@catladder/pipeline 1.170.0 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bash/BashExpression.d.ts +2 -6
- package/dist/bash/BashExpression.js +5 -15
- package/dist/bash/bashEscape.d.ts +34 -0
- package/dist/bash/bashEscape.js +114 -0
- package/dist/bash/bashYaml.js +25 -2
- package/dist/bash/getInjectVarsScript.js +4 -2
- package/dist/bash/index.d.ts +2 -0
- package/dist/bash/index.js +26 -0
- package/dist/build/base/createAppBuildJob.js +3 -3
- package/dist/build/base/writeDotEnv.js +6 -4
- package/dist/build/custom/testJob.js +12 -12
- package/dist/build/docker.d.ts +3 -3
- package/dist/build/node/buildJob.js +1 -1
- package/dist/build/node/cache.d.ts +2 -4
- package/dist/build/node/cache.js +3 -24
- package/dist/build/node/testJob.js +11 -11
- package/dist/build/rails/build.js +1 -1
- package/dist/build/rails/test.js +8 -8
- package/dist/build/types.d.ts +0 -10
- package/dist/constants.js +1 -1
- package/dist/context/createComponentContext.js +0 -1
- package/dist/context/getEnvConfig.js +2 -1
- package/dist/context/getEnvironment.js +1 -2
- package/dist/context/getEnvironmentVariables.d.ts +5 -6
- package/dist/context/getEnvironmentVariables.js +50 -38
- package/dist/deploy/base/deploy.js +3 -3
- package/dist/deploy/cloudRun/createJobs/getCloudRunDeployScripts.js +2 -2
- package/dist/deploy/cloudRun/index.js +2 -2
- package/dist/deploy/cloudRun/utils/getServiceName.d.ts +1 -1
- package/dist/deploy/kubernetes/cloudSql/index.d.ts +2 -2
- package/dist/deploy/kubernetes/cloudSql/index.js +3 -14
- package/dist/deploy/kubernetes/deployJob.js +1 -3
- package/dist/deploy/kubernetes/index.js +2 -2
- package/dist/deploy/kubernetes/kubeEnv.d.ts +3 -3
- package/dist/deploy/kubernetes/kubeValues.d.ts +3 -4
- package/dist/deploy/kubernetes/kubeValues.js +2 -3
- package/dist/deploy/types/base.d.ts +0 -6
- package/dist/deploy/types/kubernetes.d.ts +1 -34
- package/dist/globalScriptFunctions/index.d.ts +14 -0
- package/dist/globalScriptFunctions/index.js +37 -0
- package/dist/index.d.ts +3 -1
- package/dist/index.js +3 -1
- package/dist/pipeline/gitlab/createGitlabJobs.js +3 -5
- package/dist/pipeline/gitlab/createGitlabPipeline.d.ts +1 -0
- package/dist/pipeline/gitlab/createGitlabPipeline.js +38 -2
- package/dist/pipeline/packageManager.js +1 -1
- package/dist/runner/index.d.ts +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/dist/types/config.d.ts +6 -9
- package/dist/types/context.d.ts +2 -9
- package/dist/types/gitlab-types.d.ts +1 -0
- package/dist/types/jobs.d.ts +0 -8
- package/dist/utils/gitlab.js +4 -1
- package/dist/utils/writeFiles.js +1 -7
- package/dist/variables/VariableValue.d.ts +3 -0
- package/dist/variables/VariableValue.js +5 -0
- package/dist/variables/VariableValueContainingReferences.d.ts +24 -0
- package/dist/variables/VariableValueContainingReferences.js +97 -0
- package/dist/variables/__tests__/resolveAllReferences.test.js +219 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.js +171 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.js +202 -0
- package/dist/variables/__tests__/variableValue.test.d.ts +1 -0
- package/dist/variables/__tests__/variableValue.test.js +36 -0
- package/dist/variables/resolveAllReferences.d.ts +3 -0
- package/dist/{bash/replaceAsync.js → variables/resolveAllReferences.js} +60 -41
- package/dist/variables/resolveAllReferencesOnce.d.ts +5 -0
- package/dist/variables/resolveAllReferencesOnce.js +191 -0
- package/dist/variables/resolveReferencesOnce.d.ts +8 -0
- package/dist/variables/resolveReferencesOnce.js +22 -0
- package/examples/__snapshots__/cloud-run-http2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-memory-limit.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-meteor-with-worker.test.ts.snap +312 -222
- package/examples/__snapshots__/cloud-run-nextjs.test.ts.snap +1436 -0
- package/examples/__snapshots__/cloud-run-no-cpu-throttling.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-no-service.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-non-public.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-post-stop-job.test.ts.snap +313 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc-connector.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-gen2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-increase-timout.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-with-volumes.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-storybook.test.ts.snap +294 -220
- package/examples/__snapshots__/cloud-run-with-ngnix.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-with-sql-reuse-db.test.ts.snap +652 -486
- package/examples/__snapshots__/cloud-run-with-sql.test.ts.snap +282 -288
- package/examples/__snapshots__/cloud-run-with-worker.test.ts.snap +312 -238
- package/examples/__snapshots__/custom-build-job-with-tests.test.ts.snap +284 -194
- package/examples/__snapshots__/custom-build-job.test.ts.snap +278 -188
- package/examples/__snapshots__/custom-deploy.test.ts.snap +220 -154
- package/examples/__snapshots__/custom-envs.test.ts.snap +216 -126
- package/examples/__snapshots__/custom-sbom-java.test.ts.snap +278 -188
- package/examples/__snapshots__/git-submodule.test.ts.snap +312 -238
- package/examples/__snapshots__/kubernetes-application-customization.test.ts.snap +231 -253
- package/examples/__snapshots__/kubernetes-with-cloud-sql.test.ts.snap +240 -262
- package/examples/__snapshots__/kubernetes-with-jobs.test.ts.snap +504 -506
- package/examples/__snapshots__/kubernetes-with-mongodb.test.ts.snap +239 -261
- package/examples/__snapshots__/local-dot-env.test.ts.snap +236 -238
- package/examples/__snapshots__/meteor-kubernetes.test.ts.snap +236 -242
- package/examples/__snapshots__/multiline-var.test.ts.snap +1355 -973
- package/examples/__snapshots__/native-app.test.ts.snap +438 -392
- package/examples/__snapshots__/node-build-with-custom-image.test.ts.snap +312 -238
- package/examples/__snapshots__/node-build-with-docker-additions.test.ts.snap +312 -238
- package/examples/__snapshots__/rails-k8s-with-worker-dockerfile.test.ts.snap +186 -188
- package/examples/__snapshots__/rails-k8s-with-worker.test.ts.snap +162 -164
- package/examples/__snapshots__/referencing-other-vars.test.ts.snap +4741 -0
- package/examples/__snapshots__/wait-for-other-deploy.test.ts.snap +330 -228
- package/examples/__snapshots__/{workspace-api-www-custom-cache.test.ts.snap → workspace-api-www-turbo-cache.test.ts.snap} +457 -499
- package/examples/__snapshots__/workspace-api-www.test.ts.snap +452 -482
- package/examples/{workspace-api-www-custom-cache.test.ts → cloud-run-nextjs.test.ts} +2 -2
- package/examples/cloud-run-nextjs.ts +28 -0
- package/examples/cloud-run-with-sql.ts +0 -1
- package/examples/kubernetes-application-customization.ts +1 -0
- package/examples/kubernetes-with-cloud-sql.ts +1 -0
- package/examples/kubernetes-with-jobs.ts +1 -0
- package/examples/kubernetes-with-mongodb.ts +1 -0
- package/examples/meteor-kubernetes.ts +1 -1
- package/examples/native-app.ts +10 -7
- package/examples/rails-k8s-with-worker.ts +7 -1
- package/examples/{kubernetes-with-cloud-sql-legacy.test.ts → referencing-other-vars.test.ts} +2 -2
- package/examples/referencing-other-vars.ts +83 -0
- package/examples/workspace-api-www-turbo-cache.test.ts +11 -0
- package/examples/{workspace-api-www-custom-cache.ts → workspace-api-www-turbo-cache.ts} +4 -3
- package/examples/workspace-api-www.ts +3 -2
- package/package.json +2 -6
- package/src/bash/BashExpression.ts +10 -13
- package/src/bash/bashEscape.ts +158 -0
- package/src/bash/bashYaml.ts +36 -2
- package/src/bash/getInjectVarsScript.ts +11 -2
- package/src/bash/index.ts +2 -0
- package/src/build/base/createAppBuildJob.ts +0 -1
- package/src/build/base/writeDotEnv.ts +6 -6
- package/src/build/custom/testJob.ts +0 -1
- package/src/build/node/buildJob.ts +2 -2
- package/src/build/node/cache.ts +0 -29
- package/src/build/node/testJob.ts +0 -1
- package/src/build/rails/build.ts +0 -1
- package/src/build/rails/test.ts +0 -1
- package/src/build/types.ts +0 -13
- package/src/context/createComponentContext.ts +0 -1
- package/src/context/getEnvConfig.ts +2 -2
- package/src/context/getEnvironment.ts +1 -1
- package/src/context/getEnvironmentContext.ts +1 -1
- package/src/context/getEnvironmentVariables.ts +44 -51
- package/src/deploy/base/deploy.ts +1 -1
- package/src/deploy/cloudRun/createJobs/getCloudRunDeployScripts.ts +4 -12
- package/src/deploy/cloudRun/index.ts +2 -2
- package/src/deploy/kubernetes/cloudSql/index.ts +3 -16
- package/src/deploy/kubernetes/deployJob.ts +0 -2
- package/src/deploy/kubernetes/index.ts +2 -2
- package/src/deploy/kubernetes/kubeEnv.ts +3 -3
- package/src/deploy/kubernetes/kubeValues.ts +5 -8
- package/src/deploy/types/base.ts +0 -6
- package/src/deploy/types/kubernetes.ts +1 -36
- package/src/globalScriptFunctions/index.ts +30 -0
- package/src/index.ts +2 -0
- package/src/pipeline/gitlab/createGitlabJobs.ts +1 -4
- package/src/pipeline/gitlab/createGitlabPipeline.ts +8 -1
- package/src/pipeline/packageManager.ts +7 -5
- package/src/runner/index.ts +0 -1
- package/src/types/config.ts +6 -9
- package/src/types/context.ts +3 -9
- package/src/types/gitlab-types.ts +1 -0
- package/src/types/jobs.ts +0 -8
- package/src/utils/gitlab.ts +19 -2
- package/src/utils/writeFiles.ts +1 -2
- package/src/variables/VariableValue.ts +6 -0
- package/src/variables/VariableValueContainingReferences.ts +89 -0
- package/src/variables/__tests__/resolveAllReferences.test.ts +110 -0
- package/src/variables/__tests__/resolveAllReferencesOnce.test.ts +64 -0
- package/src/variables/__tests__/resolveReferencesOnce.test.ts +117 -0
- package/src/variables/__tests__/variableValue.test.ts +73 -0
- package/src/variables/resolveAllReferences.ts +46 -0
- package/src/variables/resolveAllReferencesOnce.ts +44 -0
- package/src/variables/resolveReferencesOnce.ts +29 -0
- package/bin/catladder-gitlab-dev.js +0 -3
- package/bin/catladder-gitlab.js +0 -3
- package/dist/bash/replaceAsync.d.ts +0 -2
- package/dist/bundles/catladder-gitlab/index.js +0 -15
- package/dist/context/__tests__/resolveReferences.test.js +0 -368
- package/dist/context/resolveReferences.d.ts +0 -6
- package/dist/context/resolveReferences.js +0 -286
- package/dist/deploy/kubernetes/processSecretsAsFiles.d.ts +0 -85
- package/dist/deploy/kubernetes/processSecretsAsFiles.js +0 -33
- package/examples/__snapshots__/kubernetes-with-cloud-sql-legacy.test.ts.snap +0 -1795
- package/examples/kubernetes-with-cloud-sql-legacy.ts +0 -35
- package/scripts/bundle +0 -2
- package/src/bash/replaceAsync.ts +0 -54
- package/src/context/__tests__/resolveReferences.test.ts +0 -148
- package/src/context/resolveReferences.ts +0 -93
- package/src/deploy/kubernetes/processSecretsAsFiles.ts +0 -35
- /package/dist/{context/__tests__/resolveReferences.test.d.ts → variables/__tests__/resolveAllReferences.test.d.ts} +0 -0
|
@@ -45,6 +45,36 @@ variables:
|
|
|
45
45
|
CACHE_COMPRESSION_LEVEL: fast
|
|
46
46
|
TRANSFER_METER_FREQUENCY: 5s
|
|
47
47
|
GIT_DEPTH: '1'
|
|
48
|
+
before_script:
|
|
49
|
+
- |-
|
|
50
|
+
function escapeForDotEnv () {
|
|
51
|
+
input="\${1:-$(cat)}"
|
|
52
|
+
input="\${input//$'\\n'/\\\\n}"
|
|
53
|
+
if [[ "$input" == *\\\\n* ]]; then
|
|
54
|
+
if [[ "$input" == *\\"* && "$input" == *\\'* && "$input" == *\\\`* ]]; then
|
|
55
|
+
printf "\\"%s\\"\\n" "$input"
|
|
56
|
+
elif [[ "$input" == *\\"* && "$input" == *\\'* ]]; then
|
|
57
|
+
printf "\`%s\`\\n" "$input"
|
|
58
|
+
elif [[ "$input" == *\\"* ]]; then
|
|
59
|
+
printf "'%s'\\n" "$input"
|
|
60
|
+
else
|
|
61
|
+
printf "\\"%s\\"\\n" "$input"
|
|
62
|
+
fi
|
|
63
|
+
else
|
|
64
|
+
printf "%s\\n" "$input"
|
|
65
|
+
fi
|
|
66
|
+
}
|
|
67
|
+
- |-
|
|
68
|
+
function collapseable_section_start () {
|
|
69
|
+
local section_title="\${1}"
|
|
70
|
+
local section_description="\${2:-$section_title}"
|
|
71
|
+
echo -e "section_start:\`date +%s\`:\${section_title}[collapsed=true]\\r\\e[0K\${section_description}"
|
|
72
|
+
}
|
|
73
|
+
- |-
|
|
74
|
+
function collapseable_section_end () {
|
|
75
|
+
local section_title="\${1}"
|
|
76
|
+
echo -e "section_end:\`date +%s\`:\${section_title}\\r\\e[0K"
|
|
77
|
+
}
|
|
48
78
|
www 🛡 audit:
|
|
49
79
|
stage: test
|
|
50
80
|
image: audit-image
|
|
@@ -57,9 +87,9 @@ www 🛡 audit:
|
|
|
57
87
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
58
88
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
59
89
|
script:
|
|
60
|
-
-
|
|
90
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
61
91
|
- export APP_PATH="www"
|
|
62
|
-
-
|
|
92
|
+
- collapseable_section_end "injectvars"
|
|
63
93
|
- audit
|
|
64
94
|
artifacts:
|
|
65
95
|
paths: []
|
|
@@ -88,9 +118,9 @@ www 👮 lint:
|
|
|
88
118
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
89
119
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
90
120
|
script:
|
|
91
|
-
-
|
|
121
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
92
122
|
- export APP_PATH="www"
|
|
93
|
-
-
|
|
123
|
+
- collapseable_section_end "injectvars"
|
|
94
124
|
- lint
|
|
95
125
|
artifacts:
|
|
96
126
|
paths: []
|
|
@@ -114,9 +144,9 @@ www 🧪 test:
|
|
|
114
144
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
115
145
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
116
146
|
script:
|
|
117
|
-
-
|
|
147
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
118
148
|
- export APP_PATH="www"
|
|
119
|
-
-
|
|
149
|
+
- collapseable_section_end "injectvars"
|
|
120
150
|
- test
|
|
121
151
|
artifacts:
|
|
122
152
|
paths: []
|
|
@@ -144,34 +174,52 @@ www 🧪 test:
|
|
|
144
174
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
145
175
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
146
176
|
script:
|
|
147
|
-
-
|
|
177
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
148
178
|
- export ENV_SHORT="dev"
|
|
149
179
|
- export APP_DIR="www"
|
|
150
180
|
- export ENV_TYPE="dev"
|
|
151
181
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
152
182
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
153
183
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
154
|
-
- export
|
|
184
|
+
- export HOSTNAME="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
155
185
|
- export ROOT_URL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
156
|
-
- export
|
|
157
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
186
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
158
187
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
159
188
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
160
189
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
161
190
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_dev_www_GCLOUD_DEPLOY_credentialsKey"
|
|
162
191
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
163
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
164
|
-
-
|
|
192
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
193
|
+
- collapseable_section_end "injectvars"
|
|
194
|
+
- collapseable_section_start "write-dotenv-www" "write dot env for www"
|
|
195
|
+
- |-
|
|
196
|
+
cat <<EOF > www/.env
|
|
197
|
+
ENV_SHORT=dev
|
|
198
|
+
APP_DIR=www
|
|
199
|
+
ENV_TYPE=dev
|
|
200
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
201
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
202
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
203
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
204
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=asdf
|
|
205
|
+
DEPLOY_CLOUD_RUN_REGION=asia-east1
|
|
206
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
207
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
208
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
209
|
+
EOF
|
|
210
|
+
- collapseable_section_end "write-dotenv-www"
|
|
165
211
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > www/__build_info.json
|
|
166
|
-
-
|
|
212
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
167
213
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
168
214
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
169
|
-
-
|
|
215
|
+
- collapseable_section_end "nodeinstall"
|
|
170
216
|
- cd www
|
|
171
217
|
artifacts:
|
|
172
218
|
paths:
|
|
173
219
|
- www/__build_info.json
|
|
174
220
|
- www/dist
|
|
221
|
+
exclude:
|
|
222
|
+
- www/.env
|
|
175
223
|
expire_in: 1 day
|
|
176
224
|
when: always
|
|
177
225
|
reports: {}
|
|
@@ -199,27 +247,27 @@ www 🧪 test:
|
|
|
199
247
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
200
248
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
201
249
|
script:
|
|
202
|
-
-
|
|
250
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
203
251
|
- export APP_DIR="www"
|
|
204
252
|
- export DOCKER_BUILD_CONTEXT="."
|
|
205
253
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
206
254
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www"
|
|
207
255
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"
|
|
208
256
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
209
|
-
-
|
|
257
|
+
- collapseable_section_end "injectvars"
|
|
210
258
|
- ensureNginxDockerfile
|
|
211
|
-
-
|
|
259
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
212
260
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")
|
|
213
261
|
- gcloud auth configure-docker asia-east1-docker.pkg.dev
|
|
214
|
-
-
|
|
215
|
-
-
|
|
262
|
+
- collapseable_section_end "docker-login"
|
|
263
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
216
264
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
217
|
-
-
|
|
218
|
-
-
|
|
265
|
+
- collapseable_section_end "docker-build"
|
|
266
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
219
267
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
220
268
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
221
269
|
- docker push $DOCKER_CACHE_IMAGE
|
|
222
|
-
-
|
|
270
|
+
- collapseable_section_end "docker-push"
|
|
223
271
|
rules:
|
|
224
272
|
- when: never
|
|
225
273
|
if: $CI_COMMIT_MESSAGE =~ /^chore\\(release\\).*/
|
|
@@ -233,8 +281,8 @@ www 🧪 test:
|
|
|
233
281
|
image: aquasec/trivy:0.38.3
|
|
234
282
|
variables: {}
|
|
235
283
|
script:
|
|
236
|
-
-
|
|
237
|
-
-
|
|
284
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
285
|
+
- collapseable_section_end "injectvars"
|
|
238
286
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
239
287
|
artifacts:
|
|
240
288
|
paths:
|
|
@@ -255,35 +303,34 @@ www 🧪 test:
|
|
|
255
303
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
256
304
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
257
305
|
script:
|
|
258
|
-
-
|
|
306
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
259
307
|
- export ENV_SHORT="dev"
|
|
260
308
|
- export APP_DIR="www"
|
|
261
309
|
- export ENV_TYPE="dev"
|
|
262
310
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
263
311
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
264
312
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
265
|
-
- export
|
|
313
|
+
- export HOSTNAME="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
266
314
|
- export ROOT_URL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
267
|
-
- export
|
|
268
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
315
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
269
316
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
270
317
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
271
318
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
272
319
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_dev_www_GCLOUD_DEPLOY_credentialsKey"
|
|
273
320
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
274
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
321
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
275
322
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
276
323
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www"
|
|
277
324
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"
|
|
278
325
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
279
326
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
280
|
-
-
|
|
281
|
-
-
|
|
327
|
+
- collapseable_section_end "injectvars"
|
|
328
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
282
329
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")
|
|
283
330
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")
|
|
284
331
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
285
|
-
-
|
|
286
|
-
-
|
|
332
|
+
- collapseable_section_end "prepare"
|
|
333
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
287
334
|
- |
|
|
288
335
|
cat > ____envvars.yaml <<EOF
|
|
289
336
|
ENV_SHORT: |-
|
|
@@ -293,40 +340,38 @@ www 🧪 test:
|
|
|
293
340
|
ENV_TYPE: |-
|
|
294
341
|
dev
|
|
295
342
|
BUILD_INFO_BUILD_ID: |-
|
|
296
|
-
|
|
343
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
297
344
|
BUILD_INFO_BUILD_TIME: |-
|
|
298
|
-
|
|
345
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
299
346
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
300
|
-
|
|
301
|
-
|
|
302
|
-
|
|
347
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
348
|
+
HOSTNAME: |-
|
|
349
|
+
$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
303
350
|
ROOT_URL: |-
|
|
304
|
-
|
|
305
|
-
|
|
306
|
-
|
|
307
|
-
HOST_CANONICAL: |-
|
|
308
|
-
$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
351
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
352
|
+
HOSTNAME_INTERNAL: |-
|
|
353
|
+
$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
309
354
|
ROOT_URL_INTERNAL: |-
|
|
310
|
-
|
|
355
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
311
356
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
312
357
|
asdf
|
|
313
358
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
314
359
|
asia-east1
|
|
315
360
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
316
|
-
|
|
361
|
+
$(printf %s "$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
317
362
|
_ALL_ENV_VAR_KEYS: |-
|
|
318
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
363
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
319
364
|
|
|
320
365
|
EOF
|
|
321
|
-
-
|
|
322
|
-
-
|
|
366
|
+
- collapseable_section_end "writeenvvars"
|
|
367
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
323
368
|
- gcloud run deploy pan-test-app-dev-www --command="" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=dev,env-name=dev,build-type=custom,cloud-run-service-name=pan-test-app-dev-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
324
|
-
-
|
|
325
|
-
-
|
|
369
|
+
- collapseable_section_end "deploy"
|
|
370
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
326
371
|
- gcloud run revisions list --project=asdf --region=asia-east1 --service=pan-test-app-dev-www --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done
|
|
327
372
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www@$version --quiet --delete-tags; done
|
|
328
373
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
329
|
-
-
|
|
374
|
+
- collapseable_section_end "cleanup"
|
|
330
375
|
- echo 'Uploading SBOM to Dependency Track'
|
|
331
376
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
332
377
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -368,9 +413,9 @@ www 🧪 test:
|
|
|
368
413
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
369
414
|
GIT_STRATEGY: none
|
|
370
415
|
script:
|
|
371
|
-
-
|
|
416
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
372
417
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
373
|
-
-
|
|
418
|
+
- collapseable_section_end "injectvars"
|
|
374
419
|
- set +e
|
|
375
420
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")
|
|
376
421
|
- gcloud run services delete pan-test-app-dev-www --project=asdf --region=asia-east1
|
|
@@ -410,34 +455,52 @@ www 🧪 test:
|
|
|
410
455
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
411
456
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
412
457
|
script:
|
|
413
|
-
-
|
|
458
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
414
459
|
- export ENV_SHORT="review"
|
|
415
460
|
- export APP_DIR="www"
|
|
416
461
|
- export ENV_TYPE="review"
|
|
417
462
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
418
463
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
419
464
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
420
|
-
- export
|
|
465
|
+
- export HOSTNAME="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
421
466
|
- export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
422
|
-
- export
|
|
423
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
467
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
424
468
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
425
469
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
426
470
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
427
471
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_review_www_GCLOUD_DEPLOY_credentialsKey"
|
|
428
472
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_review_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
429
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
430
|
-
-
|
|
473
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
474
|
+
- collapseable_section_end "injectvars"
|
|
475
|
+
- collapseable_section_start "write-dotenv-www" "write dot env for www"
|
|
476
|
+
- |-
|
|
477
|
+
cat <<EOF > www/.env
|
|
478
|
+
ENV_SHORT=review
|
|
479
|
+
APP_DIR=www
|
|
480
|
+
ENV_TYPE=review
|
|
481
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
482
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
483
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
484
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
485
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=asdf
|
|
486
|
+
DEPLOY_CLOUD_RUN_REGION=asia-east1
|
|
487
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_review_www_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
488
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
489
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
490
|
+
EOF
|
|
491
|
+
- collapseable_section_end "write-dotenv-www"
|
|
431
492
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > www/__build_info.json
|
|
432
|
-
-
|
|
493
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
433
494
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
434
495
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
435
|
-
-
|
|
496
|
+
- collapseable_section_end "nodeinstall"
|
|
436
497
|
- cd www
|
|
437
498
|
artifacts:
|
|
438
499
|
paths:
|
|
439
500
|
- www/__build_info.json
|
|
440
501
|
- www/dist
|
|
502
|
+
exclude:
|
|
503
|
+
- www/.env
|
|
441
504
|
expire_in: 1 day
|
|
442
505
|
when: always
|
|
443
506
|
reports: {}
|
|
@@ -463,27 +526,27 @@ www 🧪 test:
|
|
|
463
526
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
464
527
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
465
528
|
script:
|
|
466
|
-
-
|
|
529
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
467
530
|
- export APP_DIR="www"
|
|
468
531
|
- export DOCKER_BUILD_CONTEXT="."
|
|
469
532
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
470
533
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"
|
|
471
534
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"
|
|
472
535
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
473
|
-
-
|
|
536
|
+
- collapseable_section_end "injectvars"
|
|
474
537
|
- ensureNginxDockerfile
|
|
475
|
-
-
|
|
538
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
476
539
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")
|
|
477
540
|
- gcloud auth configure-docker asia-east1-docker.pkg.dev
|
|
478
|
-
-
|
|
479
|
-
-
|
|
541
|
+
- collapseable_section_end "docker-login"
|
|
542
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
480
543
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
481
|
-
-
|
|
482
|
-
-
|
|
544
|
+
- collapseable_section_end "docker-build"
|
|
545
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
483
546
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
484
547
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
485
548
|
- docker push $DOCKER_CACHE_IMAGE
|
|
486
|
-
-
|
|
549
|
+
- collapseable_section_end "docker-push"
|
|
487
550
|
rules:
|
|
488
551
|
- if: $CI_MERGE_REQUEST_ID
|
|
489
552
|
needs:
|
|
@@ -495,8 +558,8 @@ www 🧪 test:
|
|
|
495
558
|
image: aquasec/trivy:0.38.3
|
|
496
559
|
variables: {}
|
|
497
560
|
script:
|
|
498
|
-
-
|
|
499
|
-
-
|
|
561
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
562
|
+
- collapseable_section_end "injectvars"
|
|
500
563
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
501
564
|
artifacts:
|
|
502
565
|
paths:
|
|
@@ -515,35 +578,34 @@ www 🧪 test:
|
|
|
515
578
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
516
579
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
517
580
|
script:
|
|
518
|
-
-
|
|
581
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
519
582
|
- export ENV_SHORT="review"
|
|
520
583
|
- export APP_DIR="www"
|
|
521
584
|
- export ENV_TYPE="review"
|
|
522
585
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
523
586
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
524
587
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
525
|
-
- export
|
|
588
|
+
- export HOSTNAME="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
526
589
|
- export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
527
|
-
- export
|
|
528
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
590
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
529
591
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
530
592
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
531
593
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
532
594
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_review_www_GCLOUD_DEPLOY_credentialsKey"
|
|
533
595
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_review_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
534
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
596
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
535
597
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
536
598
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"
|
|
537
599
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"
|
|
538
600
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
539
601
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
540
|
-
-
|
|
541
|
-
-
|
|
602
|
+
- collapseable_section_end "injectvars"
|
|
603
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
542
604
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")
|
|
543
605
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")
|
|
544
606
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
545
|
-
-
|
|
546
|
-
-
|
|
607
|
+
- collapseable_section_end "prepare"
|
|
608
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
547
609
|
- |
|
|
548
610
|
cat > ____envvars.yaml <<EOF
|
|
549
611
|
ENV_SHORT: |-
|
|
@@ -553,43 +615,41 @@ www 🧪 test:
|
|
|
553
615
|
ENV_TYPE: |-
|
|
554
616
|
review
|
|
555
617
|
BUILD_INFO_BUILD_ID: |-
|
|
556
|
-
|
|
618
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
557
619
|
BUILD_INFO_BUILD_TIME: |-
|
|
558
|
-
|
|
620
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
559
621
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
560
|
-
|
|
561
|
-
|
|
562
|
-
|
|
622
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
623
|
+
HOSTNAME: |-
|
|
624
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
563
625
|
ROOT_URL: |-
|
|
564
|
-
|
|
565
|
-
|
|
566
|
-
|
|
567
|
-
HOST_CANONICAL: |-
|
|
568
|
-
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
626
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
627
|
+
HOSTNAME_INTERNAL: |-
|
|
628
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
569
629
|
ROOT_URL_INTERNAL: |-
|
|
570
|
-
|
|
630
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
571
631
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
572
632
|
asdf
|
|
573
633
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
574
634
|
asia-east1
|
|
575
635
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
576
|
-
|
|
636
|
+
$(printf %s "$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
577
637
|
_ALL_ENV_VAR_KEYS: |-
|
|
578
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
638
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
579
639
|
|
|
580
640
|
EOF
|
|
581
|
-
-
|
|
582
|
-
-
|
|
641
|
+
- collapseable_section_end "writeenvvars"
|
|
642
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
583
643
|
- gcloud run deploy $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --command="" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=review,env-name=review,build-type=custom,cloud-run-service-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
584
|
-
-
|
|
585
|
-
-
|
|
644
|
+
- collapseable_section_end "deploy"
|
|
645
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
586
646
|
- gcloud run revisions list --project=asdf --region=asia-east1 --service=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done
|
|
587
647
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })@$version --quiet --delete-tags; done
|
|
588
648
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
589
649
|
- set +e
|
|
590
650
|
- gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www --quiet --delete-tags
|
|
591
651
|
- set -e
|
|
592
|
-
-
|
|
652
|
+
- collapseable_section_end "cleanup"
|
|
593
653
|
- echo 'Uploading SBOM to Dependency Track'
|
|
594
654
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
595
655
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -629,9 +689,9 @@ www 🧪 test:
|
|
|
629
689
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
630
690
|
GIT_STRATEGY: none
|
|
631
691
|
script:
|
|
632
|
-
-
|
|
692
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
633
693
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
634
|
-
-
|
|
694
|
+
- collapseable_section_end "injectvars"
|
|
635
695
|
- set +e
|
|
636
696
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")
|
|
637
697
|
- gcloud run services delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --project=asdf --region=asia-east1
|
|
@@ -672,34 +732,52 @@ www 🧪 test:
|
|
|
672
732
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
673
733
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
674
734
|
script:
|
|
675
|
-
-
|
|
735
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
676
736
|
- export ENV_SHORT="stage"
|
|
677
737
|
- export APP_DIR="www"
|
|
678
738
|
- export ENV_TYPE="stage"
|
|
679
739
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
680
740
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
681
741
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
682
|
-
- export
|
|
742
|
+
- export HOSTNAME="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
683
743
|
- export ROOT_URL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
684
|
-
- export
|
|
685
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
744
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
686
745
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
687
746
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
688
747
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
689
748
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_stage_www_GCLOUD_DEPLOY_credentialsKey"
|
|
690
749
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
691
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
692
|
-
-
|
|
750
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
751
|
+
- collapseable_section_end "injectvars"
|
|
752
|
+
- collapseable_section_start "write-dotenv-www" "write dot env for www"
|
|
753
|
+
- |-
|
|
754
|
+
cat <<EOF > www/.env
|
|
755
|
+
ENV_SHORT=stage
|
|
756
|
+
APP_DIR=www
|
|
757
|
+
ENV_TYPE=stage
|
|
758
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
759
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
760
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
761
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
762
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=asdf
|
|
763
|
+
DEPLOY_CLOUD_RUN_REGION=asia-east1
|
|
764
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
765
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
766
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
767
|
+
EOF
|
|
768
|
+
- collapseable_section_end "write-dotenv-www"
|
|
693
769
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > www/__build_info.json
|
|
694
|
-
-
|
|
770
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
695
771
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
696
772
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
697
|
-
-
|
|
773
|
+
- collapseable_section_end "nodeinstall"
|
|
698
774
|
- cd www
|
|
699
775
|
artifacts:
|
|
700
776
|
paths:
|
|
701
777
|
- www/__build_info.json
|
|
702
778
|
- www/dist
|
|
779
|
+
exclude:
|
|
780
|
+
- www/.env
|
|
703
781
|
expire_in: 1 day
|
|
704
782
|
when: always
|
|
705
783
|
reports: {}
|
|
@@ -725,27 +803,27 @@ www 🧪 test:
|
|
|
725
803
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
726
804
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
727
805
|
script:
|
|
728
|
-
-
|
|
806
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
729
807
|
- export APP_DIR="www"
|
|
730
808
|
- export DOCKER_BUILD_CONTEXT="."
|
|
731
809
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
732
810
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www"
|
|
733
811
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"
|
|
734
812
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
735
|
-
-
|
|
813
|
+
- collapseable_section_end "injectvars"
|
|
736
814
|
- ensureNginxDockerfile
|
|
737
|
-
-
|
|
815
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
738
816
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")
|
|
739
817
|
- gcloud auth configure-docker asia-east1-docker.pkg.dev
|
|
740
|
-
-
|
|
741
|
-
-
|
|
818
|
+
- collapseable_section_end "docker-login"
|
|
819
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
742
820
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
743
|
-
-
|
|
744
|
-
-
|
|
821
|
+
- collapseable_section_end "docker-build"
|
|
822
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
745
823
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
746
824
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
747
825
|
- docker push $DOCKER_CACHE_IMAGE
|
|
748
|
-
-
|
|
826
|
+
- collapseable_section_end "docker-push"
|
|
749
827
|
rules:
|
|
750
828
|
- if: $CI_COMMIT_TAG
|
|
751
829
|
needs:
|
|
@@ -757,8 +835,8 @@ www 🧪 test:
|
|
|
757
835
|
image: aquasec/trivy:0.38.3
|
|
758
836
|
variables: {}
|
|
759
837
|
script:
|
|
760
|
-
-
|
|
761
|
-
-
|
|
838
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
839
|
+
- collapseable_section_end "injectvars"
|
|
762
840
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
763
841
|
artifacts:
|
|
764
842
|
paths:
|
|
@@ -777,35 +855,34 @@ www 🧪 test:
|
|
|
777
855
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
778
856
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
779
857
|
script:
|
|
780
|
-
-
|
|
858
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
781
859
|
- export ENV_SHORT="stage"
|
|
782
860
|
- export APP_DIR="www"
|
|
783
861
|
- export ENV_TYPE="stage"
|
|
784
862
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
785
863
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
786
864
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
787
|
-
- export
|
|
865
|
+
- export HOSTNAME="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
788
866
|
- export ROOT_URL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
789
|
-
- export
|
|
790
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
867
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
791
868
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
792
869
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
793
870
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
794
871
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_stage_www_GCLOUD_DEPLOY_credentialsKey"
|
|
795
872
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
796
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
873
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
797
874
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
798
875
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www"
|
|
799
876
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"
|
|
800
877
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
801
878
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
802
|
-
-
|
|
803
|
-
-
|
|
879
|
+
- collapseable_section_end "injectvars"
|
|
880
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
804
881
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")
|
|
805
882
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")
|
|
806
883
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
807
|
-
-
|
|
808
|
-
-
|
|
884
|
+
- collapseable_section_end "prepare"
|
|
885
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
809
886
|
- |
|
|
810
887
|
cat > ____envvars.yaml <<EOF
|
|
811
888
|
ENV_SHORT: |-
|
|
@@ -815,40 +892,38 @@ www 🧪 test:
|
|
|
815
892
|
ENV_TYPE: |-
|
|
816
893
|
stage
|
|
817
894
|
BUILD_INFO_BUILD_ID: |-
|
|
818
|
-
|
|
895
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
819
896
|
BUILD_INFO_BUILD_TIME: |-
|
|
820
|
-
|
|
897
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
821
898
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
822
|
-
|
|
823
|
-
|
|
824
|
-
|
|
899
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
900
|
+
HOSTNAME: |-
|
|
901
|
+
$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
825
902
|
ROOT_URL: |-
|
|
826
|
-
|
|
827
|
-
|
|
828
|
-
|
|
829
|
-
HOST_CANONICAL: |-
|
|
830
|
-
$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
903
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
904
|
+
HOSTNAME_INTERNAL: |-
|
|
905
|
+
$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
831
906
|
ROOT_URL_INTERNAL: |-
|
|
832
|
-
|
|
907
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
833
908
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
834
909
|
asdf
|
|
835
910
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
836
911
|
asia-east1
|
|
837
912
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
838
|
-
|
|
913
|
+
$(printf %s "$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
839
914
|
_ALL_ENV_VAR_KEYS: |-
|
|
840
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
915
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
841
916
|
|
|
842
917
|
EOF
|
|
843
|
-
-
|
|
844
|
-
-
|
|
918
|
+
- collapseable_section_end "writeenvvars"
|
|
919
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
845
920
|
- gcloud run deploy pan-test-app-stage-www --command="" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=stage,env-name=stage,build-type=custom,cloud-run-service-name=pan-test-app-stage-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
846
|
-
-
|
|
847
|
-
-
|
|
921
|
+
- collapseable_section_end "deploy"
|
|
922
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
848
923
|
- gcloud run revisions list --project=asdf --region=asia-east1 --service=pan-test-app-stage-www --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done
|
|
849
924
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www@$version --quiet --delete-tags; done
|
|
850
925
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
851
|
-
-
|
|
926
|
+
- collapseable_section_end "cleanup"
|
|
852
927
|
- echo 'Uploading SBOM to Dependency Track'
|
|
853
928
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
854
929
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -881,9 +956,9 @@ www 🧪 test:
|
|
|
881
956
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
882
957
|
GIT_STRATEGY: none
|
|
883
958
|
script:
|
|
884
|
-
-
|
|
959
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
885
960
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
886
|
-
-
|
|
961
|
+
- collapseable_section_end "injectvars"
|
|
887
962
|
- set +e
|
|
888
963
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")
|
|
889
964
|
- gcloud run services delete pan-test-app-stage-www --project=asdf --region=asia-east1
|
|
@@ -921,34 +996,52 @@ www 🧪 test:
|
|
|
921
996
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
922
997
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
923
998
|
script:
|
|
924
|
-
-
|
|
999
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
925
1000
|
- export ENV_SHORT="prod"
|
|
926
1001
|
- export APP_DIR="www"
|
|
927
1002
|
- export ENV_TYPE="prod"
|
|
928
1003
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
929
1004
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
930
1005
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
931
|
-
- export
|
|
1006
|
+
- export HOSTNAME="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
932
1007
|
- export ROOT_URL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
933
|
-
- export
|
|
934
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1008
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
935
1009
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
936
1010
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
937
1011
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
938
1012
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_prod_www_GCLOUD_DEPLOY_credentialsKey"
|
|
939
1013
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
940
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
941
|
-
-
|
|
1014
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
1015
|
+
- collapseable_section_end "injectvars"
|
|
1016
|
+
- collapseable_section_start "write-dotenv-www" "write dot env for www"
|
|
1017
|
+
- |-
|
|
1018
|
+
cat <<EOF > www/.env
|
|
1019
|
+
ENV_SHORT=prod
|
|
1020
|
+
APP_DIR=www
|
|
1021
|
+
ENV_TYPE=prod
|
|
1022
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1023
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1024
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1025
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1026
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=asdf
|
|
1027
|
+
DEPLOY_CLOUD_RUN_REGION=asia-east1
|
|
1028
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
1029
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
1030
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
1031
|
+
EOF
|
|
1032
|
+
- collapseable_section_end "write-dotenv-www"
|
|
942
1033
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > www/__build_info.json
|
|
943
|
-
-
|
|
1034
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
944
1035
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
945
1036
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
946
|
-
-
|
|
1037
|
+
- collapseable_section_end "nodeinstall"
|
|
947
1038
|
- cd www
|
|
948
1039
|
artifacts:
|
|
949
1040
|
paths:
|
|
950
1041
|
- www/__build_info.json
|
|
951
1042
|
- www/dist
|
|
1043
|
+
exclude:
|
|
1044
|
+
- www/.env
|
|
952
1045
|
expire_in: 1 day
|
|
953
1046
|
when: always
|
|
954
1047
|
reports: {}
|
|
@@ -974,27 +1067,27 @@ www 🧪 test:
|
|
|
974
1067
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
975
1068
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
976
1069
|
script:
|
|
977
|
-
-
|
|
1070
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
978
1071
|
- export APP_DIR="www"
|
|
979
1072
|
- export DOCKER_BUILD_CONTEXT="."
|
|
980
1073
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
981
1074
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www"
|
|
982
1075
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"
|
|
983
1076
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
984
|
-
-
|
|
1077
|
+
- collapseable_section_end "injectvars"
|
|
985
1078
|
- ensureNginxDockerfile
|
|
986
|
-
-
|
|
1079
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
987
1080
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")
|
|
988
1081
|
- gcloud auth configure-docker asia-east1-docker.pkg.dev
|
|
989
|
-
-
|
|
990
|
-
-
|
|
1082
|
+
- collapseable_section_end "docker-login"
|
|
1083
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
991
1084
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
992
|
-
-
|
|
993
|
-
-
|
|
1085
|
+
- collapseable_section_end "docker-build"
|
|
1086
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
994
1087
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
995
1088
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
996
1089
|
- docker push $DOCKER_CACHE_IMAGE
|
|
997
|
-
-
|
|
1090
|
+
- collapseable_section_end "docker-push"
|
|
998
1091
|
rules:
|
|
999
1092
|
- if: $CI_COMMIT_TAG
|
|
1000
1093
|
needs:
|
|
@@ -1006,8 +1099,8 @@ www 🧪 test:
|
|
|
1006
1099
|
image: aquasec/trivy:0.38.3
|
|
1007
1100
|
variables: {}
|
|
1008
1101
|
script:
|
|
1009
|
-
-
|
|
1010
|
-
-
|
|
1102
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1103
|
+
- collapseable_section_end "injectvars"
|
|
1011
1104
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
1012
1105
|
artifacts:
|
|
1013
1106
|
paths:
|
|
@@ -1026,35 +1119,34 @@ www 🧪 test:
|
|
|
1026
1119
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1027
1120
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1028
1121
|
script:
|
|
1029
|
-
-
|
|
1122
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1030
1123
|
- export ENV_SHORT="prod"
|
|
1031
1124
|
- export APP_DIR="www"
|
|
1032
1125
|
- export ENV_TYPE="prod"
|
|
1033
1126
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1034
1127
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1035
1128
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1036
|
-
- export
|
|
1129
|
+
- export HOSTNAME="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1037
1130
|
- export ROOT_URL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1038
|
-
- export
|
|
1039
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1131
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1040
1132
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1041
1133
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
1042
1134
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
1043
1135
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_prod_www_GCLOUD_DEPLOY_credentialsKey"
|
|
1044
1136
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
1045
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1137
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
1046
1138
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
1047
1139
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www"
|
|
1048
1140
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"
|
|
1049
1141
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
1050
1142
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1051
|
-
-
|
|
1052
|
-
-
|
|
1143
|
+
- collapseable_section_end "injectvars"
|
|
1144
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
1053
1145
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")
|
|
1054
1146
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")
|
|
1055
1147
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
1056
|
-
-
|
|
1057
|
-
-
|
|
1148
|
+
- collapseable_section_end "prepare"
|
|
1149
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
1058
1150
|
- |
|
|
1059
1151
|
cat > ____envvars.yaml <<EOF
|
|
1060
1152
|
ENV_SHORT: |-
|
|
@@ -1064,40 +1156,38 @@ www 🧪 test:
|
|
|
1064
1156
|
ENV_TYPE: |-
|
|
1065
1157
|
prod
|
|
1066
1158
|
BUILD_INFO_BUILD_ID: |-
|
|
1067
|
-
|
|
1159
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1068
1160
|
BUILD_INFO_BUILD_TIME: |-
|
|
1069
|
-
|
|
1161
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1070
1162
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1071
|
-
|
|
1072
|
-
|
|
1073
|
-
|
|
1163
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1164
|
+
HOSTNAME: |-
|
|
1165
|
+
$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1074
1166
|
ROOT_URL: |-
|
|
1075
|
-
|
|
1076
|
-
|
|
1077
|
-
|
|
1078
|
-
HOST_CANONICAL: |-
|
|
1079
|
-
$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1167
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1168
|
+
HOSTNAME_INTERNAL: |-
|
|
1169
|
+
$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1080
1170
|
ROOT_URL_INTERNAL: |-
|
|
1081
|
-
|
|
1171
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1082
1172
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
1083
1173
|
asdf
|
|
1084
1174
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
1085
1175
|
asia-east1
|
|
1086
1176
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
1087
|
-
|
|
1177
|
+
$(printf %s "$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
1088
1178
|
_ALL_ENV_VAR_KEYS: |-
|
|
1089
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1179
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
1090
1180
|
|
|
1091
1181
|
EOF
|
|
1092
|
-
-
|
|
1093
|
-
-
|
|
1182
|
+
- collapseable_section_end "writeenvvars"
|
|
1183
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
1094
1184
|
- gcloud run deploy pan-test-app-prod-www --command="" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=prod,env-name=prod,build-type=custom,cloud-run-service-name=pan-test-app-prod-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
1095
|
-
-
|
|
1096
|
-
-
|
|
1185
|
+
- collapseable_section_end "deploy"
|
|
1186
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
1097
1187
|
- gcloud run revisions list --project=asdf --region=asia-east1 --service=pan-test-app-prod-www --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | tail -n +6 | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done
|
|
1098
1188
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +7 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www@$version --quiet --delete-tags; done
|
|
1099
1189
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1100
|
-
-
|
|
1190
|
+
- collapseable_section_end "cleanup"
|
|
1101
1191
|
- echo 'Uploading SBOM to Dependency Track'
|
|
1102
1192
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
1103
1193
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -1130,9 +1220,9 @@ www 🧪 test:
|
|
|
1130
1220
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1131
1221
|
GIT_STRATEGY: none
|
|
1132
1222
|
script:
|
|
1133
|
-
-
|
|
1223
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1134
1224
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1135
|
-
-
|
|
1225
|
+
- collapseable_section_end "injectvars"
|
|
1136
1226
|
- set +e
|
|
1137
1227
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")
|
|
1138
1228
|
- gcloud run services delete pan-test-app-prod-www --project=asdf --region=asia-east1
|