan-test-app-prod-api-unknown-host.example.com'
|
|
2253
|
-
ROOT_URL_INTERNAL: 'https://pan-test-app-prod-api-unknown-host.example.com'
|
|
2254
|
-
HOST_INTERNAL: 'pan-test-app-prod-api-unknown-host.example.com'
|
|
2255
|
-
DEPLOY_CLOUD_RUN_PROJECT_ID: 'asdf'
|
|
2256
|
-
DEPLOY_CLOUD_RUN_REGION: 'asia-east1'
|
|
2257
|
-
GCLOUD_RUN_canonicalHostSuffix: '$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix'
|
|
2258
|
-
_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
|
|
2259
|
-
",
|
|
2260
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey",
|
|
2261
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
2262
|
-
"HOST": "pan-test-app-prod-api-unknown-host.example.com",
|
|
2263
|
-
"HOST_CANONICAL": "pan-test-app-prod-api-unknown-host.example.com",
|
|
2264
|
-
"HOST_INTERNAL": "pan-test-app-prod-api-unknown-host.example.com",
|
|
2265
2358
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2266
2359
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
2267
2360
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
2268
|
-
"ROOT_URL": "https://pan-test-app-prod-api-unknown-host.example.com",
|
|
2269
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-prod-api-unknown-host.example.com",
|
|
2270
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
2271
2361
|
},
|
|
2272
2362
|
},
|
|
2273
2363
|
"api ๐ Deploy | stage ": {
|
|
2274
2364
|
"allow_failure": false,
|
|
2275
2365
|
"artifacts": {
|
|
2276
|
-
"
|
|
2277
|
-
"
|
|
2278
|
-
|
|
2366
|
+
"reports": {
|
|
2367
|
+
"dotenv": "gitlab_environment.env",
|
|
2368
|
+
},
|
|
2279
2369
|
},
|
|
2280
2370
|
"environment": {
|
|
2281
2371
|
"auto_stop_in": undefined,
|
|
2282
2372
|
"name": "stage/api",
|
|
2283
2373
|
"on_stop": "api ๐ Stop โ ๏ธ | stage ",
|
|
2284
|
-
"url": "
|
|
2374
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
2285
2375
|
},
|
|
2286
2376
|
"image": "path/to/docker/gcloud:the-version",
|
|
2287
2377
|
"interruptible": true,
|
|
@@ -2312,13 +2402,71 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2312
2402
|
},
|
|
2313
2403
|
],
|
|
2314
2404
|
"script": [
|
|
2405
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2406
|
+
"export ENV_SHORT="stage"",
|
|
2407
|
+
"export APP_DIR="api"",
|
|
2408
|
+
"export ENV_TYPE="stage"",
|
|
2409
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
2410
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
2411
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
2412
|
+
"export HOST="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2413
|
+
"export ROOT_URL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2414
|
+
"export HOST_INTERNAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2415
|
+
"export HOST_CANONICAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2416
|
+
"export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
|
|
2417
|
+
"export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
|
|
2418
|
+
"export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
|
|
2419
|
+
"export GCLOUD_DEPLOY_credentialsKey="$CL_stage_api_GCLOUD_DEPLOY_credentialsKey"",
|
|
2420
|
+
"export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix"",
|
|
2421
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
|
|
2422
|
+
"export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
|
|
2423
|
+
"export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/api"",
|
|
2424
|
+
"export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api"",
|
|
2425
|
+
"export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
|
|
2426
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
2427
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2315
2428
|
"echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
|
|
2316
2429
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
2317
2430
|
"export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")",
|
|
2318
2431
|
"echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
|
|
2319
2432
|
"echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
|
|
2433
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
|
|
2434
|
+
"cat > ____envvars.yaml <<EOF
|
|
2435
|
+
ENV_SHORT: |-
|
|
2436
|
+
stage
|
|
2437
|
+
APP_DIR: |-
|
|
2438
|
+
api
|
|
2439
|
+
ENV_TYPE: |-
|
|
2440
|
+
stage
|
|
2441
|
+
BUILD_INFO_BUILD_ID: |-
|
|
2442
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
|
|
2443
|
+
BUILD_INFO_BUILD_TIME: |-
|
|
2444
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
|
|
2445
|
+
BUILD_INFO_CURRENT_VERSION: |-
|
|
2446
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/ /')
|
|
2447
|
+
HOST: |-
|
|
2448
|
+
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2449
|
+
ROOT_URL: |-
|
|
2450
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2451
|
+
HOST_INTERNAL: |-
|
|
2452
|
+
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2453
|
+
HOST_CANONICAL: |-
|
|
2454
|
+
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2455
|
+
ROOT_URL_INTERNAL: |-
|
|
2456
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2457
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
2458
|
+
asdf
|
|
2459
|
+
DEPLOY_CLOUD_RUN_REGION: |-
|
|
2460
|
+
asia-east1
|
|
2461
|
+
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
2462
|
+
$(printf %s "$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
|
|
2463
|
+
_ALL_ENV_VAR_KEYS: |-
|
|
2464
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
2465
|
+
|
|
2466
|
+
EOF
|
|
2467
|
+
",
|
|
2468
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
|
|
2320
2469
|
"echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
|
|
2321
|
-
"echo "$ENV_VARS" > ____envvars.yaml",
|
|
2322
2470
|
"gcloud run deploy pan-test-app-stage-api --command="yarn,start" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/api:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=stage,env-name=stage,build-type=node,cloud-run-service-name=pan-test-app-stage-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
|
|
2323
2471
|
"echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
|
|
2324
2472
|
"echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
|
|
@@ -2327,69 +2475,27 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2327
2475
|
"gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
2328
2476
|
"echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
|
|
2329
2477
|
"echo Uploading SBOM to Dependency Track",
|
|
2330
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https
|
|
2331
|
-
|
|
2332
|
-
"services": [
|
|
2333
|
-
{
|
|
2334
|
-
"command": [
|
|
2335
|
-
"--tls=false",
|
|
2336
|
-
],
|
|
2337
|
-
"name": "docker:24.0.6-dind",
|
|
2338
|
-
},
|
|
2478
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
|
|
2479
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
2339
2480
|
],
|
|
2340
2481
|
"stage": "deploy stage",
|
|
2341
2482
|
"variables": {
|
|
2342
|
-
"APP_DIR": "api",
|
|
2343
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
2344
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
2345
|
-
"BUILD_INFO_ID": "some-id",
|
|
2346
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
2347
|
-
"DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
|
|
2348
|
-
"DEPLOY_CLOUD_RUN_REGION": "asia-east1",
|
|
2349
|
-
"DOCKER_BUILDKIT": "1",
|
|
2350
|
-
"DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api",
|
|
2351
|
-
"DOCKER_DRIVER": "overlay2",
|
|
2352
|
-
"DOCKER_HOST": "tcp://0.0.0.0:2375",
|
|
2353
|
-
"DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/api",
|
|
2354
|
-
"DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
|
|
2355
|
-
"DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
|
|
2356
|
-
"DOCKER_TLS_CERTDIR": "",
|
|
2357
|
-
"ENV_SHORT": "stage",
|
|
2358
|
-
"ENV_TYPE": "stage",
|
|
2359
|
-
"ENV_VARS": "ENV_SHORT: 'stage'
|
|
2360
|
-
APP_DIR: 'api'
|
|
2361
|
-
ENV_TYPE: 'stage'
|
|
2362
|
-
BUILD_INFO_ID: 'some-id'
|
|
2363
|
-
BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
|
|
2364
|
-
BUILD_INFO_CURRENT_VERSION: '3.2.1'
|
|
2365
|
-
HOST: 'pan-test-app-stage-api-unknown-host.example.com'
|
|
2366
|
-
ROOT_URL: 'https://pan-test-app-stage-api-unknown-host.example.com'
|
|
2367
|
-
HOST_CANONICAL: 'pan-test-app-stage-api-unknown-host.example.com'
|
|
2368
|
-
ROOT_URL_INTERNAL: 'https://pan-test-app-stage-api-unknown-host.example.com'
|
|
2369
|
-
HOST_INTERNAL: 'pan-test-app-stage-api-unknown-host.example.com'
|
|
2370
|
-
DEPLOY_CLOUD_RUN_PROJECT_ID: 'asdf'
|
|
2371
|
-
DEPLOY_CLOUD_RUN_REGION: 'asia-east1'
|
|
2372
|
-
GCLOUD_RUN_canonicalHostSuffix: '$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix'
|
|
2373
|
-
_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
|
|
2374
|
-
",
|
|
2375
|
-
"GCLOUD_DEPLOY_credentialsKey": "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey",
|
|
2376
|
-
"GCLOUD_RUN_canonicalHostSuffix": "$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix",
|
|
2377
|
-
"HOST": "pan-test-app-stage-api-unknown-host.example.com",
|
|
2378
|
-
"HOST_CANONICAL": "pan-test-app-stage-api-unknown-host.example.com",
|
|
2379
|
-
"HOST_INTERNAL": "pan-test-app-stage-api-unknown-host.example.com",
|
|
2380
2483
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2381
2484
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
2382
2485
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
2383
|
-
"ROOT_URL": "https://pan-test-app-stage-api-unknown-host.example.com",
|
|
2384
|
-
"ROOT_URL_INTERNAL": "https://pan-test-app-stage-api-unknown-host.example.com",
|
|
2385
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
|
|
2386
2486
|
},
|
|
2387
2487
|
},
|
|
2388
2488
|
"api ๐ Stop โ ๏ธ | prod ": {
|
|
2489
|
+
"allow_failure": true,
|
|
2490
|
+
"artifacts": {
|
|
2491
|
+
"reports": {
|
|
2492
|
+
"dotenv": "gitlab_environment.env",
|
|
2493
|
+
},
|
|
2494
|
+
},
|
|
2389
2495
|
"environment": {
|
|
2390
2496
|
"action": "stop",
|
|
2391
2497
|
"name": "prod/api",
|
|
2392
|
-
"url": "
|
|
2498
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
2393
2499
|
},
|
|
2394
2500
|
"image": "path/to/docker/gcloud:the-version",
|
|
2395
2501
|
"interruptible": true,
|
|
@@ -2403,28 +2509,29 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2403
2509
|
},
|
|
2404
2510
|
"rules": [
|
|
2405
2511
|
{
|
|
2406
|
-
"allow_failure": true,
|
|
2407
2512
|
"if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
|
|
2408
2513
|
"when": "on_success",
|
|
2409
2514
|
},
|
|
2410
2515
|
{
|
|
2411
|
-
"allow_failure": true,
|
|
2412
2516
|
"when": "manual",
|
|
2413
2517
|
},
|
|
2414
2518
|
],
|
|
2415
2519
|
"script": [
|
|
2520
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2521
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
2522
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2416
2523
|
"set +e",
|
|
2417
2524
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
2418
2525
|
"gcloud run services delete pan-test-app-prod-api --project=asdf --region=asia-east1",
|
|
2419
2526
|
"gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/api --quiet --delete-tags",
|
|
2420
2527
|
"gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
2421
2528
|
"echo Disabling component in Dependency Track",
|
|
2422
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https
|
|
2529
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
|
|
2423
2530
|
"set -e",
|
|
2531
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
2424
2532
|
],
|
|
2425
2533
|
"stage": "stop prod",
|
|
2426
2534
|
"variables": {
|
|
2427
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
2428
2535
|
"GIT_STRATEGY": "none",
|
|
2429
2536
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2430
2537
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
@@ -2432,10 +2539,16 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2432
2539
|
},
|
|
2433
2540
|
},
|
|
2434
2541
|
"api ๐ Stop โ ๏ธ | stage ": {
|
|
2542
|
+
"allow_failure": true,
|
|
2543
|
+
"artifacts": {
|
|
2544
|
+
"reports": {
|
|
2545
|
+
"dotenv": "gitlab_environment.env",
|
|
2546
|
+
},
|
|
2547
|
+
},
|
|
2435
2548
|
"environment": {
|
|
2436
2549
|
"action": "stop",
|
|
2437
2550
|
"name": "stage/api",
|
|
2438
|
-
"url": "
|
|
2551
|
+
"url": "$CL_GITLAB_ENVIRONMENT_URL",
|
|
2439
2552
|
},
|
|
2440
2553
|
"image": "path/to/docker/gcloud:the-version",
|
|
2441
2554
|
"interruptible": true,
|
|
@@ -2449,28 +2562,29 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2449
2562
|
},
|
|
2450
2563
|
"rules": [
|
|
2451
2564
|
{
|
|
2452
|
-
"allow_failure": true,
|
|
2453
2565
|
"if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
|
|
2454
2566
|
"when": "on_success",
|
|
2455
2567
|
},
|
|
2456
2568
|
{
|
|
2457
|
-
"allow_failure": true,
|
|
2458
2569
|
"when": "manual",
|
|
2459
2570
|
},
|
|
2460
2571
|
],
|
|
2461
2572
|
"script": [
|
|
2573
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2574
|
+
"export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
|
|
2575
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2462
2576
|
"set +e",
|
|
2463
2577
|
"gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")",
|
|
2464
2578
|
"gcloud run services delete pan-test-app-stage-api --project=asdf --region=asia-east1",
|
|
2465
2579
|
"gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/api --quiet --delete-tags",
|
|
2466
2580
|
"gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
|
|
2467
2581
|
"echo Disabling component in Dependency Track",
|
|
2468
|
-
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https
|
|
2582
|
+
"/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
|
|
2469
2583
|
"set -e",
|
|
2584
|
+
"echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
|
|
2470
2585
|
],
|
|
2471
2586
|
"stage": "stop stage",
|
|
2472
2587
|
"variables": {
|
|
2473
|
-
"CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
|
|
2474
2588
|
"GIT_STRATEGY": "none",
|
|
2475
2589
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2476
2590
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
@@ -2495,6 +2609,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2495
2609
|
],
|
|
2496
2610
|
},
|
|
2497
2611
|
"script": [
|
|
2612
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2613
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2498
2614
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
|
|
2499
2615
|
],
|
|
2500
2616
|
"stage": "build",
|
|
@@ -2518,6 +2634,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2518
2634
|
],
|
|
2519
2635
|
},
|
|
2520
2636
|
"script": [
|
|
2637
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2638
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2521
2639
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
|
|
2522
2640
|
],
|
|
2523
2641
|
"stage": "build",
|
|
@@ -2580,24 +2698,45 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
|
|
|
2580
2698
|
],
|
|
2581
2699
|
},
|
|
2582
2700
|
"script": [
|
|
2701
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2702
|
+
"export ENV_SHORT="prod"",
|
|
2703
|
+
"export APP_DIR="app"",
|
|
2704
|
+
"export ENV_TYPE="prod"",
|
|
2705
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
2706
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
2707
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
2708
|
+
"export HOST="unknown-host.example.com"",
|
|
2709
|
+
"export ROOT_URL="https://unknown-host.example.com"",
|
|
2710
|
+
"export HOST_INTERNAL="unknown-host.example.com"",
|
|
2711
|
+
"export HOST_CANONICAL="unknown-host.example.com"",
|
|
2712
|
+
"export ROOT_URL_INTERNAL="https://unknown-host.example.com"",
|
|
2713
|
+
"export APP_STORE_CONNECT_API_KEY_CONTENT="$CL_prod_app_APP_STORE_CONNECT_API_KEY_CONTENT"",
|
|
2714
|
+
"export APP_STORE_CONNECT_ISSUER_ID="$CL_prod_app_APP_STORE_CONNECT_ISSUER_ID"",
|
|
2715
|
+
"export APP_STORE_CONNECT_API_KEY_ID="$CL_prod_app_APP_STORE_CONNECT_API_KEY_ID"",
|
|
2716
|
+
"export GRAPHQL_URL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"",
|
|
2717
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"APP_STORE_CONNECT_API_KEY_CONTENT\\",\\"APP_STORE_CONNECT_ISSUER_ID\\",\\"APP_STORE_CONNECT_API_KEY_ID\\",\\"GRAPHQL_URL\\"]"",
|
|
2718
|
+
"export LC_A="L=en_US.UTF-8"",
|
|
2719
|
+
"export LANG="en_US.UTF-8"",
|
|
2720
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2583
2721
|
"cat <<EOF > app/.env
|
|
2584
2722
|
ENV_SHORT=prod
|
|
2585
2723
|
APP_DIR=app
|
|
2586
2724
|
ENV_TYPE=prod
|
|
2587
|
-
|
|
2588
|
-
BUILD_INFO_BUILD_TIME
|
|
2589
|
-
BUILD_INFO_CURRENT_VERSION
|
|
2725
|
+
BUILD_INFO_BUILD_ID=$(git describe --tags 2>/dev/null || git rev-parse HEAD)
|
|
2726
|
+
BUILD_INFO_BUILD_TIME=$CI_JOB_STARTED_AT
|
|
2727
|
+
BUILD_INFO_CURRENT_VERSION=$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")
|
|
2590
2728
|
HOST=unknown-host.example.com
|
|
2591
2729
|
ROOT_URL=https://unknown-host.example.com
|
|
2730
|
+
HOST_INTERNAL=unknown-host.example.com
|
|
2592
2731
|
HOST_CANONICAL=unknown-host.example.com
|
|
2593
2732
|
ROOT_URL_INTERNAL=https://unknown-host.example.com
|
|
2594
2733
|
APP_STORE_CONNECT_API_KEY_CONTENT=$CL_prod_app_APP_STORE_CONNECT_API_KEY_CONTENT
|
|
2595
2734
|
APP_STORE_CONNECT_ISSUER_ID=$CL_prod_app_APP_STORE_CONNECT_ISSUER_ID
|
|
2596
2735
|
APP_STORE_CONNECT_API_KEY_ID=$CL_prod_app_APP_STORE_CONNECT_API_KEY_ID
|
|
2597
|
-
GRAPHQL_URL=https
|
|
2598
|
-
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","
|
|
2736
|
+
GRAPHQL_URL=https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql
|
|
2737
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","APP_STORE_CONNECT_API_KEY_CONTENT","APP_STORE_CONNECT_ISSUER_ID","APP_STORE_CONNECT_API_KEY_ID","GRAPHQL_URL"]
|
|
2599
2738
|
EOF",
|
|
2600
|
-
"echo '{"id":"
|
|
2739
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json",
|
|
2601
2740
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
2602
2741
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
2603
2742
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -2621,26 +2760,9 @@ EOF",
|
|
|
2621
2760
|
"mac-runner",
|
|
2622
2761
|
],
|
|
2623
2762
|
"variables": {
|
|
2624
|
-
"APP_DIR": "app",
|
|
2625
|
-
"APP_STORE_CONNECT_API_KEY_CONTENT": "$CL_prod_app_APP_STORE_CONNECT_API_KEY_CONTENT",
|
|
2626
|
-
"APP_STORE_CONNECT_API_KEY_ID": "$CL_prod_app_APP_STORE_CONNECT_API_KEY_ID",
|
|
2627
|
-
"APP_STORE_CONNECT_ISSUER_ID": "$CL_prod_app_APP_STORE_CONNECT_ISSUER_ID",
|
|
2628
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
2629
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
2630
|
-
"BUILD_INFO_ID": "some-id",
|
|
2631
|
-
"ENV_SHORT": "prod",
|
|
2632
|
-
"ENV_TYPE": "prod",
|
|
2633
|
-
"GRAPHQL_URL": "https://pan-test-app-prod-api-unknown-host.example.com/graphql",
|
|
2634
|
-
"HOST": "unknown-host.example.com",
|
|
2635
|
-
"HOST_CANONICAL": "unknown-host.example.com",
|
|
2636
2763
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2637
2764
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
2638
2765
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
2639
|
-
"LANG": "en_US.UTF-8",
|
|
2640
|
-
"LC_A": "L=en_US.UTF-8",
|
|
2641
|
-
"ROOT_URL": "https://unknown-host.example.com",
|
|
2642
|
-
"ROOT_URL_INTERNAL": "https://unknown-host.example.com",
|
|
2643
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","APP_STORE_CONNECT_API_KEY_CONTENT","APP_STORE_CONNECT_ISSUER_ID","APP_STORE_CONNECT_API_KEY_ID","GRAPHQL_URL"]",
|
|
2644
2766
|
},
|
|
2645
2767
|
},
|
|
2646
2768
|
"app ๐จ app | stage ": {
|
|
@@ -2700,24 +2822,45 @@ EOF",
|
|
|
2700
2822
|
],
|
|
2701
2823
|
},
|
|
2702
2824
|
"script": [
|
|
2825
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2826
|
+
"export ENV_SHORT="stage"",
|
|
2827
|
+
"export APP_DIR="app"",
|
|
2828
|
+
"export ENV_TYPE="stage"",
|
|
2829
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
2830
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
2831
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
2832
|
+
"export HOST="unknown-host.example.com"",
|
|
2833
|
+
"export ROOT_URL="https://unknown-host.example.com"",
|
|
2834
|
+
"export HOST_INTERNAL="unknown-host.example.com"",
|
|
2835
|
+
"export HOST_CANONICAL="unknown-host.example.com"",
|
|
2836
|
+
"export ROOT_URL_INTERNAL="https://unknown-host.example.com"",
|
|
2837
|
+
"export APP_STORE_CONNECT_API_KEY_CONTENT="$CL_stage_app_APP_STORE_CONNECT_API_KEY_CONTENT"",
|
|
2838
|
+
"export APP_STORE_CONNECT_ISSUER_ID="$CL_stage_app_APP_STORE_CONNECT_ISSUER_ID"",
|
|
2839
|
+
"export APP_STORE_CONNECT_API_KEY_ID="$CL_stage_app_APP_STORE_CONNECT_API_KEY_ID"",
|
|
2840
|
+
"export GRAPHQL_URL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"",
|
|
2841
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"APP_STORE_CONNECT_API_KEY_CONTENT\\",\\"APP_STORE_CONNECT_ISSUER_ID\\",\\"APP_STORE_CONNECT_API_KEY_ID\\",\\"GRAPHQL_URL\\"]"",
|
|
2842
|
+
"export LC_A="L=en_US.UTF-8"",
|
|
2843
|
+
"export LANG="en_US.UTF-8"",
|
|
2844
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2703
2845
|
"cat <<EOF > app/.env
|
|
2704
2846
|
ENV_SHORT=stage
|
|
2705
2847
|
APP_DIR=app
|
|
2706
2848
|
ENV_TYPE=stage
|
|
2707
|
-
|
|
2708
|
-
BUILD_INFO_BUILD_TIME
|
|
2709
|
-
BUILD_INFO_CURRENT_VERSION
|
|
2849
|
+
BUILD_INFO_BUILD_ID=$(git describe --tags 2>/dev/null || git rev-parse HEAD)
|
|
2850
|
+
BUILD_INFO_BUILD_TIME=$CI_JOB_STARTED_AT
|
|
2851
|
+
BUILD_INFO_CURRENT_VERSION=$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")
|
|
2710
2852
|
HOST=unknown-host.example.com
|
|
2711
2853
|
ROOT_URL=https://unknown-host.example.com
|
|
2854
|
+
HOST_INTERNAL=unknown-host.example.com
|
|
2712
2855
|
HOST_CANONICAL=unknown-host.example.com
|
|
2713
2856
|
ROOT_URL_INTERNAL=https://unknown-host.example.com
|
|
2714
2857
|
APP_STORE_CONNECT_API_KEY_CONTENT=$CL_stage_app_APP_STORE_CONNECT_API_KEY_CONTENT
|
|
2715
2858
|
APP_STORE_CONNECT_ISSUER_ID=$CL_stage_app_APP_STORE_CONNECT_ISSUER_ID
|
|
2716
2859
|
APP_STORE_CONNECT_API_KEY_ID=$CL_stage_app_APP_STORE_CONNECT_API_KEY_ID
|
|
2717
|
-
GRAPHQL_URL=https
|
|
2718
|
-
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","
|
|
2860
|
+
GRAPHQL_URL=https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql
|
|
2861
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","APP_STORE_CONNECT_API_KEY_CONTENT","APP_STORE_CONNECT_ISSUER_ID","APP_STORE_CONNECT_API_KEY_ID","GRAPHQL_URL"]
|
|
2719
2862
|
EOF",
|
|
2720
|
-
"echo '{"id":"
|
|
2863
|
+
"echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json",
|
|
2721
2864
|
"echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
|
|
2722
2865
|
"if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
|
|
2723
2866
|
"if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
|
|
@@ -2741,26 +2884,9 @@ EOF",
|
|
|
2741
2884
|
"mac-runner",
|
|
2742
2885
|
],
|
|
2743
2886
|
"variables": {
|
|
2744
|
-
"APP_DIR": "app",
|
|
2745
|
-
"APP_STORE_CONNECT_API_KEY_CONTENT": "$CL_stage_app_APP_STORE_CONNECT_API_KEY_CONTENT",
|
|
2746
|
-
"APP_STORE_CONNECT_API_KEY_ID": "$CL_stage_app_APP_STORE_CONNECT_API_KEY_ID",
|
|
2747
|
-
"APP_STORE_CONNECT_ISSUER_ID": "$CL_stage_app_APP_STORE_CONNECT_ISSUER_ID",
|
|
2748
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
2749
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
2750
|
-
"BUILD_INFO_ID": "some-id",
|
|
2751
|
-
"ENV_SHORT": "stage",
|
|
2752
|
-
"ENV_TYPE": "stage",
|
|
2753
|
-
"GRAPHQL_URL": "https://pan-test-app-stage-api-unknown-host.example.com/graphql",
|
|
2754
|
-
"HOST": "unknown-host.example.com",
|
|
2755
|
-
"HOST_CANONICAL": "unknown-host.example.com",
|
|
2756
2887
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2757
2888
|
"KUBERNETES_MEMORY_LIMIT": "4Gi",
|
|
2758
2889
|
"KUBERNETES_MEMORY_REQUEST": "2Gi",
|
|
2759
|
-
"LANG": "en_US.UTF-8",
|
|
2760
|
-
"LC_A": "L=en_US.UTF-8",
|
|
2761
|
-
"ROOT_URL": "https://unknown-host.example.com",
|
|
2762
|
-
"ROOT_URL_INTERNAL": "https://unknown-host.example.com",
|
|
2763
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","APP_STORE_CONNECT_API_KEY_CONTENT","APP_STORE_CONNECT_ISSUER_ID","APP_STORE_CONNECT_API_KEY_ID","GRAPHQL_URL"]",
|
|
2764
2890
|
},
|
|
2765
2891
|
},
|
|
2766
2892
|
"app ๐ Deploy | prod ": {
|
|
@@ -2777,10 +2903,6 @@ EOF",
|
|
|
2777
2903
|
],
|
|
2778
2904
|
},
|
|
2779
2905
|
],
|
|
2780
|
-
"environment": {
|
|
2781
|
-
"name": "prod/app",
|
|
2782
|
-
"url": "https://unknown-host.example.com",
|
|
2783
|
-
},
|
|
2784
2906
|
"image": "path/to/docker/jobs-default:the-version",
|
|
2785
2907
|
"interruptible": true,
|
|
2786
2908
|
"needs": [
|
|
@@ -2806,6 +2928,26 @@ EOF",
|
|
|
2806
2928
|
},
|
|
2807
2929
|
],
|
|
2808
2930
|
"script": [
|
|
2931
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
2932
|
+
"export ENV_SHORT="prod"",
|
|
2933
|
+
"export APP_DIR="app"",
|
|
2934
|
+
"export ENV_TYPE="prod"",
|
|
2935
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
2936
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
2937
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
2938
|
+
"export HOST="unknown-host.example.com"",
|
|
2939
|
+
"export ROOT_URL="https://unknown-host.example.com"",
|
|
2940
|
+
"export HOST_INTERNAL="unknown-host.example.com"",
|
|
2941
|
+
"export HOST_CANONICAL="unknown-host.example.com"",
|
|
2942
|
+
"export ROOT_URL_INTERNAL="https://unknown-host.example.com"",
|
|
2943
|
+
"export APP_STORE_CONNECT_API_KEY_CONTENT="$CL_prod_app_APP_STORE_CONNECT_API_KEY_CONTENT"",
|
|
2944
|
+
"export APP_STORE_CONNECT_ISSUER_ID="$CL_prod_app_APP_STORE_CONNECT_ISSUER_ID"",
|
|
2945
|
+
"export APP_STORE_CONNECT_API_KEY_ID="$CL_prod_app_APP_STORE_CONNECT_API_KEY_ID"",
|
|
2946
|
+
"export GRAPHQL_URL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"",
|
|
2947
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"APP_STORE_CONNECT_API_KEY_CONTENT\\",\\"APP_STORE_CONNECT_ISSUER_ID\\",\\"APP_STORE_CONNECT_API_KEY_ID\\",\\"GRAPHQL_URL\\"]"",
|
|
2948
|
+
"export LC_A="L=en_US.UTF-8"",
|
|
2949
|
+
"export LANG="en_US.UTF-8"",
|
|
2950
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2809
2951
|
"cd app",
|
|
2810
2952
|
"bundle config set --local path 'vendor/ruby'",
|
|
2811
2953
|
"gem install bundler",
|
|
@@ -2819,26 +2961,9 @@ EOF",
|
|
|
2819
2961
|
"mac-runner",
|
|
2820
2962
|
],
|
|
2821
2963
|
"variables": {
|
|
2822
|
-
"APP_DIR": "app",
|
|
2823
|
-
"APP_STORE_CONNECT_API_KEY_CONTENT": "$CL_prod_app_APP_STORE_CONNECT_API_KEY_CONTENT",
|
|
2824
|
-
"APP_STORE_CONNECT_API_KEY_ID": "$CL_prod_app_APP_STORE_CONNECT_API_KEY_ID",
|
|
2825
|
-
"APP_STORE_CONNECT_ISSUER_ID": "$CL_prod_app_APP_STORE_CONNECT_ISSUER_ID",
|
|
2826
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
2827
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
2828
|
-
"BUILD_INFO_ID": "some-id",
|
|
2829
|
-
"ENV_SHORT": "prod",
|
|
2830
|
-
"ENV_TYPE": "prod",
|
|
2831
|
-
"GRAPHQL_URL": "https://pan-test-app-prod-api-unknown-host.example.com/graphql",
|
|
2832
|
-
"HOST": "unknown-host.example.com",
|
|
2833
|
-
"HOST_CANONICAL": "unknown-host.example.com",
|
|
2834
2964
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2835
2965
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
2836
2966
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
2837
|
-
"LANG": "en_US.UTF-8",
|
|
2838
|
-
"LC_A": "L=en_US.UTF-8",
|
|
2839
|
-
"ROOT_URL": "https://unknown-host.example.com",
|
|
2840
|
-
"ROOT_URL_INTERNAL": "https://unknown-host.example.com",
|
|
2841
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","APP_STORE_CONNECT_API_KEY_CONTENT","APP_STORE_CONNECT_ISSUER_ID","APP_STORE_CONNECT_API_KEY_ID","GRAPHQL_URL"]",
|
|
2842
2967
|
},
|
|
2843
2968
|
},
|
|
2844
2969
|
"app ๐ Deploy | stage ": {
|
|
@@ -2855,10 +2980,6 @@ EOF",
|
|
|
2855
2980
|
],
|
|
2856
2981
|
},
|
|
2857
2982
|
],
|
|
2858
|
-
"environment": {
|
|
2859
|
-
"name": "stage/app",
|
|
2860
|
-
"url": "https://unknown-host.example.com",
|
|
2861
|
-
},
|
|
2862
2983
|
"image": "path/to/docker/jobs-default:the-version",
|
|
2863
2984
|
"interruptible": true,
|
|
2864
2985
|
"needs": [
|
|
@@ -2884,6 +3005,26 @@ EOF",
|
|
|
2884
3005
|
},
|
|
2885
3006
|
],
|
|
2886
3007
|
"script": [
|
|
3008
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3009
|
+
"export ENV_SHORT="stage"",
|
|
3010
|
+
"export APP_DIR="app"",
|
|
3011
|
+
"export ENV_TYPE="stage"",
|
|
3012
|
+
"export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
|
|
3013
|
+
"export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
|
|
3014
|
+
"export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
|
|
3015
|
+
"export HOST="unknown-host.example.com"",
|
|
3016
|
+
"export ROOT_URL="https://unknown-host.example.com"",
|
|
3017
|
+
"export HOST_INTERNAL="unknown-host.example.com"",
|
|
3018
|
+
"export HOST_CANONICAL="unknown-host.example.com"",
|
|
3019
|
+
"export ROOT_URL_INTERNAL="https://unknown-host.example.com"",
|
|
3020
|
+
"export APP_STORE_CONNECT_API_KEY_CONTENT="$CL_stage_app_APP_STORE_CONNECT_API_KEY_CONTENT"",
|
|
3021
|
+
"export APP_STORE_CONNECT_ISSUER_ID="$CL_stage_app_APP_STORE_CONNECT_ISSUER_ID"",
|
|
3022
|
+
"export APP_STORE_CONNECT_API_KEY_ID="$CL_stage_app_APP_STORE_CONNECT_API_KEY_ID"",
|
|
3023
|
+
"export GRAPHQL_URL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"",
|
|
3024
|
+
"export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"APP_STORE_CONNECT_API_KEY_CONTENT\\",\\"APP_STORE_CONNECT_ISSUER_ID\\",\\"APP_STORE_CONNECT_API_KEY_ID\\",\\"GRAPHQL_URL\\"]"",
|
|
3025
|
+
"export LC_A="L=en_US.UTF-8"",
|
|
3026
|
+
"export LANG="en_US.UTF-8"",
|
|
3027
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2887
3028
|
"cd app",
|
|
2888
3029
|
"bundle config set --local path 'vendor/ruby'",
|
|
2889
3030
|
"gem install bundler",
|
|
@@ -2897,26 +3038,9 @@ EOF",
|
|
|
2897
3038
|
"mac-runner",
|
|
2898
3039
|
],
|
|
2899
3040
|
"variables": {
|
|
2900
|
-
"APP_DIR": "app",
|
|
2901
|
-
"APP_STORE_CONNECT_API_KEY_CONTENT": "$CL_stage_app_APP_STORE_CONNECT_API_KEY_CONTENT",
|
|
2902
|
-
"APP_STORE_CONNECT_API_KEY_ID": "$CL_stage_app_APP_STORE_CONNECT_API_KEY_ID",
|
|
2903
|
-
"APP_STORE_CONNECT_ISSUER_ID": "$CL_stage_app_APP_STORE_CONNECT_ISSUER_ID",
|
|
2904
|
-
"BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
|
|
2905
|
-
"BUILD_INFO_CURRENT_VERSION": "3.2.1",
|
|
2906
|
-
"BUILD_INFO_ID": "some-id",
|
|
2907
|
-
"ENV_SHORT": "stage",
|
|
2908
|
-
"ENV_TYPE": "stage",
|
|
2909
|
-
"GRAPHQL_URL": "https://pan-test-app-stage-api-unknown-host.example.com/graphql",
|
|
2910
|
-
"HOST": "unknown-host.example.com",
|
|
2911
|
-
"HOST_CANONICAL": "unknown-host.example.com",
|
|
2912
3041
|
"KUBERNETES_CPU_REQUEST": "0.5",
|
|
2913
3042
|
"KUBERNETES_MEMORY_LIMIT": "400Mi",
|
|
2914
3043
|
"KUBERNETES_MEMORY_REQUEST": "200Mi",
|
|
2915
|
-
"LANG": "en_US.UTF-8",
|
|
2916
|
-
"LC_A": "L=en_US.UTF-8",
|
|
2917
|
-
"ROOT_URL": "https://unknown-host.example.com",
|
|
2918
|
-
"ROOT_URL_INTERNAL": "https://unknown-host.example.com",
|
|
2919
|
-
"_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","APP_STORE_CONNECT_API_KEY_CONTENT","APP_STORE_CONNECT_ISSUER_ID","APP_STORE_CONNECT_API_KEY_ID","GRAPHQL_URL"]",
|
|
2920
3044
|
},
|
|
2921
3045
|
},
|
|
2922
3046
|
"app ๐งพ sbom | prod ": {
|
|
@@ -2937,6 +3061,8 @@ EOF",
|
|
|
2937
3061
|
],
|
|
2938
3062
|
},
|
|
2939
3063
|
"script": [
|
|
3064
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3065
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2940
3066
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" app",
|
|
2941
3067
|
],
|
|
2942
3068
|
"stage": "build",
|
|
@@ -2960,6 +3086,8 @@ EOF",
|
|
|
2960
3086
|
],
|
|
2961
3087
|
},
|
|
2962
3088
|
"script": [
|
|
3089
|
+
"echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
|
|
3090
|
+
"echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
|
|
2963
3091
|
"trivy fs --quiet --format cyclonedx --output "__sbom.json" app",
|
|
2964
3092
|
],
|
|
2965
3093
|
"stage": "build",
|
|
@@ -3012,7 +3140,7 @@ EOF",
|
|
|
3012
3140
|
],
|
|
3013
3141
|
"variables": {
|
|
3014
3142
|
"FF_USE_FASTZIP": "true",
|
|
3015
|
-
"GIT_DEPTH": 1,
|
|
3143
|
+
"GIT_DEPTH": "1",
|
|
3016
3144
|
},
|
|
3017
3145
|
"workflow": {
|
|
3018
3146
|
"rules": [
|