@catladder/pipeline 1.170.0 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bash/BashExpression.d.ts +2 -6
- package/dist/bash/BashExpression.js +5 -15
- package/dist/bash/bashEscape.d.ts +34 -0
- package/dist/bash/bashEscape.js +114 -0
- package/dist/bash/bashYaml.js +25 -2
- package/dist/bash/getInjectVarsScript.js +4 -2
- package/dist/bash/index.d.ts +2 -0
- package/dist/bash/index.js +26 -0
- package/dist/build/base/createAppBuildJob.js +3 -3
- package/dist/build/base/writeDotEnv.js +6 -4
- package/dist/build/custom/testJob.js +12 -12
- package/dist/build/docker.d.ts +3 -3
- package/dist/build/node/buildJob.js +1 -1
- package/dist/build/node/cache.d.ts +2 -4
- package/dist/build/node/cache.js +3 -24
- package/dist/build/node/testJob.js +11 -11
- package/dist/build/rails/build.js +1 -1
- package/dist/build/rails/test.js +8 -8
- package/dist/build/types.d.ts +0 -10
- package/dist/constants.js +1 -1
- package/dist/context/createComponentContext.js +0 -1
- package/dist/context/getEnvConfig.js +2 -1
- package/dist/context/getEnvironment.js +1 -2
- package/dist/context/getEnvironmentVariables.d.ts +5 -6
- package/dist/context/getEnvironmentVariables.js +50 -38
- package/dist/deploy/base/deploy.js +3 -3
- package/dist/deploy/cloudRun/createJobs/getCloudRunDeployScripts.js +2 -2
- package/dist/deploy/cloudRun/index.js +2 -2
- package/dist/deploy/cloudRun/utils/getServiceName.d.ts +1 -1
- package/dist/deploy/kubernetes/cloudSql/index.d.ts +2 -2
- package/dist/deploy/kubernetes/cloudSql/index.js +3 -14
- package/dist/deploy/kubernetes/deployJob.js +1 -3
- package/dist/deploy/kubernetes/index.js +2 -2
- package/dist/deploy/kubernetes/kubeEnv.d.ts +3 -3
- package/dist/deploy/kubernetes/kubeValues.d.ts +3 -4
- package/dist/deploy/kubernetes/kubeValues.js +2 -3
- package/dist/deploy/types/base.d.ts +0 -6
- package/dist/deploy/types/kubernetes.d.ts +1 -34
- package/dist/globalScriptFunctions/index.d.ts +14 -0
- package/dist/globalScriptFunctions/index.js +37 -0
- package/dist/index.d.ts +3 -1
- package/dist/index.js +3 -1
- package/dist/pipeline/gitlab/createGitlabJobs.js +3 -5
- package/dist/pipeline/gitlab/createGitlabPipeline.d.ts +1 -0
- package/dist/pipeline/gitlab/createGitlabPipeline.js +38 -2
- package/dist/pipeline/packageManager.js +1 -1
- package/dist/runner/index.d.ts +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/dist/types/config.d.ts +6 -9
- package/dist/types/context.d.ts +2 -9
- package/dist/types/gitlab-types.d.ts +1 -0
- package/dist/types/jobs.d.ts +0 -8
- package/dist/utils/gitlab.js +4 -1
- package/dist/utils/writeFiles.js +1 -7
- package/dist/variables/VariableValue.d.ts +3 -0
- package/dist/variables/VariableValue.js +5 -0
- package/dist/variables/VariableValueContainingReferences.d.ts +24 -0
- package/dist/variables/VariableValueContainingReferences.js +97 -0
- package/dist/variables/__tests__/resolveAllReferences.test.js +219 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.js +171 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.js +202 -0
- package/dist/variables/__tests__/variableValue.test.d.ts +1 -0
- package/dist/variables/__tests__/variableValue.test.js +36 -0
- package/dist/variables/resolveAllReferences.d.ts +3 -0
- package/dist/{bash/replaceAsync.js → variables/resolveAllReferences.js} +60 -41
- package/dist/variables/resolveAllReferencesOnce.d.ts +5 -0
- package/dist/variables/resolveAllReferencesOnce.js +191 -0
- package/dist/variables/resolveReferencesOnce.d.ts +8 -0
- package/dist/variables/resolveReferencesOnce.js +22 -0
- package/examples/__snapshots__/cloud-run-http2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-memory-limit.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-meteor-with-worker.test.ts.snap +312 -222
- package/examples/__snapshots__/cloud-run-nextjs.test.ts.snap +1436 -0
- package/examples/__snapshots__/cloud-run-no-cpu-throttling.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-no-service.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-non-public.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-post-stop-job.test.ts.snap +313 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc-connector.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-gen2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-increase-timout.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-with-volumes.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-storybook.test.ts.snap +294 -220
- package/examples/__snapshots__/cloud-run-with-ngnix.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-with-sql-reuse-db.test.ts.snap +652 -486
- package/examples/__snapshots__/cloud-run-with-sql.test.ts.snap +282 -288
- package/examples/__snapshots__/cloud-run-with-worker.test.ts.snap +312 -238
- package/examples/__snapshots__/custom-build-job-with-tests.test.ts.snap +284 -194
- package/examples/__snapshots__/custom-build-job.test.ts.snap +278 -188
- package/examples/__snapshots__/custom-deploy.test.ts.snap +220 -154
- package/examples/__snapshots__/custom-envs.test.ts.snap +216 -126
- package/examples/__snapshots__/custom-sbom-java.test.ts.snap +278 -188
- package/examples/__snapshots__/git-submodule.test.ts.snap +312 -238
- package/examples/__snapshots__/kubernetes-application-customization.test.ts.snap +231 -253
- package/examples/__snapshots__/kubernetes-with-cloud-sql.test.ts.snap +240 -262
- package/examples/__snapshots__/kubernetes-with-jobs.test.ts.snap +504 -506
- package/examples/__snapshots__/kubernetes-with-mongodb.test.ts.snap +239 -261
- package/examples/__snapshots__/local-dot-env.test.ts.snap +236 -238
- package/examples/__snapshots__/meteor-kubernetes.test.ts.snap +236 -242
- package/examples/__snapshots__/multiline-var.test.ts.snap +1355 -973
- package/examples/__snapshots__/native-app.test.ts.snap +438 -392
- package/examples/__snapshots__/node-build-with-custom-image.test.ts.snap +312 -238
- package/examples/__snapshots__/node-build-with-docker-additions.test.ts.snap +312 -238
- package/examples/__snapshots__/rails-k8s-with-worker-dockerfile.test.ts.snap +186 -188
- package/examples/__snapshots__/rails-k8s-with-worker.test.ts.snap +162 -164
- package/examples/__snapshots__/referencing-other-vars.test.ts.snap +4741 -0
- package/examples/__snapshots__/wait-for-other-deploy.test.ts.snap +330 -228
- package/examples/__snapshots__/{workspace-api-www-custom-cache.test.ts.snap → workspace-api-www-turbo-cache.test.ts.snap} +457 -499
- package/examples/__snapshots__/workspace-api-www.test.ts.snap +452 -482
- package/examples/{workspace-api-www-custom-cache.test.ts → cloud-run-nextjs.test.ts} +2 -2
- package/examples/cloud-run-nextjs.ts +28 -0
- package/examples/cloud-run-with-sql.ts +0 -1
- package/examples/kubernetes-application-customization.ts +1 -0
- package/examples/kubernetes-with-cloud-sql.ts +1 -0
- package/examples/kubernetes-with-jobs.ts +1 -0
- package/examples/kubernetes-with-mongodb.ts +1 -0
- package/examples/meteor-kubernetes.ts +1 -1
- package/examples/native-app.ts +10 -7
- package/examples/rails-k8s-with-worker.ts +7 -1
- package/examples/{kubernetes-with-cloud-sql-legacy.test.ts → referencing-other-vars.test.ts} +2 -2
- package/examples/referencing-other-vars.ts +83 -0
- package/examples/workspace-api-www-turbo-cache.test.ts +11 -0
- package/examples/{workspace-api-www-custom-cache.ts → workspace-api-www-turbo-cache.ts} +4 -3
- package/examples/workspace-api-www.ts +3 -2
- package/package.json +2 -6
- package/src/bash/BashExpression.ts +10 -13
- package/src/bash/bashEscape.ts +158 -0
- package/src/bash/bashYaml.ts +36 -2
- package/src/bash/getInjectVarsScript.ts +11 -2
- package/src/bash/index.ts +2 -0
- package/src/build/base/createAppBuildJob.ts +0 -1
- package/src/build/base/writeDotEnv.ts +6 -6
- package/src/build/custom/testJob.ts +0 -1
- package/src/build/node/buildJob.ts +2 -2
- package/src/build/node/cache.ts +0 -29
- package/src/build/node/testJob.ts +0 -1
- package/src/build/rails/build.ts +0 -1
- package/src/build/rails/test.ts +0 -1
- package/src/build/types.ts +0 -13
- package/src/context/createComponentContext.ts +0 -1
- package/src/context/getEnvConfig.ts +2 -2
- package/src/context/getEnvironment.ts +1 -1
- package/src/context/getEnvironmentContext.ts +1 -1
- package/src/context/getEnvironmentVariables.ts +44 -51
- package/src/deploy/base/deploy.ts +1 -1
- package/src/deploy/cloudRun/createJobs/getCloudRunDeployScripts.ts +4 -12
- package/src/deploy/cloudRun/index.ts +2 -2
- package/src/deploy/kubernetes/cloudSql/index.ts +3 -16
- package/src/deploy/kubernetes/deployJob.ts +0 -2
- package/src/deploy/kubernetes/index.ts +2 -2
- package/src/deploy/kubernetes/kubeEnv.ts +3 -3
- package/src/deploy/kubernetes/kubeValues.ts +5 -8
- package/src/deploy/types/base.ts +0 -6
- package/src/deploy/types/kubernetes.ts +1 -36
- package/src/globalScriptFunctions/index.ts +30 -0
- package/src/index.ts +2 -0
- package/src/pipeline/gitlab/createGitlabJobs.ts +1 -4
- package/src/pipeline/gitlab/createGitlabPipeline.ts +8 -1
- package/src/pipeline/packageManager.ts +7 -5
- package/src/runner/index.ts +0 -1
- package/src/types/config.ts +6 -9
- package/src/types/context.ts +3 -9
- package/src/types/gitlab-types.ts +1 -0
- package/src/types/jobs.ts +0 -8
- package/src/utils/gitlab.ts +19 -2
- package/src/utils/writeFiles.ts +1 -2
- package/src/variables/VariableValue.ts +6 -0
- package/src/variables/VariableValueContainingReferences.ts +89 -0
- package/src/variables/__tests__/resolveAllReferences.test.ts +110 -0
- package/src/variables/__tests__/resolveAllReferencesOnce.test.ts +64 -0
- package/src/variables/__tests__/resolveReferencesOnce.test.ts +117 -0
- package/src/variables/__tests__/variableValue.test.ts +73 -0
- package/src/variables/resolveAllReferences.ts +46 -0
- package/src/variables/resolveAllReferencesOnce.ts +44 -0
- package/src/variables/resolveReferencesOnce.ts +29 -0
- package/bin/catladder-gitlab-dev.js +0 -3
- package/bin/catladder-gitlab.js +0 -3
- package/dist/bash/replaceAsync.d.ts +0 -2
- package/dist/bundles/catladder-gitlab/index.js +0 -15
- package/dist/context/__tests__/resolveReferences.test.js +0 -368
- package/dist/context/resolveReferences.d.ts +0 -6
- package/dist/context/resolveReferences.js +0 -286
- package/dist/deploy/kubernetes/processSecretsAsFiles.d.ts +0 -85
- package/dist/deploy/kubernetes/processSecretsAsFiles.js +0 -33
- package/examples/__snapshots__/kubernetes-with-cloud-sql-legacy.test.ts.snap +0 -1795
- package/examples/kubernetes-with-cloud-sql-legacy.ts +0 -35
- package/scripts/bundle +0 -2
- package/src/bash/replaceAsync.ts +0 -54
- package/src/context/__tests__/resolveReferences.test.ts +0 -148
- package/src/context/resolveReferences.ts +0 -93
- package/src/deploy/kubernetes/processSecretsAsFiles.ts +0 -35
- /package/dist/{context/__tests__/resolveReferences.test.d.ts → variables/__tests__/resolveAllReferences.test.d.ts} +0 -0
|
@@ -45,6 +45,36 @@ variables:
|
|
|
45
45
|
CACHE_COMPRESSION_LEVEL: fast
|
|
46
46
|
TRANSFER_METER_FREQUENCY: 5s
|
|
47
47
|
GIT_DEPTH: '1'
|
|
48
|
+
before_script:
|
|
49
|
+
- |-
|
|
50
|
+
function escapeForDotEnv () {
|
|
51
|
+
input="\${1:-$(cat)}"
|
|
52
|
+
input="\${input//$'\\n'/\\\\n}"
|
|
53
|
+
if [[ "$input" == *\\\\n* ]]; then
|
|
54
|
+
if [[ "$input" == *\\"* && "$input" == *\\'* && "$input" == *\\\`* ]]; then
|
|
55
|
+
printf "\\"%s\\"\\n" "$input"
|
|
56
|
+
elif [[ "$input" == *\\"* && "$input" == *\\'* ]]; then
|
|
57
|
+
printf "\`%s\`\\n" "$input"
|
|
58
|
+
elif [[ "$input" == *\\"* ]]; then
|
|
59
|
+
printf "'%s'\\n" "$input"
|
|
60
|
+
else
|
|
61
|
+
printf "\\"%s\\"\\n" "$input"
|
|
62
|
+
fi
|
|
63
|
+
else
|
|
64
|
+
printf "%s\\n" "$input"
|
|
65
|
+
fi
|
|
66
|
+
}
|
|
67
|
+
- |-
|
|
68
|
+
function collapseable_section_start () {
|
|
69
|
+
local section_title="\${1}"
|
|
70
|
+
local section_description="\${2:-$section_title}"
|
|
71
|
+
echo -e "section_start:\`date +%s\`:\${section_title}[collapsed=true]\\r\\e[0K\${section_description}"
|
|
72
|
+
}
|
|
73
|
+
- |-
|
|
74
|
+
function collapseable_section_end () {
|
|
75
|
+
local section_title="\${1}"
|
|
76
|
+
echo -e "section_end:\`date +%s\`:\${section_title}\\r\\e[0K"
|
|
77
|
+
}
|
|
48
78
|
www 🛡 audit:
|
|
49
79
|
stage: test
|
|
50
80
|
image: path/to/docker/jobs-default:the-version
|
|
@@ -53,9 +83,9 @@ www 🛡 audit:
|
|
|
53
83
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
54
84
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
55
85
|
script:
|
|
56
|
-
-
|
|
86
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
57
87
|
- export APP_PATH="www"
|
|
58
|
-
-
|
|
88
|
+
- collapseable_section_end "injectvars"
|
|
59
89
|
- cd www
|
|
60
90
|
- yarn npm audit --environment production
|
|
61
91
|
rules:
|
|
@@ -79,21 +109,21 @@ www 👮 lint:
|
|
|
79
109
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
80
110
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
81
111
|
script:
|
|
82
|
-
-
|
|
112
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
83
113
|
- export APP_PATH="www"
|
|
84
|
-
-
|
|
85
|
-
-
|
|
114
|
+
- collapseable_section_end "injectvars"
|
|
115
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
86
116
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
87
117
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
88
|
-
-
|
|
118
|
+
- collapseable_section_end "nodeinstall"
|
|
89
119
|
- cd www
|
|
90
|
-
-
|
|
120
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
91
121
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
92
122
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
93
|
-
-
|
|
94
|
-
-
|
|
123
|
+
- collapseable_section_end "nodeinstall"
|
|
124
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
95
125
|
- yarn install --immutable
|
|
96
|
-
-
|
|
126
|
+
- collapseable_section_end "yarninstall"
|
|
97
127
|
- yarn lint
|
|
98
128
|
cache:
|
|
99
129
|
- key: www-yarn
|
|
@@ -120,21 +150,21 @@ www 🧪 test:
|
|
|
120
150
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
121
151
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
122
152
|
script:
|
|
123
|
-
-
|
|
153
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
124
154
|
- export APP_PATH="www"
|
|
125
|
-
-
|
|
126
|
-
-
|
|
155
|
+
- collapseable_section_end "injectvars"
|
|
156
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
127
157
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
128
158
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
129
|
-
-
|
|
159
|
+
- collapseable_section_end "nodeinstall"
|
|
130
160
|
- cd www
|
|
131
|
-
-
|
|
161
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
132
162
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
133
163
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
134
|
-
-
|
|
135
|
-
-
|
|
164
|
+
- collapseable_section_end "nodeinstall"
|
|
165
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
136
166
|
- yarn install --immutable
|
|
137
|
-
-
|
|
167
|
+
- collapseable_section_end "yarninstall"
|
|
138
168
|
- yarn test
|
|
139
169
|
cache:
|
|
140
170
|
- key: www-yarn
|
|
@@ -161,37 +191,53 @@ www 🧪 test:
|
|
|
161
191
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
162
192
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
163
193
|
script:
|
|
164
|
-
-
|
|
194
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
165
195
|
- export ENV_SHORT="dev"
|
|
166
196
|
- export APP_DIR="www"
|
|
167
197
|
- export ENV_TYPE="dev"
|
|
168
198
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
169
199
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
170
200
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
171
|
-
- export
|
|
201
|
+
- export HOSTNAME="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
172
202
|
- export ROOT_URL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
173
|
-
- export
|
|
174
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
203
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
175
204
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
176
205
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
177
206
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
178
207
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_dev_www_GCLOUD_DEPLOY_credentialsKey"
|
|
179
208
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
180
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
181
|
-
-
|
|
209
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
210
|
+
- collapseable_section_end "injectvars"
|
|
211
|
+
- collapseable_section_start "write-dotenv-www" "write dot env for www"
|
|
212
|
+
- |-
|
|
213
|
+
cat <<EOF > www/.env
|
|
214
|
+
ENV_SHORT=dev
|
|
215
|
+
APP_DIR=www
|
|
216
|
+
ENV_TYPE=dev
|
|
217
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
218
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
219
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
220
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
221
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=asdf
|
|
222
|
+
DEPLOY_CLOUD_RUN_REGION=asia-east1
|
|
223
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
224
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
225
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
226
|
+
EOF
|
|
227
|
+
- collapseable_section_end "write-dotenv-www"
|
|
182
228
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > www/__build_info.json
|
|
183
|
-
-
|
|
229
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
184
230
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
185
231
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
186
|
-
-
|
|
232
|
+
- collapseable_section_end "nodeinstall"
|
|
187
233
|
- cd www
|
|
188
|
-
-
|
|
234
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
189
235
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
190
236
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
191
|
-
-
|
|
192
|
-
-
|
|
237
|
+
- collapseable_section_end "nodeinstall"
|
|
238
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
193
239
|
- yarn install --immutable
|
|
194
|
-
-
|
|
240
|
+
- collapseable_section_end "yarninstall"
|
|
195
241
|
- yarn build
|
|
196
242
|
cache:
|
|
197
243
|
- key: www-yarn
|
|
@@ -202,15 +248,13 @@ www 🧪 test:
|
|
|
202
248
|
policy: pull-push
|
|
203
249
|
paths:
|
|
204
250
|
- www/node_modules
|
|
205
|
-
- key: www-next-cache
|
|
206
|
-
policy: pull-push
|
|
207
|
-
paths:
|
|
208
|
-
- www/.next/cache
|
|
209
251
|
artifacts:
|
|
210
252
|
paths:
|
|
211
253
|
- www/__build_info.json
|
|
212
254
|
- www/.next
|
|
213
255
|
- www/dist
|
|
256
|
+
exclude:
|
|
257
|
+
- www/.env
|
|
214
258
|
expire_in: 1 day
|
|
215
259
|
when: always
|
|
216
260
|
reports: {}
|
|
@@ -238,7 +282,7 @@ www 🧪 test:
|
|
|
238
282
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
239
283
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
240
284
|
script:
|
|
241
|
-
-
|
|
285
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
242
286
|
- export DOCKERFILE_ADDITIONS="RUN apk add --no-cache openssl1.1-compat-dev"
|
|
243
287
|
- export DOCKERFILE_ADDITIONS_END="RUN yarn rebuild"
|
|
244
288
|
- export APP_DIR="www"
|
|
@@ -256,20 +300,20 @@ www 🧪 test:
|
|
|
256
300
|
COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
|
|
257
301
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
258
302
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
259
|
-
-
|
|
303
|
+
- collapseable_section_end "injectvars"
|
|
260
304
|
- ensureNodeDockerfile
|
|
261
|
-
-
|
|
305
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
262
306
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")
|
|
263
307
|
- gcloud auth configure-docker asia-east1-docker.pkg.dev
|
|
264
|
-
-
|
|
265
|
-
-
|
|
308
|
+
- collapseable_section_end "docker-login"
|
|
309
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
266
310
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
267
|
-
-
|
|
268
|
-
-
|
|
311
|
+
- collapseable_section_end "docker-build"
|
|
312
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
269
313
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
270
314
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
271
315
|
- docker push $DOCKER_CACHE_IMAGE
|
|
272
|
-
-
|
|
316
|
+
- collapseable_section_end "docker-push"
|
|
273
317
|
cache:
|
|
274
318
|
- key: www-yarn
|
|
275
319
|
policy: pull
|
|
@@ -288,8 +332,8 @@ www 🧪 test:
|
|
|
288
332
|
image: aquasec/trivy:0.38.3
|
|
289
333
|
variables: {}
|
|
290
334
|
script:
|
|
291
|
-
-
|
|
292
|
-
-
|
|
335
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
336
|
+
- collapseable_section_end "injectvars"
|
|
293
337
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
294
338
|
artifacts:
|
|
295
339
|
paths:
|
|
@@ -310,35 +354,34 @@ www 🧪 test:
|
|
|
310
354
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
311
355
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
312
356
|
script:
|
|
313
|
-
-
|
|
357
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
314
358
|
- export ENV_SHORT="dev"
|
|
315
359
|
- export APP_DIR="www"
|
|
316
360
|
- export ENV_TYPE="dev"
|
|
317
361
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
318
362
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
319
363
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
320
|
-
- export
|
|
364
|
+
- export HOSTNAME="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
321
365
|
- export ROOT_URL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
322
|
-
- export
|
|
323
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
366
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
324
367
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
325
368
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
326
369
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
327
370
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_dev_www_GCLOUD_DEPLOY_credentialsKey"
|
|
328
371
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
329
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
372
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
330
373
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
331
374
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www"
|
|
332
375
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"
|
|
333
376
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
334
377
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
335
|
-
-
|
|
336
|
-
-
|
|
378
|
+
- collapseable_section_end "injectvars"
|
|
379
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
337
380
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")
|
|
338
381
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")
|
|
339
382
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
340
|
-
-
|
|
341
|
-
-
|
|
383
|
+
- collapseable_section_end "prepare"
|
|
384
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
342
385
|
- |
|
|
343
386
|
cat > ____envvars.yaml <<EOF
|
|
344
387
|
ENV_SHORT: |-
|
|
@@ -348,40 +391,38 @@ www 🧪 test:
|
|
|
348
391
|
ENV_TYPE: |-
|
|
349
392
|
dev
|
|
350
393
|
BUILD_INFO_BUILD_ID: |-
|
|
351
|
-
|
|
394
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
352
395
|
BUILD_INFO_BUILD_TIME: |-
|
|
353
|
-
|
|
396
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
354
397
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
355
|
-
|
|
356
|
-
|
|
357
|
-
|
|
398
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
399
|
+
HOSTNAME: |-
|
|
400
|
+
$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
358
401
|
ROOT_URL: |-
|
|
359
|
-
|
|
360
|
-
|
|
361
|
-
|
|
362
|
-
HOST_CANONICAL: |-
|
|
363
|
-
$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
402
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
403
|
+
HOSTNAME_INTERNAL: |-
|
|
404
|
+
$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
364
405
|
ROOT_URL_INTERNAL: |-
|
|
365
|
-
|
|
406
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
366
407
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
367
408
|
asdf
|
|
368
409
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
369
410
|
asia-east1
|
|
370
411
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
371
|
-
|
|
412
|
+
$(printf %s "$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
372
413
|
_ALL_ENV_VAR_KEYS: |-
|
|
373
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
414
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
374
415
|
|
|
375
416
|
EOF
|
|
376
|
-
-
|
|
377
|
-
-
|
|
417
|
+
- collapseable_section_end "writeenvvars"
|
|
418
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
378
419
|
- gcloud run deploy pan-test-app-dev-www --command="yarn,start" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=dev,env-name=dev,build-type=node,cloud-run-service-name=pan-test-app-dev-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
379
|
-
-
|
|
380
|
-
-
|
|
420
|
+
- collapseable_section_end "deploy"
|
|
421
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
381
422
|
- gcloud run revisions list --project=asdf --region=asia-east1 --service=pan-test-app-dev-www --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done
|
|
382
423
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www@$version --quiet --delete-tags; done
|
|
383
424
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
384
|
-
-
|
|
425
|
+
- collapseable_section_end "cleanup"
|
|
385
426
|
- echo 'Uploading SBOM to Dependency Track'
|
|
386
427
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
387
428
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -423,9 +464,9 @@ www 🧪 test:
|
|
|
423
464
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
424
465
|
GIT_STRATEGY: none
|
|
425
466
|
script:
|
|
426
|
-
-
|
|
467
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
427
468
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
428
|
-
-
|
|
469
|
+
- collapseable_section_end "injectvars"
|
|
429
470
|
- set +e
|
|
430
471
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")
|
|
431
472
|
- gcloud run services delete pan-test-app-dev-www --project=asdf --region=asia-east1
|
|
@@ -461,37 +502,53 @@ www 🧪 test:
|
|
|
461
502
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
462
503
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
463
504
|
script:
|
|
464
|
-
-
|
|
505
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
465
506
|
- export ENV_SHORT="review"
|
|
466
507
|
- export APP_DIR="www"
|
|
467
508
|
- export ENV_TYPE="review"
|
|
468
509
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
469
510
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
470
511
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
471
|
-
- export
|
|
512
|
+
- export HOSTNAME="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
472
513
|
- export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
473
|
-
- export
|
|
474
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
514
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
475
515
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
476
516
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
477
517
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
478
518
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_review_www_GCLOUD_DEPLOY_credentialsKey"
|
|
479
519
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_review_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
480
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
481
|
-
-
|
|
520
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
521
|
+
- collapseable_section_end "injectvars"
|
|
522
|
+
- collapseable_section_start "write-dotenv-www" "write dot env for www"
|
|
523
|
+
- |-
|
|
524
|
+
cat <<EOF > www/.env
|
|
525
|
+
ENV_SHORT=review
|
|
526
|
+
APP_DIR=www
|
|
527
|
+
ENV_TYPE=review
|
|
528
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
529
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
530
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
531
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
532
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=asdf
|
|
533
|
+
DEPLOY_CLOUD_RUN_REGION=asia-east1
|
|
534
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_review_www_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
535
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
536
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
537
|
+
EOF
|
|
538
|
+
- collapseable_section_end "write-dotenv-www"
|
|
482
539
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > www/__build_info.json
|
|
483
|
-
-
|
|
540
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
484
541
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
485
542
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
486
|
-
-
|
|
543
|
+
- collapseable_section_end "nodeinstall"
|
|
487
544
|
- cd www
|
|
488
|
-
-
|
|
545
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
489
546
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
490
547
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
491
|
-
-
|
|
492
|
-
-
|
|
548
|
+
- collapseable_section_end "nodeinstall"
|
|
549
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
493
550
|
- yarn install --immutable
|
|
494
|
-
-
|
|
551
|
+
- collapseable_section_end "yarninstall"
|
|
495
552
|
- yarn build
|
|
496
553
|
cache:
|
|
497
554
|
- key: www-yarn
|
|
@@ -502,15 +559,13 @@ www 🧪 test:
|
|
|
502
559
|
policy: pull-push
|
|
503
560
|
paths:
|
|
504
561
|
- www/node_modules
|
|
505
|
-
- key: www-next-cache
|
|
506
|
-
policy: pull-push
|
|
507
|
-
paths:
|
|
508
|
-
- www/.next/cache
|
|
509
562
|
artifacts:
|
|
510
563
|
paths:
|
|
511
564
|
- www/__build_info.json
|
|
512
565
|
- www/.next
|
|
513
566
|
- www/dist
|
|
567
|
+
exclude:
|
|
568
|
+
- www/.env
|
|
514
569
|
expire_in: 1 day
|
|
515
570
|
when: always
|
|
516
571
|
reports: {}
|
|
@@ -536,7 +591,7 @@ www 🧪 test:
|
|
|
536
591
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
537
592
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
538
593
|
script:
|
|
539
|
-
-
|
|
594
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
540
595
|
- export DOCKERFILE_ADDITIONS="RUN apk add --no-cache openssl1.1-compat-dev"
|
|
541
596
|
- export DOCKERFILE_ADDITIONS_END="RUN yarn rebuild"
|
|
542
597
|
- export APP_DIR="www"
|
|
@@ -554,20 +609,20 @@ www 🧪 test:
|
|
|
554
609
|
COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
|
|
555
610
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
556
611
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
557
|
-
-
|
|
612
|
+
- collapseable_section_end "injectvars"
|
|
558
613
|
- ensureNodeDockerfile
|
|
559
|
-
-
|
|
614
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
560
615
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")
|
|
561
616
|
- gcloud auth configure-docker asia-east1-docker.pkg.dev
|
|
562
|
-
-
|
|
563
|
-
-
|
|
617
|
+
- collapseable_section_end "docker-login"
|
|
618
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
564
619
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
565
|
-
-
|
|
566
|
-
-
|
|
620
|
+
- collapseable_section_end "docker-build"
|
|
621
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
567
622
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
568
623
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
569
624
|
- docker push $DOCKER_CACHE_IMAGE
|
|
570
|
-
-
|
|
625
|
+
- collapseable_section_end "docker-push"
|
|
571
626
|
cache:
|
|
572
627
|
- key: www-yarn
|
|
573
628
|
policy: pull
|
|
@@ -584,8 +639,8 @@ www 🧪 test:
|
|
|
584
639
|
image: aquasec/trivy:0.38.3
|
|
585
640
|
variables: {}
|
|
586
641
|
script:
|
|
587
|
-
-
|
|
588
|
-
-
|
|
642
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
643
|
+
- collapseable_section_end "injectvars"
|
|
589
644
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
590
645
|
artifacts:
|
|
591
646
|
paths:
|
|
@@ -604,35 +659,34 @@ www 🧪 test:
|
|
|
604
659
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
605
660
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
606
661
|
script:
|
|
607
|
-
-
|
|
662
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
608
663
|
- export ENV_SHORT="review"
|
|
609
664
|
- export APP_DIR="www"
|
|
610
665
|
- export ENV_TYPE="review"
|
|
611
666
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
612
667
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
613
668
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
614
|
-
- export
|
|
669
|
+
- export HOSTNAME="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
615
670
|
- export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
616
|
-
- export
|
|
617
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
671
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
618
672
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
619
673
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
620
674
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
621
675
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_review_www_GCLOUD_DEPLOY_credentialsKey"
|
|
622
676
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_review_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
623
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
677
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
624
678
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
625
679
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"
|
|
626
680
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"
|
|
627
681
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
628
682
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
629
|
-
-
|
|
630
|
-
-
|
|
683
|
+
- collapseable_section_end "injectvars"
|
|
684
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
631
685
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")
|
|
632
686
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")
|
|
633
687
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
634
|
-
-
|
|
635
|
-
-
|
|
688
|
+
- collapseable_section_end "prepare"
|
|
689
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
636
690
|
- |
|
|
637
691
|
cat > ____envvars.yaml <<EOF
|
|
638
692
|
ENV_SHORT: |-
|
|
@@ -642,43 +696,41 @@ www 🧪 test:
|
|
|
642
696
|
ENV_TYPE: |-
|
|
643
697
|
review
|
|
644
698
|
BUILD_INFO_BUILD_ID: |-
|
|
645
|
-
|
|
699
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
646
700
|
BUILD_INFO_BUILD_TIME: |-
|
|
647
|
-
|
|
701
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
648
702
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
649
|
-
|
|
650
|
-
|
|
651
|
-
|
|
703
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
704
|
+
HOSTNAME: |-
|
|
705
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
652
706
|
ROOT_URL: |-
|
|
653
|
-
|
|
654
|
-
|
|
655
|
-
|
|
656
|
-
HOST_CANONICAL: |-
|
|
657
|
-
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
707
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
708
|
+
HOSTNAME_INTERNAL: |-
|
|
709
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
658
710
|
ROOT_URL_INTERNAL: |-
|
|
659
|
-
|
|
711
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
660
712
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
661
713
|
asdf
|
|
662
714
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
663
715
|
asia-east1
|
|
664
716
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
665
|
-
|
|
717
|
+
$(printf %s "$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
666
718
|
_ALL_ENV_VAR_KEYS: |-
|
|
667
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
719
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
668
720
|
|
|
669
721
|
EOF
|
|
670
|
-
-
|
|
671
|
-
-
|
|
722
|
+
- collapseable_section_end "writeenvvars"
|
|
723
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
672
724
|
- gcloud run deploy $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --command="yarn,start" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-service-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
673
|
-
-
|
|
674
|
-
-
|
|
725
|
+
- collapseable_section_end "deploy"
|
|
726
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
675
727
|
- gcloud run revisions list --project=asdf --region=asia-east1 --service=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done
|
|
676
728
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })@$version --quiet --delete-tags; done
|
|
677
729
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
678
730
|
- set +e
|
|
679
731
|
- gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www --quiet --delete-tags
|
|
680
732
|
- set -e
|
|
681
|
-
-
|
|
733
|
+
- collapseable_section_end "cleanup"
|
|
682
734
|
- echo 'Uploading SBOM to Dependency Track'
|
|
683
735
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
684
736
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -718,9 +770,9 @@ www 🧪 test:
|
|
|
718
770
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
719
771
|
GIT_STRATEGY: none
|
|
720
772
|
script:
|
|
721
|
-
-
|
|
773
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
722
774
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
723
|
-
-
|
|
775
|
+
- collapseable_section_end "injectvars"
|
|
724
776
|
- set +e
|
|
725
777
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")
|
|
726
778
|
- gcloud run services delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --project=asdf --region=asia-east1
|
|
@@ -757,37 +809,53 @@ www 🧪 test:
|
|
|
757
809
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
758
810
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
759
811
|
script:
|
|
760
|
-
-
|
|
812
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
761
813
|
- export ENV_SHORT="stage"
|
|
762
814
|
- export APP_DIR="www"
|
|
763
815
|
- export ENV_TYPE="stage"
|
|
764
816
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
765
817
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
766
818
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
767
|
-
- export
|
|
819
|
+
- export HOSTNAME="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
768
820
|
- export ROOT_URL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
769
|
-
- export
|
|
770
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
821
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
771
822
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
772
823
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
773
824
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
774
825
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_stage_www_GCLOUD_DEPLOY_credentialsKey"
|
|
775
826
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
776
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
777
|
-
-
|
|
827
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
828
|
+
- collapseable_section_end "injectvars"
|
|
829
|
+
- collapseable_section_start "write-dotenv-www" "write dot env for www"
|
|
830
|
+
- |-
|
|
831
|
+
cat <<EOF > www/.env
|
|
832
|
+
ENV_SHORT=stage
|
|
833
|
+
APP_DIR=www
|
|
834
|
+
ENV_TYPE=stage
|
|
835
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
836
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
837
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
838
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
839
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=asdf
|
|
840
|
+
DEPLOY_CLOUD_RUN_REGION=asia-east1
|
|
841
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
842
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
843
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
844
|
+
EOF
|
|
845
|
+
- collapseable_section_end "write-dotenv-www"
|
|
778
846
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > www/__build_info.json
|
|
779
|
-
-
|
|
847
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
780
848
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
781
849
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
782
|
-
-
|
|
850
|
+
- collapseable_section_end "nodeinstall"
|
|
783
851
|
- cd www
|
|
784
|
-
-
|
|
852
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
785
853
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
786
854
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
787
|
-
-
|
|
788
|
-
-
|
|
855
|
+
- collapseable_section_end "nodeinstall"
|
|
856
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
789
857
|
- yarn install --immutable
|
|
790
|
-
-
|
|
858
|
+
- collapseable_section_end "yarninstall"
|
|
791
859
|
- yarn build
|
|
792
860
|
cache:
|
|
793
861
|
- key: www-yarn
|
|
@@ -798,15 +866,13 @@ www 🧪 test:
|
|
|
798
866
|
policy: pull-push
|
|
799
867
|
paths:
|
|
800
868
|
- www/node_modules
|
|
801
|
-
- key: www-next-cache
|
|
802
|
-
policy: pull-push
|
|
803
|
-
paths:
|
|
804
|
-
- www/.next/cache
|
|
805
869
|
artifacts:
|
|
806
870
|
paths:
|
|
807
871
|
- www/__build_info.json
|
|
808
872
|
- www/.next
|
|
809
873
|
- www/dist
|
|
874
|
+
exclude:
|
|
875
|
+
- www/.env
|
|
810
876
|
expire_in: 1 day
|
|
811
877
|
when: always
|
|
812
878
|
reports: {}
|
|
@@ -832,7 +898,7 @@ www 🧪 test:
|
|
|
832
898
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
833
899
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
834
900
|
script:
|
|
835
|
-
-
|
|
901
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
836
902
|
- export DOCKERFILE_ADDITIONS="RUN apk add --no-cache openssl1.1-compat-dev"
|
|
837
903
|
- export DOCKERFILE_ADDITIONS_END="RUN yarn rebuild"
|
|
838
904
|
- export APP_DIR="www"
|
|
@@ -850,20 +916,20 @@ www 🧪 test:
|
|
|
850
916
|
COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
|
|
851
917
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
852
918
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
853
|
-
-
|
|
919
|
+
- collapseable_section_end "injectvars"
|
|
854
920
|
- ensureNodeDockerfile
|
|
855
|
-
-
|
|
921
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
856
922
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")
|
|
857
923
|
- gcloud auth configure-docker asia-east1-docker.pkg.dev
|
|
858
|
-
-
|
|
859
|
-
-
|
|
924
|
+
- collapseable_section_end "docker-login"
|
|
925
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
860
926
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
861
|
-
-
|
|
862
|
-
-
|
|
927
|
+
- collapseable_section_end "docker-build"
|
|
928
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
863
929
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
864
930
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
865
931
|
- docker push $DOCKER_CACHE_IMAGE
|
|
866
|
-
-
|
|
932
|
+
- collapseable_section_end "docker-push"
|
|
867
933
|
cache:
|
|
868
934
|
- key: www-yarn
|
|
869
935
|
policy: pull
|
|
@@ -880,8 +946,8 @@ www 🧪 test:
|
|
|
880
946
|
image: aquasec/trivy:0.38.3
|
|
881
947
|
variables: {}
|
|
882
948
|
script:
|
|
883
|
-
-
|
|
884
|
-
-
|
|
949
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
950
|
+
- collapseable_section_end "injectvars"
|
|
885
951
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
886
952
|
artifacts:
|
|
887
953
|
paths:
|
|
@@ -900,35 +966,34 @@ www 🧪 test:
|
|
|
900
966
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
901
967
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
902
968
|
script:
|
|
903
|
-
-
|
|
969
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
904
970
|
- export ENV_SHORT="stage"
|
|
905
971
|
- export APP_DIR="www"
|
|
906
972
|
- export ENV_TYPE="stage"
|
|
907
973
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
908
974
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
909
975
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
910
|
-
- export
|
|
976
|
+
- export HOSTNAME="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
911
977
|
- export ROOT_URL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
912
|
-
- export
|
|
913
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
978
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
914
979
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
915
980
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
916
981
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
917
982
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_stage_www_GCLOUD_DEPLOY_credentialsKey"
|
|
918
983
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
919
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
984
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
920
985
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
921
986
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www"
|
|
922
987
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"
|
|
923
988
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
924
989
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
925
|
-
-
|
|
926
|
-
-
|
|
990
|
+
- collapseable_section_end "injectvars"
|
|
991
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
927
992
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")
|
|
928
993
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")
|
|
929
994
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
930
|
-
-
|
|
931
|
-
-
|
|
995
|
+
- collapseable_section_end "prepare"
|
|
996
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
932
997
|
- |
|
|
933
998
|
cat > ____envvars.yaml <<EOF
|
|
934
999
|
ENV_SHORT: |-
|
|
@@ -938,40 +1003,38 @@ www 🧪 test:
|
|
|
938
1003
|
ENV_TYPE: |-
|
|
939
1004
|
stage
|
|
940
1005
|
BUILD_INFO_BUILD_ID: |-
|
|
941
|
-
|
|
1006
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
942
1007
|
BUILD_INFO_BUILD_TIME: |-
|
|
943
|
-
|
|
1008
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
944
1009
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
945
|
-
|
|
946
|
-
|
|
947
|
-
|
|
1010
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1011
|
+
HOSTNAME: |-
|
|
1012
|
+
$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
948
1013
|
ROOT_URL: |-
|
|
949
|
-
|
|
950
|
-
|
|
951
|
-
|
|
952
|
-
HOST_CANONICAL: |-
|
|
953
|
-
$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1014
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1015
|
+
HOSTNAME_INTERNAL: |-
|
|
1016
|
+
$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
954
1017
|
ROOT_URL_INTERNAL: |-
|
|
955
|
-
|
|
1018
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
956
1019
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
957
1020
|
asdf
|
|
958
1021
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
959
1022
|
asia-east1
|
|
960
1023
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
961
|
-
|
|
1024
|
+
$(printf %s "$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
962
1025
|
_ALL_ENV_VAR_KEYS: |-
|
|
963
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1026
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
964
1027
|
|
|
965
1028
|
EOF
|
|
966
|
-
-
|
|
967
|
-
-
|
|
1029
|
+
- collapseable_section_end "writeenvvars"
|
|
1030
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
968
1031
|
- gcloud run deploy pan-test-app-stage-www --command="yarn,start" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=stage,env-name=stage,build-type=node,cloud-run-service-name=pan-test-app-stage-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
969
|
-
-
|
|
970
|
-
-
|
|
1032
|
+
- collapseable_section_end "deploy"
|
|
1033
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
971
1034
|
- gcloud run revisions list --project=asdf --region=asia-east1 --service=pan-test-app-stage-www --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done
|
|
972
1035
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www@$version --quiet --delete-tags; done
|
|
973
1036
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
974
|
-
-
|
|
1037
|
+
- collapseable_section_end "cleanup"
|
|
975
1038
|
- echo 'Uploading SBOM to Dependency Track'
|
|
976
1039
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
977
1040
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -1004,9 +1067,9 @@ www 🧪 test:
|
|
|
1004
1067
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1005
1068
|
GIT_STRATEGY: none
|
|
1006
1069
|
script:
|
|
1007
|
-
-
|
|
1070
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1008
1071
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1009
|
-
-
|
|
1072
|
+
- collapseable_section_end "injectvars"
|
|
1010
1073
|
- set +e
|
|
1011
1074
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")
|
|
1012
1075
|
- gcloud run services delete pan-test-app-stage-www --project=asdf --region=asia-east1
|
|
@@ -1040,37 +1103,53 @@ www 🧪 test:
|
|
|
1040
1103
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1041
1104
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
1042
1105
|
script:
|
|
1043
|
-
-
|
|
1106
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1044
1107
|
- export ENV_SHORT="prod"
|
|
1045
1108
|
- export APP_DIR="www"
|
|
1046
1109
|
- export ENV_TYPE="prod"
|
|
1047
1110
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1048
1111
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1049
1112
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1050
|
-
- export
|
|
1113
|
+
- export HOSTNAME="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1051
1114
|
- export ROOT_URL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1052
|
-
- export
|
|
1053
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1115
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1054
1116
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1055
1117
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
1056
1118
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
1057
1119
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_prod_www_GCLOUD_DEPLOY_credentialsKey"
|
|
1058
1120
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
1059
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1060
|
-
-
|
|
1121
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
1122
|
+
- collapseable_section_end "injectvars"
|
|
1123
|
+
- collapseable_section_start "write-dotenv-www" "write dot env for www"
|
|
1124
|
+
- |-
|
|
1125
|
+
cat <<EOF > www/.env
|
|
1126
|
+
ENV_SHORT=prod
|
|
1127
|
+
APP_DIR=www
|
|
1128
|
+
ENV_TYPE=prod
|
|
1129
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1130
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1131
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1132
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1133
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=asdf
|
|
1134
|
+
DEPLOY_CLOUD_RUN_REGION=asia-east1
|
|
1135
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
1136
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
1137
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
1138
|
+
EOF
|
|
1139
|
+
- collapseable_section_end "write-dotenv-www"
|
|
1061
1140
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > www/__build_info.json
|
|
1062
|
-
-
|
|
1141
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1063
1142
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1064
1143
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1065
|
-
-
|
|
1144
|
+
- collapseable_section_end "nodeinstall"
|
|
1066
1145
|
- cd www
|
|
1067
|
-
-
|
|
1146
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1068
1147
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1069
1148
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1070
|
-
-
|
|
1071
|
-
-
|
|
1149
|
+
- collapseable_section_end "nodeinstall"
|
|
1150
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
1072
1151
|
- yarn install --immutable
|
|
1073
|
-
-
|
|
1152
|
+
- collapseable_section_end "yarninstall"
|
|
1074
1153
|
- yarn build
|
|
1075
1154
|
cache:
|
|
1076
1155
|
- key: www-yarn
|
|
@@ -1081,15 +1160,13 @@ www 🧪 test:
|
|
|
1081
1160
|
policy: pull-push
|
|
1082
1161
|
paths:
|
|
1083
1162
|
- www/node_modules
|
|
1084
|
-
- key: www-next-cache
|
|
1085
|
-
policy: pull-push
|
|
1086
|
-
paths:
|
|
1087
|
-
- www/.next/cache
|
|
1088
1163
|
artifacts:
|
|
1089
1164
|
paths:
|
|
1090
1165
|
- www/__build_info.json
|
|
1091
1166
|
- www/.next
|
|
1092
1167
|
- www/dist
|
|
1168
|
+
exclude:
|
|
1169
|
+
- www/.env
|
|
1093
1170
|
expire_in: 1 day
|
|
1094
1171
|
when: always
|
|
1095
1172
|
reports: {}
|
|
@@ -1115,7 +1192,7 @@ www 🧪 test:
|
|
|
1115
1192
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1116
1193
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
1117
1194
|
script:
|
|
1118
|
-
-
|
|
1195
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1119
1196
|
- export DOCKERFILE_ADDITIONS="RUN apk add --no-cache openssl1.1-compat-dev"
|
|
1120
1197
|
- export DOCKERFILE_ADDITIONS_END="RUN yarn rebuild"
|
|
1121
1198
|
- export APP_DIR="www"
|
|
@@ -1133,20 +1210,20 @@ www 🧪 test:
|
|
|
1133
1210
|
COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
|
|
1134
1211
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1135
1212
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
1136
|
-
-
|
|
1213
|
+
- collapseable_section_end "injectvars"
|
|
1137
1214
|
- ensureNodeDockerfile
|
|
1138
|
-
-
|
|
1215
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1139
1216
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")
|
|
1140
1217
|
- gcloud auth configure-docker asia-east1-docker.pkg.dev
|
|
1141
|
-
-
|
|
1142
|
-
-
|
|
1218
|
+
- collapseable_section_end "docker-login"
|
|
1219
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1143
1220
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1144
|
-
-
|
|
1145
|
-
-
|
|
1221
|
+
- collapseable_section_end "docker-build"
|
|
1222
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1146
1223
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1147
1224
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1148
1225
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1149
|
-
-
|
|
1226
|
+
- collapseable_section_end "docker-push"
|
|
1150
1227
|
cache:
|
|
1151
1228
|
- key: www-yarn
|
|
1152
1229
|
policy: pull
|
|
@@ -1163,8 +1240,8 @@ www 🧪 test:
|
|
|
1163
1240
|
image: aquasec/trivy:0.38.3
|
|
1164
1241
|
variables: {}
|
|
1165
1242
|
script:
|
|
1166
|
-
-
|
|
1167
|
-
-
|
|
1243
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1244
|
+
- collapseable_section_end "injectvars"
|
|
1168
1245
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
1169
1246
|
artifacts:
|
|
1170
1247
|
paths:
|
|
@@ -1183,35 +1260,34 @@ www 🧪 test:
|
|
|
1183
1260
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1184
1261
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1185
1262
|
script:
|
|
1186
|
-
-
|
|
1263
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1187
1264
|
- export ENV_SHORT="prod"
|
|
1188
1265
|
- export APP_DIR="www"
|
|
1189
1266
|
- export ENV_TYPE="prod"
|
|
1190
1267
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1191
1268
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1192
1269
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1193
|
-
- export
|
|
1270
|
+
- export HOSTNAME="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1194
1271
|
- export ROOT_URL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1195
|
-
- export
|
|
1196
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1272
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1197
1273
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1198
1274
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"
|
|
1199
1275
|
- export DEPLOY_CLOUD_RUN_REGION="asia-east1"
|
|
1200
1276
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_prod_www_GCLOUD_DEPLOY_credentialsKey"
|
|
1201
1277
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
1202
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1278
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
1203
1279
|
- export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"
|
|
1204
1280
|
- export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www"
|
|
1205
1281
|
- export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"
|
|
1206
1282
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
1207
1283
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1208
|
-
-
|
|
1209
|
-
-
|
|
1284
|
+
- collapseable_section_end "injectvars"
|
|
1285
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
1210
1286
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")
|
|
1211
1287
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")
|
|
1212
1288
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
1213
|
-
-
|
|
1214
|
-
-
|
|
1289
|
+
- collapseable_section_end "prepare"
|
|
1290
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
1215
1291
|
- |
|
|
1216
1292
|
cat > ____envvars.yaml <<EOF
|
|
1217
1293
|
ENV_SHORT: |-
|
|
@@ -1221,40 +1297,38 @@ www 🧪 test:
|
|
|
1221
1297
|
ENV_TYPE: |-
|
|
1222
1298
|
prod
|
|
1223
1299
|
BUILD_INFO_BUILD_ID: |-
|
|
1224
|
-
|
|
1300
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1225
1301
|
BUILD_INFO_BUILD_TIME: |-
|
|
1226
|
-
|
|
1302
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1227
1303
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1228
|
-
|
|
1229
|
-
|
|
1230
|
-
|
|
1304
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1305
|
+
HOSTNAME: |-
|
|
1306
|
+
$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1231
1307
|
ROOT_URL: |-
|
|
1232
|
-
|
|
1233
|
-
|
|
1234
|
-
|
|
1235
|
-
HOST_CANONICAL: |-
|
|
1236
|
-
$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1308
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1309
|
+
HOSTNAME_INTERNAL: |-
|
|
1310
|
+
$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1237
1311
|
ROOT_URL_INTERNAL: |-
|
|
1238
|
-
|
|
1312
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1239
1313
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
1240
1314
|
asdf
|
|
1241
1315
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
1242
1316
|
asia-east1
|
|
1243
1317
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
1244
|
-
|
|
1318
|
+
$(printf %s "$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
1245
1319
|
_ALL_ENV_VAR_KEYS: |-
|
|
1246
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1320
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
1247
1321
|
|
|
1248
1322
|
EOF
|
|
1249
|
-
-
|
|
1250
|
-
-
|
|
1323
|
+
- collapseable_section_end "writeenvvars"
|
|
1324
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
1251
1325
|
- gcloud run deploy pan-test-app-prod-www --command="yarn,start" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=prod,env-name=prod,build-type=node,cloud-run-service-name=pan-test-app-prod-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
1252
|
-
-
|
|
1253
|
-
-
|
|
1326
|
+
- collapseable_section_end "deploy"
|
|
1327
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
1254
1328
|
- gcloud run revisions list --project=asdf --region=asia-east1 --service=pan-test-app-prod-www --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | tail -n +6 | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done
|
|
1255
1329
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +7 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www@$version --quiet --delete-tags; done
|
|
1256
1330
|
- gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1257
|
-
-
|
|
1331
|
+
- collapseable_section_end "cleanup"
|
|
1258
1332
|
- echo 'Uploading SBOM to Dependency Track'
|
|
1259
1333
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
1260
1334
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -1287,9 +1361,9 @@ www 🧪 test:
|
|
|
1287
1361
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1288
1362
|
GIT_STRATEGY: none
|
|
1289
1363
|
script:
|
|
1290
|
-
-
|
|
1364
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1291
1365
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1292
|
-
-
|
|
1366
|
+
- collapseable_section_end "injectvars"
|
|
1293
1367
|
- set +e
|
|
1294
1368
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")
|
|
1295
1369
|
- gcloud run services delete pan-test-app-prod-www --project=asdf --region=asia-east1
|