@catladder/pipeline 1.170.0 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bash/BashExpression.d.ts +2 -6
- package/dist/bash/BashExpression.js +5 -15
- package/dist/bash/bashEscape.d.ts +34 -0
- package/dist/bash/bashEscape.js +114 -0
- package/dist/bash/bashYaml.js +25 -2
- package/dist/bash/getInjectVarsScript.js +4 -2
- package/dist/bash/index.d.ts +2 -0
- package/dist/bash/index.js +26 -0
- package/dist/build/base/createAppBuildJob.js +3 -3
- package/dist/build/base/writeDotEnv.js +6 -4
- package/dist/build/custom/testJob.js +12 -12
- package/dist/build/docker.d.ts +3 -3
- package/dist/build/node/buildJob.js +1 -1
- package/dist/build/node/cache.d.ts +2 -4
- package/dist/build/node/cache.js +3 -24
- package/dist/build/node/testJob.js +11 -11
- package/dist/build/rails/build.js +1 -1
- package/dist/build/rails/test.js +8 -8
- package/dist/build/types.d.ts +0 -10
- package/dist/constants.js +1 -1
- package/dist/context/createComponentContext.js +0 -1
- package/dist/context/getEnvConfig.js +2 -1
- package/dist/context/getEnvironment.js +1 -2
- package/dist/context/getEnvironmentVariables.d.ts +5 -6
- package/dist/context/getEnvironmentVariables.js +50 -38
- package/dist/deploy/base/deploy.js +3 -3
- package/dist/deploy/cloudRun/createJobs/getCloudRunDeployScripts.js +2 -2
- package/dist/deploy/cloudRun/index.js +2 -2
- package/dist/deploy/cloudRun/utils/getServiceName.d.ts +1 -1
- package/dist/deploy/kubernetes/cloudSql/index.d.ts +2 -2
- package/dist/deploy/kubernetes/cloudSql/index.js +3 -14
- package/dist/deploy/kubernetes/deployJob.js +1 -3
- package/dist/deploy/kubernetes/index.js +2 -2
- package/dist/deploy/kubernetes/kubeEnv.d.ts +3 -3
- package/dist/deploy/kubernetes/kubeValues.d.ts +3 -4
- package/dist/deploy/kubernetes/kubeValues.js +2 -3
- package/dist/deploy/types/base.d.ts +0 -6
- package/dist/deploy/types/kubernetes.d.ts +1 -34
- package/dist/globalScriptFunctions/index.d.ts +14 -0
- package/dist/globalScriptFunctions/index.js +37 -0
- package/dist/index.d.ts +3 -1
- package/dist/index.js +3 -1
- package/dist/pipeline/gitlab/createGitlabJobs.js +3 -5
- package/dist/pipeline/gitlab/createGitlabPipeline.d.ts +1 -0
- package/dist/pipeline/gitlab/createGitlabPipeline.js +38 -2
- package/dist/pipeline/packageManager.js +1 -1
- package/dist/runner/index.d.ts +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/dist/types/config.d.ts +6 -9
- package/dist/types/context.d.ts +2 -9
- package/dist/types/gitlab-types.d.ts +1 -0
- package/dist/types/jobs.d.ts +0 -8
- package/dist/utils/gitlab.js +4 -1
- package/dist/utils/writeFiles.js +1 -7
- package/dist/variables/VariableValue.d.ts +3 -0
- package/dist/variables/VariableValue.js +5 -0
- package/dist/variables/VariableValueContainingReferences.d.ts +24 -0
- package/dist/variables/VariableValueContainingReferences.js +97 -0
- package/dist/variables/__tests__/resolveAllReferences.test.js +219 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.js +171 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.js +202 -0
- package/dist/variables/__tests__/variableValue.test.d.ts +1 -0
- package/dist/variables/__tests__/variableValue.test.js +36 -0
- package/dist/variables/resolveAllReferences.d.ts +3 -0
- package/dist/{bash/replaceAsync.js → variables/resolveAllReferences.js} +60 -41
- package/dist/variables/resolveAllReferencesOnce.d.ts +5 -0
- package/dist/variables/resolveAllReferencesOnce.js +191 -0
- package/dist/variables/resolveReferencesOnce.d.ts +8 -0
- package/dist/variables/resolveReferencesOnce.js +22 -0
- package/examples/__snapshots__/cloud-run-http2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-memory-limit.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-meteor-with-worker.test.ts.snap +312 -222
- package/examples/__snapshots__/cloud-run-nextjs.test.ts.snap +1436 -0
- package/examples/__snapshots__/cloud-run-no-cpu-throttling.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-no-service.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-non-public.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-post-stop-job.test.ts.snap +313 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc-connector.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-gen2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-increase-timout.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-with-volumes.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-storybook.test.ts.snap +294 -220
- package/examples/__snapshots__/cloud-run-with-ngnix.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-with-sql-reuse-db.test.ts.snap +652 -486
- package/examples/__snapshots__/cloud-run-with-sql.test.ts.snap +282 -288
- package/examples/__snapshots__/cloud-run-with-worker.test.ts.snap +312 -238
- package/examples/__snapshots__/custom-build-job-with-tests.test.ts.snap +284 -194
- package/examples/__snapshots__/custom-build-job.test.ts.snap +278 -188
- package/examples/__snapshots__/custom-deploy.test.ts.snap +220 -154
- package/examples/__snapshots__/custom-envs.test.ts.snap +216 -126
- package/examples/__snapshots__/custom-sbom-java.test.ts.snap +278 -188
- package/examples/__snapshots__/git-submodule.test.ts.snap +312 -238
- package/examples/__snapshots__/kubernetes-application-customization.test.ts.snap +231 -253
- package/examples/__snapshots__/kubernetes-with-cloud-sql.test.ts.snap +240 -262
- package/examples/__snapshots__/kubernetes-with-jobs.test.ts.snap +504 -506
- package/examples/__snapshots__/kubernetes-with-mongodb.test.ts.snap +239 -261
- package/examples/__snapshots__/local-dot-env.test.ts.snap +236 -238
- package/examples/__snapshots__/meteor-kubernetes.test.ts.snap +236 -242
- package/examples/__snapshots__/multiline-var.test.ts.snap +1355 -973
- package/examples/__snapshots__/native-app.test.ts.snap +438 -392
- package/examples/__snapshots__/node-build-with-custom-image.test.ts.snap +312 -238
- package/examples/__snapshots__/node-build-with-docker-additions.test.ts.snap +312 -238
- package/examples/__snapshots__/rails-k8s-with-worker-dockerfile.test.ts.snap +186 -188
- package/examples/__snapshots__/rails-k8s-with-worker.test.ts.snap +162 -164
- package/examples/__snapshots__/referencing-other-vars.test.ts.snap +4741 -0
- package/examples/__snapshots__/wait-for-other-deploy.test.ts.snap +330 -228
- package/examples/__snapshots__/{workspace-api-www-custom-cache.test.ts.snap → workspace-api-www-turbo-cache.test.ts.snap} +457 -499
- package/examples/__snapshots__/workspace-api-www.test.ts.snap +452 -482
- package/examples/{workspace-api-www-custom-cache.test.ts → cloud-run-nextjs.test.ts} +2 -2
- package/examples/cloud-run-nextjs.ts +28 -0
- package/examples/cloud-run-with-sql.ts +0 -1
- package/examples/kubernetes-application-customization.ts +1 -0
- package/examples/kubernetes-with-cloud-sql.ts +1 -0
- package/examples/kubernetes-with-jobs.ts +1 -0
- package/examples/kubernetes-with-mongodb.ts +1 -0
- package/examples/meteor-kubernetes.ts +1 -1
- package/examples/native-app.ts +10 -7
- package/examples/rails-k8s-with-worker.ts +7 -1
- package/examples/{kubernetes-with-cloud-sql-legacy.test.ts → referencing-other-vars.test.ts} +2 -2
- package/examples/referencing-other-vars.ts +83 -0
- package/examples/workspace-api-www-turbo-cache.test.ts +11 -0
- package/examples/{workspace-api-www-custom-cache.ts → workspace-api-www-turbo-cache.ts} +4 -3
- package/examples/workspace-api-www.ts +3 -2
- package/package.json +2 -6
- package/src/bash/BashExpression.ts +10 -13
- package/src/bash/bashEscape.ts +158 -0
- package/src/bash/bashYaml.ts +36 -2
- package/src/bash/getInjectVarsScript.ts +11 -2
- package/src/bash/index.ts +2 -0
- package/src/build/base/createAppBuildJob.ts +0 -1
- package/src/build/base/writeDotEnv.ts +6 -6
- package/src/build/custom/testJob.ts +0 -1
- package/src/build/node/buildJob.ts +2 -2
- package/src/build/node/cache.ts +0 -29
- package/src/build/node/testJob.ts +0 -1
- package/src/build/rails/build.ts +0 -1
- package/src/build/rails/test.ts +0 -1
- package/src/build/types.ts +0 -13
- package/src/context/createComponentContext.ts +0 -1
- package/src/context/getEnvConfig.ts +2 -2
- package/src/context/getEnvironment.ts +1 -1
- package/src/context/getEnvironmentContext.ts +1 -1
- package/src/context/getEnvironmentVariables.ts +44 -51
- package/src/deploy/base/deploy.ts +1 -1
- package/src/deploy/cloudRun/createJobs/getCloudRunDeployScripts.ts +4 -12
- package/src/deploy/cloudRun/index.ts +2 -2
- package/src/deploy/kubernetes/cloudSql/index.ts +3 -16
- package/src/deploy/kubernetes/deployJob.ts +0 -2
- package/src/deploy/kubernetes/index.ts +2 -2
- package/src/deploy/kubernetes/kubeEnv.ts +3 -3
- package/src/deploy/kubernetes/kubeValues.ts +5 -8
- package/src/deploy/types/base.ts +0 -6
- package/src/deploy/types/kubernetes.ts +1 -36
- package/src/globalScriptFunctions/index.ts +30 -0
- package/src/index.ts +2 -0
- package/src/pipeline/gitlab/createGitlabJobs.ts +1 -4
- package/src/pipeline/gitlab/createGitlabPipeline.ts +8 -1
- package/src/pipeline/packageManager.ts +7 -5
- package/src/runner/index.ts +0 -1
- package/src/types/config.ts +6 -9
- package/src/types/context.ts +3 -9
- package/src/types/gitlab-types.ts +1 -0
- package/src/types/jobs.ts +0 -8
- package/src/utils/gitlab.ts +19 -2
- package/src/utils/writeFiles.ts +1 -2
- package/src/variables/VariableValue.ts +6 -0
- package/src/variables/VariableValueContainingReferences.ts +89 -0
- package/src/variables/__tests__/resolveAllReferences.test.ts +110 -0
- package/src/variables/__tests__/resolveAllReferencesOnce.test.ts +64 -0
- package/src/variables/__tests__/resolveReferencesOnce.test.ts +117 -0
- package/src/variables/__tests__/variableValue.test.ts +73 -0
- package/src/variables/resolveAllReferences.ts +46 -0
- package/src/variables/resolveAllReferencesOnce.ts +44 -0
- package/src/variables/resolveReferencesOnce.ts +29 -0
- package/bin/catladder-gitlab-dev.js +0 -3
- package/bin/catladder-gitlab.js +0 -3
- package/dist/bash/replaceAsync.d.ts +0 -2
- package/dist/bundles/catladder-gitlab/index.js +0 -15
- package/dist/context/__tests__/resolveReferences.test.js +0 -368
- package/dist/context/resolveReferences.d.ts +0 -6
- package/dist/context/resolveReferences.js +0 -286
- package/dist/deploy/kubernetes/processSecretsAsFiles.d.ts +0 -85
- package/dist/deploy/kubernetes/processSecretsAsFiles.js +0 -33
- package/examples/__snapshots__/kubernetes-with-cloud-sql-legacy.test.ts.snap +0 -1795
- package/examples/kubernetes-with-cloud-sql-legacy.ts +0 -35
- package/scripts/bundle +0 -2
- package/src/bash/replaceAsync.ts +0 -54
- package/src/context/__tests__/resolveReferences.test.ts +0 -148
- package/src/context/resolveReferences.ts +0 -93
- package/src/deploy/kubernetes/processSecretsAsFiles.ts +0 -35
- /package/dist/{context/__tests__/resolveReferences.test.d.ts → variables/__tests__/resolveAllReferences.test.d.ts} +0 -0
|
@@ -45,6 +45,36 @@ variables:
|
|
|
45
45
|
CACHE_COMPRESSION_LEVEL: fast
|
|
46
46
|
TRANSFER_METER_FREQUENCY: 5s
|
|
47
47
|
GIT_DEPTH: '1'
|
|
48
|
+
before_script:
|
|
49
|
+
- |-
|
|
50
|
+
function escapeForDotEnv () {
|
|
51
|
+
input="\${1:-$(cat)}"
|
|
52
|
+
input="\${input//$'\\n'/\\\\n}"
|
|
53
|
+
if [[ "$input" == *\\\\n* ]]; then
|
|
54
|
+
if [[ "$input" == *\\"* && "$input" == *\\'* && "$input" == *\\\`* ]]; then
|
|
55
|
+
printf "\\"%s\\"\\n" "$input"
|
|
56
|
+
elif [[ "$input" == *\\"* && "$input" == *\\'* ]]; then
|
|
57
|
+
printf "\`%s\`\\n" "$input"
|
|
58
|
+
elif [[ "$input" == *\\"* ]]; then
|
|
59
|
+
printf "'%s'\\n" "$input"
|
|
60
|
+
else
|
|
61
|
+
printf "\\"%s\\"\\n" "$input"
|
|
62
|
+
fi
|
|
63
|
+
else
|
|
64
|
+
printf "%s\\n" "$input"
|
|
65
|
+
fi
|
|
66
|
+
}
|
|
67
|
+
- |-
|
|
68
|
+
function collapseable_section_start () {
|
|
69
|
+
local section_title="\${1}"
|
|
70
|
+
local section_description="\${2:-$section_title}"
|
|
71
|
+
echo -e "section_start:\`date +%s\`:\${section_title}[collapsed=true]\\r\\e[0K\${section_description}"
|
|
72
|
+
}
|
|
73
|
+
- |-
|
|
74
|
+
function collapseable_section_end () {
|
|
75
|
+
local section_title="\${1}"
|
|
76
|
+
echo -e "section_end:\`date +%s\`:\${section_title}\\r\\e[0K"
|
|
77
|
+
}
|
|
48
78
|
'api 🔨 app | dev ':
|
|
49
79
|
stage: build
|
|
50
80
|
image: path/to/docker/jobs-default:the-version
|
|
@@ -53,37 +83,53 @@ variables:
|
|
|
53
83
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
54
84
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
55
85
|
script:
|
|
56
|
-
-
|
|
86
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
57
87
|
- export ENV_SHORT="dev"
|
|
58
88
|
- export APP_DIR="app"
|
|
59
89
|
- export ENV_TYPE="dev"
|
|
60
90
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
61
91
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
62
92
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
63
|
-
- export
|
|
93
|
+
- export HOSTNAME="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
64
94
|
- export ROOT_URL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
65
|
-
- export
|
|
66
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
95
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
67
96
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
68
97
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
69
98
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
70
99
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_dev_api_GCLOUD_DEPLOY_credentialsKey"
|
|
71
100
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
72
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
73
|
-
-
|
|
101
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
102
|
+
- collapseable_section_end "injectvars"
|
|
103
|
+
- collapseable_section_start "write-dotenv-api" "write dot env for api"
|
|
104
|
+
- |-
|
|
105
|
+
cat <<EOF > app/.env
|
|
106
|
+
ENV_SHORT=dev
|
|
107
|
+
APP_DIR=app
|
|
108
|
+
ENV_TYPE=dev
|
|
109
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
110
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
111
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
112
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
113
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=asdf
|
|
114
|
+
DEPLOY_CLOUD_RUN_REGION=asia-east1
|
|
115
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
116
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
117
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
118
|
+
EOF
|
|
119
|
+
- collapseable_section_end "write-dotenv-api"
|
|
74
120
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json
|
|
75
|
-
-
|
|
121
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
76
122
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
77
123
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
78
|
-
-
|
|
124
|
+
- collapseable_section_end "nodeinstall"
|
|
79
125
|
- cd app
|
|
80
|
-
-
|
|
126
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
81
127
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
82
128
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
83
|
-
-
|
|
84
|
-
-
|
|
129
|
+
- collapseable_section_end "nodeinstall"
|
|
130
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
85
131
|
- yarn install --immutable
|
|
86
|
-
-
|
|
132
|
+
- collapseable_section_end "yarninstall"
|
|
87
133
|
- yarn build-storybook --quiet -o ./dist
|
|
88
134
|
cache:
|
|
89
135
|
- key: app-yarn
|
|
@@ -94,15 +140,13 @@ variables:
|
|
|
94
140
|
policy: pull-push
|
|
95
141
|
paths:
|
|
96
142
|
- app/node_modules
|
|
97
|
-
- key: api-next-cache
|
|
98
|
-
policy: pull-push
|
|
99
|
-
paths:
|
|
100
|
-
- app/.next/cache
|
|
101
143
|
artifacts:
|
|
102
144
|
paths:
|
|
103
145
|
- app/__build_info.json
|
|
104
146
|
- app/.next
|
|
105
147
|
- app/dist
|
|
148
|
+
exclude:
|
|
149
|
+
- app/.env
|
|
106
150
|
expire_in: 1 day
|
|
107
151
|
when: always
|
|
108
152
|
reports: {}
|
|
@@ -134,7 +178,7 @@ variables:
|
|
|
134
178
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
135
179
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
136
180
|
script:
|
|
137
|
-
-
|
|
181
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
138
182
|
- export APP_DIR="app"
|
|
139
183
|
- export DOCKER_BUILD_CONTEXT="."
|
|
140
184
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
@@ -150,20 +194,20 @@ variables:
|
|
|
150
194
|
COPY --chown=node:node app/yarn.lock /app/app/yarn.lock
|
|
151
195
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
152
196
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
153
|
-
-
|
|
197
|
+
- collapseable_section_end "injectvars"
|
|
154
198
|
- ensureNginxDockerfile
|
|
155
|
-
-
|
|
199
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
156
200
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")
|
|
157
201
|
- gcloud auth configure-docker asia-east1-docker.pkg.dev
|
|
158
|
-
-
|
|
159
|
-
-
|
|
202
|
+
- collapseable_section_end "docker-login"
|
|
203
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
160
204
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
161
|
-
-
|
|
162
|
-
-
|
|
205
|
+
- collapseable_section_end "docker-build"
|
|
206
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
163
207
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
164
208
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
165
209
|
- docker push $DOCKER_CACHE_IMAGE
|
|
166
|
-
-
|
|
210
|
+
- collapseable_section_end "docker-push"
|
|
167
211
|
cache:
|
|
168
212
|
- key: app-yarn
|
|
169
213
|
policy: pull
|
|
@@ -182,8 +226,8 @@ variables:
|
|
|
182
226
|
image: aquasec/trivy:0.38.3
|
|
183
227
|
variables: {}
|
|
184
228
|
script:
|
|
185
|
-
-
|
|
186
|
-
-
|
|
229
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
230
|
+
- collapseable_section_end "injectvars"
|
|
187
231
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
188
232
|
artifacts:
|
|
189
233
|
paths:
|
|
@@ -204,35 +248,34 @@ variables:
|
|
|
204
248
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
205
249
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
206
250
|
script:
|
|
207
|
-
-
|
|
251
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
208
252
|
- export ENV_SHORT="dev"
|
|
209
253
|
- export APP_DIR="app"
|
|
210
254
|
- export ENV_TYPE="dev"
|
|
211
255
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
212
256
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
213
257
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
214
|
-
- export
|
|
258
|
+
- export HOSTNAME="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
215
259
|
- export ROOT_URL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
216
|
-
- export
|
|
217
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
260
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
218
261
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
219
262
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
220
263
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
221
264
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_dev_api_GCLOUD_DEPLOY_credentialsKey"
|
|
222
265
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
223
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
266
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
224
267
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
225
268
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/api"
|
|
226
269
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api"
|
|
227
270
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
228
271
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
229
|
-
-
|
|
230
|
-
-
|
|
272
|
+
- collapseable_section_end "injectvars"
|
|
273
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
231
274
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")
|
|
232
275
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")
|
|
233
276
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
234
|
-
-
|
|
235
|
-
-
|
|
277
|
+
- collapseable_section_end "prepare"
|
|
278
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
236
279
|
- |
|
|
237
280
|
cat > ____envvars.yaml <<EOF
|
|
238
281
|
ENV_SHORT: |-
|
|
@@ -242,40 +285,38 @@ variables:
|
|
|
242
285
|
ENV_TYPE: |-
|
|
243
286
|
dev
|
|
244
287
|
BUILD_INFO_BUILD_ID: |-
|
|
245
|
-
|
|
288
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
246
289
|
BUILD_INFO_BUILD_TIME: |-
|
|
247
|
-
|
|
290
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
248
291
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
249
|
-
|
|
250
|
-
|
|
251
|
-
|
|
292
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
293
|
+
HOSTNAME: |-
|
|
294
|
+
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
252
295
|
ROOT_URL: |-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
HOST_CANONICAL: |-
|
|
257
|
-
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
296
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
297
|
+
HOSTNAME_INTERNAL: |-
|
|
298
|
+
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
258
299
|
ROOT_URL_INTERNAL: |-
|
|
259
|
-
|
|
300
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
260
301
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
261
302
|
asdf
|
|
262
303
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
263
304
|
asia-east1
|
|
264
305
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
265
|
-
|
|
306
|
+
$(printf %s "$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
266
307
|
_ALL_ENV_VAR_KEYS: |-
|
|
267
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
308
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
268
309
|
|
|
269
310
|
EOF
|
|
270
|
-
-
|
|
271
|
-
-
|
|
311
|
+
- collapseable_section_end "writeenvvars"
|
|
312
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
272
313
|
- gcloud run deploy pan-test-app-dev-api --command="" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/api:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=dev,env-name=dev,build-type=node,cloud-run-service-name=pan-test-app-dev-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
273
|
-
-
|
|
274
|
-
-
|
|
314
|
+
- collapseable_section_end "deploy"
|
|
315
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
275
316
|
- gcloud run revisions list --project=asdf --region=asia-east1 --service=pan-test-app-dev-api --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done
|
|
276
317
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/api@$version --quiet --delete-tags; done
|
|
277
318
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done
|
|
278
|
-
-
|
|
319
|
+
- collapseable_section_end "cleanup"
|
|
279
320
|
- echo 'Uploading SBOM to Dependency Track'
|
|
280
321
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
281
322
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -311,9 +352,9 @@ variables:
|
|
|
311
352
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
312
353
|
GIT_STRATEGY: none
|
|
313
354
|
script:
|
|
314
|
-
-
|
|
355
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
315
356
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
316
|
-
-
|
|
357
|
+
- collapseable_section_end "injectvars"
|
|
317
358
|
- set +e
|
|
318
359
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")
|
|
319
360
|
- gcloud run services delete pan-test-app-dev-api --project=asdf --region=asia-east1
|
|
@@ -349,37 +390,53 @@ variables:
|
|
|
349
390
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
350
391
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
351
392
|
script:
|
|
352
|
-
-
|
|
393
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
353
394
|
- export ENV_SHORT="review"
|
|
354
395
|
- export APP_DIR="app"
|
|
355
396
|
- export ENV_TYPE="review"
|
|
356
397
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
357
398
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
358
399
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
359
|
-
- export
|
|
400
|
+
- export HOSTNAME="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
360
401
|
- export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
361
|
-
- export
|
|
362
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
402
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
363
403
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
364
404
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
365
405
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
366
406
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_review_api_GCLOUD_DEPLOY_credentialsKey"
|
|
367
407
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_review_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
368
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
369
|
-
-
|
|
408
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
409
|
+
- collapseable_section_end "injectvars"
|
|
410
|
+
- collapseable_section_start "write-dotenv-api" "write dot env for api"
|
|
411
|
+
- |-
|
|
412
|
+
cat <<EOF > app/.env
|
|
413
|
+
ENV_SHORT=review
|
|
414
|
+
APP_DIR=app
|
|
415
|
+
ENV_TYPE=review
|
|
416
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
417
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
418
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
419
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
420
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=asdf
|
|
421
|
+
DEPLOY_CLOUD_RUN_REGION=asia-east1
|
|
422
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_review_api_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
423
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
424
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
425
|
+
EOF
|
|
426
|
+
- collapseable_section_end "write-dotenv-api"
|
|
370
427
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json
|
|
371
|
-
-
|
|
428
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
372
429
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
373
430
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
374
|
-
-
|
|
431
|
+
- collapseable_section_end "nodeinstall"
|
|
375
432
|
- cd app
|
|
376
|
-
-
|
|
433
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
377
434
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
378
435
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
379
|
-
-
|
|
380
|
-
-
|
|
436
|
+
- collapseable_section_end "nodeinstall"
|
|
437
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
381
438
|
- yarn install --immutable
|
|
382
|
-
-
|
|
439
|
+
- collapseable_section_end "yarninstall"
|
|
383
440
|
- yarn build-storybook --quiet -o ./dist
|
|
384
441
|
cache:
|
|
385
442
|
- key: app-yarn
|
|
@@ -390,15 +447,13 @@ variables:
|
|
|
390
447
|
policy: pull-push
|
|
391
448
|
paths:
|
|
392
449
|
- app/node_modules
|
|
393
|
-
- key: api-next-cache
|
|
394
|
-
policy: pull-push
|
|
395
|
-
paths:
|
|
396
|
-
- app/.next/cache
|
|
397
450
|
artifacts:
|
|
398
451
|
paths:
|
|
399
452
|
- app/__build_info.json
|
|
400
453
|
- app/.next
|
|
401
454
|
- app/dist
|
|
455
|
+
exclude:
|
|
456
|
+
- app/.env
|
|
402
457
|
expire_in: 1 day
|
|
403
458
|
when: always
|
|
404
459
|
reports: {}
|
|
@@ -424,7 +479,7 @@ variables:
|
|
|
424
479
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
425
480
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
426
481
|
script:
|
|
427
|
-
-
|
|
482
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
428
483
|
- export APP_DIR="app"
|
|
429
484
|
- export DOCKER_BUILD_CONTEXT="."
|
|
430
485
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
@@ -440,20 +495,20 @@ variables:
|
|
|
440
495
|
COPY --chown=node:node app/yarn.lock /app/app/yarn.lock
|
|
441
496
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
442
497
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
443
|
-
-
|
|
498
|
+
- collapseable_section_end "injectvars"
|
|
444
499
|
- ensureNginxDockerfile
|
|
445
|
-
-
|
|
500
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
446
501
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")
|
|
447
502
|
- gcloud auth configure-docker asia-east1-docker.pkg.dev
|
|
448
|
-
-
|
|
449
|
-
-
|
|
503
|
+
- collapseable_section_end "docker-login"
|
|
504
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
450
505
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
451
|
-
-
|
|
452
|
-
-
|
|
506
|
+
- collapseable_section_end "docker-build"
|
|
507
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
453
508
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
454
509
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
455
510
|
- docker push $DOCKER_CACHE_IMAGE
|
|
456
|
-
-
|
|
511
|
+
- collapseable_section_end "docker-push"
|
|
457
512
|
cache:
|
|
458
513
|
- key: app-yarn
|
|
459
514
|
policy: pull
|
|
@@ -470,8 +525,8 @@ variables:
|
|
|
470
525
|
image: aquasec/trivy:0.38.3
|
|
471
526
|
variables: {}
|
|
472
527
|
script:
|
|
473
|
-
-
|
|
474
|
-
-
|
|
528
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
529
|
+
- collapseable_section_end "injectvars"
|
|
475
530
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
476
531
|
artifacts:
|
|
477
532
|
paths:
|
|
@@ -490,35 +545,34 @@ variables:
|
|
|
490
545
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
491
546
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
492
547
|
script:
|
|
493
|
-
-
|
|
548
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
494
549
|
- export ENV_SHORT="review"
|
|
495
550
|
- export APP_DIR="app"
|
|
496
551
|
- export ENV_TYPE="review"
|
|
497
552
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
498
553
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
499
554
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
500
|
-
- export
|
|
555
|
+
- export HOSTNAME="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
501
556
|
- export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
502
|
-
- export
|
|
503
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
557
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
504
558
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
505
559
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
506
560
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
507
561
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_review_api_GCLOUD_DEPLOY_credentialsKey"
|
|
508
562
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_review_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
509
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
563
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
510
564
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
511
565
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"
|
|
512
566
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api"
|
|
513
567
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
514
568
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
515
|
-
-
|
|
516
|
-
-
|
|
569
|
+
- collapseable_section_end "injectvars"
|
|
570
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
517
571
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")
|
|
518
572
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")
|
|
519
573
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
520
|
-
-
|
|
521
|
-
-
|
|
574
|
+
- collapseable_section_end "prepare"
|
|
575
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
522
576
|
- |
|
|
523
577
|
cat > ____envvars.yaml <<EOF
|
|
524
578
|
ENV_SHORT: |-
|
|
@@ -528,43 +582,41 @@ variables:
|
|
|
528
582
|
ENV_TYPE: |-
|
|
529
583
|
review
|
|
530
584
|
BUILD_INFO_BUILD_ID: |-
|
|
531
|
-
|
|
585
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
532
586
|
BUILD_INFO_BUILD_TIME: |-
|
|
533
|
-
|
|
587
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
534
588
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
535
|
-
|
|
536
|
-
|
|
537
|
-
|
|
589
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
590
|
+
HOSTNAME: |-
|
|
591
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
538
592
|
ROOT_URL: |-
|
|
539
|
-
|
|
540
|
-
|
|
541
|
-
|
|
542
|
-
HOST_CANONICAL: |-
|
|
543
|
-
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
593
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
594
|
+
HOSTNAME_INTERNAL: |-
|
|
595
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
544
596
|
ROOT_URL_INTERNAL: |-
|
|
545
|
-
|
|
597
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
546
598
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
547
599
|
asdf
|
|
548
600
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
549
601
|
asia-east1
|
|
550
602
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
551
|
-
|
|
603
|
+
$(printf %s "$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
552
604
|
_ALL_ENV_VAR_KEYS: |-
|
|
553
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
605
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
554
606
|
|
|
555
607
|
EOF
|
|
556
|
-
-
|
|
557
|
-
-
|
|
608
|
+
- collapseable_section_end "writeenvvars"
|
|
609
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
558
610
|
- gcloud run deploy $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --command="" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-service-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
559
|
-
-
|
|
560
|
-
-
|
|
611
|
+
- collapseable_section_end "deploy"
|
|
612
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
561
613
|
- gcloud run revisions list --project=asdf --region=asia-east1 --service=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done
|
|
562
614
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })@$version --quiet --delete-tags; done
|
|
563
615
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done
|
|
564
616
|
- set +e
|
|
565
617
|
- gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/api --quiet --delete-tags
|
|
566
618
|
- set -e
|
|
567
|
-
-
|
|
619
|
+
- collapseable_section_end "cleanup"
|
|
568
620
|
- echo 'Uploading SBOM to Dependency Track'
|
|
569
621
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
570
622
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -598,9 +650,9 @@ variables:
|
|
|
598
650
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
599
651
|
GIT_STRATEGY: none
|
|
600
652
|
script:
|
|
601
|
-
-
|
|
653
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
602
654
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
603
|
-
-
|
|
655
|
+
- collapseable_section_end "injectvars"
|
|
604
656
|
- set +e
|
|
605
657
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")
|
|
606
658
|
- gcloud run services delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --project=asdf --region=asia-east1
|
|
@@ -637,37 +689,53 @@ variables:
|
|
|
637
689
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
638
690
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
639
691
|
script:
|
|
640
|
-
-
|
|
692
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
641
693
|
- export ENV_SHORT="stage"
|
|
642
694
|
- export APP_DIR="app"
|
|
643
695
|
- export ENV_TYPE="stage"
|
|
644
696
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
645
697
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
646
698
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
647
|
-
- export
|
|
699
|
+
- export HOSTNAME="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
648
700
|
- export ROOT_URL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
649
|
-
- export
|
|
650
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
701
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
651
702
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
652
703
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
653
704
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
654
705
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_stage_api_GCLOUD_DEPLOY_credentialsKey"
|
|
655
706
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
656
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
657
|
-
-
|
|
707
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
708
|
+
- collapseable_section_end "injectvars"
|
|
709
|
+
- collapseable_section_start "write-dotenv-api" "write dot env for api"
|
|
710
|
+
- |-
|
|
711
|
+
cat <<EOF > app/.env
|
|
712
|
+
ENV_SHORT=stage
|
|
713
|
+
APP_DIR=app
|
|
714
|
+
ENV_TYPE=stage
|
|
715
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
716
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
717
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
718
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
719
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=asdf
|
|
720
|
+
DEPLOY_CLOUD_RUN_REGION=asia-east1
|
|
721
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
722
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
723
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
724
|
+
EOF
|
|
725
|
+
- collapseable_section_end "write-dotenv-api"
|
|
658
726
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json
|
|
659
|
-
-
|
|
727
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
660
728
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
661
729
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
662
|
-
-
|
|
730
|
+
- collapseable_section_end "nodeinstall"
|
|
663
731
|
- cd app
|
|
664
|
-
-
|
|
732
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
665
733
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
666
734
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
667
|
-
-
|
|
668
|
-
-
|
|
735
|
+
- collapseable_section_end "nodeinstall"
|
|
736
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
669
737
|
- yarn install --immutable
|
|
670
|
-
-
|
|
738
|
+
- collapseable_section_end "yarninstall"
|
|
671
739
|
- yarn build-storybook --quiet -o ./dist
|
|
672
740
|
cache:
|
|
673
741
|
- key: app-yarn
|
|
@@ -678,15 +746,13 @@ variables:
|
|
|
678
746
|
policy: pull-push
|
|
679
747
|
paths:
|
|
680
748
|
- app/node_modules
|
|
681
|
-
- key: api-next-cache
|
|
682
|
-
policy: pull-push
|
|
683
|
-
paths:
|
|
684
|
-
- app/.next/cache
|
|
685
749
|
artifacts:
|
|
686
750
|
paths:
|
|
687
751
|
- app/__build_info.json
|
|
688
752
|
- app/.next
|
|
689
753
|
- app/dist
|
|
754
|
+
exclude:
|
|
755
|
+
- app/.env
|
|
690
756
|
expire_in: 1 day
|
|
691
757
|
when: always
|
|
692
758
|
reports: {}
|
|
@@ -712,7 +778,7 @@ variables:
|
|
|
712
778
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
713
779
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
714
780
|
script:
|
|
715
|
-
-
|
|
781
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
716
782
|
- export APP_DIR="app"
|
|
717
783
|
- export DOCKER_BUILD_CONTEXT="."
|
|
718
784
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
@@ -728,20 +794,20 @@ variables:
|
|
|
728
794
|
COPY --chown=node:node app/yarn.lock /app/app/yarn.lock
|
|
729
795
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
730
796
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
731
|
-
-
|
|
797
|
+
- collapseable_section_end "injectvars"
|
|
732
798
|
- ensureNginxDockerfile
|
|
733
|
-
-
|
|
799
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
734
800
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")
|
|
735
801
|
- gcloud auth configure-docker asia-east1-docker.pkg.dev
|
|
736
|
-
-
|
|
737
|
-
-
|
|
802
|
+
- collapseable_section_end "docker-login"
|
|
803
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
738
804
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
739
|
-
-
|
|
740
|
-
-
|
|
805
|
+
- collapseable_section_end "docker-build"
|
|
806
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
741
807
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
742
808
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
743
809
|
- docker push $DOCKER_CACHE_IMAGE
|
|
744
|
-
-
|
|
810
|
+
- collapseable_section_end "docker-push"
|
|
745
811
|
cache:
|
|
746
812
|
- key: app-yarn
|
|
747
813
|
policy: pull
|
|
@@ -758,8 +824,8 @@ variables:
|
|
|
758
824
|
image: aquasec/trivy:0.38.3
|
|
759
825
|
variables: {}
|
|
760
826
|
script:
|
|
761
|
-
-
|
|
762
|
-
-
|
|
827
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
828
|
+
- collapseable_section_end "injectvars"
|
|
763
829
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
764
830
|
artifacts:
|
|
765
831
|
paths:
|
|
@@ -778,35 +844,34 @@ variables:
|
|
|
778
844
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
779
845
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
780
846
|
script:
|
|
781
|
-
-
|
|
847
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
782
848
|
- export ENV_SHORT="stage"
|
|
783
849
|
- export APP_DIR="app"
|
|
784
850
|
- export ENV_TYPE="stage"
|
|
785
851
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
786
852
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
787
853
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
788
|
-
- export
|
|
854
|
+
- export HOSTNAME="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
789
855
|
- export ROOT_URL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
790
|
-
- export
|
|
791
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
856
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
792
857
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
793
858
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
794
859
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
795
860
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_stage_api_GCLOUD_DEPLOY_credentialsKey"
|
|
796
861
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
797
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
862
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
798
863
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
799
864
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/api"
|
|
800
865
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api"
|
|
801
866
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
802
867
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
803
|
-
-
|
|
804
|
-
-
|
|
868
|
+
- collapseable_section_end "injectvars"
|
|
869
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
805
870
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")
|
|
806
871
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")
|
|
807
872
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
808
|
-
-
|
|
809
|
-
-
|
|
873
|
+
- collapseable_section_end "prepare"
|
|
874
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
810
875
|
- |
|
|
811
876
|
cat > ____envvars.yaml <<EOF
|
|
812
877
|
ENV_SHORT: |-
|
|
@@ -816,40 +881,38 @@ variables:
|
|
|
816
881
|
ENV_TYPE: |-
|
|
817
882
|
stage
|
|
818
883
|
BUILD_INFO_BUILD_ID: |-
|
|
819
|
-
|
|
884
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
820
885
|
BUILD_INFO_BUILD_TIME: |-
|
|
821
|
-
|
|
886
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
822
887
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
823
|
-
|
|
824
|
-
|
|
825
|
-
|
|
888
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
889
|
+
HOSTNAME: |-
|
|
890
|
+
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
826
891
|
ROOT_URL: |-
|
|
827
|
-
|
|
828
|
-
|
|
829
|
-
|
|
830
|
-
HOST_CANONICAL: |-
|
|
831
|
-
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
892
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
893
|
+
HOSTNAME_INTERNAL: |-
|
|
894
|
+
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
832
895
|
ROOT_URL_INTERNAL: |-
|
|
833
|
-
|
|
896
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
834
897
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
835
898
|
asdf
|
|
836
899
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
837
900
|
asia-east1
|
|
838
901
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
839
|
-
|
|
902
|
+
$(printf %s "$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
840
903
|
_ALL_ENV_VAR_KEYS: |-
|
|
841
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
904
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
842
905
|
|
|
843
906
|
EOF
|
|
844
|
-
-
|
|
845
|
-
-
|
|
907
|
+
- collapseable_section_end "writeenvvars"
|
|
908
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
846
909
|
- gcloud run deploy pan-test-app-stage-api --command="" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/api:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=stage,env-name=stage,build-type=node,cloud-run-service-name=pan-test-app-stage-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
847
|
-
-
|
|
848
|
-
-
|
|
910
|
+
- collapseable_section_end "deploy"
|
|
911
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
849
912
|
- gcloud run revisions list --project=asdf --region=asia-east1 --service=pan-test-app-stage-api --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done
|
|
850
913
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/api@$version --quiet --delete-tags; done
|
|
851
914
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done
|
|
852
|
-
-
|
|
915
|
+
- collapseable_section_end "cleanup"
|
|
853
916
|
- echo 'Uploading SBOM to Dependency Track'
|
|
854
917
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
855
918
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -882,9 +945,9 @@ variables:
|
|
|
882
945
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
883
946
|
GIT_STRATEGY: none
|
|
884
947
|
script:
|
|
885
|
-
-
|
|
948
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
886
949
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
887
|
-
-
|
|
950
|
+
- collapseable_section_end "injectvars"
|
|
888
951
|
- set +e
|
|
889
952
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")
|
|
890
953
|
- gcloud run services delete pan-test-app-stage-api --project=asdf --region=asia-east1
|
|
@@ -918,37 +981,53 @@ variables:
|
|
|
918
981
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
919
982
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
920
983
|
script:
|
|
921
|
-
-
|
|
984
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
922
985
|
- export ENV_SHORT="prod"
|
|
923
986
|
- export APP_DIR="app"
|
|
924
987
|
- export ENV_TYPE="prod"
|
|
925
988
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
926
989
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
927
990
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
928
|
-
- export
|
|
991
|
+
- export HOSTNAME="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
929
992
|
- export ROOT_URL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
930
|
-
- export
|
|
931
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
993
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
932
994
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
933
995
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
934
996
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
935
997
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_prod_api_GCLOUD_DEPLOY_credentialsKey"
|
|
936
998
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
937
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
938
|
-
-
|
|
999
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
1000
|
+
- collapseable_section_end "injectvars"
|
|
1001
|
+
- collapseable_section_start "write-dotenv-api" "write dot env for api"
|
|
1002
|
+
- |-
|
|
1003
|
+
cat <<EOF > app/.env
|
|
1004
|
+
ENV_SHORT=prod
|
|
1005
|
+
APP_DIR=app
|
|
1006
|
+
ENV_TYPE=prod
|
|
1007
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1008
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1009
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1010
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1011
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=asdf
|
|
1012
|
+
DEPLOY_CLOUD_RUN_REGION=asia-east1
|
|
1013
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
1014
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
1015
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
1016
|
+
EOF
|
|
1017
|
+
- collapseable_section_end "write-dotenv-api"
|
|
939
1018
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json
|
|
940
|
-
-
|
|
1019
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
941
1020
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
942
1021
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
943
|
-
-
|
|
1022
|
+
- collapseable_section_end "nodeinstall"
|
|
944
1023
|
- cd app
|
|
945
|
-
-
|
|
1024
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
946
1025
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
947
1026
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
948
|
-
-
|
|
949
|
-
-
|
|
1027
|
+
- collapseable_section_end "nodeinstall"
|
|
1028
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
950
1029
|
- yarn install --immutable
|
|
951
|
-
-
|
|
1030
|
+
- collapseable_section_end "yarninstall"
|
|
952
1031
|
- yarn build-storybook --quiet -o ./dist
|
|
953
1032
|
cache:
|
|
954
1033
|
- key: app-yarn
|
|
@@ -959,15 +1038,13 @@ variables:
|
|
|
959
1038
|
policy: pull-push
|
|
960
1039
|
paths:
|
|
961
1040
|
- app/node_modules
|
|
962
|
-
- key: api-next-cache
|
|
963
|
-
policy: pull-push
|
|
964
|
-
paths:
|
|
965
|
-
- app/.next/cache
|
|
966
1041
|
artifacts:
|
|
967
1042
|
paths:
|
|
968
1043
|
- app/__build_info.json
|
|
969
1044
|
- app/.next
|
|
970
1045
|
- app/dist
|
|
1046
|
+
exclude:
|
|
1047
|
+
- app/.env
|
|
971
1048
|
expire_in: 1 day
|
|
972
1049
|
when: always
|
|
973
1050
|
reports: {}
|
|
@@ -993,7 +1070,7 @@ variables:
|
|
|
993
1070
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
994
1071
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
995
1072
|
script:
|
|
996
|
-
-
|
|
1073
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
997
1074
|
- export APP_DIR="app"
|
|
998
1075
|
- export DOCKER_BUILD_CONTEXT="."
|
|
999
1076
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
@@ -1009,20 +1086,20 @@ variables:
|
|
|
1009
1086
|
COPY --chown=node:node app/yarn.lock /app/app/yarn.lock
|
|
1010
1087
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1011
1088
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
1012
|
-
-
|
|
1089
|
+
- collapseable_section_end "injectvars"
|
|
1013
1090
|
- ensureNginxDockerfile
|
|
1014
|
-
-
|
|
1091
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1015
1092
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")
|
|
1016
1093
|
- gcloud auth configure-docker asia-east1-docker.pkg.dev
|
|
1017
|
-
-
|
|
1018
|
-
-
|
|
1094
|
+
- collapseable_section_end "docker-login"
|
|
1095
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1019
1096
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1020
|
-
-
|
|
1021
|
-
-
|
|
1097
|
+
- collapseable_section_end "docker-build"
|
|
1098
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1022
1099
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1023
1100
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1024
1101
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1025
|
-
-
|
|
1102
|
+
- collapseable_section_end "docker-push"
|
|
1026
1103
|
cache:
|
|
1027
1104
|
- key: app-yarn
|
|
1028
1105
|
policy: pull
|
|
@@ -1039,8 +1116,8 @@ variables:
|
|
|
1039
1116
|
image: aquasec/trivy:0.38.3
|
|
1040
1117
|
variables: {}
|
|
1041
1118
|
script:
|
|
1042
|
-
-
|
|
1043
|
-
-
|
|
1119
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1120
|
+
- collapseable_section_end "injectvars"
|
|
1044
1121
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
1045
1122
|
artifacts:
|
|
1046
1123
|
paths:
|
|
@@ -1059,35 +1136,34 @@ variables:
|
|
|
1059
1136
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1060
1137
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1061
1138
|
script:
|
|
1062
|
-
-
|
|
1139
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1063
1140
|
- export ENV_SHORT="prod"
|
|
1064
1141
|
- export APP_DIR="app"
|
|
1065
1142
|
- export ENV_TYPE="prod"
|
|
1066
1143
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1067
1144
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1068
1145
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1069
|
-
- export
|
|
1146
|
+
- export HOSTNAME="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1070
1147
|
- export ROOT_URL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1071
|
-
- export
|
|
1072
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1148
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1073
1149
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1074
1150
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
1075
1151
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
1076
1152
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_prod_api_GCLOUD_DEPLOY_credentialsKey"
|
|
1077
1153
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
1078
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1154
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
1079
1155
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
1080
1156
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/api"
|
|
1081
1157
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api"
|
|
1082
1158
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
1083
1159
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1084
|
-
-
|
|
1085
|
-
-
|
|
1160
|
+
- collapseable_section_end "injectvars"
|
|
1161
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
1086
1162
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")
|
|
1087
1163
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")
|
|
1088
1164
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
1089
|
-
-
|
|
1090
|
-
-
|
|
1165
|
+
- collapseable_section_end "prepare"
|
|
1166
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
1091
1167
|
- |
|
|
1092
1168
|
cat > ____envvars.yaml <<EOF
|
|
1093
1169
|
ENV_SHORT: |-
|
|
@@ -1097,40 +1173,38 @@ variables:
|
|
|
1097
1173
|
ENV_TYPE: |-
|
|
1098
1174
|
prod
|
|
1099
1175
|
BUILD_INFO_BUILD_ID: |-
|
|
1100
|
-
|
|
1176
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1101
1177
|
BUILD_INFO_BUILD_TIME: |-
|
|
1102
|
-
|
|
1178
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1103
1179
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1104
|
-
|
|
1105
|
-
|
|
1106
|
-
|
|
1180
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1181
|
+
HOSTNAME: |-
|
|
1182
|
+
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1107
1183
|
ROOT_URL: |-
|
|
1108
|
-
|
|
1109
|
-
|
|
1110
|
-
|
|
1111
|
-
HOST_CANONICAL: |-
|
|
1112
|
-
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1184
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1185
|
+
HOSTNAME_INTERNAL: |-
|
|
1186
|
+
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1113
1187
|
ROOT_URL_INTERNAL: |-
|
|
1114
|
-
|
|
1188
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1115
1189
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
1116
1190
|
asdf
|
|
1117
1191
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
1118
1192
|
asia-east1
|
|
1119
1193
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
1120
|
-
|
|
1194
|
+
$(printf %s "$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
1121
1195
|
_ALL_ENV_VAR_KEYS: |-
|
|
1122
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1196
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
1123
1197
|
|
|
1124
1198
|
EOF
|
|
1125
|
-
-
|
|
1126
|
-
-
|
|
1199
|
+
- collapseable_section_end "writeenvvars"
|
|
1200
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
1127
1201
|
- gcloud run deploy pan-test-app-prod-api --command="" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/api:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=prod,env-name=prod,build-type=node,cloud-run-service-name=pan-test-app-prod-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
1128
|
-
-
|
|
1129
|
-
-
|
|
1202
|
+
- collapseable_section_end "deploy"
|
|
1203
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
1130
1204
|
- gcloud run revisions list --project=asdf --region=asia-east1 --service=pan-test-app-prod-api --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | tail -n +6 | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done
|
|
1131
1205
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +7 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/api@$version --quiet --delete-tags; done
|
|
1132
1206
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done
|
|
1133
|
-
-
|
|
1207
|
+
- collapseable_section_end "cleanup"
|
|
1134
1208
|
- echo 'Uploading SBOM to Dependency Track'
|
|
1135
1209
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
1136
1210
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -1163,9 +1237,9 @@ variables:
|
|
|
1163
1237
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1164
1238
|
GIT_STRATEGY: none
|
|
1165
1239
|
script:
|
|
1166
|
-
-
|
|
1240
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1167
1241
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1168
|
-
-
|
|
1242
|
+
- collapseable_section_end "injectvars"
|
|
1169
1243
|
- set +e
|
|
1170
1244
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")
|
|
1171
1245
|
- gcloud run services delete pan-test-app-prod-api --project=asdf --region=asia-east1
|