@catladder/pipeline 1.163.1 โ†’ 1.164.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (80) hide show
  1. package/dist/bundles/catladder-gitlab/index.js +1 -1
  2. package/dist/constants.js +1 -1
  3. package/dist/deploy/cloudRun/createJobs/cloudRunServices.js +2 -0
  4. package/dist/deploy/types/googleCloudRun.d.ts +8 -0
  5. package/dist/tsconfig.tsbuildinfo +1 -1
  6. package/examples/__snapshots__/cloud-run-memory-limit.test.ts.snap +0 -1958
  7. package/examples/__snapshots__/cloud-run-meteor-with-worker.test.ts.snap +1 -1935
  8. package/examples/__snapshots__/cloud-run-no-cpu-throttling.test.ts.snap +1 -1959
  9. package/examples/__snapshots__/cloud-run-no-service.test.ts.snap +1 -2011
  10. package/examples/__snapshots__/cloud-run-non-public.test.ts.snap +1 -1959
  11. package/examples/__snapshots__/cloud-run-post-stop-job.test.ts.snap +1 -1970
  12. package/examples/__snapshots__/cloud-run-service-custom-vpc.test.ts.snap +1342 -0
  13. package/examples/__snapshots__/cloud-run-service-gen2.test.ts.snap +1 -1959
  14. package/examples/__snapshots__/cloud-run-service-increase-timout.test.ts.snap +1 -1959
  15. package/examples/__snapshots__/cloud-run-service-with-volumes.test.ts.snap +1 -2003
  16. package/examples/__snapshots__/cloud-run-storybook.test.ts.snap +1 -1675
  17. package/examples/__snapshots__/cloud-run-with-ngnix.test.ts.snap +1 -1959
  18. package/examples/__snapshots__/cloud-run-with-sql-reuse-db.test.ts.snap +1 -3935
  19. package/examples/__snapshots__/cloud-run-with-sql.test.ts.snap +1 -3458
  20. package/examples/__snapshots__/cloud-run-with-worker.test.ts.snap +1 -1967
  21. package/examples/__snapshots__/custom-build-job-with-tests.test.ts.snap +1 -1787
  22. package/examples/__snapshots__/custom-build-job.test.ts.snap +1 -1487
  23. package/examples/__snapshots__/custom-deploy.test.ts.snap +1 -1721
  24. package/examples/__snapshots__/custom-envs.test.ts.snap +1 -1175
  25. package/examples/__snapshots__/custom-sbom-java.test.ts.snap +1 -1495
  26. package/examples/__snapshots__/git-submodule.test.ts.snap +1 -1962
  27. package/examples/__snapshots__/kubernetes-application-customization.test.ts.snap +1 -2450
  28. package/examples/__snapshots__/kubernetes-with-cloud-sql-legacy.test.ts.snap +1 -2462
  29. package/examples/__snapshots__/kubernetes-with-cloud-sql.test.ts.snap +1 -2470
  30. package/examples/__snapshots__/kubernetes-with-jobs.test.ts.snap +1 -4558
  31. package/examples/__snapshots__/kubernetes-with-mongodb.test.ts.snap +1 -2574
  32. package/examples/__snapshots__/local-dot-env.test.ts.snap +1 -1959
  33. package/examples/__snapshots__/meteor-kubernetes.test.ts.snap +1 -2503
  34. package/examples/__snapshots__/multiline-var.test.ts.snap +1 -4488
  35. package/examples/__snapshots__/native-app.test.ts.snap +1 -3167
  36. package/examples/__snapshots__/node-build-with-custom-image.test.ts.snap +1 -1959
  37. package/examples/__snapshots__/node-build-with-docker-additions.test.ts.snap +1 -1967
  38. package/examples/__snapshots__/rails-k8s-with-worker-dockerfile.test.ts.snap +1479 -2003
  39. package/examples/__snapshots__/rails-k8s-with-worker.test.ts.snap +1 -1995
  40. package/examples/__snapshots__/wait-for-other-deploy.test.ts.snap +1 -2105
  41. package/examples/cloud-run-memory-limit.test.ts +1 -8
  42. package/examples/cloud-run-meteor-with-worker.test.ts +2 -9
  43. package/examples/cloud-run-no-cpu-throttling.test.ts +2 -9
  44. package/examples/cloud-run-no-service.test.ts +2 -9
  45. package/examples/cloud-run-non-public.test.ts +2 -9
  46. package/examples/cloud-run-post-stop-job.test.ts +2 -9
  47. package/examples/cloud-run-service-custom-vpc.test.ts +11 -0
  48. package/examples/cloud-run-service-custom-vpc.ts +30 -0
  49. package/examples/cloud-run-service-gen2.test.ts +2 -9
  50. package/examples/cloud-run-service-increase-timout.test.ts +2 -9
  51. package/examples/cloud-run-service-with-volumes.test.ts +2 -9
  52. package/examples/cloud-run-storybook.test.ts +2 -9
  53. package/examples/cloud-run-with-ngnix.test.ts +2 -9
  54. package/examples/cloud-run-with-sql-reuse-db.test.ts +2 -9
  55. package/examples/cloud-run-with-sql.test.ts +2 -9
  56. package/examples/cloud-run-with-worker.test.ts +2 -9
  57. package/examples/custom-build-job-with-tests.test.ts +2 -9
  58. package/examples/custom-build-job.test.ts +2 -9
  59. package/examples/custom-deploy.test.ts +2 -9
  60. package/examples/custom-envs.test.ts +2 -9
  61. package/examples/custom-sbom-java.test.ts +2 -9
  62. package/examples/git-submodule.test.ts +2 -9
  63. package/examples/kubernetes-application-customization.test.ts +2 -9
  64. package/examples/kubernetes-with-cloud-sql-legacy.test.ts +2 -9
  65. package/examples/kubernetes-with-cloud-sql.test.ts +2 -9
  66. package/examples/kubernetes-with-jobs.test.ts +2 -9
  67. package/examples/kubernetes-with-mongodb.test.ts +2 -9
  68. package/examples/local-dot-env.test.ts +2 -9
  69. package/examples/meteor-kubernetes.test.ts +2 -9
  70. package/examples/multiline-var.test.ts +2 -9
  71. package/examples/native-app.test.ts +2 -9
  72. package/examples/node-build-with-custom-image.test.ts +2 -9
  73. package/examples/node-build-with-docker-additions.test.ts +2 -9
  74. package/examples/rails-k8s-with-worker-dockerfile.test.ts +2 -2
  75. package/examples/rails-k8s-with-worker.test.ts +2 -9
  76. package/examples/wait-for-other-deploy.test.ts +2 -9
  77. package/package.json +1 -1
  78. package/scripts/generate-examples-test.ts +3 -5
  79. package/src/deploy/cloudRun/createJobs/cloudRunServices.ts +2 -0
  80. package/src/deploy/types/googleCloudRun.ts +9 -0
@@ -1,6 +1,6 @@
1
1
  // Jest Snapshot v1, https://goo.gl/fbAQLP
2
2
 
3
- exports[`matches snapshot for cloud-run-memory-limit local pipeline YAML 1`] = `
3
+ exports[`matches snapshot for cloud-run-with-sql local pipeline YAML 1`] = `
4
4
  "image: path/to/docker/jobs-default:the-version
5
5
  stages:
6
6
  - setup
@@ -2571,3460 +2571,3 @@ create release:
2571
2571
  needs: []
2572
2572
  "
2573
2573
  `;
2574
-
2575
- exports[`matches snapshot for cloud-run-with-sql 1`] = `
2576
- {
2577
- "mainBranch": {
2578
- "image": "path/to/docker/jobs-default:the-version",
2579
- "jobs": {
2580
- "๐Ÿ”ธ myWorkspace ๐Ÿ‘ฎ lint": {
2581
- "cache": [
2582
- {
2583
- "key": ".-yarn",
2584
- "paths": [
2585
- ".yarn",
2586
- ],
2587
- "policy": "pull-push",
2588
- },
2589
- {
2590
- "key": ".-node-modules",
2591
- "paths": [
2592
- "node_modules",
2593
- ],
2594
- "policy": "pull-push",
2595
- },
2596
- {
2597
- "key": "myWorkspace-turbo",
2598
- "paths": [
2599
- ".turbo",
2600
- ],
2601
- "policy": "pull-push",
2602
- },
2603
- ],
2604
- "image": "path/to/docker/jobs-default:the-version",
2605
- "interruptible": true,
2606
- "needs": [],
2607
- "retry": {
2608
- "max": 2,
2609
- "when": [
2610
- "runner_system_failure",
2611
- "stuck_or_timeout_failure",
2612
- ],
2613
- },
2614
- "script": [
2615
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
2616
- "export APP_PATH="."",
2617
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
2618
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
2619
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
2620
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
2621
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
2622
- "cd .",
2623
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
2624
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
2625
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
2626
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
2627
- "echo -e "\\e[0Ksection_start:$(date +%s):yarninstall[collapsed=true]\\r\\e[0KYarn install"",
2628
- "yarn install --immutable",
2629
- "echo -e "\\e[0Ksection_end:$(date +%s):yarninstall\\r\\e[0K"",
2630
- "yarn lint",
2631
- ],
2632
- "stage": "test",
2633
- "variables": {
2634
- "KUBERNETES_CPU_REQUEST": "0.45",
2635
- "KUBERNETES_MEMORY_LIMIT": "4Gi",
2636
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
2637
- },
2638
- },
2639
- "๐Ÿ”ธ myWorkspace ๐Ÿ”จ app | dev ": {
2640
- "artifacts": {
2641
- "exclude": [
2642
- "api/.env",
2643
- "www/.env",
2644
- ],
2645
- "expire_in": "1 day",
2646
- "paths": [
2647
- "api/.next",
2648
- "api/dist",
2649
- "www/.next",
2650
- "www/dist",
2651
- ],
2652
- "reports": {},
2653
- "when": "always",
2654
- },
2655
- "cache": [
2656
- {
2657
- "key": ".-yarn",
2658
- "paths": [
2659
- ".yarn",
2660
- ],
2661
- "policy": "pull-push",
2662
- },
2663
- {
2664
- "key": ".-node-modules",
2665
- "paths": [
2666
- "node_modules",
2667
- ],
2668
- "policy": "pull-push",
2669
- },
2670
- {
2671
- "key": "myWorkspace-turbo",
2672
- "paths": [
2673
- ".turbo",
2674
- ],
2675
- "policy": "pull-push",
2676
- },
2677
- {
2678
- "key": "myWorkspace-next-cache",
2679
- "paths": [
2680
- "api/.next/cache",
2681
- "www/.next/cache",
2682
- ],
2683
- "policy": "pull-push",
2684
- },
2685
- ],
2686
- "image": "path/to/docker/jobs-default:the-version",
2687
- "interruptible": true,
2688
- "needs": [],
2689
- "retry": {
2690
- "max": 2,
2691
- "when": [
2692
- "runner_system_failure",
2693
- "stuck_or_timeout_failure",
2694
- ],
2695
- },
2696
- "script": [
2697
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
2698
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
2699
- "echo -e "\\e[0Ksection_start:$(date +%s):write-dotenv-api[collapsed=true]\\r\\e[0Kwrite dot env"",
2700
- "cat <<EOF > api/.env
2701
- ENV_SHORT=dev
2702
- APP_DIR=api
2703
- ENV_TYPE=dev
2704
- HOST=$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
2705
- ROOT_URL=https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
2706
- HOST_INTERNAL=$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
2707
- HOST_CANONICAL=$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
2708
- ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
2709
- CLOUD_SQL_INSTANCE_CONNECTION_NAME=projectId:region:instancename
2710
- DB_NAME=pan-test-app-dev-api
2711
- DB_USER=my-user
2712
- DB_PASSWORD=$CL_dev_api_DB_PASSWORD
2713
- DATABASE_URL=postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
2714
- DATABASE_JDBC_URL=jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
2715
- CLOUD_RUN_JOB_TRIGGER_URL_migration=https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-dev-api-migration:run
2716
- CLOUD_RUN_JOB_TRIGGER_URL_send_reminders=https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-dev-api-send-reminders:run
2717
- DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
2718
- DEPLOY_CLOUD_RUN_REGION=europe-west6
2719
- GCLOUD_DEPLOY_credentialsKey=$CL_dev_api_GCLOUD_DEPLOY_credentialsKey
2720
- GCLOUD_RUN_canonicalHostSuffix=$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix
2721
- _ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","CLOUD_RUN_JOB_TRIGGER_URL_migration","CLOUD_RUN_JOB_TRIGGER_URL_send_reminders","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
2722
- EOF",
2723
- "echo -e "\\e[0Ksection_end:$(date +%s):write-dotenv-api\\r\\e[0K"",
2724
- "echo -e "\\e[0Ksection_start:$(date +%s):write-dotenv-www[collapsed=true]\\r\\e[0Kwrite dot env"",
2725
- "cat <<EOF > www/.env
2726
- ENV_SHORT=dev
2727
- APP_DIR=www
2728
- ENV_TYPE=dev
2729
- HOST=$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
2730
- ROOT_URL=https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
2731
- HOST_INTERNAL=$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
2732
- HOST_CANONICAL=$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
2733
- ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
2734
- DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
2735
- DEPLOY_CLOUD_RUN_REGION=europe-west6
2736
- GCLOUD_DEPLOY_credentialsKey=$CL_dev_www_GCLOUD_DEPLOY_credentialsKey
2737
- GCLOUD_RUN_canonicalHostSuffix=$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix
2738
- API_URL=https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql
2739
- _ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
2740
- EOF",
2741
- "echo -e "\\e[0Ksection_end:$(date +%s):write-dotenv-www\\r\\e[0K"",
2742
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
2743
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
2744
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
2745
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
2746
- "cd .",
2747
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
2748
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
2749
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
2750
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
2751
- "echo -e "\\e[0Ksection_start:$(date +%s):yarninstall[collapsed=true]\\r\\e[0KYarn install"",
2752
- "yarn install --immutable",
2753
- "echo -e "\\e[0Ksection_end:$(date +%s):yarninstall\\r\\e[0K"",
2754
- "yarn build",
2755
- ],
2756
- "stage": "build",
2757
- "variables": {
2758
- "KUBERNETES_CPU_REQUEST": "0.45",
2759
- "KUBERNETES_MEMORY_LIMIT": "4Gi",
2760
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
2761
- },
2762
- },
2763
- "๐Ÿ”ธ myWorkspace ๐Ÿ›ก audit": {
2764
- "allow_failure": true,
2765
- "image": "path/to/docker/jobs-default:the-version",
2766
- "interruptible": true,
2767
- "needs": [],
2768
- "retry": {
2769
- "max": 2,
2770
- "when": [
2771
- "runner_system_failure",
2772
- "stuck_or_timeout_failure",
2773
- ],
2774
- },
2775
- "script": [
2776
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
2777
- "export APP_PATH="."",
2778
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
2779
- "cd .",
2780
- "yarn npm audit --environment production",
2781
- ],
2782
- "stage": "test",
2783
- "variables": {
2784
- "KUBERNETES_CPU_REQUEST": "0.45",
2785
- "KUBERNETES_MEMORY_LIMIT": "4Gi",
2786
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
2787
- },
2788
- },
2789
- "๐Ÿ”ธ myWorkspace ๐Ÿงช test": {
2790
- "cache": [
2791
- {
2792
- "key": ".-yarn",
2793
- "paths": [
2794
- ".yarn",
2795
- ],
2796
- "policy": "pull-push",
2797
- },
2798
- {
2799
- "key": ".-node-modules",
2800
- "paths": [
2801
- "node_modules",
2802
- ],
2803
- "policy": "pull-push",
2804
- },
2805
- {
2806
- "key": "myWorkspace-turbo",
2807
- "paths": [
2808
- ".turbo",
2809
- ],
2810
- "policy": "pull-push",
2811
- },
2812
- ],
2813
- "image": "path/to/docker/jobs-testing-chrome:the-version",
2814
- "interruptible": true,
2815
- "needs": [],
2816
- "retry": {
2817
- "max": 2,
2818
- "when": [
2819
- "runner_system_failure",
2820
- "stuck_or_timeout_failure",
2821
- ],
2822
- },
2823
- "script": [
2824
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
2825
- "export APP_PATH="."",
2826
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
2827
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
2828
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
2829
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
2830
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
2831
- "cd .",
2832
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
2833
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
2834
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
2835
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
2836
- "echo -e "\\e[0Ksection_start:$(date +%s):yarninstall[collapsed=true]\\r\\e[0KYarn install"",
2837
- "yarn install --immutable",
2838
- "echo -e "\\e[0Ksection_end:$(date +%s):yarninstall\\r\\e[0K"",
2839
- "yarn test",
2840
- ],
2841
- "stage": "test",
2842
- "variables": {
2843
- "KUBERNETES_CPU_REQUEST": "0.45",
2844
- "KUBERNETES_MEMORY_LIMIT": "4Gi",
2845
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
2846
- },
2847
- },
2848
- "๐Ÿ”น api ๐Ÿ”จ docker | dev ": {
2849
- "cache": [
2850
- {
2851
- "key": "api-yarn",
2852
- "paths": [
2853
- "api/.yarn",
2854
- ],
2855
- "policy": "pull",
2856
- },
2857
- ],
2858
- "image": "path/to/docker/docker-build:the-version",
2859
- "interruptible": true,
2860
- "needs": [
2861
- {
2862
- "artifacts": true,
2863
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ”จ app | dev ",
2864
- },
2865
- ],
2866
- "retry": {
2867
- "max": 2,
2868
- "when": [
2869
- "runner_system_failure",
2870
- "stuck_or_timeout_failure",
2871
- ],
2872
- },
2873
- "script": [
2874
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
2875
- "export APP_DIR="api"",
2876
- "export DOCKER_BUILD_CONTEXT="."",
2877
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
2878
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api"",
2879
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
2880
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
2881
- "export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
2882
- RUN yarn plugin import workspace-tools
2883
- RUN yarn workspaces focus --production && yarn rebuild"",
2884
- "export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
2885
- COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
2886
- COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
2887
- COPY --chown=node:node .yarn /app/.yarn"",
2888
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
2889
- "ensureNodeDockerfile",
2890
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
2891
- "gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")",
2892
- "gcloud auth configure-docker europe-west6-docker.pkg.dev",
2893
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-login\\r\\e[0K"",
2894
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-build[collapsed=true]\\r\\e[0KDocker build"",
2895
- "docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1",
2896
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-build\\r\\e[0K"",
2897
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-push[collapsed=true]\\r\\e[0KDocker push and tag"",
2898
- "docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG",
2899
- "docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE",
2900
- "docker push $DOCKER_CACHE_IMAGE",
2901
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-push\\r\\e[0K"",
2902
- ],
2903
- "services": [
2904
- {
2905
- "command": [
2906
- "--tls=false",
2907
- ],
2908
- "name": "docker:24.0.6-dind",
2909
- },
2910
- ],
2911
- "stage": "build",
2912
- "variables": {
2913
- "DOCKER_BUILDKIT": "1",
2914
- "DOCKER_DRIVER": "overlay2",
2915
- "DOCKER_HOST": "tcp://0.0.0.0:2375",
2916
- "DOCKER_TLS_CERTDIR": "",
2917
- "KUBERNETES_CPU_REQUEST": "0.45",
2918
- "KUBERNETES_MEMORY_LIMIT": "2Gi",
2919
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
2920
- },
2921
- },
2922
- "๐Ÿ”น api ๐Ÿš€ Deploy | dev ": {
2923
- "allow_failure": false,
2924
- "artifacts": {
2925
- "reports": {
2926
- "dotenv": "gitlab_environment.env",
2927
- },
2928
- },
2929
- "environment": {
2930
- "auto_stop_in": "4 weeks",
2931
- "name": "dev/api",
2932
- "on_stop": "๐Ÿ”น api ๐Ÿ›‘ Stop โš ๏ธ | dev ",
2933
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
2934
- },
2935
- "image": "path/to/docker/gcloud:the-version",
2936
- "interruptible": true,
2937
- "needs": [
2938
- {
2939
- "artifacts": false,
2940
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ‘ฎ lint",
2941
- },
2942
- {
2943
- "artifacts": false,
2944
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿงช test",
2945
- },
2946
- {
2947
- "artifacts": false,
2948
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ›ก audit",
2949
- },
2950
- {
2951
- "artifacts": false,
2952
- "job": "๐Ÿ”น api ๐Ÿ”จ docker | dev ",
2953
- },
2954
- {
2955
- "artifacts": true,
2956
- "job": "๐Ÿ”น api ๐Ÿงพ sbom | dev ",
2957
- },
2958
- ],
2959
- "retry": {
2960
- "max": 2,
2961
- "when": [
2962
- "runner_system_failure",
2963
- "stuck_or_timeout_failure",
2964
- ],
2965
- },
2966
- "rules": [
2967
- {
2968
- "when": "on_success",
2969
- },
2970
- ],
2971
- "script": [
2972
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
2973
- "export ENV_SHORT="dev"",
2974
- "export APP_DIR="api"",
2975
- "export ENV_TYPE="dev"",
2976
- "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
2977
- "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
2978
- "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"",
2979
- "export HOST="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
2980
- "export ROOT_URL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
2981
- "export HOST_INTERNAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
2982
- "export HOST_CANONICAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
2983
- "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
2984
- "export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
2985
- "export DB_NAME="pan-test-app-dev-api"",
2986
- "export DB_USER="my-user"",
2987
- "export DB_PASSWORD="$CL_dev_api_DB_PASSWORD"",
2988
- "export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
2989
- "export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
2990
- "export CLOUD_RUN_JOB_TRIGGER_URL_migration="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-dev-api-migration:run"",
2991
- "export CLOUD_RUN_JOB_TRIGGER_URL_send_reminders="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-dev-api-send-reminders:run"",
2992
- "export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
2993
- "export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
2994
- "export GCLOUD_DEPLOY_credentialsKey="$CL_dev_api_GCLOUD_DEPLOY_credentialsKey"",
2995
- "export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix"",
2996
- "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"CLOUD_RUN_JOB_TRIGGER_URL_migration\\",\\"CLOUD_RUN_JOB_TRIGGER_URL_send_reminders\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
2997
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
2998
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api"",
2999
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
3000
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
3001
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
3002
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
3003
- "echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
3004
- "gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")",
3005
- "export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
3006
- "echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
3007
- "echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
3008
- "echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
3009
- "cat > ____envvars.yaml <<EOF
3010
- ENV_SHORT: |-
3011
- dev
3012
- APP_DIR: |-
3013
- api
3014
- ENV_TYPE: |-
3015
- dev
3016
- BUILD_INFO_BUILD_ID: |-
3017
- $(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
3018
- BUILD_INFO_BUILD_TIME: |-
3019
- $(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
3020
- BUILD_INFO_CURRENT_VERSION: |-
3021
- $(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed 's/^/ /')
3022
- HOST: |-
3023
- $(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3024
- ROOT_URL: |-
3025
- $(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3026
- HOST_INTERNAL: |-
3027
- $(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3028
- HOST_CANONICAL: |-
3029
- $(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3030
- ROOT_URL_INTERNAL: |-
3031
- $(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3032
- CLOUD_SQL_INSTANCE_CONNECTION_NAME: |-
3033
- projectId:region:instancename
3034
- DB_NAME: |-
3035
- pan-test-app-dev-api
3036
- DB_USER: |-
3037
- my-user
3038
- DB_PASSWORD: |-
3039
- $(printf %s "$CL_dev_api_DB_PASSWORD" | sed 's/^/ /')
3040
- DATABASE_URL: |-
3041
- postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
3042
- DATABASE_JDBC_URL: |-
3043
- jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
3044
- CLOUD_RUN_JOB_TRIGGER_URL_migration: |-
3045
- https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-dev-api-migration:run
3046
- CLOUD_RUN_JOB_TRIGGER_URL_send_reminders: |-
3047
- https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-dev-api-send-reminders:run
3048
- DEPLOY_CLOUD_RUN_PROJECT_ID: |-
3049
- google-project-id
3050
- DEPLOY_CLOUD_RUN_REGION: |-
3051
- europe-west6
3052
- GCLOUD_RUN_canonicalHostSuffix: |-
3053
- $(printf %s "$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
3054
- _ALL_ENV_VAR_KEYS: |-
3055
- ["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","CLOUD_RUN_JOB_TRIGGER_URL_migration","CLOUD_RUN_JOB_TRIGGER_URL_send_reminders","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
3056
-
3057
- EOF
3058
- ",
3059
- "echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
3060
- "echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
3061
- "set +e",
3062
- "echo "ensuring Database..."",
3063
- "gcloud sql databases create pan-test-app-dev-api --instance=instancename --project projectId",
3064
- "set -e",
3065
- "set +e",
3066
- "gcloud scheduler jobs create http pan-test-app-dev-api-send-reminders-scheduler --project=google-project-id --location=europe-west6 --schedule="0 * * * *" --max-retry-attempts=0 --uri="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-dev-api-send-reminders:run" --http-method=POST --oauth-service-account-email=$GCLOUD_PROJECT_NUMBER-compute@developer.gserviceaccount.com",
3067
- "set -e",
3068
- "gcloud scheduler jobs update http pan-test-app-dev-api-send-reminders-scheduler --project=google-project-id --location=europe-west6 --schedule="0 * * * *" --max-retry-attempts=0 --uri="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-dev-api-send-reminders:run" --http-method=POST --oauth-service-account-email=$GCLOUD_PROJECT_NUMBER-compute@developer.gserviceaccount.com",
3069
- "set +e",
3070
- "gcloud run jobs create pan-test-app-dev-api-migration --command="yarn,migrate" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=dev,env-name=dev,build-type=node,cloud-run-job-name=pan-test-app-dev-api-migration --memory=512Mi --task-timeout=10m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0",
3071
- "set -e",
3072
- "gcloud run jobs update pan-test-app-dev-api-migration --command="yarn,migrate" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=dev,env-name=dev,build-type=node,cloud-run-job-name=pan-test-app-dev-api-migration --memory=512Mi --task-timeout=10m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0 ",
3073
- "set +e",
3074
- "gcloud run jobs create pan-test-app-dev-api-send-reminders --command="yarn,job:send-reminders" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=dev,env-name=dev,build-type=node,cloud-run-job-name=pan-test-app-dev-api-send-reminders --memory=512Mi --task-timeout=15m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0",
3075
- "set -e",
3076
- "gcloud run jobs update pan-test-app-dev-api-send-reminders --command="yarn,job:send-reminders" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=dev,env-name=dev,build-type=node,cloud-run-job-name=pan-test-app-dev-api-send-reminders --memory=512Mi --task-timeout=15m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0 ",
3077
- "gcloud run deploy pan-test-app-dev-api --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=dev,env-name=dev,build-type=node,cloud-run-service-name=pan-test-app-dev-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=5 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
3078
- "gcloud run jobs execute pan-test-app-dev-api-migration --project=google-project-id --region=europe-west6",
3079
- "echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
3080
- "echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
3081
- "gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-dev-api --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done",
3082
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api@$version --quiet --delete-tags; done",
3083
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
3084
- "echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
3085
- "echo 'Uploading SBOM to Dependency Track'",
3086
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
3087
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
3088
- ],
3089
- "stage": "deploy dev",
3090
- "variables": {
3091
- "KUBERNETES_CPU_REQUEST": "0.22",
3092
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
3093
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
3094
- },
3095
- },
3096
- "๐Ÿ”น api ๐Ÿ›‘ Stop โš ๏ธ | dev ": {
3097
- "allow_failure": true,
3098
- "artifacts": {
3099
- "reports": {
3100
- "dotenv": "gitlab_environment.env",
3101
- },
3102
- },
3103
- "environment": {
3104
- "action": "stop",
3105
- "name": "dev/api",
3106
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
3107
- },
3108
- "image": "path/to/docker/gcloud:the-version",
3109
- "interruptible": true,
3110
- "needs": [],
3111
- "retry": {
3112
- "max": 2,
3113
- "when": [
3114
- "runner_system_failure",
3115
- "stuck_or_timeout_failure",
3116
- ],
3117
- },
3118
- "rules": [
3119
- {
3120
- "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
3121
- "when": "on_success",
3122
- },
3123
- {
3124
- "when": "manual",
3125
- },
3126
- ],
3127
- "script": [
3128
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
3129
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
3130
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
3131
- "set +e",
3132
- "gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")",
3133
- "gcloud run services delete pan-test-app-dev-api --project=google-project-id --region=europe-west6",
3134
- "gcloud scheduler jobs delete pan-test-app-dev-api-send-reminders-scheduler --project=google-project-id --location=europe-west6",
3135
- "gcloud run jobs executions list --project=google-project-id --region=europe-west6 --job pan-test-app-dev-api-migration --format="value(name)" | xargs -I {} gcloud run jobs executions delete {} --quiet --project=google-project-id --region=europe-west6",
3136
- "gcloud run jobs delete pan-test-app-dev-api-migration --project=google-project-id --region=europe-west6",
3137
- "gcloud run jobs executions list --project=google-project-id --region=europe-west6 --job pan-test-app-dev-api-send-reminders --format="value(name)" | xargs -I {} gcloud run jobs executions delete {} --quiet --project=google-project-id --region=europe-west6",
3138
- "gcloud run jobs delete pan-test-app-dev-api-send-reminders --project=google-project-id --region=europe-west6",
3139
- "gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api --quiet --delete-tags",
3140
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
3141
- "echo 'Disabling component in Dependency Track'",
3142
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
3143
- "set -e",
3144
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
3145
- ],
3146
- "stage": "stop dev",
3147
- "variables": {
3148
- "GIT_STRATEGY": "none",
3149
- "KUBERNETES_CPU_REQUEST": "0.22",
3150
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
3151
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
3152
- },
3153
- },
3154
- "๐Ÿ”น api ๐Ÿงพ sbom | dev ": {
3155
- "allow_failure": true,
3156
- "artifacts": {
3157
- "paths": [
3158
- "__sbom.json",
3159
- ],
3160
- },
3161
- "image": "aquasec/trivy:0.38.3",
3162
- "interruptible": true,
3163
- "needs": [],
3164
- "retry": {
3165
- "max": 2,
3166
- "when": [
3167
- "runner_system_failure",
3168
- "stuck_or_timeout_failure",
3169
- ],
3170
- },
3171
- "script": [
3172
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
3173
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
3174
- "trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
3175
- ],
3176
- "stage": "build",
3177
- "variables": {},
3178
- },
3179
- "๐Ÿ”น www ๐Ÿ”จ docker | dev ": {
3180
- "cache": [
3181
- {
3182
- "key": "www-yarn",
3183
- "paths": [
3184
- "www/.yarn",
3185
- ],
3186
- "policy": "pull",
3187
- },
3188
- ],
3189
- "image": "path/to/docker/docker-build:the-version",
3190
- "interruptible": true,
3191
- "needs": [
3192
- {
3193
- "artifacts": true,
3194
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ”จ app | dev ",
3195
- },
3196
- ],
3197
- "retry": {
3198
- "max": 2,
3199
- "when": [
3200
- "runner_system_failure",
3201
- "stuck_or_timeout_failure",
3202
- ],
3203
- },
3204
- "script": [
3205
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
3206
- "export APP_DIR="www"",
3207
- "export DOCKER_BUILD_CONTEXT="."",
3208
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
3209
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/www"",
3210
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www"",
3211
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
3212
- "export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
3213
- RUN yarn plugin import workspace-tools
3214
- RUN yarn workspaces focus --production && yarn rebuild"",
3215
- "export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node www/package.json /app/www/package.json
3216
- COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
3217
- COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
3218
- COPY --chown=node:node .yarn /app/.yarn"",
3219
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
3220
- "ensureNodeDockerfile",
3221
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
3222
- "gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")",
3223
- "gcloud auth configure-docker europe-west6-docker.pkg.dev",
3224
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-login\\r\\e[0K"",
3225
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-build[collapsed=true]\\r\\e[0KDocker build"",
3226
- "docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1",
3227
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-build\\r\\e[0K"",
3228
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-push[collapsed=true]\\r\\e[0KDocker push and tag"",
3229
- "docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG",
3230
- "docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE",
3231
- "docker push $DOCKER_CACHE_IMAGE",
3232
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-push\\r\\e[0K"",
3233
- ],
3234
- "services": [
3235
- {
3236
- "command": [
3237
- "--tls=false",
3238
- ],
3239
- "name": "docker:24.0.6-dind",
3240
- },
3241
- ],
3242
- "stage": "build",
3243
- "variables": {
3244
- "DOCKER_BUILDKIT": "1",
3245
- "DOCKER_DRIVER": "overlay2",
3246
- "DOCKER_HOST": "tcp://0.0.0.0:2375",
3247
- "DOCKER_TLS_CERTDIR": "",
3248
- "KUBERNETES_CPU_REQUEST": "0.45",
3249
- "KUBERNETES_MEMORY_LIMIT": "2Gi",
3250
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
3251
- },
3252
- },
3253
- "๐Ÿ”น www ๐Ÿš€ Deploy | dev ": {
3254
- "allow_failure": false,
3255
- "artifacts": {
3256
- "reports": {
3257
- "dotenv": "gitlab_environment.env",
3258
- },
3259
- },
3260
- "environment": {
3261
- "auto_stop_in": "4 weeks",
3262
- "name": "dev/www",
3263
- "on_stop": "๐Ÿ”น www ๐Ÿ›‘ Stop โš ๏ธ | dev ",
3264
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
3265
- },
3266
- "image": "path/to/docker/gcloud:the-version",
3267
- "interruptible": true,
3268
- "needs": [
3269
- {
3270
- "artifacts": false,
3271
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ‘ฎ lint",
3272
- },
3273
- {
3274
- "artifacts": false,
3275
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿงช test",
3276
- },
3277
- {
3278
- "artifacts": false,
3279
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ›ก audit",
3280
- },
3281
- {
3282
- "artifacts": false,
3283
- "job": "๐Ÿ”น www ๐Ÿ”จ docker | dev ",
3284
- },
3285
- {
3286
- "artifacts": true,
3287
- "job": "๐Ÿ”น www ๐Ÿงพ sbom | dev ",
3288
- },
3289
- ],
3290
- "retry": {
3291
- "max": 2,
3292
- "when": [
3293
- "runner_system_failure",
3294
- "stuck_or_timeout_failure",
3295
- ],
3296
- },
3297
- "rules": [
3298
- {
3299
- "when": "on_success",
3300
- },
3301
- ],
3302
- "script": [
3303
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
3304
- "export ENV_SHORT="dev"",
3305
- "export APP_DIR="www"",
3306
- "export ENV_TYPE="dev"",
3307
- "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
3308
- "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
3309
- "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"",
3310
- "export HOST="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
3311
- "export ROOT_URL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
3312
- "export HOST_INTERNAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
3313
- "export HOST_CANONICAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
3314
- "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
3315
- "export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
3316
- "export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
3317
- "export GCLOUD_DEPLOY_credentialsKey="$CL_dev_www_GCLOUD_DEPLOY_credentialsKey"",
3318
- "export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix"",
3319
- "export API_URL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"",
3320
- "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\",\\"API_URL\\"]"",
3321
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
3322
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/www"",
3323
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www"",
3324
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
3325
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
3326
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
3327
- "echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
3328
- "gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")",
3329
- "export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
3330
- "echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
3331
- "echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
3332
- "echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
3333
- "cat > ____envvars.yaml <<EOF
3334
- ENV_SHORT: |-
3335
- dev
3336
- APP_DIR: |-
3337
- www
3338
- ENV_TYPE: |-
3339
- dev
3340
- BUILD_INFO_BUILD_ID: |-
3341
- $(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
3342
- BUILD_INFO_BUILD_TIME: |-
3343
- $(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
3344
- BUILD_INFO_CURRENT_VERSION: |-
3345
- $(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed 's/^/ /')
3346
- HOST: |-
3347
- $(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3348
- ROOT_URL: |-
3349
- $(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3350
- HOST_INTERNAL: |-
3351
- $(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3352
- HOST_CANONICAL: |-
3353
- $(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3354
- ROOT_URL_INTERNAL: |-
3355
- $(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3356
- DEPLOY_CLOUD_RUN_PROJECT_ID: |-
3357
- google-project-id
3358
- DEPLOY_CLOUD_RUN_REGION: |-
3359
- europe-west6
3360
- GCLOUD_RUN_canonicalHostSuffix: |-
3361
- $(printf %s "$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
3362
- API_URL: |-
3363
- $(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql" | sed 's/^/ /')
3364
- _ALL_ENV_VAR_KEYS: |-
3365
- ["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
3366
-
3367
- EOF
3368
- ",
3369
- "echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
3370
- "echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
3371
- "gcloud run deploy pan-test-app-dev-www --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/www:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=dev,env-name=dev,build-type=node,cloud-run-service-name=pan-test-app-dev-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
3372
- "echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
3373
- "echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
3374
- "gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-dev-www --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done",
3375
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/www@$version --quiet --delete-tags; done",
3376
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
3377
- "echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
3378
- "echo 'Uploading SBOM to Dependency Track'",
3379
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
3380
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
3381
- ],
3382
- "stage": "deploy dev",
3383
- "variables": {
3384
- "KUBERNETES_CPU_REQUEST": "0.22",
3385
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
3386
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
3387
- },
3388
- },
3389
- "๐Ÿ”น www ๐Ÿ›‘ Stop โš ๏ธ | dev ": {
3390
- "allow_failure": true,
3391
- "artifacts": {
3392
- "reports": {
3393
- "dotenv": "gitlab_environment.env",
3394
- },
3395
- },
3396
- "environment": {
3397
- "action": "stop",
3398
- "name": "dev/www",
3399
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
3400
- },
3401
- "image": "path/to/docker/gcloud:the-version",
3402
- "interruptible": true,
3403
- "needs": [],
3404
- "retry": {
3405
- "max": 2,
3406
- "when": [
3407
- "runner_system_failure",
3408
- "stuck_or_timeout_failure",
3409
- ],
3410
- },
3411
- "rules": [
3412
- {
3413
- "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
3414
- "when": "on_success",
3415
- },
3416
- {
3417
- "when": "manual",
3418
- },
3419
- ],
3420
- "script": [
3421
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
3422
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
3423
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
3424
- "set +e",
3425
- "gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")",
3426
- "gcloud run services delete pan-test-app-dev-www --project=google-project-id --region=europe-west6",
3427
- "gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/www --quiet --delete-tags",
3428
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
3429
- "echo 'Disabling component in Dependency Track'",
3430
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
3431
- "set -e",
3432
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
3433
- ],
3434
- "stage": "stop dev",
3435
- "variables": {
3436
- "GIT_STRATEGY": "none",
3437
- "KUBERNETES_CPU_REQUEST": "0.22",
3438
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
3439
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
3440
- },
3441
- },
3442
- "๐Ÿ”น www ๐Ÿงพ sbom | dev ": {
3443
- "allow_failure": true,
3444
- "artifacts": {
3445
- "paths": [
3446
- "__sbom.json",
3447
- ],
3448
- },
3449
- "image": "aquasec/trivy:0.38.3",
3450
- "interruptible": true,
3451
- "needs": [],
3452
- "retry": {
3453
- "max": 2,
3454
- "when": [
3455
- "runner_system_failure",
3456
- "stuck_or_timeout_failure",
3457
- ],
3458
- },
3459
- "script": [
3460
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
3461
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
3462
- "trivy fs --quiet --format cyclonedx --output "__sbom.json" www",
3463
- ],
3464
- "stage": "build",
3465
- "variables": {},
3466
- },
3467
- },
3468
- "stages": [
3469
- "setup",
3470
- "setup dev",
3471
- "setup review",
3472
- "setup stage",
3473
- "setup prod",
3474
- "test",
3475
- "test dev",
3476
- "test review",
3477
- "test stage",
3478
- "test prod",
3479
- "build",
3480
- "build dev",
3481
- "build review",
3482
- "build stage",
3483
- "build prod",
3484
- "deploy",
3485
- "deploy dev",
3486
- "deploy review",
3487
- "deploy stage",
3488
- "deploy prod",
3489
- "verify",
3490
- "verify dev",
3491
- "verify review",
3492
- "verify stage",
3493
- "verify prod",
3494
- "rollback",
3495
- "rollback dev",
3496
- "rollback review",
3497
- "rollback stage",
3498
- "rollback prod",
3499
- "stop",
3500
- "stop dev",
3501
- "stop review",
3502
- "stop stage",
3503
- "stop prod",
3504
- ],
3505
- "variables": {
3506
- "ARTIFACT_COMPRESSION_LEVEL": "fast",
3507
- "CACHE_COMPRESSION_LEVEL": "fast",
3508
- "FF_USE_FASTZIP": "true",
3509
- "GIT_DEPTH": "1",
3510
- "TRANSFER_METER_FREQUENCY": "5s",
3511
- },
3512
- "workflow": {
3513
- "rules": [
3514
- {
3515
- "if": "$CI_COMMIT_TAG",
3516
- },
3517
- {
3518
- "if": "$CI_COMMIT_MESSAGE =~ /^chore\\(release\\).*/",
3519
- "when": "never",
3520
- },
3521
- {
3522
- "if": "$CI_PIPELINE_SOURCE == "schedule"",
3523
- "when": "never",
3524
- },
3525
- {
3526
- "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+.([0-9]+|x).x$/",
3527
- },
3528
- {
3529
- "if": "$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH",
3530
- },
3531
- {
3532
- "if": "$CI_MERGE_REQUEST_ID",
3533
- },
3534
- ],
3535
- },
3536
- },
3537
- "mr": {
3538
- "image": "path/to/docker/jobs-default:the-version",
3539
- "jobs": {
3540
- "๐Ÿ”ธ myWorkspace ๐Ÿ‘ฎ lint": {
3541
- "cache": [
3542
- {
3543
- "key": ".-yarn",
3544
- "paths": [
3545
- ".yarn",
3546
- ],
3547
- "policy": "pull-push",
3548
- },
3549
- {
3550
- "key": ".-node-modules",
3551
- "paths": [
3552
- "node_modules",
3553
- ],
3554
- "policy": "pull-push",
3555
- },
3556
- {
3557
- "key": "myWorkspace-turbo",
3558
- "paths": [
3559
- ".turbo",
3560
- ],
3561
- "policy": "pull-push",
3562
- },
3563
- ],
3564
- "image": "path/to/docker/jobs-default:the-version",
3565
- "interruptible": true,
3566
- "needs": [],
3567
- "retry": {
3568
- "max": 2,
3569
- "when": [
3570
- "runner_system_failure",
3571
- "stuck_or_timeout_failure",
3572
- ],
3573
- },
3574
- "script": [
3575
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
3576
- "export APP_PATH="."",
3577
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
3578
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
3579
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
3580
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
3581
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
3582
- "cd .",
3583
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
3584
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
3585
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
3586
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
3587
- "echo -e "\\e[0Ksection_start:$(date +%s):yarninstall[collapsed=true]\\r\\e[0KYarn install"",
3588
- "yarn install --immutable",
3589
- "echo -e "\\e[0Ksection_end:$(date +%s):yarninstall\\r\\e[0K"",
3590
- "yarn lint",
3591
- ],
3592
- "stage": "test",
3593
- "variables": {
3594
- "KUBERNETES_CPU_REQUEST": "0.45",
3595
- "KUBERNETES_MEMORY_LIMIT": "4Gi",
3596
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
3597
- },
3598
- },
3599
- "๐Ÿ”ธ myWorkspace ๐Ÿ”จ app | review ": {
3600
- "artifacts": {
3601
- "exclude": [
3602
- "api/.env",
3603
- "www/.env",
3604
- ],
3605
- "expire_in": "1 day",
3606
- "paths": [
3607
- "api/.next",
3608
- "api/dist",
3609
- "www/.next",
3610
- "www/dist",
3611
- ],
3612
- "reports": {},
3613
- "when": "always",
3614
- },
3615
- "cache": [
3616
- {
3617
- "key": ".-yarn",
3618
- "paths": [
3619
- ".yarn",
3620
- ],
3621
- "policy": "pull-push",
3622
- },
3623
- {
3624
- "key": ".-node-modules",
3625
- "paths": [
3626
- "node_modules",
3627
- ],
3628
- "policy": "pull-push",
3629
- },
3630
- {
3631
- "key": "myWorkspace-turbo",
3632
- "paths": [
3633
- ".turbo",
3634
- ],
3635
- "policy": "pull-push",
3636
- },
3637
- {
3638
- "key": "myWorkspace-next-cache",
3639
- "paths": [
3640
- "api/.next/cache",
3641
- "www/.next/cache",
3642
- ],
3643
- "policy": "pull-push",
3644
- },
3645
- ],
3646
- "image": "path/to/docker/jobs-default:the-version",
3647
- "interruptible": true,
3648
- "needs": [],
3649
- "retry": {
3650
- "max": 2,
3651
- "when": [
3652
- "runner_system_failure",
3653
- "stuck_or_timeout_failure",
3654
- ],
3655
- },
3656
- "script": [
3657
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
3658
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
3659
- "echo -e "\\e[0Ksection_start:$(date +%s):write-dotenv-api[collapsed=true]\\r\\e[0Kwrite dot env"",
3660
- "cat <<EOF > api/.env
3661
- ENV_SHORT=review
3662
- APP_DIR=api
3663
- ENV_TYPE=review
3664
- HOST=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
3665
- ROOT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
3666
- HOST_INTERNAL=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
3667
- HOST_CANONICAL=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
3668
- ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
3669
- CLOUD_SQL_INSTANCE_CONNECTION_NAME=projectId:region:instancename
3670
- DB_NAME=pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api
3671
- DB_USER=my-user
3672
- DB_PASSWORD=$CL_review_api_DB_PASSWORD
3673
- DATABASE_URL=postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
3674
- DATABASE_JDBC_URL=jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
3675
- CLOUD_RUN_JOB_TRIGGER_URL_migration=https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-migration:run
3676
- CLOUD_RUN_JOB_TRIGGER_URL_send_reminders=https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-send-reminders:run
3677
- DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
3678
- DEPLOY_CLOUD_RUN_REGION=europe-west6
3679
- GCLOUD_DEPLOY_credentialsKey=$CL_review_api_GCLOUD_DEPLOY_credentialsKey
3680
- GCLOUD_RUN_canonicalHostSuffix=$CL_review_api_GCLOUD_RUN_canonicalHostSuffix
3681
- _ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","CLOUD_RUN_JOB_TRIGGER_URL_migration","CLOUD_RUN_JOB_TRIGGER_URL_send_reminders","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
3682
- EOF",
3683
- "echo -e "\\e[0Ksection_end:$(date +%s):write-dotenv-api\\r\\e[0K"",
3684
- "echo -e "\\e[0Ksection_start:$(date +%s):write-dotenv-www[collapsed=true]\\r\\e[0Kwrite dot env"",
3685
- "cat <<EOF > www/.env
3686
- ENV_SHORT=review
3687
- APP_DIR=www
3688
- ENV_TYPE=review
3689
- HOST=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
3690
- ROOT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
3691
- HOST_INTERNAL=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
3692
- HOST_CANONICAL=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
3693
- ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
3694
- DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
3695
- DEPLOY_CLOUD_RUN_REGION=europe-west6
3696
- GCLOUD_DEPLOY_credentialsKey=$CL_review_www_GCLOUD_DEPLOY_credentialsKey
3697
- GCLOUD_RUN_canonicalHostSuffix=$CL_review_www_GCLOUD_RUN_canonicalHostSuffix
3698
- API_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql
3699
- _ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
3700
- EOF",
3701
- "echo -e "\\e[0Ksection_end:$(date +%s):write-dotenv-www\\r\\e[0K"",
3702
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
3703
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
3704
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
3705
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
3706
- "cd .",
3707
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
3708
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
3709
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
3710
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
3711
- "echo -e "\\e[0Ksection_start:$(date +%s):yarninstall[collapsed=true]\\r\\e[0KYarn install"",
3712
- "yarn install --immutable",
3713
- "echo -e "\\e[0Ksection_end:$(date +%s):yarninstall\\r\\e[0K"",
3714
- "yarn build",
3715
- ],
3716
- "stage": "build",
3717
- "variables": {
3718
- "KUBERNETES_CPU_REQUEST": "0.45",
3719
- "KUBERNETES_MEMORY_LIMIT": "4Gi",
3720
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
3721
- },
3722
- },
3723
- "๐Ÿ”ธ myWorkspace ๐Ÿ›ก audit": {
3724
- "allow_failure": true,
3725
- "image": "path/to/docker/jobs-default:the-version",
3726
- "interruptible": true,
3727
- "needs": [],
3728
- "retry": {
3729
- "max": 2,
3730
- "when": [
3731
- "runner_system_failure",
3732
- "stuck_or_timeout_failure",
3733
- ],
3734
- },
3735
- "script": [
3736
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
3737
- "export APP_PATH="."",
3738
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
3739
- "cd .",
3740
- "yarn npm audit --environment production",
3741
- ],
3742
- "stage": "test",
3743
- "variables": {
3744
- "KUBERNETES_CPU_REQUEST": "0.45",
3745
- "KUBERNETES_MEMORY_LIMIT": "4Gi",
3746
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
3747
- },
3748
- },
3749
- "๐Ÿ”ธ myWorkspace ๐Ÿงช test": {
3750
- "cache": [
3751
- {
3752
- "key": ".-yarn",
3753
- "paths": [
3754
- ".yarn",
3755
- ],
3756
- "policy": "pull-push",
3757
- },
3758
- {
3759
- "key": ".-node-modules",
3760
- "paths": [
3761
- "node_modules",
3762
- ],
3763
- "policy": "pull-push",
3764
- },
3765
- {
3766
- "key": "myWorkspace-turbo",
3767
- "paths": [
3768
- ".turbo",
3769
- ],
3770
- "policy": "pull-push",
3771
- },
3772
- ],
3773
- "image": "path/to/docker/jobs-testing-chrome:the-version",
3774
- "interruptible": true,
3775
- "needs": [],
3776
- "retry": {
3777
- "max": 2,
3778
- "when": [
3779
- "runner_system_failure",
3780
- "stuck_or_timeout_failure",
3781
- ],
3782
- },
3783
- "script": [
3784
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
3785
- "export APP_PATH="."",
3786
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
3787
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
3788
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
3789
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
3790
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
3791
- "cd .",
3792
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
3793
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
3794
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
3795
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
3796
- "echo -e "\\e[0Ksection_start:$(date +%s):yarninstall[collapsed=true]\\r\\e[0KYarn install"",
3797
- "yarn install --immutable",
3798
- "echo -e "\\e[0Ksection_end:$(date +%s):yarninstall\\r\\e[0K"",
3799
- "yarn test",
3800
- ],
3801
- "stage": "test",
3802
- "variables": {
3803
- "KUBERNETES_CPU_REQUEST": "0.45",
3804
- "KUBERNETES_MEMORY_LIMIT": "4Gi",
3805
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
3806
- },
3807
- },
3808
- "๐Ÿ”น api ๐Ÿ”จ docker | review ": {
3809
- "cache": [
3810
- {
3811
- "key": "api-yarn",
3812
- "paths": [
3813
- "api/.yarn",
3814
- ],
3815
- "policy": "pull",
3816
- },
3817
- ],
3818
- "image": "path/to/docker/docker-build:the-version",
3819
- "interruptible": true,
3820
- "needs": [
3821
- {
3822
- "artifacts": true,
3823
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ”จ app | review ",
3824
- },
3825
- ],
3826
- "retry": {
3827
- "max": 2,
3828
- "when": [
3829
- "runner_system_failure",
3830
- "stuck_or_timeout_failure",
3831
- ],
3832
- },
3833
- "script": [
3834
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
3835
- "export APP_DIR="api"",
3836
- "export DOCKER_BUILD_CONTEXT="."",
3837
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
3838
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"",
3839
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
3840
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
3841
- "export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
3842
- RUN yarn plugin import workspace-tools
3843
- RUN yarn workspaces focus --production && yarn rebuild"",
3844
- "export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
3845
- COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
3846
- COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
3847
- COPY --chown=node:node .yarn /app/.yarn"",
3848
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
3849
- "ensureNodeDockerfile",
3850
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
3851
- "gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")",
3852
- "gcloud auth configure-docker europe-west6-docker.pkg.dev",
3853
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-login\\r\\e[0K"",
3854
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-build[collapsed=true]\\r\\e[0KDocker build"",
3855
- "docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1",
3856
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-build\\r\\e[0K"",
3857
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-push[collapsed=true]\\r\\e[0KDocker push and tag"",
3858
- "docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG",
3859
- "docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE",
3860
- "docker push $DOCKER_CACHE_IMAGE",
3861
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-push\\r\\e[0K"",
3862
- ],
3863
- "services": [
3864
- {
3865
- "command": [
3866
- "--tls=false",
3867
- ],
3868
- "name": "docker:24.0.6-dind",
3869
- },
3870
- ],
3871
- "stage": "build",
3872
- "variables": {
3873
- "DOCKER_BUILDKIT": "1",
3874
- "DOCKER_DRIVER": "overlay2",
3875
- "DOCKER_HOST": "tcp://0.0.0.0:2375",
3876
- "DOCKER_TLS_CERTDIR": "",
3877
- "KUBERNETES_CPU_REQUEST": "0.45",
3878
- "KUBERNETES_MEMORY_LIMIT": "2Gi",
3879
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
3880
- },
3881
- },
3882
- "๐Ÿ”น api ๐Ÿš€ Deploy | review ": {
3883
- "allow_failure": false,
3884
- "artifacts": {
3885
- "reports": {
3886
- "dotenv": "gitlab_environment.env",
3887
- },
3888
- },
3889
- "environment": {
3890
- "auto_stop_in": "1 week",
3891
- "name": "review/$CI_COMMIT_REF_NAME/api",
3892
- "on_stop": "๐Ÿ”น api ๐Ÿ›‘ Stop โš ๏ธ | review ",
3893
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
3894
- },
3895
- "image": "path/to/docker/gcloud:the-version",
3896
- "interruptible": true,
3897
- "needs": [
3898
- {
3899
- "artifacts": false,
3900
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ‘ฎ lint",
3901
- },
3902
- {
3903
- "artifacts": false,
3904
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿงช test",
3905
- },
3906
- {
3907
- "artifacts": false,
3908
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ›ก audit",
3909
- },
3910
- {
3911
- "artifacts": false,
3912
- "job": "๐Ÿ”น api ๐Ÿ”จ docker | review ",
3913
- },
3914
- {
3915
- "artifacts": true,
3916
- "job": "๐Ÿ”น api ๐Ÿงพ sbom | review ",
3917
- },
3918
- ],
3919
- "retry": {
3920
- "max": 2,
3921
- "when": [
3922
- "runner_system_failure",
3923
- "stuck_or_timeout_failure",
3924
- ],
3925
- },
3926
- "rules": [
3927
- {
3928
- "when": "on_success",
3929
- },
3930
- ],
3931
- "script": [
3932
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
3933
- "export ENV_SHORT="review"",
3934
- "export APP_DIR="api"",
3935
- "export ENV_TYPE="review"",
3936
- "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
3937
- "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
3938
- "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"",
3939
- "export HOST="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
3940
- "export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
3941
- "export HOST_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
3942
- "export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
3943
- "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
3944
- "export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
3945
- "export DB_NAME="pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"",
3946
- "export DB_USER="my-user"",
3947
- "export DB_PASSWORD="$CL_review_api_DB_PASSWORD"",
3948
- "export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
3949
- "export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
3950
- "export CLOUD_RUN_JOB_TRIGGER_URL_migration="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/$(printf %s \\"pan-test-app-review-$([ -n \\"$CI_MERGE_REQUEST_IID\\" ] && echo \\"mr$CI_MERGE_REQUEST_IID\\" || { [ -n \\"$CI_COMMIT_REF_SLUG\\" ] && echo \\"$CI_COMMIT_REF_SLUG\\" || echo \\"unknown\\"; })-api\\" | awk '{print tolower($0)}')-migration:run"",
3951
- "export CLOUD_RUN_JOB_TRIGGER_URL_send_reminders="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/$(printf %s \\"pan-test-app-review-$([ -n \\"$CI_MERGE_REQUEST_IID\\" ] && echo \\"mr$CI_MERGE_REQUEST_IID\\" || { [ -n \\"$CI_COMMIT_REF_SLUG\\" ] && echo \\"$CI_COMMIT_REF_SLUG\\" || echo \\"unknown\\"; })-api\\" | awk '{print tolower($0)}')-send-reminders:run"",
3952
- "export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
3953
- "export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
3954
- "export GCLOUD_DEPLOY_credentialsKey="$CL_review_api_GCLOUD_DEPLOY_credentialsKey"",
3955
- "export GCLOUD_RUN_canonicalHostSuffix="$CL_review_api_GCLOUD_RUN_canonicalHostSuffix"",
3956
- "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"CLOUD_RUN_JOB_TRIGGER_URL_migration\\",\\"CLOUD_RUN_JOB_TRIGGER_URL_send_reminders\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
3957
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
3958
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"",
3959
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
3960
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
3961
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
3962
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
3963
- "echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
3964
- "gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")",
3965
- "export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
3966
- "echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
3967
- "echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
3968
- "echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
3969
- "cat > ____envvars.yaml <<EOF
3970
- ENV_SHORT: |-
3971
- review
3972
- APP_DIR: |-
3973
- api
3974
- ENV_TYPE: |-
3975
- review
3976
- BUILD_INFO_BUILD_ID: |-
3977
- $(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
3978
- BUILD_INFO_BUILD_TIME: |-
3979
- $(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
3980
- BUILD_INFO_CURRENT_VERSION: |-
3981
- $(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed 's/^/ /')
3982
- HOST: |-
3983
- $(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3984
- ROOT_URL: |-
3985
- $(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3986
- HOST_INTERNAL: |-
3987
- $(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3988
- HOST_CANONICAL: |-
3989
- $(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3990
- ROOT_URL_INTERNAL: |-
3991
- $(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
3992
- CLOUD_SQL_INSTANCE_CONNECTION_NAME: |-
3993
- projectId:region:instancename
3994
- DB_NAME: |-
3995
- $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | sed 's/^/ /')
3996
- DB_USER: |-
3997
- my-user
3998
- DB_PASSWORD: |-
3999
- $(printf %s "$CL_review_api_DB_PASSWORD" | sed 's/^/ /')
4000
- DATABASE_URL: |-
4001
- postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
4002
- DATABASE_JDBC_URL: |-
4003
- jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
4004
- CLOUD_RUN_JOB_TRIGGER_URL_migration: |-
4005
- https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-migration:run
4006
- CLOUD_RUN_JOB_TRIGGER_URL_send_reminders: |-
4007
- https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-send-reminders:run
4008
- DEPLOY_CLOUD_RUN_PROJECT_ID: |-
4009
- google-project-id
4010
- DEPLOY_CLOUD_RUN_REGION: |-
4011
- europe-west6
4012
- GCLOUD_RUN_canonicalHostSuffix: |-
4013
- $(printf %s "$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
4014
- _ALL_ENV_VAR_KEYS: |-
4015
- ["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","CLOUD_RUN_JOB_TRIGGER_URL_migration","CLOUD_RUN_JOB_TRIGGER_URL_send_reminders","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
4016
-
4017
- EOF
4018
- ",
4019
- "echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
4020
- "echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
4021
- "set +e",
4022
- "echo "ensuring Database..."",
4023
- "gcloud sql databases create pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api --instance=instancename --project projectId",
4024
- "set -e",
4025
- "set +e",
4026
- "gcloud scheduler jobs create http $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-send-reminders-scheduler --project=google-project-id --location=europe-west6 --schedule="0 * * * *" --max-retry-attempts=0 --uri="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-send-reminders:run" --http-method=POST --oauth-service-account-email=$GCLOUD_PROJECT_NUMBER-compute@developer.gserviceaccount.com",
4027
- "set -e",
4028
- "gcloud scheduler jobs update http $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-send-reminders-scheduler --project=google-project-id --location=europe-west6 --schedule="0 * * * *" --max-retry-attempts=0 --uri="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-send-reminders:run" --http-method=POST --oauth-service-account-email=$GCLOUD_PROJECT_NUMBER-compute@developer.gserviceaccount.com",
4029
- "set +e",
4030
- "gcloud run jobs create $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-migration --command="yarn,migrate" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-job-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-migration --memory=512Mi --task-timeout=10m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0",
4031
- "set -e",
4032
- "gcloud run jobs update $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-migration --command="yarn,migrate" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-job-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-migration --memory=512Mi --task-timeout=10m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0 ",
4033
- "set +e",
4034
- "gcloud run jobs create $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-send-reminders --command="yarn,job:send-reminders" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-job-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-send-reminders --memory=512Mi --task-timeout=15m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0",
4035
- "set -e",
4036
- "gcloud run jobs update $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-send-reminders --command="yarn,job:send-reminders" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-job-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-send-reminders --memory=512Mi --task-timeout=15m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0 ",
4037
- "gcloud run deploy $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-service-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=5 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
4038
- "gcloud run jobs execute $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-migration --project=google-project-id --region=europe-west6",
4039
- "echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
4040
- "echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
4041
- "gcloud run revisions list --project=google-project-id --region=europe-west6 --service=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done",
4042
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })@$version --quiet --delete-tags; done",
4043
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
4044
- "set +e",
4045
- "gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api --quiet --delete-tags",
4046
- "set -e",
4047
- "echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
4048
- "echo 'Uploading SBOM to Dependency Track'",
4049
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
4050
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
4051
- ],
4052
- "stage": "deploy review",
4053
- "variables": {
4054
- "KUBERNETES_CPU_REQUEST": "0.22",
4055
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
4056
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
4057
- },
4058
- },
4059
- "๐Ÿ”น api ๐Ÿ›‘ Stop โš ๏ธ | review ": {
4060
- "allow_failure": true,
4061
- "artifacts": {
4062
- "reports": {
4063
- "dotenv": "gitlab_environment.env",
4064
- },
4065
- },
4066
- "environment": {
4067
- "action": "stop",
4068
- "name": "review/$CI_COMMIT_REF_NAME/api",
4069
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
4070
- },
4071
- "image": "path/to/docker/gcloud:the-version",
4072
- "interruptible": true,
4073
- "needs": [],
4074
- "retry": {
4075
- "max": 2,
4076
- "when": [
4077
- "runner_system_failure",
4078
- "stuck_or_timeout_failure",
4079
- ],
4080
- },
4081
- "rules": [
4082
- {
4083
- "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
4084
- "when": "on_success",
4085
- },
4086
- {
4087
- "when": "manual",
4088
- },
4089
- ],
4090
- "script": [
4091
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
4092
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
4093
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
4094
- "set +e",
4095
- "gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")",
4096
- "gcloud run services delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --project=google-project-id --region=europe-west6",
4097
- "gcloud scheduler jobs delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-send-reminders-scheduler --project=google-project-id --location=europe-west6",
4098
- "gcloud run jobs executions list --project=google-project-id --region=europe-west6 --job $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-migration --format="value(name)" | xargs -I {} gcloud run jobs executions delete {} --quiet --project=google-project-id --region=europe-west6",
4099
- "gcloud run jobs delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-migration --project=google-project-id --region=europe-west6",
4100
- "gcloud run jobs executions list --project=google-project-id --region=europe-west6 --job $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-send-reminders --format="value(name)" | xargs -I {} gcloud run jobs executions delete {} --quiet --project=google-project-id --region=europe-west6",
4101
- "gcloud run jobs delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}')-send-reminders --project=google-project-id --region=europe-west6",
4102
- "echo "deleting database pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api..."",
4103
- "echo "๐Ÿ‘† this can take multiple attemps (3-5min), because google cloud run may still have a connection to the database after the cloud run service is shut down"",
4104
- "
4105
- until gcloud sql databases delete pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api --instance=instancename --project projectId
4106
- do
4107
- echo "Trying again."
4108
- sleep 10
4109
- done
4110
- ",
4111
- "gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --quiet --delete-tags",
4112
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
4113
- "set +e",
4114
- "gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api --quiet --delete-tags",
4115
- "set -e",
4116
- "echo 'Disabling component in Dependency Track'",
4117
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
4118
- "set -e",
4119
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
4120
- ],
4121
- "stage": "stop review",
4122
- "variables": {
4123
- "GIT_STRATEGY": "none",
4124
- "KUBERNETES_CPU_REQUEST": "0.22",
4125
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
4126
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
4127
- },
4128
- },
4129
- "๐Ÿ”น api ๐Ÿงพ sbom | review ": {
4130
- "allow_failure": true,
4131
- "artifacts": {
4132
- "paths": [
4133
- "__sbom.json",
4134
- ],
4135
- },
4136
- "image": "aquasec/trivy:0.38.3",
4137
- "interruptible": true,
4138
- "needs": [],
4139
- "retry": {
4140
- "max": 2,
4141
- "when": [
4142
- "runner_system_failure",
4143
- "stuck_or_timeout_failure",
4144
- ],
4145
- },
4146
- "script": [
4147
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
4148
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
4149
- "trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
4150
- ],
4151
- "stage": "build",
4152
- "variables": {},
4153
- },
4154
- "๐Ÿ”น www ๐Ÿ”จ docker | review ": {
4155
- "cache": [
4156
- {
4157
- "key": "www-yarn",
4158
- "paths": [
4159
- "www/.yarn",
4160
- ],
4161
- "policy": "pull",
4162
- },
4163
- ],
4164
- "image": "path/to/docker/docker-build:the-version",
4165
- "interruptible": true,
4166
- "needs": [
4167
- {
4168
- "artifacts": true,
4169
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ”จ app | review ",
4170
- },
4171
- ],
4172
- "retry": {
4173
- "max": 2,
4174
- "when": [
4175
- "runner_system_failure",
4176
- "stuck_or_timeout_failure",
4177
- ],
4178
- },
4179
- "script": [
4180
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
4181
- "export APP_DIR="www"",
4182
- "export DOCKER_BUILD_CONTEXT="."",
4183
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
4184
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"",
4185
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www"",
4186
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
4187
- "export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
4188
- RUN yarn plugin import workspace-tools
4189
- RUN yarn workspaces focus --production && yarn rebuild"",
4190
- "export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node www/package.json /app/www/package.json
4191
- COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
4192
- COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
4193
- COPY --chown=node:node .yarn /app/.yarn"",
4194
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
4195
- "ensureNodeDockerfile",
4196
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
4197
- "gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")",
4198
- "gcloud auth configure-docker europe-west6-docker.pkg.dev",
4199
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-login\\r\\e[0K"",
4200
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-build[collapsed=true]\\r\\e[0KDocker build"",
4201
- "docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1",
4202
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-build\\r\\e[0K"",
4203
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-push[collapsed=true]\\r\\e[0KDocker push and tag"",
4204
- "docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG",
4205
- "docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE",
4206
- "docker push $DOCKER_CACHE_IMAGE",
4207
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-push\\r\\e[0K"",
4208
- ],
4209
- "services": [
4210
- {
4211
- "command": [
4212
- "--tls=false",
4213
- ],
4214
- "name": "docker:24.0.6-dind",
4215
- },
4216
- ],
4217
- "stage": "build",
4218
- "variables": {
4219
- "DOCKER_BUILDKIT": "1",
4220
- "DOCKER_DRIVER": "overlay2",
4221
- "DOCKER_HOST": "tcp://0.0.0.0:2375",
4222
- "DOCKER_TLS_CERTDIR": "",
4223
- "KUBERNETES_CPU_REQUEST": "0.45",
4224
- "KUBERNETES_MEMORY_LIMIT": "2Gi",
4225
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
4226
- },
4227
- },
4228
- "๐Ÿ”น www ๐Ÿš€ Deploy | review ": {
4229
- "allow_failure": false,
4230
- "artifacts": {
4231
- "reports": {
4232
- "dotenv": "gitlab_environment.env",
4233
- },
4234
- },
4235
- "environment": {
4236
- "auto_stop_in": "1 week",
4237
- "name": "review/$CI_COMMIT_REF_NAME/www",
4238
- "on_stop": "๐Ÿ”น www ๐Ÿ›‘ Stop โš ๏ธ | review ",
4239
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
4240
- },
4241
- "image": "path/to/docker/gcloud:the-version",
4242
- "interruptible": true,
4243
- "needs": [
4244
- {
4245
- "artifacts": false,
4246
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ‘ฎ lint",
4247
- },
4248
- {
4249
- "artifacts": false,
4250
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿงช test",
4251
- },
4252
- {
4253
- "artifacts": false,
4254
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ›ก audit",
4255
- },
4256
- {
4257
- "artifacts": false,
4258
- "job": "๐Ÿ”น www ๐Ÿ”จ docker | review ",
4259
- },
4260
- {
4261
- "artifacts": true,
4262
- "job": "๐Ÿ”น www ๐Ÿงพ sbom | review ",
4263
- },
4264
- ],
4265
- "retry": {
4266
- "max": 2,
4267
- "when": [
4268
- "runner_system_failure",
4269
- "stuck_or_timeout_failure",
4270
- ],
4271
- },
4272
- "rules": [
4273
- {
4274
- "when": "on_success",
4275
- },
4276
- ],
4277
- "script": [
4278
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
4279
- "export ENV_SHORT="review"",
4280
- "export APP_DIR="www"",
4281
- "export ENV_TYPE="review"",
4282
- "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
4283
- "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
4284
- "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"",
4285
- "export HOST="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
4286
- "export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
4287
- "export HOST_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
4288
- "export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
4289
- "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
4290
- "export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
4291
- "export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
4292
- "export GCLOUD_DEPLOY_credentialsKey="$CL_review_www_GCLOUD_DEPLOY_credentialsKey"",
4293
- "export GCLOUD_RUN_canonicalHostSuffix="$CL_review_www_GCLOUD_RUN_canonicalHostSuffix"",
4294
- "export API_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"",
4295
- "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\",\\"API_URL\\"]"",
4296
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
4297
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"",
4298
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www"",
4299
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
4300
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
4301
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
4302
- "echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
4303
- "gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")",
4304
- "export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
4305
- "echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
4306
- "echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
4307
- "echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
4308
- "cat > ____envvars.yaml <<EOF
4309
- ENV_SHORT: |-
4310
- review
4311
- APP_DIR: |-
4312
- www
4313
- ENV_TYPE: |-
4314
- review
4315
- BUILD_INFO_BUILD_ID: |-
4316
- $(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
4317
- BUILD_INFO_BUILD_TIME: |-
4318
- $(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
4319
- BUILD_INFO_CURRENT_VERSION: |-
4320
- $(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed 's/^/ /')
4321
- HOST: |-
4322
- $(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
4323
- ROOT_URL: |-
4324
- $(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
4325
- HOST_INTERNAL: |-
4326
- $(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
4327
- HOST_CANONICAL: |-
4328
- $(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
4329
- ROOT_URL_INTERNAL: |-
4330
- $(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
4331
- DEPLOY_CLOUD_RUN_PROJECT_ID: |-
4332
- google-project-id
4333
- DEPLOY_CLOUD_RUN_REGION: |-
4334
- europe-west6
4335
- GCLOUD_RUN_canonicalHostSuffix: |-
4336
- $(printf %s "$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
4337
- API_URL: |-
4338
- $(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql" | sed 's/^/ /')
4339
- _ALL_ENV_VAR_KEYS: |-
4340
- ["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
4341
-
4342
- EOF
4343
- ",
4344
- "echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
4345
- "echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
4346
- "gcloud run deploy $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-service-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
4347
- "echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
4348
- "echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
4349
- "gcloud run revisions list --project=google-project-id --region=europe-west6 --service=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done",
4350
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })@$version --quiet --delete-tags; done",
4351
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
4352
- "set +e",
4353
- "gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www --quiet --delete-tags",
4354
- "set -e",
4355
- "echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
4356
- "echo 'Uploading SBOM to Dependency Track'",
4357
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
4358
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
4359
- ],
4360
- "stage": "deploy review",
4361
- "variables": {
4362
- "KUBERNETES_CPU_REQUEST": "0.22",
4363
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
4364
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
4365
- },
4366
- },
4367
- "๐Ÿ”น www ๐Ÿ›‘ Stop โš ๏ธ | review ": {
4368
- "allow_failure": true,
4369
- "artifacts": {
4370
- "reports": {
4371
- "dotenv": "gitlab_environment.env",
4372
- },
4373
- },
4374
- "environment": {
4375
- "action": "stop",
4376
- "name": "review/$CI_COMMIT_REF_NAME/www",
4377
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
4378
- },
4379
- "image": "path/to/docker/gcloud:the-version",
4380
- "interruptible": true,
4381
- "needs": [],
4382
- "retry": {
4383
- "max": 2,
4384
- "when": [
4385
- "runner_system_failure",
4386
- "stuck_or_timeout_failure",
4387
- ],
4388
- },
4389
- "rules": [
4390
- {
4391
- "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
4392
- "when": "on_success",
4393
- },
4394
- {
4395
- "when": "manual",
4396
- },
4397
- ],
4398
- "script": [
4399
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
4400
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
4401
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
4402
- "set +e",
4403
- "gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")",
4404
- "gcloud run services delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --project=google-project-id --region=europe-west6",
4405
- "gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --quiet --delete-tags",
4406
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
4407
- "set +e",
4408
- "gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www --quiet --delete-tags",
4409
- "set -e",
4410
- "echo 'Disabling component in Dependency Track'",
4411
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
4412
- "set -e",
4413
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
4414
- ],
4415
- "stage": "stop review",
4416
- "variables": {
4417
- "GIT_STRATEGY": "none",
4418
- "KUBERNETES_CPU_REQUEST": "0.22",
4419
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
4420
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
4421
- },
4422
- },
4423
- "๐Ÿ”น www ๐Ÿงพ sbom | review ": {
4424
- "allow_failure": true,
4425
- "artifacts": {
4426
- "paths": [
4427
- "__sbom.json",
4428
- ],
4429
- },
4430
- "image": "aquasec/trivy:0.38.3",
4431
- "interruptible": true,
4432
- "needs": [],
4433
- "retry": {
4434
- "max": 2,
4435
- "when": [
4436
- "runner_system_failure",
4437
- "stuck_or_timeout_failure",
4438
- ],
4439
- },
4440
- "script": [
4441
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
4442
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
4443
- "trivy fs --quiet --format cyclonedx --output "__sbom.json" www",
4444
- ],
4445
- "stage": "build",
4446
- "variables": {},
4447
- },
4448
- },
4449
- "stages": [
4450
- "setup",
4451
- "setup dev",
4452
- "setup review",
4453
- "setup stage",
4454
- "setup prod",
4455
- "test",
4456
- "test dev",
4457
- "test review",
4458
- "test stage",
4459
- "test prod",
4460
- "build",
4461
- "build dev",
4462
- "build review",
4463
- "build stage",
4464
- "build prod",
4465
- "deploy",
4466
- "deploy dev",
4467
- "deploy review",
4468
- "deploy stage",
4469
- "deploy prod",
4470
- "verify",
4471
- "verify dev",
4472
- "verify review",
4473
- "verify stage",
4474
- "verify prod",
4475
- "rollback",
4476
- "rollback dev",
4477
- "rollback review",
4478
- "rollback stage",
4479
- "rollback prod",
4480
- "stop",
4481
- "stop dev",
4482
- "stop review",
4483
- "stop stage",
4484
- "stop prod",
4485
- ],
4486
- "variables": {
4487
- "ARTIFACT_COMPRESSION_LEVEL": "fast",
4488
- "CACHE_COMPRESSION_LEVEL": "fast",
4489
- "FF_USE_FASTZIP": "true",
4490
- "GIT_DEPTH": "1",
4491
- "TRANSFER_METER_FREQUENCY": "5s",
4492
- },
4493
- "workflow": {
4494
- "rules": [
4495
- {
4496
- "if": "$CI_COMMIT_TAG",
4497
- },
4498
- {
4499
- "if": "$CI_COMMIT_MESSAGE =~ /^chore\\(release\\).*/",
4500
- "when": "never",
4501
- },
4502
- {
4503
- "if": "$CI_PIPELINE_SOURCE == "schedule"",
4504
- "when": "never",
4505
- },
4506
- {
4507
- "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+.([0-9]+|x).x$/",
4508
- },
4509
- {
4510
- "if": "$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH",
4511
- },
4512
- {
4513
- "if": "$CI_MERGE_REQUEST_ID",
4514
- },
4515
- ],
4516
- },
4517
- },
4518
- "taggedRelease": {
4519
- "image": "path/to/docker/jobs-default:the-version",
4520
- "jobs": {
4521
- "๐Ÿ”ธ myWorkspace ๐Ÿ”จ app | prod ": {
4522
- "artifacts": {
4523
- "exclude": [
4524
- "api/.env",
4525
- "www/.env",
4526
- ],
4527
- "expire_in": "1 day",
4528
- "paths": [
4529
- "api/.next",
4530
- "api/dist",
4531
- "www/.next",
4532
- "www/dist",
4533
- ],
4534
- "reports": {},
4535
- "when": "always",
4536
- },
4537
- "cache": [
4538
- {
4539
- "key": ".-yarn",
4540
- "paths": [
4541
- ".yarn",
4542
- ],
4543
- "policy": "pull-push",
4544
- },
4545
- {
4546
- "key": ".-node-modules",
4547
- "paths": [
4548
- "node_modules",
4549
- ],
4550
- "policy": "pull-push",
4551
- },
4552
- {
4553
- "key": "myWorkspace-turbo",
4554
- "paths": [
4555
- ".turbo",
4556
- ],
4557
- "policy": "pull-push",
4558
- },
4559
- {
4560
- "key": "myWorkspace-next-cache",
4561
- "paths": [
4562
- "api/.next/cache",
4563
- "www/.next/cache",
4564
- ],
4565
- "policy": "pull-push",
4566
- },
4567
- ],
4568
- "image": "path/to/docker/jobs-default:the-version",
4569
- "interruptible": true,
4570
- "needs": [],
4571
- "retry": {
4572
- "max": 2,
4573
- "when": [
4574
- "runner_system_failure",
4575
- "stuck_or_timeout_failure",
4576
- ],
4577
- },
4578
- "script": [
4579
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
4580
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
4581
- "echo -e "\\e[0Ksection_start:$(date +%s):write-dotenv-api[collapsed=true]\\r\\e[0Kwrite dot env"",
4582
- "cat <<EOF > api/.env
4583
- ENV_SHORT=prod
4584
- APP_DIR=api
4585
- ENV_TYPE=prod
4586
- HOST=$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4587
- ROOT_URL=https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4588
- HOST_INTERNAL=$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4589
- HOST_CANONICAL=$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4590
- ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4591
- CLOUD_SQL_INSTANCE_CONNECTION_NAME=projectId:region:instancename
4592
- DB_NAME=pan-test-app-prod-api
4593
- DB_USER=my-user
4594
- DB_PASSWORD=$CL_prod_api_DB_PASSWORD
4595
- DATABASE_URL=postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
4596
- DATABASE_JDBC_URL=jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
4597
- CLOUD_RUN_JOB_TRIGGER_URL_migration=https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-prod-api-migration:run
4598
- CLOUD_RUN_JOB_TRIGGER_URL_send_reminders=https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-prod-api-send-reminders:run
4599
- DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
4600
- DEPLOY_CLOUD_RUN_REGION=europe-west6
4601
- GCLOUD_DEPLOY_credentialsKey=$CL_prod_api_GCLOUD_DEPLOY_credentialsKey
4602
- GCLOUD_RUN_canonicalHostSuffix=$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix
4603
- _ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","CLOUD_RUN_JOB_TRIGGER_URL_migration","CLOUD_RUN_JOB_TRIGGER_URL_send_reminders","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
4604
- EOF",
4605
- "echo -e "\\e[0Ksection_end:$(date +%s):write-dotenv-api\\r\\e[0K"",
4606
- "echo -e "\\e[0Ksection_start:$(date +%s):write-dotenv-www[collapsed=true]\\r\\e[0Kwrite dot env"",
4607
- "cat <<EOF > www/.env
4608
- ENV_SHORT=prod
4609
- APP_DIR=www
4610
- ENV_TYPE=prod
4611
- HOST=$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4612
- ROOT_URL=https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4613
- HOST_INTERNAL=$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4614
- HOST_CANONICAL=$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4615
- ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4616
- DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
4617
- DEPLOY_CLOUD_RUN_REGION=europe-west6
4618
- GCLOUD_DEPLOY_credentialsKey=$CL_prod_www_GCLOUD_DEPLOY_credentialsKey
4619
- GCLOUD_RUN_canonicalHostSuffix=$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix
4620
- API_URL=https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql
4621
- _ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
4622
- EOF",
4623
- "echo -e "\\e[0Ksection_end:$(date +%s):write-dotenv-www\\r\\e[0K"",
4624
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
4625
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
4626
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
4627
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
4628
- "cd .",
4629
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
4630
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
4631
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
4632
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
4633
- "echo -e "\\e[0Ksection_start:$(date +%s):yarninstall[collapsed=true]\\r\\e[0KYarn install"",
4634
- "yarn install --immutable",
4635
- "echo -e "\\e[0Ksection_end:$(date +%s):yarninstall\\r\\e[0K"",
4636
- "yarn build",
4637
- ],
4638
- "stage": "build",
4639
- "variables": {
4640
- "KUBERNETES_CPU_REQUEST": "0.45",
4641
- "KUBERNETES_MEMORY_LIMIT": "4Gi",
4642
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
4643
- },
4644
- },
4645
- "๐Ÿ”ธ myWorkspace ๐Ÿ”จ app | stage ": {
4646
- "artifacts": {
4647
- "exclude": [
4648
- "api/.env",
4649
- "www/.env",
4650
- ],
4651
- "expire_in": "1 day",
4652
- "paths": [
4653
- "api/.next",
4654
- "api/dist",
4655
- "www/.next",
4656
- "www/dist",
4657
- ],
4658
- "reports": {},
4659
- "when": "always",
4660
- },
4661
- "cache": [
4662
- {
4663
- "key": ".-yarn",
4664
- "paths": [
4665
- ".yarn",
4666
- ],
4667
- "policy": "pull-push",
4668
- },
4669
- {
4670
- "key": ".-node-modules",
4671
- "paths": [
4672
- "node_modules",
4673
- ],
4674
- "policy": "pull-push",
4675
- },
4676
- {
4677
- "key": "myWorkspace-turbo",
4678
- "paths": [
4679
- ".turbo",
4680
- ],
4681
- "policy": "pull-push",
4682
- },
4683
- {
4684
- "key": "myWorkspace-next-cache",
4685
- "paths": [
4686
- "api/.next/cache",
4687
- "www/.next/cache",
4688
- ],
4689
- "policy": "pull-push",
4690
- },
4691
- ],
4692
- "image": "path/to/docker/jobs-default:the-version",
4693
- "interruptible": true,
4694
- "needs": [],
4695
- "retry": {
4696
- "max": 2,
4697
- "when": [
4698
- "runner_system_failure",
4699
- "stuck_or_timeout_failure",
4700
- ],
4701
- },
4702
- "script": [
4703
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
4704
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
4705
- "echo -e "\\e[0Ksection_start:$(date +%s):write-dotenv-api[collapsed=true]\\r\\e[0Kwrite dot env"",
4706
- "cat <<EOF > api/.env
4707
- ENV_SHORT=stage
4708
- APP_DIR=api
4709
- ENV_TYPE=stage
4710
- HOST=$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4711
- ROOT_URL=https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4712
- HOST_INTERNAL=$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4713
- HOST_CANONICAL=$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4714
- ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4715
- CLOUD_SQL_INSTANCE_CONNECTION_NAME=projectId:region:instancename
4716
- DB_NAME=pan-test-app-stage-api
4717
- DB_USER=my-user
4718
- DB_PASSWORD=$CL_stage_api_DB_PASSWORD
4719
- DATABASE_URL=postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
4720
- DATABASE_JDBC_URL=jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
4721
- CLOUD_RUN_JOB_TRIGGER_URL_migration=https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-stage-api-migration:run
4722
- CLOUD_RUN_JOB_TRIGGER_URL_send_reminders=https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-stage-api-send-reminders:run
4723
- DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
4724
- DEPLOY_CLOUD_RUN_REGION=europe-west6
4725
- GCLOUD_DEPLOY_credentialsKey=$CL_stage_api_GCLOUD_DEPLOY_credentialsKey
4726
- GCLOUD_RUN_canonicalHostSuffix=$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix
4727
- _ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","CLOUD_RUN_JOB_TRIGGER_URL_migration","CLOUD_RUN_JOB_TRIGGER_URL_send_reminders","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
4728
- EOF",
4729
- "echo -e "\\e[0Ksection_end:$(date +%s):write-dotenv-api\\r\\e[0K"",
4730
- "echo -e "\\e[0Ksection_start:$(date +%s):write-dotenv-www[collapsed=true]\\r\\e[0Kwrite dot env"",
4731
- "cat <<EOF > www/.env
4732
- ENV_SHORT=stage
4733
- APP_DIR=www
4734
- ENV_TYPE=stage
4735
- HOST=$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4736
- ROOT_URL=https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4737
- HOST_INTERNAL=$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4738
- HOST_CANONICAL=$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4739
- ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
4740
- DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
4741
- DEPLOY_CLOUD_RUN_REGION=europe-west6
4742
- GCLOUD_DEPLOY_credentialsKey=$CL_stage_www_GCLOUD_DEPLOY_credentialsKey
4743
- GCLOUD_RUN_canonicalHostSuffix=$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix
4744
- API_URL=https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql
4745
- _ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
4746
- EOF",
4747
- "echo -e "\\e[0Ksection_end:$(date +%s):write-dotenv-www\\r\\e[0K"",
4748
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
4749
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
4750
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
4751
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
4752
- "cd .",
4753
- "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
4754
- "if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi",
4755
- "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
4756
- "echo -e "\\e[0Ksection_end:$(date +%s):nodeinstall\\r\\e[0K"",
4757
- "echo -e "\\e[0Ksection_start:$(date +%s):yarninstall[collapsed=true]\\r\\e[0KYarn install"",
4758
- "yarn install --immutable",
4759
- "echo -e "\\e[0Ksection_end:$(date +%s):yarninstall\\r\\e[0K"",
4760
- "yarn build",
4761
- ],
4762
- "stage": "build",
4763
- "variables": {
4764
- "KUBERNETES_CPU_REQUEST": "0.45",
4765
- "KUBERNETES_MEMORY_LIMIT": "4Gi",
4766
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
4767
- },
4768
- },
4769
- "๐Ÿ”น api ๐Ÿ”จ docker | prod ": {
4770
- "cache": [
4771
- {
4772
- "key": "api-yarn",
4773
- "paths": [
4774
- "api/.yarn",
4775
- ],
4776
- "policy": "pull",
4777
- },
4778
- ],
4779
- "image": "path/to/docker/docker-build:the-version",
4780
- "interruptible": true,
4781
- "needs": [
4782
- {
4783
- "artifacts": true,
4784
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ”จ app | prod ",
4785
- },
4786
- ],
4787
- "retry": {
4788
- "max": 2,
4789
- "when": [
4790
- "runner_system_failure",
4791
- "stuck_or_timeout_failure",
4792
- ],
4793
- },
4794
- "script": [
4795
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
4796
- "export APP_DIR="api"",
4797
- "export DOCKER_BUILD_CONTEXT="."",
4798
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
4799
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api"",
4800
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
4801
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
4802
- "export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
4803
- RUN yarn plugin import workspace-tools
4804
- RUN yarn workspaces focus --production && yarn rebuild"",
4805
- "export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
4806
- COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
4807
- COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
4808
- COPY --chown=node:node .yarn /app/.yarn"",
4809
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
4810
- "ensureNodeDockerfile",
4811
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
4812
- "gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")",
4813
- "gcloud auth configure-docker europe-west6-docker.pkg.dev",
4814
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-login\\r\\e[0K"",
4815
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-build[collapsed=true]\\r\\e[0KDocker build"",
4816
- "docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1",
4817
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-build\\r\\e[0K"",
4818
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-push[collapsed=true]\\r\\e[0KDocker push and tag"",
4819
- "docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG",
4820
- "docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE",
4821
- "docker push $DOCKER_CACHE_IMAGE",
4822
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-push\\r\\e[0K"",
4823
- ],
4824
- "services": [
4825
- {
4826
- "command": [
4827
- "--tls=false",
4828
- ],
4829
- "name": "docker:24.0.6-dind",
4830
- },
4831
- ],
4832
- "stage": "build",
4833
- "variables": {
4834
- "DOCKER_BUILDKIT": "1",
4835
- "DOCKER_DRIVER": "overlay2",
4836
- "DOCKER_HOST": "tcp://0.0.0.0:2375",
4837
- "DOCKER_TLS_CERTDIR": "",
4838
- "KUBERNETES_CPU_REQUEST": "0.45",
4839
- "KUBERNETES_MEMORY_LIMIT": "2Gi",
4840
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
4841
- },
4842
- },
4843
- "๐Ÿ”น api ๐Ÿ”จ docker | stage ": {
4844
- "cache": [
4845
- {
4846
- "key": "api-yarn",
4847
- "paths": [
4848
- "api/.yarn",
4849
- ],
4850
- "policy": "pull",
4851
- },
4852
- ],
4853
- "image": "path/to/docker/docker-build:the-version",
4854
- "interruptible": true,
4855
- "needs": [
4856
- {
4857
- "artifacts": true,
4858
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ”จ app | stage ",
4859
- },
4860
- ],
4861
- "retry": {
4862
- "max": 2,
4863
- "when": [
4864
- "runner_system_failure",
4865
- "stuck_or_timeout_failure",
4866
- ],
4867
- },
4868
- "script": [
4869
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
4870
- "export APP_DIR="api"",
4871
- "export DOCKER_BUILD_CONTEXT="."",
4872
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
4873
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api"",
4874
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
4875
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
4876
- "export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
4877
- RUN yarn plugin import workspace-tools
4878
- RUN yarn workspaces focus --production && yarn rebuild"",
4879
- "export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node api/package.json /app/api/package.json
4880
- COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
4881
- COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
4882
- COPY --chown=node:node .yarn /app/.yarn"",
4883
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
4884
- "ensureNodeDockerfile",
4885
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
4886
- "gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")",
4887
- "gcloud auth configure-docker europe-west6-docker.pkg.dev",
4888
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-login\\r\\e[0K"",
4889
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-build[collapsed=true]\\r\\e[0KDocker build"",
4890
- "docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1",
4891
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-build\\r\\e[0K"",
4892
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-push[collapsed=true]\\r\\e[0KDocker push and tag"",
4893
- "docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG",
4894
- "docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE",
4895
- "docker push $DOCKER_CACHE_IMAGE",
4896
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-push\\r\\e[0K"",
4897
- ],
4898
- "services": [
4899
- {
4900
- "command": [
4901
- "--tls=false",
4902
- ],
4903
- "name": "docker:24.0.6-dind",
4904
- },
4905
- ],
4906
- "stage": "build",
4907
- "variables": {
4908
- "DOCKER_BUILDKIT": "1",
4909
- "DOCKER_DRIVER": "overlay2",
4910
- "DOCKER_HOST": "tcp://0.0.0.0:2375",
4911
- "DOCKER_TLS_CERTDIR": "",
4912
- "KUBERNETES_CPU_REQUEST": "0.45",
4913
- "KUBERNETES_MEMORY_LIMIT": "2Gi",
4914
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
4915
- },
4916
- },
4917
- "๐Ÿ”น api ๐Ÿš€ Deploy | prod ": {
4918
- "allow_failure": true,
4919
- "artifacts": {
4920
- "reports": {
4921
- "dotenv": "gitlab_environment.env",
4922
- },
4923
- },
4924
- "environment": {
4925
- "auto_stop_in": undefined,
4926
- "name": "prod/api",
4927
- "on_stop": "๐Ÿ”น api ๐Ÿ›‘ Stop โš ๏ธ | prod ",
4928
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
4929
- },
4930
- "image": "path/to/docker/gcloud:the-version",
4931
- "interruptible": true,
4932
- "needs": [
4933
- {
4934
- "artifacts": false,
4935
- "job": "๐Ÿ”น api ๐Ÿ”จ docker | prod ",
4936
- },
4937
- {
4938
- "artifacts": true,
4939
- "job": "๐Ÿ”น api ๐Ÿงพ sbom | prod ",
4940
- },
4941
- ],
4942
- "retry": {
4943
- "max": 2,
4944
- "when": [
4945
- "runner_system_failure",
4946
- "stuck_or_timeout_failure",
4947
- ],
4948
- },
4949
- "rules": [
4950
- {
4951
- "when": "manual",
4952
- },
4953
- ],
4954
- "script": [
4955
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
4956
- "export ENV_SHORT="prod"",
4957
- "export APP_DIR="api"",
4958
- "export ENV_TYPE="prod"",
4959
- "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
4960
- "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
4961
- "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"",
4962
- "export HOST="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
4963
- "export ROOT_URL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
4964
- "export HOST_INTERNAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
4965
- "export HOST_CANONICAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
4966
- "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
4967
- "export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
4968
- "export DB_NAME="pan-test-app-prod-api"",
4969
- "export DB_USER="my-user"",
4970
- "export DB_PASSWORD="$CL_prod_api_DB_PASSWORD"",
4971
- "export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
4972
- "export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
4973
- "export CLOUD_RUN_JOB_TRIGGER_URL_migration="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-prod-api-migration:run"",
4974
- "export CLOUD_RUN_JOB_TRIGGER_URL_send_reminders="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-prod-api-send-reminders:run"",
4975
- "export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
4976
- "export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
4977
- "export GCLOUD_DEPLOY_credentialsKey="$CL_prod_api_GCLOUD_DEPLOY_credentialsKey"",
4978
- "export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix"",
4979
- "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"CLOUD_RUN_JOB_TRIGGER_URL_migration\\",\\"CLOUD_RUN_JOB_TRIGGER_URL_send_reminders\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
4980
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
4981
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api"",
4982
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
4983
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
4984
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
4985
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
4986
- "echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
4987
- "gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")",
4988
- "export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
4989
- "echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
4990
- "echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
4991
- "echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
4992
- "cat > ____envvars.yaml <<EOF
4993
- ENV_SHORT: |-
4994
- prod
4995
- APP_DIR: |-
4996
- api
4997
- ENV_TYPE: |-
4998
- prod
4999
- BUILD_INFO_BUILD_ID: |-
5000
- $(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
5001
- BUILD_INFO_BUILD_TIME: |-
5002
- $(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
5003
- BUILD_INFO_CURRENT_VERSION: |-
5004
- $(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed 's/^/ /')
5005
- HOST: |-
5006
- $(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5007
- ROOT_URL: |-
5008
- $(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5009
- HOST_INTERNAL: |-
5010
- $(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5011
- HOST_CANONICAL: |-
5012
- $(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5013
- ROOT_URL_INTERNAL: |-
5014
- $(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5015
- CLOUD_SQL_INSTANCE_CONNECTION_NAME: |-
5016
- projectId:region:instancename
5017
- DB_NAME: |-
5018
- pan-test-app-prod-api
5019
- DB_USER: |-
5020
- my-user
5021
- DB_PASSWORD: |-
5022
- $(printf %s "$CL_prod_api_DB_PASSWORD" | sed 's/^/ /')
5023
- DATABASE_URL: |-
5024
- postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
5025
- DATABASE_JDBC_URL: |-
5026
- jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
5027
- CLOUD_RUN_JOB_TRIGGER_URL_migration: |-
5028
- https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-prod-api-migration:run
5029
- CLOUD_RUN_JOB_TRIGGER_URL_send_reminders: |-
5030
- https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-prod-api-send-reminders:run
5031
- DEPLOY_CLOUD_RUN_PROJECT_ID: |-
5032
- google-project-id
5033
- DEPLOY_CLOUD_RUN_REGION: |-
5034
- europe-west6
5035
- GCLOUD_RUN_canonicalHostSuffix: |-
5036
- $(printf %s "$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
5037
- _ALL_ENV_VAR_KEYS: |-
5038
- ["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","CLOUD_RUN_JOB_TRIGGER_URL_migration","CLOUD_RUN_JOB_TRIGGER_URL_send_reminders","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
5039
-
5040
- EOF
5041
- ",
5042
- "echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
5043
- "echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
5044
- "set +e",
5045
- "echo "ensuring Database..."",
5046
- "gcloud sql databases create pan-test-app-prod-api --instance=instancename --project projectId",
5047
- "set -e",
5048
- "set +e",
5049
- "gcloud scheduler jobs create http pan-test-app-prod-api-send-reminders-scheduler --project=google-project-id --location=europe-west6 --schedule="0 * * * *" --max-retry-attempts=0 --uri="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-prod-api-send-reminders:run" --http-method=POST --oauth-service-account-email=$GCLOUD_PROJECT_NUMBER-compute@developer.gserviceaccount.com",
5050
- "set -e",
5051
- "gcloud scheduler jobs update http pan-test-app-prod-api-send-reminders-scheduler --project=google-project-id --location=europe-west6 --schedule="0 * * * *" --max-retry-attempts=0 --uri="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-prod-api-send-reminders:run" --http-method=POST --oauth-service-account-email=$GCLOUD_PROJECT_NUMBER-compute@developer.gserviceaccount.com",
5052
- "set +e",
5053
- "gcloud run jobs create pan-test-app-prod-api-migration --command="yarn,migrate" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=prod,env-name=prod,build-type=node,cloud-run-job-name=pan-test-app-prod-api-migration --memory=512Mi --task-timeout=10m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0",
5054
- "set -e",
5055
- "gcloud run jobs update pan-test-app-prod-api-migration --command="yarn,migrate" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=prod,env-name=prod,build-type=node,cloud-run-job-name=pan-test-app-prod-api-migration --memory=512Mi --task-timeout=10m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0 ",
5056
- "set +e",
5057
- "gcloud run jobs create pan-test-app-prod-api-send-reminders --command="yarn,job:send-reminders" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=prod,env-name=prod,build-type=node,cloud-run-job-name=pan-test-app-prod-api-send-reminders --memory=512Mi --task-timeout=15m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0",
5058
- "set -e",
5059
- "gcloud run jobs update pan-test-app-prod-api-send-reminders --command="yarn,job:send-reminders" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=prod,env-name=prod,build-type=node,cloud-run-job-name=pan-test-app-prod-api-send-reminders --memory=512Mi --task-timeout=15m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0 ",
5060
- "gcloud run deploy pan-test-app-prod-api --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=prod,env-name=prod,build-type=node,cloud-run-service-name=pan-test-app-prod-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=5 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
5061
- "gcloud run jobs execute pan-test-app-prod-api-migration --project=google-project-id --region=europe-west6",
5062
- "echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
5063
- "echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
5064
- "gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-prod-api --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | tail -n +6 | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done",
5065
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +7 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api@$version --quiet --delete-tags; done",
5066
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
5067
- "echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
5068
- "echo 'Uploading SBOM to Dependency Track'",
5069
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
5070
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
5071
- ],
5072
- "stage": "deploy prod",
5073
- "variables": {
5074
- "KUBERNETES_CPU_REQUEST": "0.22",
5075
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
5076
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
5077
- },
5078
- },
5079
- "๐Ÿ”น api ๐Ÿš€ Deploy | stage ": {
5080
- "allow_failure": false,
5081
- "artifacts": {
5082
- "reports": {
5083
- "dotenv": "gitlab_environment.env",
5084
- },
5085
- },
5086
- "environment": {
5087
- "auto_stop_in": undefined,
5088
- "name": "stage/api",
5089
- "on_stop": "๐Ÿ”น api ๐Ÿ›‘ Stop โš ๏ธ | stage ",
5090
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
5091
- },
5092
- "image": "path/to/docker/gcloud:the-version",
5093
- "interruptible": true,
5094
- "needs": [
5095
- {
5096
- "artifacts": false,
5097
- "job": "๐Ÿ”น api ๐Ÿ”จ docker | stage ",
5098
- },
5099
- {
5100
- "artifacts": true,
5101
- "job": "๐Ÿ”น api ๐Ÿงพ sbom | stage ",
5102
- },
5103
- ],
5104
- "retry": {
5105
- "max": 2,
5106
- "when": [
5107
- "runner_system_failure",
5108
- "stuck_or_timeout_failure",
5109
- ],
5110
- },
5111
- "rules": [
5112
- {
5113
- "when": "on_success",
5114
- },
5115
- ],
5116
- "script": [
5117
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
5118
- "export ENV_SHORT="stage"",
5119
- "export APP_DIR="api"",
5120
- "export ENV_TYPE="stage"",
5121
- "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
5122
- "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
5123
- "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"",
5124
- "export HOST="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5125
- "export ROOT_URL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5126
- "export HOST_INTERNAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5127
- "export HOST_CANONICAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5128
- "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5129
- "export CLOUD_SQL_INSTANCE_CONNECTION_NAME="projectId:region:instancename"",
5130
- "export DB_NAME="pan-test-app-stage-api"",
5131
- "export DB_USER="my-user"",
5132
- "export DB_PASSWORD="$CL_stage_api_DB_PASSWORD"",
5133
- "export DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME"",
5134
- "export DATABASE_JDBC_URL="jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD"",
5135
- "export CLOUD_RUN_JOB_TRIGGER_URL_migration="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-stage-api-migration:run"",
5136
- "export CLOUD_RUN_JOB_TRIGGER_URL_send_reminders="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-stage-api-send-reminders:run"",
5137
- "export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
5138
- "export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
5139
- "export GCLOUD_DEPLOY_credentialsKey="$CL_stage_api_GCLOUD_DEPLOY_credentialsKey"",
5140
- "export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix"",
5141
- "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"CLOUD_SQL_INSTANCE_CONNECTION_NAME\\",\\"DB_NAME\\",\\"DB_USER\\",\\"DB_PASSWORD\\",\\"DATABASE_URL\\",\\"DATABASE_JDBC_URL\\",\\"CLOUD_RUN_JOB_TRIGGER_URL_migration\\",\\"CLOUD_RUN_JOB_TRIGGER_URL_send_reminders\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
5142
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
5143
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api"",
5144
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"",
5145
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
5146
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
5147
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
5148
- "echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
5149
- "gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")",
5150
- "export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
5151
- "echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
5152
- "echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
5153
- "echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
5154
- "cat > ____envvars.yaml <<EOF
5155
- ENV_SHORT: |-
5156
- stage
5157
- APP_DIR: |-
5158
- api
5159
- ENV_TYPE: |-
5160
- stage
5161
- BUILD_INFO_BUILD_ID: |-
5162
- $(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
5163
- BUILD_INFO_BUILD_TIME: |-
5164
- $(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
5165
- BUILD_INFO_CURRENT_VERSION: |-
5166
- $(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed 's/^/ /')
5167
- HOST: |-
5168
- $(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5169
- ROOT_URL: |-
5170
- $(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5171
- HOST_INTERNAL: |-
5172
- $(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5173
- HOST_CANONICAL: |-
5174
- $(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5175
- ROOT_URL_INTERNAL: |-
5176
- $(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5177
- CLOUD_SQL_INSTANCE_CONNECTION_NAME: |-
5178
- projectId:region:instancename
5179
- DB_NAME: |-
5180
- pan-test-app-stage-api
5181
- DB_USER: |-
5182
- my-user
5183
- DB_PASSWORD: |-
5184
- $(printf %s "$CL_stage_api_DB_PASSWORD" | sed 's/^/ /')
5185
- DATABASE_URL: |-
5186
- postgresql://$DB_USER:$DB_PASSWORD@localhost/$DB_NAME?host=/cloudsql/$CLOUD_SQL_INSTANCE_CONNECTION_NAME
5187
- DATABASE_JDBC_URL: |-
5188
- jdbc:postgresql:///$DB_NAME?cloudSqlInstance=$CLOUD_SQL_INSTANCE_CONNECTION_NAME&socketFactory=com.google.cloud.sql.postgres.SocketFactory&user=$DB_USER&password=$DB_PASSWORD
5189
- CLOUD_RUN_JOB_TRIGGER_URL_migration: |-
5190
- https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-stage-api-migration:run
5191
- CLOUD_RUN_JOB_TRIGGER_URL_send_reminders: |-
5192
- https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-stage-api-send-reminders:run
5193
- DEPLOY_CLOUD_RUN_PROJECT_ID: |-
5194
- google-project-id
5195
- DEPLOY_CLOUD_RUN_REGION: |-
5196
- europe-west6
5197
- GCLOUD_RUN_canonicalHostSuffix: |-
5198
- $(printf %s "$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
5199
- _ALL_ENV_VAR_KEYS: |-
5200
- ["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","CLOUD_SQL_INSTANCE_CONNECTION_NAME","DB_NAME","DB_USER","DB_PASSWORD","DATABASE_URL","DATABASE_JDBC_URL","CLOUD_RUN_JOB_TRIGGER_URL_migration","CLOUD_RUN_JOB_TRIGGER_URL_send_reminders","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
5201
-
5202
- EOF
5203
- ",
5204
- "echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
5205
- "echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
5206
- "set +e",
5207
- "echo "ensuring Database..."",
5208
- "gcloud sql databases create pan-test-app-stage-api --instance=instancename --project projectId",
5209
- "set -e",
5210
- "set +e",
5211
- "gcloud scheduler jobs create http pan-test-app-stage-api-send-reminders-scheduler --project=google-project-id --location=europe-west6 --schedule="0 * * * *" --max-retry-attempts=0 --uri="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-stage-api-send-reminders:run" --http-method=POST --oauth-service-account-email=$GCLOUD_PROJECT_NUMBER-compute@developer.gserviceaccount.com",
5212
- "set -e",
5213
- "gcloud scheduler jobs update http pan-test-app-stage-api-send-reminders-scheduler --project=google-project-id --location=europe-west6 --schedule="0 * * * *" --max-retry-attempts=0 --uri="https://europe-west6-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/google-project-id/jobs/pan-test-app-stage-api-send-reminders:run" --http-method=POST --oauth-service-account-email=$GCLOUD_PROJECT_NUMBER-compute@developer.gserviceaccount.com",
5214
- "set +e",
5215
- "gcloud run jobs create pan-test-app-stage-api-migration --command="yarn,migrate" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=stage,env-name=stage,build-type=node,cloud-run-job-name=pan-test-app-stage-api-migration --memory=512Mi --task-timeout=10m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0",
5216
- "set -e",
5217
- "gcloud run jobs update pan-test-app-stage-api-migration --command="yarn,migrate" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=stage,env-name=stage,build-type=node,cloud-run-job-name=pan-test-app-stage-api-migration --memory=512Mi --task-timeout=10m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0 ",
5218
- "set +e",
5219
- "gcloud run jobs create pan-test-app-stage-api-send-reminders --command="yarn,job:send-reminders" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=stage,env-name=stage,build-type=node,cloud-run-job-name=pan-test-app-stage-api-send-reminders --memory=512Mi --task-timeout=15m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0",
5220
- "set -e",
5221
- "gcloud run jobs update pan-test-app-stage-api-send-reminders --command="yarn,job:send-reminders" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=stage,env-name=stage,build-type=node,cloud-run-job-name=pan-test-app-stage-api-send-reminders --memory=512Mi --task-timeout=15m --parallelism=1 --env-vars-file=____envvars.yaml --max-retries=0 ",
5222
- "gcloud run deploy pan-test-app-stage-api --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --set-cloudsql-instances=projectId:region:instancename --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=stage,env-name=stage,build-type=node,cloud-run-service-name=pan-test-app-stage-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=5 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
5223
- "gcloud run jobs execute pan-test-app-stage-api-migration --project=google-project-id --region=europe-west6",
5224
- "echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
5225
- "echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
5226
- "gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-stage-api --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done",
5227
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api@$version --quiet --delete-tags; done",
5228
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
5229
- "echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
5230
- "echo 'Uploading SBOM to Dependency Track'",
5231
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
5232
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
5233
- ],
5234
- "stage": "deploy stage",
5235
- "variables": {
5236
- "KUBERNETES_CPU_REQUEST": "0.22",
5237
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
5238
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
5239
- },
5240
- },
5241
- "๐Ÿ”น api ๐Ÿ›‘ Stop โš ๏ธ | prod ": {
5242
- "allow_failure": true,
5243
- "artifacts": {
5244
- "reports": {
5245
- "dotenv": "gitlab_environment.env",
5246
- },
5247
- },
5248
- "environment": {
5249
- "action": "stop",
5250
- "name": "prod/api",
5251
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
5252
- },
5253
- "image": "path/to/docker/gcloud:the-version",
5254
- "interruptible": true,
5255
- "needs": [],
5256
- "retry": {
5257
- "max": 2,
5258
- "when": [
5259
- "runner_system_failure",
5260
- "stuck_or_timeout_failure",
5261
- ],
5262
- },
5263
- "rules": [
5264
- {
5265
- "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
5266
- "when": "on_success",
5267
- },
5268
- {
5269
- "when": "manual",
5270
- },
5271
- ],
5272
- "script": [
5273
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
5274
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
5275
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
5276
- "set +e",
5277
- "gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")",
5278
- "gcloud run services delete pan-test-app-prod-api --project=google-project-id --region=europe-west6",
5279
- "gcloud scheduler jobs delete pan-test-app-prod-api-send-reminders-scheduler --project=google-project-id --location=europe-west6",
5280
- "gcloud run jobs executions list --project=google-project-id --region=europe-west6 --job pan-test-app-prod-api-migration --format="value(name)" | xargs -I {} gcloud run jobs executions delete {} --quiet --project=google-project-id --region=europe-west6",
5281
- "gcloud run jobs delete pan-test-app-prod-api-migration --project=google-project-id --region=europe-west6",
5282
- "gcloud run jobs executions list --project=google-project-id --region=europe-west6 --job pan-test-app-prod-api-send-reminders --format="value(name)" | xargs -I {} gcloud run jobs executions delete {} --quiet --project=google-project-id --region=europe-west6",
5283
- "gcloud run jobs delete pan-test-app-prod-api-send-reminders --project=google-project-id --region=europe-west6",
5284
- "gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api --quiet --delete-tags",
5285
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
5286
- "echo 'Disabling component in Dependency Track'",
5287
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
5288
- "set -e",
5289
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
5290
- ],
5291
- "stage": "stop prod",
5292
- "variables": {
5293
- "GIT_STRATEGY": "none",
5294
- "KUBERNETES_CPU_REQUEST": "0.22",
5295
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
5296
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
5297
- },
5298
- },
5299
- "๐Ÿ”น api ๐Ÿ›‘ Stop โš ๏ธ | stage ": {
5300
- "allow_failure": true,
5301
- "artifacts": {
5302
- "reports": {
5303
- "dotenv": "gitlab_environment.env",
5304
- },
5305
- },
5306
- "environment": {
5307
- "action": "stop",
5308
- "name": "stage/api",
5309
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
5310
- },
5311
- "image": "path/to/docker/gcloud:the-version",
5312
- "interruptible": true,
5313
- "needs": [],
5314
- "retry": {
5315
- "max": 2,
5316
- "when": [
5317
- "runner_system_failure",
5318
- "stuck_or_timeout_failure",
5319
- ],
5320
- },
5321
- "rules": [
5322
- {
5323
- "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
5324
- "when": "on_success",
5325
- },
5326
- {
5327
- "when": "manual",
5328
- },
5329
- ],
5330
- "script": [
5331
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
5332
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
5333
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
5334
- "set +e",
5335
- "gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")",
5336
- "gcloud run services delete pan-test-app-stage-api --project=google-project-id --region=europe-west6",
5337
- "gcloud scheduler jobs delete pan-test-app-stage-api-send-reminders-scheduler --project=google-project-id --location=europe-west6",
5338
- "gcloud run jobs executions list --project=google-project-id --region=europe-west6 --job pan-test-app-stage-api-migration --format="value(name)" | xargs -I {} gcloud run jobs executions delete {} --quiet --project=google-project-id --region=europe-west6",
5339
- "gcloud run jobs delete pan-test-app-stage-api-migration --project=google-project-id --region=europe-west6",
5340
- "gcloud run jobs executions list --project=google-project-id --region=europe-west6 --job pan-test-app-stage-api-send-reminders --format="value(name)" | xargs -I {} gcloud run jobs executions delete {} --quiet --project=google-project-id --region=europe-west6",
5341
- "gcloud run jobs delete pan-test-app-stage-api-send-reminders --project=google-project-id --region=europe-west6",
5342
- "gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api --quiet --delete-tags",
5343
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done",
5344
- "echo 'Disabling component in Dependency Track'",
5345
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/api" "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
5346
- "set -e",
5347
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
5348
- ],
5349
- "stage": "stop stage",
5350
- "variables": {
5351
- "GIT_STRATEGY": "none",
5352
- "KUBERNETES_CPU_REQUEST": "0.22",
5353
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
5354
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
5355
- },
5356
- },
5357
- "๐Ÿ”น api ๐Ÿงพ sbom | prod ": {
5358
- "allow_failure": true,
5359
- "artifacts": {
5360
- "paths": [
5361
- "__sbom.json",
5362
- ],
5363
- },
5364
- "image": "aquasec/trivy:0.38.3",
5365
- "interruptible": true,
5366
- "needs": [],
5367
- "retry": {
5368
- "max": 2,
5369
- "when": [
5370
- "runner_system_failure",
5371
- "stuck_or_timeout_failure",
5372
- ],
5373
- },
5374
- "script": [
5375
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
5376
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
5377
- "trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
5378
- ],
5379
- "stage": "build",
5380
- "variables": {},
5381
- },
5382
- "๐Ÿ”น api ๐Ÿงพ sbom | stage ": {
5383
- "allow_failure": true,
5384
- "artifacts": {
5385
- "paths": [
5386
- "__sbom.json",
5387
- ],
5388
- },
5389
- "image": "aquasec/trivy:0.38.3",
5390
- "interruptible": true,
5391
- "needs": [],
5392
- "retry": {
5393
- "max": 2,
5394
- "when": [
5395
- "runner_system_failure",
5396
- "stuck_or_timeout_failure",
5397
- ],
5398
- },
5399
- "script": [
5400
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
5401
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
5402
- "trivy fs --quiet --format cyclonedx --output "__sbom.json" api",
5403
- ],
5404
- "stage": "build",
5405
- "variables": {},
5406
- },
5407
- "๐Ÿ”น www ๐Ÿ”จ docker | prod ": {
5408
- "cache": [
5409
- {
5410
- "key": "www-yarn",
5411
- "paths": [
5412
- "www/.yarn",
5413
- ],
5414
- "policy": "pull",
5415
- },
5416
- ],
5417
- "image": "path/to/docker/docker-build:the-version",
5418
- "interruptible": true,
5419
- "needs": [
5420
- {
5421
- "artifacts": true,
5422
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ”จ app | prod ",
5423
- },
5424
- ],
5425
- "retry": {
5426
- "max": 2,
5427
- "when": [
5428
- "runner_system_failure",
5429
- "stuck_or_timeout_failure",
5430
- ],
5431
- },
5432
- "script": [
5433
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
5434
- "export APP_DIR="www"",
5435
- "export DOCKER_BUILD_CONTEXT="."",
5436
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
5437
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/www"",
5438
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www"",
5439
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
5440
- "export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
5441
- RUN yarn plugin import workspace-tools
5442
- RUN yarn workspaces focus --production && yarn rebuild"",
5443
- "export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node www/package.json /app/www/package.json
5444
- COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
5445
- COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
5446
- COPY --chown=node:node .yarn /app/.yarn"",
5447
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
5448
- "ensureNodeDockerfile",
5449
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
5450
- "gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")",
5451
- "gcloud auth configure-docker europe-west6-docker.pkg.dev",
5452
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-login\\r\\e[0K"",
5453
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-build[collapsed=true]\\r\\e[0KDocker build"",
5454
- "docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1",
5455
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-build\\r\\e[0K"",
5456
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-push[collapsed=true]\\r\\e[0KDocker push and tag"",
5457
- "docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG",
5458
- "docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE",
5459
- "docker push $DOCKER_CACHE_IMAGE",
5460
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-push\\r\\e[0K"",
5461
- ],
5462
- "services": [
5463
- {
5464
- "command": [
5465
- "--tls=false",
5466
- ],
5467
- "name": "docker:24.0.6-dind",
5468
- },
5469
- ],
5470
- "stage": "build",
5471
- "variables": {
5472
- "DOCKER_BUILDKIT": "1",
5473
- "DOCKER_DRIVER": "overlay2",
5474
- "DOCKER_HOST": "tcp://0.0.0.0:2375",
5475
- "DOCKER_TLS_CERTDIR": "",
5476
- "KUBERNETES_CPU_REQUEST": "0.45",
5477
- "KUBERNETES_MEMORY_LIMIT": "2Gi",
5478
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
5479
- },
5480
- },
5481
- "๐Ÿ”น www ๐Ÿ”จ docker | stage ": {
5482
- "cache": [
5483
- {
5484
- "key": "www-yarn",
5485
- "paths": [
5486
- "www/.yarn",
5487
- ],
5488
- "policy": "pull",
5489
- },
5490
- ],
5491
- "image": "path/to/docker/docker-build:the-version",
5492
- "interruptible": true,
5493
- "needs": [
5494
- {
5495
- "artifacts": true,
5496
- "job": "๐Ÿ”ธ myWorkspace ๐Ÿ”จ app | stage ",
5497
- },
5498
- ],
5499
- "retry": {
5500
- "max": 2,
5501
- "when": [
5502
- "runner_system_failure",
5503
- "stuck_or_timeout_failure",
5504
- ],
5505
- },
5506
- "script": [
5507
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
5508
- "export APP_DIR="www"",
5509
- "export DOCKER_BUILD_CONTEXT="."",
5510
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
5511
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/www"",
5512
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www"",
5513
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
5514
- "export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
5515
- RUN yarn plugin import workspace-tools
5516
- RUN yarn workspaces focus --production && yarn rebuild"",
5517
- "export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node www/package.json /app/www/package.json
5518
- COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
5519
- COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
5520
- COPY --chown=node:node .yarn /app/.yarn"",
5521
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
5522
- "ensureNodeDockerfile",
5523
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
5524
- "gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")",
5525
- "gcloud auth configure-docker europe-west6-docker.pkg.dev",
5526
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-login\\r\\e[0K"",
5527
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-build[collapsed=true]\\r\\e[0KDocker build"",
5528
- "docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1",
5529
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-build\\r\\e[0K"",
5530
- "echo -e "\\e[0Ksection_start:$(date +%s):docker-push[collapsed=true]\\r\\e[0KDocker push and tag"",
5531
- "docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG",
5532
- "docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE",
5533
- "docker push $DOCKER_CACHE_IMAGE",
5534
- "echo -e "\\e[0Ksection_end:$(date +%s):docker-push\\r\\e[0K"",
5535
- ],
5536
- "services": [
5537
- {
5538
- "command": [
5539
- "--tls=false",
5540
- ],
5541
- "name": "docker:24.0.6-dind",
5542
- },
5543
- ],
5544
- "stage": "build",
5545
- "variables": {
5546
- "DOCKER_BUILDKIT": "1",
5547
- "DOCKER_DRIVER": "overlay2",
5548
- "DOCKER_HOST": "tcp://0.0.0.0:2375",
5549
- "DOCKER_TLS_CERTDIR": "",
5550
- "KUBERNETES_CPU_REQUEST": "0.45",
5551
- "KUBERNETES_MEMORY_LIMIT": "2Gi",
5552
- "KUBERNETES_MEMORY_REQUEST": "1Gi",
5553
- },
5554
- },
5555
- "๐Ÿ”น www ๐Ÿš€ Deploy | prod ": {
5556
- "allow_failure": true,
5557
- "artifacts": {
5558
- "reports": {
5559
- "dotenv": "gitlab_environment.env",
5560
- },
5561
- },
5562
- "environment": {
5563
- "auto_stop_in": undefined,
5564
- "name": "prod/www",
5565
- "on_stop": "๐Ÿ”น www ๐Ÿ›‘ Stop โš ๏ธ | prod ",
5566
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
5567
- },
5568
- "image": "path/to/docker/gcloud:the-version",
5569
- "interruptible": true,
5570
- "needs": [
5571
- {
5572
- "artifacts": false,
5573
- "job": "๐Ÿ”น www ๐Ÿ”จ docker | prod ",
5574
- },
5575
- {
5576
- "artifacts": true,
5577
- "job": "๐Ÿ”น www ๐Ÿงพ sbom | prod ",
5578
- },
5579
- ],
5580
- "retry": {
5581
- "max": 2,
5582
- "when": [
5583
- "runner_system_failure",
5584
- "stuck_or_timeout_failure",
5585
- ],
5586
- },
5587
- "rules": [
5588
- {
5589
- "when": "manual",
5590
- },
5591
- ],
5592
- "script": [
5593
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
5594
- "export ENV_SHORT="prod"",
5595
- "export APP_DIR="www"",
5596
- "export ENV_TYPE="prod"",
5597
- "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
5598
- "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
5599
- "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"",
5600
- "export HOST="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5601
- "export ROOT_URL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5602
- "export HOST_INTERNAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5603
- "export HOST_CANONICAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5604
- "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5605
- "export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
5606
- "export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
5607
- "export GCLOUD_DEPLOY_credentialsKey="$CL_prod_www_GCLOUD_DEPLOY_credentialsKey"",
5608
- "export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix"",
5609
- "export API_URL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"",
5610
- "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\",\\"API_URL\\"]"",
5611
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
5612
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/www"",
5613
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www"",
5614
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
5615
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
5616
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
5617
- "echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
5618
- "gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")",
5619
- "export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
5620
- "echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
5621
- "echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
5622
- "echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
5623
- "cat > ____envvars.yaml <<EOF
5624
- ENV_SHORT: |-
5625
- prod
5626
- APP_DIR: |-
5627
- www
5628
- ENV_TYPE: |-
5629
- prod
5630
- BUILD_INFO_BUILD_ID: |-
5631
- $(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
5632
- BUILD_INFO_BUILD_TIME: |-
5633
- $(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
5634
- BUILD_INFO_CURRENT_VERSION: |-
5635
- $(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed 's/^/ /')
5636
- HOST: |-
5637
- $(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5638
- ROOT_URL: |-
5639
- $(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5640
- HOST_INTERNAL: |-
5641
- $(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5642
- HOST_CANONICAL: |-
5643
- $(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5644
- ROOT_URL_INTERNAL: |-
5645
- $(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5646
- DEPLOY_CLOUD_RUN_PROJECT_ID: |-
5647
- google-project-id
5648
- DEPLOY_CLOUD_RUN_REGION: |-
5649
- europe-west6
5650
- GCLOUD_RUN_canonicalHostSuffix: |-
5651
- $(printf %s "$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
5652
- API_URL: |-
5653
- $(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql" | sed 's/^/ /')
5654
- _ALL_ENV_VAR_KEYS: |-
5655
- ["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
5656
-
5657
- EOF
5658
- ",
5659
- "echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
5660
- "echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
5661
- "gcloud run deploy pan-test-app-prod-www --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/www:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=prod,env-name=prod,build-type=node,cloud-run-service-name=pan-test-app-prod-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
5662
- "echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
5663
- "echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
5664
- "gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-prod-www --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | tail -n +6 | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done",
5665
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +7 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/www@$version --quiet --delete-tags; done",
5666
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
5667
- "echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
5668
- "echo 'Uploading SBOM to Dependency Track'",
5669
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
5670
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
5671
- ],
5672
- "stage": "deploy prod",
5673
- "variables": {
5674
- "KUBERNETES_CPU_REQUEST": "0.22",
5675
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
5676
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
5677
- },
5678
- },
5679
- "๐Ÿ”น www ๐Ÿš€ Deploy | stage ": {
5680
- "allow_failure": false,
5681
- "artifacts": {
5682
- "reports": {
5683
- "dotenv": "gitlab_environment.env",
5684
- },
5685
- },
5686
- "environment": {
5687
- "auto_stop_in": undefined,
5688
- "name": "stage/www",
5689
- "on_stop": "๐Ÿ”น www ๐Ÿ›‘ Stop โš ๏ธ | stage ",
5690
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
5691
- },
5692
- "image": "path/to/docker/gcloud:the-version",
5693
- "interruptible": true,
5694
- "needs": [
5695
- {
5696
- "artifacts": false,
5697
- "job": "๐Ÿ”น www ๐Ÿ”จ docker | stage ",
5698
- },
5699
- {
5700
- "artifacts": true,
5701
- "job": "๐Ÿ”น www ๐Ÿงพ sbom | stage ",
5702
- },
5703
- ],
5704
- "retry": {
5705
- "max": 2,
5706
- "when": [
5707
- "runner_system_failure",
5708
- "stuck_or_timeout_failure",
5709
- ],
5710
- },
5711
- "rules": [
5712
- {
5713
- "when": "on_success",
5714
- },
5715
- ],
5716
- "script": [
5717
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
5718
- "export ENV_SHORT="stage"",
5719
- "export APP_DIR="www"",
5720
- "export ENV_TYPE="stage"",
5721
- "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
5722
- "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
5723
- "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"",
5724
- "export HOST="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5725
- "export ROOT_URL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5726
- "export HOST_INTERNAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5727
- "export HOST_CANONICAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5728
- "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
5729
- "export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"",
5730
- "export DEPLOY_CLOUD_RUN_REGION="europe-west6"",
5731
- "export GCLOUD_DEPLOY_credentialsKey="$CL_stage_www_GCLOUD_DEPLOY_credentialsKey"",
5732
- "export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix"",
5733
- "export API_URL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"",
5734
- "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\",\\"API_URL\\"]"",
5735
- "export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"",
5736
- "export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/www"",
5737
- "export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www"",
5738
- "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
5739
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
5740
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
5741
- "echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
5742
- "gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")",
5743
- "export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")",
5744
- "echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
5745
- "echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
5746
- "echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
5747
- "cat > ____envvars.yaml <<EOF
5748
- ENV_SHORT: |-
5749
- stage
5750
- APP_DIR: |-
5751
- www
5752
- ENV_TYPE: |-
5753
- stage
5754
- BUILD_INFO_BUILD_ID: |-
5755
- $(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/ /')
5756
- BUILD_INFO_BUILD_TIME: |-
5757
- $(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/ /')
5758
- BUILD_INFO_CURRENT_VERSION: |-
5759
- $(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed 's/^/ /')
5760
- HOST: |-
5761
- $(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5762
- ROOT_URL: |-
5763
- $(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5764
- HOST_INTERNAL: |-
5765
- $(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5766
- HOST_CANONICAL: |-
5767
- $(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5768
- ROOT_URL_INTERNAL: |-
5769
- $(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
5770
- DEPLOY_CLOUD_RUN_PROJECT_ID: |-
5771
- google-project-id
5772
- DEPLOY_CLOUD_RUN_REGION: |-
5773
- europe-west6
5774
- GCLOUD_RUN_canonicalHostSuffix: |-
5775
- $(printf %s "$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/ /')
5776
- API_URL: |-
5777
- $(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql" | sed 's/^/ /')
5778
- _ALL_ENV_VAR_KEYS: |-
5779
- ["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
5780
-
5781
- EOF
5782
- ",
5783
- "echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
5784
- "echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
5785
- "gcloud run deploy pan-test-app-stage-www --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/www:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=stage,env-name=stage,build-type=node,cloud-run-service-name=pan-test-app-stage-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
5786
- "echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
5787
- "echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
5788
- "gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-stage-www --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done",
5789
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/www@$version --quiet --delete-tags; done",
5790
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
5791
- "echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
5792
- "echo 'Uploading SBOM to Dependency Track'",
5793
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
5794
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
5795
- ],
5796
- "stage": "deploy stage",
5797
- "variables": {
5798
- "KUBERNETES_CPU_REQUEST": "0.22",
5799
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
5800
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
5801
- },
5802
- },
5803
- "๐Ÿ”น www ๐Ÿ›‘ Stop โš ๏ธ | prod ": {
5804
- "allow_failure": true,
5805
- "artifacts": {
5806
- "reports": {
5807
- "dotenv": "gitlab_environment.env",
5808
- },
5809
- },
5810
- "environment": {
5811
- "action": "stop",
5812
- "name": "prod/www",
5813
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
5814
- },
5815
- "image": "path/to/docker/gcloud:the-version",
5816
- "interruptible": true,
5817
- "needs": [],
5818
- "retry": {
5819
- "max": 2,
5820
- "when": [
5821
- "runner_system_failure",
5822
- "stuck_or_timeout_failure",
5823
- ],
5824
- },
5825
- "rules": [
5826
- {
5827
- "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
5828
- "when": "on_success",
5829
- },
5830
- {
5831
- "when": "manual",
5832
- },
5833
- ],
5834
- "script": [
5835
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
5836
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
5837
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
5838
- "set +e",
5839
- "gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")",
5840
- "gcloud run services delete pan-test-app-prod-www --project=google-project-id --region=europe-west6",
5841
- "gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/www --quiet --delete-tags",
5842
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
5843
- "echo 'Disabling component in Dependency Track'",
5844
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
5845
- "set -e",
5846
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
5847
- ],
5848
- "stage": "stop prod",
5849
- "variables": {
5850
- "GIT_STRATEGY": "none",
5851
- "KUBERNETES_CPU_REQUEST": "0.22",
5852
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
5853
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
5854
- },
5855
- },
5856
- "๐Ÿ”น www ๐Ÿ›‘ Stop โš ๏ธ | stage ": {
5857
- "allow_failure": true,
5858
- "artifacts": {
5859
- "reports": {
5860
- "dotenv": "gitlab_environment.env",
5861
- },
5862
- },
5863
- "environment": {
5864
- "action": "stop",
5865
- "name": "stage/www",
5866
- "url": "$CL_GITLAB_ENVIRONMENT_URL",
5867
- },
5868
- "image": "path/to/docker/gcloud:the-version",
5869
- "interruptible": true,
5870
- "needs": [],
5871
- "retry": {
5872
- "max": 2,
5873
- "when": [
5874
- "runner_system_failure",
5875
- "stuck_or_timeout_failure",
5876
- ],
5877
- },
5878
- "rules": [
5879
- {
5880
- "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
5881
- "when": "on_success",
5882
- },
5883
- {
5884
- "when": "manual",
5885
- },
5886
- ],
5887
- "script": [
5888
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
5889
- "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
5890
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
5891
- "set +e",
5892
- "gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")",
5893
- "gcloud run services delete pan-test-app-stage-www --project=google-project-id --region=europe-west6",
5894
- "gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/www --quiet --delete-tags",
5895
- "gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
5896
- "echo 'Disabling component in Dependency Track'",
5897
- "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
5898
- "set -e",
5899
- "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
5900
- ],
5901
- "stage": "stop stage",
5902
- "variables": {
5903
- "GIT_STRATEGY": "none",
5904
- "KUBERNETES_CPU_REQUEST": "0.22",
5905
- "KUBERNETES_MEMORY_LIMIT": "400Mi",
5906
- "KUBERNETES_MEMORY_REQUEST": "200Mi",
5907
- },
5908
- },
5909
- "๐Ÿ”น www ๐Ÿงพ sbom | prod ": {
5910
- "allow_failure": true,
5911
- "artifacts": {
5912
- "paths": [
5913
- "__sbom.json",
5914
- ],
5915
- },
5916
- "image": "aquasec/trivy:0.38.3",
5917
- "interruptible": true,
5918
- "needs": [],
5919
- "retry": {
5920
- "max": 2,
5921
- "when": [
5922
- "runner_system_failure",
5923
- "stuck_or_timeout_failure",
5924
- ],
5925
- },
5926
- "script": [
5927
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
5928
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
5929
- "trivy fs --quiet --format cyclonedx --output "__sbom.json" www",
5930
- ],
5931
- "stage": "build",
5932
- "variables": {},
5933
- },
5934
- "๐Ÿ”น www ๐Ÿงพ sbom | stage ": {
5935
- "allow_failure": true,
5936
- "artifacts": {
5937
- "paths": [
5938
- "__sbom.json",
5939
- ],
5940
- },
5941
- "image": "aquasec/trivy:0.38.3",
5942
- "interruptible": true,
5943
- "needs": [],
5944
- "retry": {
5945
- "max": 2,
5946
- "when": [
5947
- "runner_system_failure",
5948
- "stuck_or_timeout_failure",
5949
- ],
5950
- },
5951
- "script": [
5952
- "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
5953
- "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
5954
- "trivy fs --quiet --format cyclonedx --output "__sbom.json" www",
5955
- ],
5956
- "stage": "build",
5957
- "variables": {},
5958
- },
5959
- },
5960
- "stages": [
5961
- "setup",
5962
- "setup dev",
5963
- "setup review",
5964
- "setup stage",
5965
- "setup prod",
5966
- "test",
5967
- "test dev",
5968
- "test review",
5969
- "test stage",
5970
- "test prod",
5971
- "build",
5972
- "build dev",
5973
- "build review",
5974
- "build stage",
5975
- "build prod",
5976
- "deploy",
5977
- "deploy dev",
5978
- "deploy review",
5979
- "deploy stage",
5980
- "deploy prod",
5981
- "verify",
5982
- "verify dev",
5983
- "verify review",
5984
- "verify stage",
5985
- "verify prod",
5986
- "rollback",
5987
- "rollback dev",
5988
- "rollback review",
5989
- "rollback stage",
5990
- "rollback prod",
5991
- "stop",
5992
- "stop dev",
5993
- "stop review",
5994
- "stop stage",
5995
- "stop prod",
5996
- ],
5997
- "variables": {
5998
- "ARTIFACT_COMPRESSION_LEVEL": "fast",
5999
- "CACHE_COMPRESSION_LEVEL": "fast",
6000
- "FF_USE_FASTZIP": "true",
6001
- "GIT_DEPTH": "1",
6002
- "TRANSFER_METER_FREQUENCY": "5s",
6003
- },
6004
- "workflow": {
6005
- "rules": [
6006
- {
6007
- "if": "$CI_COMMIT_TAG",
6008
- },
6009
- {
6010
- "if": "$CI_COMMIT_MESSAGE =~ /^chore\\(release\\).*/",
6011
- "when": "never",
6012
- },
6013
- {
6014
- "if": "$CI_PIPELINE_SOURCE == "schedule"",
6015
- "when": "never",
6016
- },
6017
- {
6018
- "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+.([0-9]+|x).x$/",
6019
- },
6020
- {
6021
- "if": "$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH",
6022
- },
6023
- {
6024
- "if": "$CI_MERGE_REQUEST_ID",
6025
- },
6026
- ],
6027
- },
6028
- },
6029
- }
6030
- `;