@catladder/pipeline 1.170.0 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bash/BashExpression.d.ts +2 -6
- package/dist/bash/BashExpression.js +5 -15
- package/dist/bash/bashEscape.d.ts +34 -0
- package/dist/bash/bashEscape.js +114 -0
- package/dist/bash/bashYaml.js +25 -2
- package/dist/bash/getInjectVarsScript.js +4 -2
- package/dist/bash/index.d.ts +2 -0
- package/dist/bash/index.js +26 -0
- package/dist/build/base/createAppBuildJob.js +3 -3
- package/dist/build/base/writeDotEnv.js +6 -4
- package/dist/build/custom/testJob.js +12 -12
- package/dist/build/docker.d.ts +3 -3
- package/dist/build/node/buildJob.js +1 -1
- package/dist/build/node/cache.d.ts +2 -4
- package/dist/build/node/cache.js +3 -24
- package/dist/build/node/testJob.js +11 -11
- package/dist/build/rails/build.js +1 -1
- package/dist/build/rails/test.js +8 -8
- package/dist/build/types.d.ts +0 -10
- package/dist/constants.js +1 -1
- package/dist/context/createComponentContext.js +0 -1
- package/dist/context/getEnvConfig.js +2 -1
- package/dist/context/getEnvironment.js +1 -2
- package/dist/context/getEnvironmentVariables.d.ts +5 -6
- package/dist/context/getEnvironmentVariables.js +50 -38
- package/dist/deploy/base/deploy.js +3 -3
- package/dist/deploy/cloudRun/createJobs/getCloudRunDeployScripts.js +2 -2
- package/dist/deploy/cloudRun/index.js +2 -2
- package/dist/deploy/cloudRun/utils/getServiceName.d.ts +1 -1
- package/dist/deploy/kubernetes/cloudSql/index.d.ts +2 -2
- package/dist/deploy/kubernetes/cloudSql/index.js +3 -14
- package/dist/deploy/kubernetes/deployJob.js +1 -3
- package/dist/deploy/kubernetes/index.js +2 -2
- package/dist/deploy/kubernetes/kubeEnv.d.ts +3 -3
- package/dist/deploy/kubernetes/kubeValues.d.ts +3 -4
- package/dist/deploy/kubernetes/kubeValues.js +2 -3
- package/dist/deploy/types/base.d.ts +0 -6
- package/dist/deploy/types/kubernetes.d.ts +1 -34
- package/dist/globalScriptFunctions/index.d.ts +14 -0
- package/dist/globalScriptFunctions/index.js +37 -0
- package/dist/index.d.ts +3 -1
- package/dist/index.js +3 -1
- package/dist/pipeline/gitlab/createGitlabJobs.js +3 -5
- package/dist/pipeline/gitlab/createGitlabPipeline.d.ts +1 -0
- package/dist/pipeline/gitlab/createGitlabPipeline.js +38 -2
- package/dist/pipeline/packageManager.js +1 -1
- package/dist/runner/index.d.ts +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/dist/types/config.d.ts +6 -9
- package/dist/types/context.d.ts +2 -9
- package/dist/types/gitlab-types.d.ts +1 -0
- package/dist/types/jobs.d.ts +0 -8
- package/dist/utils/gitlab.js +4 -1
- package/dist/utils/writeFiles.js +1 -7
- package/dist/variables/VariableValue.d.ts +3 -0
- package/dist/variables/VariableValue.js +5 -0
- package/dist/variables/VariableValueContainingReferences.d.ts +24 -0
- package/dist/variables/VariableValueContainingReferences.js +97 -0
- package/dist/variables/__tests__/resolveAllReferences.test.js +219 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.js +171 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.js +202 -0
- package/dist/variables/__tests__/variableValue.test.d.ts +1 -0
- package/dist/variables/__tests__/variableValue.test.js +36 -0
- package/dist/variables/resolveAllReferences.d.ts +3 -0
- package/dist/{bash/replaceAsync.js → variables/resolveAllReferences.js} +60 -41
- package/dist/variables/resolveAllReferencesOnce.d.ts +5 -0
- package/dist/variables/resolveAllReferencesOnce.js +191 -0
- package/dist/variables/resolveReferencesOnce.d.ts +8 -0
- package/dist/variables/resolveReferencesOnce.js +22 -0
- package/examples/__snapshots__/cloud-run-http2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-memory-limit.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-meteor-with-worker.test.ts.snap +312 -222
- package/examples/__snapshots__/cloud-run-nextjs.test.ts.snap +1436 -0
- package/examples/__snapshots__/cloud-run-no-cpu-throttling.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-no-service.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-non-public.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-post-stop-job.test.ts.snap +313 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc-connector.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-gen2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-increase-timout.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-with-volumes.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-storybook.test.ts.snap +294 -220
- package/examples/__snapshots__/cloud-run-with-ngnix.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-with-sql-reuse-db.test.ts.snap +652 -486
- package/examples/__snapshots__/cloud-run-with-sql.test.ts.snap +282 -288
- package/examples/__snapshots__/cloud-run-with-worker.test.ts.snap +312 -238
- package/examples/__snapshots__/custom-build-job-with-tests.test.ts.snap +284 -194
- package/examples/__snapshots__/custom-build-job.test.ts.snap +278 -188
- package/examples/__snapshots__/custom-deploy.test.ts.snap +220 -154
- package/examples/__snapshots__/custom-envs.test.ts.snap +216 -126
- package/examples/__snapshots__/custom-sbom-java.test.ts.snap +278 -188
- package/examples/__snapshots__/git-submodule.test.ts.snap +312 -238
- package/examples/__snapshots__/kubernetes-application-customization.test.ts.snap +231 -253
- package/examples/__snapshots__/kubernetes-with-cloud-sql.test.ts.snap +240 -262
- package/examples/__snapshots__/kubernetes-with-jobs.test.ts.snap +504 -506
- package/examples/__snapshots__/kubernetes-with-mongodb.test.ts.snap +239 -261
- package/examples/__snapshots__/local-dot-env.test.ts.snap +236 -238
- package/examples/__snapshots__/meteor-kubernetes.test.ts.snap +236 -242
- package/examples/__snapshots__/multiline-var.test.ts.snap +1355 -973
- package/examples/__snapshots__/native-app.test.ts.snap +438 -392
- package/examples/__snapshots__/node-build-with-custom-image.test.ts.snap +312 -238
- package/examples/__snapshots__/node-build-with-docker-additions.test.ts.snap +312 -238
- package/examples/__snapshots__/rails-k8s-with-worker-dockerfile.test.ts.snap +186 -188
- package/examples/__snapshots__/rails-k8s-with-worker.test.ts.snap +162 -164
- package/examples/__snapshots__/referencing-other-vars.test.ts.snap +4741 -0
- package/examples/__snapshots__/wait-for-other-deploy.test.ts.snap +330 -228
- package/examples/__snapshots__/{workspace-api-www-custom-cache.test.ts.snap → workspace-api-www-turbo-cache.test.ts.snap} +457 -499
- package/examples/__snapshots__/workspace-api-www.test.ts.snap +452 -482
- package/examples/{workspace-api-www-custom-cache.test.ts → cloud-run-nextjs.test.ts} +2 -2
- package/examples/cloud-run-nextjs.ts +28 -0
- package/examples/cloud-run-with-sql.ts +0 -1
- package/examples/kubernetes-application-customization.ts +1 -0
- package/examples/kubernetes-with-cloud-sql.ts +1 -0
- package/examples/kubernetes-with-jobs.ts +1 -0
- package/examples/kubernetes-with-mongodb.ts +1 -0
- package/examples/meteor-kubernetes.ts +1 -1
- package/examples/native-app.ts +10 -7
- package/examples/rails-k8s-with-worker.ts +7 -1
- package/examples/{kubernetes-with-cloud-sql-legacy.test.ts → referencing-other-vars.test.ts} +2 -2
- package/examples/referencing-other-vars.ts +83 -0
- package/examples/workspace-api-www-turbo-cache.test.ts +11 -0
- package/examples/{workspace-api-www-custom-cache.ts → workspace-api-www-turbo-cache.ts} +4 -3
- package/examples/workspace-api-www.ts +3 -2
- package/package.json +2 -6
- package/src/bash/BashExpression.ts +10 -13
- package/src/bash/bashEscape.ts +158 -0
- package/src/bash/bashYaml.ts +36 -2
- package/src/bash/getInjectVarsScript.ts +11 -2
- package/src/bash/index.ts +2 -0
- package/src/build/base/createAppBuildJob.ts +0 -1
- package/src/build/base/writeDotEnv.ts +6 -6
- package/src/build/custom/testJob.ts +0 -1
- package/src/build/node/buildJob.ts +2 -2
- package/src/build/node/cache.ts +0 -29
- package/src/build/node/testJob.ts +0 -1
- package/src/build/rails/build.ts +0 -1
- package/src/build/rails/test.ts +0 -1
- package/src/build/types.ts +0 -13
- package/src/context/createComponentContext.ts +0 -1
- package/src/context/getEnvConfig.ts +2 -2
- package/src/context/getEnvironment.ts +1 -1
- package/src/context/getEnvironmentContext.ts +1 -1
- package/src/context/getEnvironmentVariables.ts +44 -51
- package/src/deploy/base/deploy.ts +1 -1
- package/src/deploy/cloudRun/createJobs/getCloudRunDeployScripts.ts +4 -12
- package/src/deploy/cloudRun/index.ts +2 -2
- package/src/deploy/kubernetes/cloudSql/index.ts +3 -16
- package/src/deploy/kubernetes/deployJob.ts +0 -2
- package/src/deploy/kubernetes/index.ts +2 -2
- package/src/deploy/kubernetes/kubeEnv.ts +3 -3
- package/src/deploy/kubernetes/kubeValues.ts +5 -8
- package/src/deploy/types/base.ts +0 -6
- package/src/deploy/types/kubernetes.ts +1 -36
- package/src/globalScriptFunctions/index.ts +30 -0
- package/src/index.ts +2 -0
- package/src/pipeline/gitlab/createGitlabJobs.ts +1 -4
- package/src/pipeline/gitlab/createGitlabPipeline.ts +8 -1
- package/src/pipeline/packageManager.ts +7 -5
- package/src/runner/index.ts +0 -1
- package/src/types/config.ts +6 -9
- package/src/types/context.ts +3 -9
- package/src/types/gitlab-types.ts +1 -0
- package/src/types/jobs.ts +0 -8
- package/src/utils/gitlab.ts +19 -2
- package/src/utils/writeFiles.ts +1 -2
- package/src/variables/VariableValue.ts +6 -0
- package/src/variables/VariableValueContainingReferences.ts +89 -0
- package/src/variables/__tests__/resolveAllReferences.test.ts +110 -0
- package/src/variables/__tests__/resolveAllReferencesOnce.test.ts +64 -0
- package/src/variables/__tests__/resolveReferencesOnce.test.ts +117 -0
- package/src/variables/__tests__/variableValue.test.ts +73 -0
- package/src/variables/resolveAllReferences.ts +46 -0
- package/src/variables/resolveAllReferencesOnce.ts +44 -0
- package/src/variables/resolveReferencesOnce.ts +29 -0
- package/bin/catladder-gitlab-dev.js +0 -3
- package/bin/catladder-gitlab.js +0 -3
- package/dist/bash/replaceAsync.d.ts +0 -2
- package/dist/bundles/catladder-gitlab/index.js +0 -15
- package/dist/context/__tests__/resolveReferences.test.js +0 -368
- package/dist/context/resolveReferences.d.ts +0 -6
- package/dist/context/resolveReferences.js +0 -286
- package/dist/deploy/kubernetes/processSecretsAsFiles.d.ts +0 -85
- package/dist/deploy/kubernetes/processSecretsAsFiles.js +0 -33
- package/examples/__snapshots__/kubernetes-with-cloud-sql-legacy.test.ts.snap +0 -1795
- package/examples/kubernetes-with-cloud-sql-legacy.ts +0 -35
- package/scripts/bundle +0 -2
- package/src/bash/replaceAsync.ts +0 -54
- package/src/context/__tests__/resolveReferences.test.ts +0 -148
- package/src/context/resolveReferences.ts +0 -93
- package/src/deploy/kubernetes/processSecretsAsFiles.ts +0 -35
- /package/dist/{context/__tests__/resolveReferences.test.d.ts → variables/__tests__/resolveAllReferences.test.d.ts} +0 -0
|
@@ -45,6 +45,36 @@ variables:
|
|
|
45
45
|
CACHE_COMPRESSION_LEVEL: fast
|
|
46
46
|
TRANSFER_METER_FREQUENCY: 5s
|
|
47
47
|
GIT_DEPTH: '1'
|
|
48
|
+
before_script:
|
|
49
|
+
- |-
|
|
50
|
+
function escapeForDotEnv () {
|
|
51
|
+
input="\${1:-$(cat)}"
|
|
52
|
+
input="\${input//$'\\n'/\\\\n}"
|
|
53
|
+
if [[ "$input" == *\\\\n* ]]; then
|
|
54
|
+
if [[ "$input" == *\\"* && "$input" == *\\'* && "$input" == *\\\`* ]]; then
|
|
55
|
+
printf "\\"%s\\"\\n" "$input"
|
|
56
|
+
elif [[ "$input" == *\\"* && "$input" == *\\'* ]]; then
|
|
57
|
+
printf "\`%s\`\\n" "$input"
|
|
58
|
+
elif [[ "$input" == *\\"* ]]; then
|
|
59
|
+
printf "'%s'\\n" "$input"
|
|
60
|
+
else
|
|
61
|
+
printf "\\"%s\\"\\n" "$input"
|
|
62
|
+
fi
|
|
63
|
+
else
|
|
64
|
+
printf "%s\\n" "$input"
|
|
65
|
+
fi
|
|
66
|
+
}
|
|
67
|
+
- |-
|
|
68
|
+
function collapseable_section_start () {
|
|
69
|
+
local section_title="\${1}"
|
|
70
|
+
local section_description="\${2:-$section_title}"
|
|
71
|
+
echo -e "section_start:\`date +%s\`:\${section_title}[collapsed=true]\\r\\e[0K\${section_description}"
|
|
72
|
+
}
|
|
73
|
+
- |-
|
|
74
|
+
function collapseable_section_end () {
|
|
75
|
+
local section_title="\${1}"
|
|
76
|
+
echo -e "section_end:\`date +%s\`:\${section_title}\\r\\e[0K"
|
|
77
|
+
}
|
|
48
78
|
🔸 myWorkspace 🛡 audit:
|
|
49
79
|
stage: test
|
|
50
80
|
image: path/to/docker/jobs-default:the-version
|
|
@@ -53,9 +83,9 @@ variables:
|
|
|
53
83
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
54
84
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
55
85
|
script:
|
|
56
|
-
-
|
|
86
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
57
87
|
- export APP_PATH="."
|
|
58
|
-
-
|
|
88
|
+
- collapseable_section_end "injectvars"
|
|
59
89
|
- cd .
|
|
60
90
|
- yarn npm audit --environment production
|
|
61
91
|
rules:
|
|
@@ -79,21 +109,21 @@ variables:
|
|
|
79
109
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
80
110
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
81
111
|
script:
|
|
82
|
-
-
|
|
112
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
83
113
|
- export APP_PATH="."
|
|
84
|
-
-
|
|
85
|
-
-
|
|
114
|
+
- collapseable_section_end "injectvars"
|
|
115
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
86
116
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
87
117
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
88
|
-
-
|
|
118
|
+
- collapseable_section_end "nodeinstall"
|
|
89
119
|
- cd .
|
|
90
|
-
-
|
|
120
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
91
121
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
92
122
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
93
|
-
-
|
|
94
|
-
-
|
|
123
|
+
- collapseable_section_end "nodeinstall"
|
|
124
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
95
125
|
- yarn install --immutable
|
|
96
|
-
-
|
|
126
|
+
- collapseable_section_end "yarninstall"
|
|
97
127
|
- yarn lint
|
|
98
128
|
cache:
|
|
99
129
|
- key: .-yarn
|
|
@@ -104,10 +134,6 @@ variables:
|
|
|
104
134
|
policy: pull-push
|
|
105
135
|
paths:
|
|
106
136
|
- node_modules
|
|
107
|
-
- key: myWorkspace-turbo
|
|
108
|
-
policy: pull-push
|
|
109
|
-
paths:
|
|
110
|
-
- .turbo
|
|
111
137
|
rules:
|
|
112
138
|
- when: never
|
|
113
139
|
if: $CI_COMMIT_MESSAGE =~ /^chore\\(release\\).*/
|
|
@@ -124,21 +150,21 @@ variables:
|
|
|
124
150
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
125
151
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
126
152
|
script:
|
|
127
|
-
-
|
|
153
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
128
154
|
- export APP_PATH="."
|
|
129
|
-
-
|
|
130
|
-
-
|
|
155
|
+
- collapseable_section_end "injectvars"
|
|
156
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
131
157
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
132
158
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
133
|
-
-
|
|
159
|
+
- collapseable_section_end "nodeinstall"
|
|
134
160
|
- cd .
|
|
135
|
-
-
|
|
161
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
136
162
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
137
163
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
138
|
-
-
|
|
139
|
-
-
|
|
164
|
+
- collapseable_section_end "nodeinstall"
|
|
165
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
140
166
|
- yarn install --immutable
|
|
141
|
-
-
|
|
167
|
+
- collapseable_section_end "yarninstall"
|
|
142
168
|
- yarn test
|
|
143
169
|
cache:
|
|
144
170
|
- key: .-yarn
|
|
@@ -149,10 +175,6 @@ variables:
|
|
|
149
175
|
policy: pull-push
|
|
150
176
|
paths:
|
|
151
177
|
- node_modules
|
|
152
|
-
- key: myWorkspace-turbo
|
|
153
|
-
policy: pull-push
|
|
154
|
-
paths:
|
|
155
|
-
- .turbo
|
|
156
178
|
rules:
|
|
157
179
|
- when: never
|
|
158
180
|
if: $CI_COMMIT_MESSAGE =~ /^chore\\(release\\).*/
|
|
@@ -169,57 +191,55 @@ variables:
|
|
|
169
191
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
170
192
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
171
193
|
script:
|
|
172
|
-
-
|
|
173
|
-
-
|
|
174
|
-
-
|
|
194
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
195
|
+
- collapseable_section_end "injectvars"
|
|
196
|
+
- collapseable_section_start "write-dotenv-api" "write dot env for api"
|
|
175
197
|
- |-
|
|
176
198
|
cat <<EOF > api/.env
|
|
177
199
|
ENV_SHORT=dev
|
|
178
200
|
APP_DIR=api
|
|
179
201
|
ENV_TYPE=dev
|
|
180
|
-
|
|
181
|
-
ROOT_URL
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
|
|
202
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
203
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
204
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
205
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
185
206
|
DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
|
|
186
207
|
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
187
|
-
GCLOUD_DEPLOY_credentialsKey=$CL_dev_api_GCLOUD_DEPLOY_credentialsKey
|
|
188
|
-
GCLOUD_RUN_canonicalHostSuffix=$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix
|
|
189
|
-
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
208
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
209
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
210
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
190
211
|
EOF
|
|
191
|
-
-
|
|
192
|
-
-
|
|
212
|
+
- collapseable_section_end "write-dotenv-api"
|
|
213
|
+
- collapseable_section_start "write-dotenv-www" "write dot env for www"
|
|
193
214
|
- |-
|
|
194
215
|
cat <<EOF > www/.env
|
|
195
216
|
ENV_SHORT=dev
|
|
196
217
|
APP_DIR=www
|
|
197
218
|
ENV_TYPE=dev
|
|
198
|
-
|
|
199
|
-
ROOT_URL
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
|
|
219
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
220
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
221
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
222
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
203
223
|
DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
|
|
204
224
|
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
205
|
-
GCLOUD_DEPLOY_credentialsKey=$CL_dev_www_GCLOUD_DEPLOY_credentialsKey
|
|
206
|
-
GCLOUD_RUN_canonicalHostSuffix=$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix
|
|
207
|
-
API_URL
|
|
208
|
-
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
225
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
226
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
227
|
+
API_URL=$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql" | escapeForDotEnv)
|
|
228
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
|
|
209
229
|
EOF
|
|
210
|
-
-
|
|
211
|
-
-
|
|
230
|
+
- collapseable_section_end "write-dotenv-www"
|
|
231
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
212
232
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
213
233
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
214
|
-
-
|
|
234
|
+
- collapseable_section_end "nodeinstall"
|
|
215
235
|
- cd .
|
|
216
|
-
-
|
|
236
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
217
237
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
218
238
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
219
|
-
-
|
|
220
|
-
-
|
|
239
|
+
- collapseable_section_end "nodeinstall"
|
|
240
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
221
241
|
- yarn install --immutable
|
|
222
|
-
-
|
|
242
|
+
- collapseable_section_end "yarninstall"
|
|
223
243
|
- yarn build
|
|
224
244
|
cache:
|
|
225
245
|
- key: .-yarn
|
|
@@ -230,14 +250,9 @@ variables:
|
|
|
230
250
|
policy: pull-push
|
|
231
251
|
paths:
|
|
232
252
|
- node_modules
|
|
233
|
-
- key: myWorkspace-
|
|
234
|
-
policy: pull-push
|
|
235
|
-
paths:
|
|
236
|
-
- .turbo
|
|
237
|
-
- key: myWorkspace-next-cache
|
|
253
|
+
- key: myWorkspace-default
|
|
238
254
|
policy: pull-push
|
|
239
255
|
paths:
|
|
240
|
-
- api/.next/cache
|
|
241
256
|
- www/.next/cache
|
|
242
257
|
artifacts:
|
|
243
258
|
paths:
|
|
@@ -266,57 +281,55 @@ variables:
|
|
|
266
281
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
267
282
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
268
283
|
script:
|
|
269
|
-
-
|
|
270
|
-
-
|
|
271
|
-
-
|
|
284
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
285
|
+
- collapseable_section_end "injectvars"
|
|
286
|
+
- collapseable_section_start "write-dotenv-api" "write dot env for api"
|
|
272
287
|
- |-
|
|
273
288
|
cat <<EOF > api/.env
|
|
274
289
|
ENV_SHORT=review
|
|
275
290
|
APP_DIR=api
|
|
276
291
|
ENV_TYPE=review
|
|
277
|
-
|
|
278
|
-
ROOT_URL
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
|
|
292
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
293
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
294
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
295
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
282
296
|
DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
|
|
283
297
|
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
284
|
-
GCLOUD_DEPLOY_credentialsKey=$CL_review_api_GCLOUD_DEPLOY_credentialsKey
|
|
285
|
-
GCLOUD_RUN_canonicalHostSuffix=$CL_review_api_GCLOUD_RUN_canonicalHostSuffix
|
|
286
|
-
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
298
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_review_api_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
299
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
300
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
287
301
|
EOF
|
|
288
|
-
-
|
|
289
|
-
-
|
|
302
|
+
- collapseable_section_end "write-dotenv-api"
|
|
303
|
+
- collapseable_section_start "write-dotenv-www" "write dot env for www"
|
|
290
304
|
- |-
|
|
291
305
|
cat <<EOF > www/.env
|
|
292
306
|
ENV_SHORT=review
|
|
293
307
|
APP_DIR=www
|
|
294
308
|
ENV_TYPE=review
|
|
295
|
-
|
|
296
|
-
ROOT_URL
|
|
297
|
-
|
|
298
|
-
|
|
299
|
-
ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
|
|
309
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
310
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
311
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
312
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
300
313
|
DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
|
|
301
314
|
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
302
|
-
GCLOUD_DEPLOY_credentialsKey=$CL_review_www_GCLOUD_DEPLOY_credentialsKey
|
|
303
|
-
GCLOUD_RUN_canonicalHostSuffix=$CL_review_www_GCLOUD_RUN_canonicalHostSuffix
|
|
304
|
-
API_URL
|
|
305
|
-
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
315
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_review_www_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
316
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
317
|
+
API_URL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql" | escapeForDotEnv)
|
|
318
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
|
|
306
319
|
EOF
|
|
307
|
-
-
|
|
308
|
-
-
|
|
320
|
+
- collapseable_section_end "write-dotenv-www"
|
|
321
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
309
322
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
310
323
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
311
|
-
-
|
|
324
|
+
- collapseable_section_end "nodeinstall"
|
|
312
325
|
- cd .
|
|
313
|
-
-
|
|
326
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
314
327
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
315
328
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
316
|
-
-
|
|
317
|
-
-
|
|
329
|
+
- collapseable_section_end "nodeinstall"
|
|
330
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
318
331
|
- yarn install --immutable
|
|
319
|
-
-
|
|
332
|
+
- collapseable_section_end "yarninstall"
|
|
320
333
|
- yarn build
|
|
321
334
|
cache:
|
|
322
335
|
- key: .-yarn
|
|
@@ -327,14 +340,9 @@ variables:
|
|
|
327
340
|
policy: pull-push
|
|
328
341
|
paths:
|
|
329
342
|
- node_modules
|
|
330
|
-
- key: myWorkspace-
|
|
343
|
+
- key: myWorkspace-default
|
|
331
344
|
policy: pull-push
|
|
332
345
|
paths:
|
|
333
|
-
- .turbo
|
|
334
|
-
- key: myWorkspace-next-cache
|
|
335
|
-
policy: pull-push
|
|
336
|
-
paths:
|
|
337
|
-
- api/.next/cache
|
|
338
346
|
- www/.next/cache
|
|
339
347
|
artifacts:
|
|
340
348
|
paths:
|
|
@@ -361,57 +369,55 @@ variables:
|
|
|
361
369
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
362
370
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
363
371
|
script:
|
|
364
|
-
-
|
|
365
|
-
-
|
|
366
|
-
-
|
|
372
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
373
|
+
- collapseable_section_end "injectvars"
|
|
374
|
+
- collapseable_section_start "write-dotenv-api" "write dot env for api"
|
|
367
375
|
- |-
|
|
368
376
|
cat <<EOF > api/.env
|
|
369
377
|
ENV_SHORT=stage
|
|
370
378
|
APP_DIR=api
|
|
371
379
|
ENV_TYPE=stage
|
|
372
|
-
|
|
373
|
-
ROOT_URL
|
|
374
|
-
|
|
375
|
-
|
|
376
|
-
ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
|
|
380
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
381
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
382
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
383
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
377
384
|
DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
|
|
378
385
|
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
379
|
-
GCLOUD_DEPLOY_credentialsKey=$CL_stage_api_GCLOUD_DEPLOY_credentialsKey
|
|
380
|
-
GCLOUD_RUN_canonicalHostSuffix=$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix
|
|
381
|
-
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
386
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
387
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
388
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
382
389
|
EOF
|
|
383
|
-
-
|
|
384
|
-
-
|
|
390
|
+
- collapseable_section_end "write-dotenv-api"
|
|
391
|
+
- collapseable_section_start "write-dotenv-www" "write dot env for www"
|
|
385
392
|
- |-
|
|
386
393
|
cat <<EOF > www/.env
|
|
387
394
|
ENV_SHORT=stage
|
|
388
395
|
APP_DIR=www
|
|
389
396
|
ENV_TYPE=stage
|
|
390
|
-
|
|
391
|
-
ROOT_URL
|
|
392
|
-
|
|
393
|
-
|
|
394
|
-
ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
|
|
397
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
398
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
399
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
400
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
395
401
|
DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
|
|
396
402
|
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
397
|
-
GCLOUD_DEPLOY_credentialsKey=$CL_stage_www_GCLOUD_DEPLOY_credentialsKey
|
|
398
|
-
GCLOUD_RUN_canonicalHostSuffix=$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix
|
|
399
|
-
API_URL
|
|
400
|
-
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
403
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
404
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
405
|
+
API_URL=$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql" | escapeForDotEnv)
|
|
406
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
|
|
401
407
|
EOF
|
|
402
|
-
-
|
|
403
|
-
-
|
|
408
|
+
- collapseable_section_end "write-dotenv-www"
|
|
409
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
404
410
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
405
411
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
406
|
-
-
|
|
412
|
+
- collapseable_section_end "nodeinstall"
|
|
407
413
|
- cd .
|
|
408
|
-
-
|
|
414
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
409
415
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
410
416
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
411
|
-
-
|
|
412
|
-
-
|
|
417
|
+
- collapseable_section_end "nodeinstall"
|
|
418
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
413
419
|
- yarn install --immutable
|
|
414
|
-
-
|
|
420
|
+
- collapseable_section_end "yarninstall"
|
|
415
421
|
- yarn build
|
|
416
422
|
cache:
|
|
417
423
|
- key: .-yarn
|
|
@@ -422,14 +428,9 @@ variables:
|
|
|
422
428
|
policy: pull-push
|
|
423
429
|
paths:
|
|
424
430
|
- node_modules
|
|
425
|
-
- key: myWorkspace-
|
|
426
|
-
policy: pull-push
|
|
427
|
-
paths:
|
|
428
|
-
- .turbo
|
|
429
|
-
- key: myWorkspace-next-cache
|
|
431
|
+
- key: myWorkspace-default
|
|
430
432
|
policy: pull-push
|
|
431
433
|
paths:
|
|
432
|
-
- api/.next/cache
|
|
433
434
|
- www/.next/cache
|
|
434
435
|
artifacts:
|
|
435
436
|
paths:
|
|
@@ -456,57 +457,55 @@ variables:
|
|
|
456
457
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
457
458
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
458
459
|
script:
|
|
459
|
-
-
|
|
460
|
-
-
|
|
461
|
-
-
|
|
460
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
461
|
+
- collapseable_section_end "injectvars"
|
|
462
|
+
- collapseable_section_start "write-dotenv-api" "write dot env for api"
|
|
462
463
|
- |-
|
|
463
464
|
cat <<EOF > api/.env
|
|
464
465
|
ENV_SHORT=prod
|
|
465
466
|
APP_DIR=api
|
|
466
467
|
ENV_TYPE=prod
|
|
467
|
-
|
|
468
|
-
ROOT_URL
|
|
469
|
-
|
|
470
|
-
|
|
471
|
-
ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
|
|
468
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
469
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
470
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
471
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
472
472
|
DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
|
|
473
473
|
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
474
|
-
GCLOUD_DEPLOY_credentialsKey=$CL_prod_api_GCLOUD_DEPLOY_credentialsKey
|
|
475
|
-
GCLOUD_RUN_canonicalHostSuffix=$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix
|
|
476
|
-
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
474
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
475
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
476
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
477
477
|
EOF
|
|
478
|
-
-
|
|
479
|
-
-
|
|
478
|
+
- collapseable_section_end "write-dotenv-api"
|
|
479
|
+
- collapseable_section_start "write-dotenv-www" "write dot env for www"
|
|
480
480
|
- |-
|
|
481
481
|
cat <<EOF > www/.env
|
|
482
482
|
ENV_SHORT=prod
|
|
483
483
|
APP_DIR=www
|
|
484
484
|
ENV_TYPE=prod
|
|
485
|
-
|
|
486
|
-
ROOT_URL
|
|
487
|
-
|
|
488
|
-
|
|
489
|
-
ROOT_URL_INTERNAL=https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')
|
|
485
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
486
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
487
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
488
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
490
489
|
DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
|
|
491
490
|
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
492
|
-
GCLOUD_DEPLOY_credentialsKey=$CL_prod_www_GCLOUD_DEPLOY_credentialsKey
|
|
493
|
-
GCLOUD_RUN_canonicalHostSuffix=$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix
|
|
494
|
-
API_URL
|
|
495
|
-
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
491
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
492
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
493
|
+
API_URL=$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql" | escapeForDotEnv)
|
|
494
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
|
|
496
495
|
EOF
|
|
497
|
-
-
|
|
498
|
-
-
|
|
496
|
+
- collapseable_section_end "write-dotenv-www"
|
|
497
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
499
498
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
500
499
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
501
|
-
-
|
|
500
|
+
- collapseable_section_end "nodeinstall"
|
|
502
501
|
- cd .
|
|
503
|
-
-
|
|
502
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
504
503
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
505
504
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
506
|
-
-
|
|
507
|
-
-
|
|
505
|
+
- collapseable_section_end "nodeinstall"
|
|
506
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
508
507
|
- yarn install --immutable
|
|
509
|
-
-
|
|
508
|
+
- collapseable_section_end "yarninstall"
|
|
510
509
|
- yarn build
|
|
511
510
|
cache:
|
|
512
511
|
- key: .-yarn
|
|
@@ -517,14 +516,9 @@ variables:
|
|
|
517
516
|
policy: pull-push
|
|
518
517
|
paths:
|
|
519
518
|
- node_modules
|
|
520
|
-
- key: myWorkspace-
|
|
521
|
-
policy: pull-push
|
|
522
|
-
paths:
|
|
523
|
-
- .turbo
|
|
524
|
-
- key: myWorkspace-next-cache
|
|
519
|
+
- key: myWorkspace-default
|
|
525
520
|
policy: pull-push
|
|
526
521
|
paths:
|
|
527
|
-
- api/.next/cache
|
|
528
522
|
- www/.next/cache
|
|
529
523
|
artifacts:
|
|
530
524
|
paths:
|
|
@@ -560,7 +554,7 @@ variables:
|
|
|
560
554
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
561
555
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
562
556
|
script:
|
|
563
|
-
-
|
|
557
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
564
558
|
- export APP_DIR="api"
|
|
565
559
|
- export DOCKER_BUILD_CONTEXT="."
|
|
566
560
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -576,20 +570,20 @@ variables:
|
|
|
576
570
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
577
571
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
578
572
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
579
|
-
-
|
|
573
|
+
- collapseable_section_end "injectvars"
|
|
580
574
|
- ensureNodeDockerfile
|
|
581
|
-
-
|
|
575
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
582
576
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")
|
|
583
577
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
584
|
-
-
|
|
585
|
-
-
|
|
578
|
+
- collapseable_section_end "docker-login"
|
|
579
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
586
580
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
587
|
-
-
|
|
588
|
-
-
|
|
581
|
+
- collapseable_section_end "docker-build"
|
|
582
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
589
583
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
590
584
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
591
585
|
- docker push $DOCKER_CACHE_IMAGE
|
|
592
|
-
-
|
|
586
|
+
- collapseable_section_end "docker-push"
|
|
593
587
|
cache:
|
|
594
588
|
- key: api-yarn
|
|
595
589
|
policy: pull
|
|
@@ -609,8 +603,8 @@ variables:
|
|
|
609
603
|
image: aquasec/trivy:0.38.3
|
|
610
604
|
variables: {}
|
|
611
605
|
script:
|
|
612
|
-
-
|
|
613
|
-
-
|
|
606
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
607
|
+
- collapseable_section_end "injectvars"
|
|
614
608
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
615
609
|
artifacts:
|
|
616
610
|
paths:
|
|
@@ -631,35 +625,34 @@ variables:
|
|
|
631
625
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
632
626
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
633
627
|
script:
|
|
634
|
-
-
|
|
628
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
635
629
|
- export ENV_SHORT="dev"
|
|
636
630
|
- export APP_DIR="api"
|
|
637
631
|
- export ENV_TYPE="dev"
|
|
638
632
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
639
633
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
640
634
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
641
|
-
- export
|
|
635
|
+
- export HOSTNAME="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
642
636
|
- export ROOT_URL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
643
|
-
- export
|
|
644
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
637
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
645
638
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
646
639
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
647
640
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
648
641
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_dev_api_GCLOUD_DEPLOY_credentialsKey"
|
|
649
642
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
650
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
643
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
651
644
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
652
645
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api"
|
|
653
646
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"
|
|
654
647
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
655
648
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
656
|
-
-
|
|
657
|
-
-
|
|
649
|
+
- collapseable_section_end "injectvars"
|
|
650
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
658
651
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")
|
|
659
652
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")
|
|
660
653
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
661
|
-
-
|
|
662
|
-
-
|
|
654
|
+
- collapseable_section_end "prepare"
|
|
655
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
663
656
|
- |
|
|
664
657
|
cat > ____envvars.yaml <<EOF
|
|
665
658
|
ENV_SHORT: |-
|
|
@@ -669,40 +662,38 @@ variables:
|
|
|
669
662
|
ENV_TYPE: |-
|
|
670
663
|
dev
|
|
671
664
|
BUILD_INFO_BUILD_ID: |-
|
|
672
|
-
|
|
665
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
673
666
|
BUILD_INFO_BUILD_TIME: |-
|
|
674
|
-
|
|
667
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
675
668
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
676
|
-
|
|
677
|
-
|
|
678
|
-
|
|
669
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
670
|
+
HOSTNAME: |-
|
|
671
|
+
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
679
672
|
ROOT_URL: |-
|
|
680
|
-
|
|
681
|
-
|
|
682
|
-
|
|
683
|
-
HOST_CANONICAL: |-
|
|
684
|
-
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
673
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
674
|
+
HOSTNAME_INTERNAL: |-
|
|
675
|
+
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
685
676
|
ROOT_URL_INTERNAL: |-
|
|
686
|
-
|
|
677
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
687
678
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
688
679
|
google-project-id
|
|
689
680
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
690
681
|
europe-west6
|
|
691
682
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
692
|
-
|
|
683
|
+
$(printf %s "$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
693
684
|
_ALL_ENV_VAR_KEYS: |-
|
|
694
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
685
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
695
686
|
|
|
696
687
|
EOF
|
|
697
|
-
-
|
|
698
|
-
-
|
|
688
|
+
- collapseable_section_end "writeenvvars"
|
|
689
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
699
690
|
- gcloud run deploy pan-test-app-dev-api --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=dev,env-name=dev,build-type=node,cloud-run-service-name=pan-test-app-dev-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
700
|
-
-
|
|
701
|
-
-
|
|
691
|
+
- collapseable_section_end "deploy"
|
|
692
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
702
693
|
- gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-dev-api --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
703
694
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api@$version --quiet --delete-tags; done
|
|
704
695
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done
|
|
705
|
-
-
|
|
696
|
+
- collapseable_section_end "cleanup"
|
|
706
697
|
- echo 'Uploading SBOM to Dependency Track'
|
|
707
698
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
708
699
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -742,9 +733,9 @@ variables:
|
|
|
742
733
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
743
734
|
GIT_STRATEGY: none
|
|
744
735
|
script:
|
|
745
|
-
-
|
|
736
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
746
737
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
747
|
-
-
|
|
738
|
+
- collapseable_section_end "injectvars"
|
|
748
739
|
- set +e
|
|
749
740
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")
|
|
750
741
|
- gcloud run services delete pan-test-app-dev-api --project=google-project-id --region=europe-west6
|
|
@@ -789,7 +780,7 @@ variables:
|
|
|
789
780
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
790
781
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
791
782
|
script:
|
|
792
|
-
-
|
|
783
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
793
784
|
- export APP_DIR="api"
|
|
794
785
|
- export DOCKER_BUILD_CONTEXT="."
|
|
795
786
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -805,20 +796,20 @@ variables:
|
|
|
805
796
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
806
797
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
807
798
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
808
|
-
-
|
|
799
|
+
- collapseable_section_end "injectvars"
|
|
809
800
|
- ensureNodeDockerfile
|
|
810
|
-
-
|
|
801
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
811
802
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")
|
|
812
803
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
813
|
-
-
|
|
814
|
-
-
|
|
804
|
+
- collapseable_section_end "docker-login"
|
|
805
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
815
806
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
816
|
-
-
|
|
817
|
-
-
|
|
807
|
+
- collapseable_section_end "docker-build"
|
|
808
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
818
809
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
819
810
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
820
811
|
- docker push $DOCKER_CACHE_IMAGE
|
|
821
|
-
-
|
|
812
|
+
- collapseable_section_end "docker-push"
|
|
822
813
|
cache:
|
|
823
814
|
- key: api-yarn
|
|
824
815
|
policy: pull
|
|
@@ -836,8 +827,8 @@ variables:
|
|
|
836
827
|
image: aquasec/trivy:0.38.3
|
|
837
828
|
variables: {}
|
|
838
829
|
script:
|
|
839
|
-
-
|
|
840
|
-
-
|
|
830
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
831
|
+
- collapseable_section_end "injectvars"
|
|
841
832
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
842
833
|
artifacts:
|
|
843
834
|
paths:
|
|
@@ -856,35 +847,34 @@ variables:
|
|
|
856
847
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
857
848
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
858
849
|
script:
|
|
859
|
-
-
|
|
850
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
860
851
|
- export ENV_SHORT="review"
|
|
861
852
|
- export APP_DIR="api"
|
|
862
853
|
- export ENV_TYPE="review"
|
|
863
854
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
864
855
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
865
856
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
866
|
-
- export
|
|
857
|
+
- export HOSTNAME="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
867
858
|
- export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
868
|
-
- export
|
|
869
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
859
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
870
860
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
871
861
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
872
862
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
873
863
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_review_api_GCLOUD_DEPLOY_credentialsKey"
|
|
874
864
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_review_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
875
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
865
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
876
866
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
877
867
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"
|
|
878
868
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"
|
|
879
869
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
880
870
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
881
|
-
-
|
|
882
|
-
-
|
|
871
|
+
- collapseable_section_end "injectvars"
|
|
872
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
883
873
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")
|
|
884
874
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")
|
|
885
875
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
886
|
-
-
|
|
887
|
-
-
|
|
876
|
+
- collapseable_section_end "prepare"
|
|
877
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
888
878
|
- |
|
|
889
879
|
cat > ____envvars.yaml <<EOF
|
|
890
880
|
ENV_SHORT: |-
|
|
@@ -894,43 +884,41 @@ variables:
|
|
|
894
884
|
ENV_TYPE: |-
|
|
895
885
|
review
|
|
896
886
|
BUILD_INFO_BUILD_ID: |-
|
|
897
|
-
|
|
887
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
898
888
|
BUILD_INFO_BUILD_TIME: |-
|
|
899
|
-
|
|
889
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
900
890
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
901
|
-
|
|
902
|
-
|
|
903
|
-
|
|
891
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
892
|
+
HOSTNAME: |-
|
|
893
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
904
894
|
ROOT_URL: |-
|
|
905
|
-
|
|
906
|
-
|
|
907
|
-
|
|
908
|
-
HOST_CANONICAL: |-
|
|
909
|
-
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
895
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
896
|
+
HOSTNAME_INTERNAL: |-
|
|
897
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
910
898
|
ROOT_URL_INTERNAL: |-
|
|
911
|
-
|
|
899
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
912
900
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
913
901
|
google-project-id
|
|
914
902
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
915
903
|
europe-west6
|
|
916
904
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
917
|
-
|
|
905
|
+
$(printf %s "$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
918
906
|
_ALL_ENV_VAR_KEYS: |-
|
|
919
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
907
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
920
908
|
|
|
921
909
|
EOF
|
|
922
|
-
-
|
|
923
|
-
-
|
|
910
|
+
- collapseable_section_end "writeenvvars"
|
|
911
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
924
912
|
- gcloud run deploy $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-service-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
925
|
-
-
|
|
926
|
-
-
|
|
913
|
+
- collapseable_section_end "deploy"
|
|
914
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
927
915
|
- gcloud run revisions list --project=google-project-id --region=europe-west6 --service=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
928
916
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })@$version --quiet --delete-tags; done
|
|
929
917
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done
|
|
930
918
|
- set +e
|
|
931
919
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api --quiet --delete-tags
|
|
932
920
|
- set -e
|
|
933
|
-
-
|
|
921
|
+
- collapseable_section_end "cleanup"
|
|
934
922
|
- echo 'Uploading SBOM to Dependency Track'
|
|
935
923
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
936
924
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -968,9 +956,9 @@ variables:
|
|
|
968
956
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
969
957
|
GIT_STRATEGY: none
|
|
970
958
|
script:
|
|
971
|
-
-
|
|
959
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
972
960
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
973
|
-
-
|
|
961
|
+
- collapseable_section_end "injectvars"
|
|
974
962
|
- set +e
|
|
975
963
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")
|
|
976
964
|
- gcloud run services delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --project=google-project-id --region=europe-west6
|
|
@@ -1016,7 +1004,7 @@ variables:
|
|
|
1016
1004
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1017
1005
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
1018
1006
|
script:
|
|
1019
|
-
-
|
|
1007
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1020
1008
|
- export APP_DIR="api"
|
|
1021
1009
|
- export DOCKER_BUILD_CONTEXT="."
|
|
1022
1010
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -1032,20 +1020,20 @@ variables:
|
|
|
1032
1020
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
1033
1021
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1034
1022
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
1035
|
-
-
|
|
1023
|
+
- collapseable_section_end "injectvars"
|
|
1036
1024
|
- ensureNodeDockerfile
|
|
1037
|
-
-
|
|
1025
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1038
1026
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")
|
|
1039
1027
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
1040
|
-
-
|
|
1041
|
-
-
|
|
1028
|
+
- collapseable_section_end "docker-login"
|
|
1029
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1042
1030
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1043
|
-
-
|
|
1044
|
-
-
|
|
1031
|
+
- collapseable_section_end "docker-build"
|
|
1032
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1045
1033
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1046
1034
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1047
1035
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1048
|
-
-
|
|
1036
|
+
- collapseable_section_end "docker-push"
|
|
1049
1037
|
cache:
|
|
1050
1038
|
- key: api-yarn
|
|
1051
1039
|
policy: pull
|
|
@@ -1063,8 +1051,8 @@ variables:
|
|
|
1063
1051
|
image: aquasec/trivy:0.38.3
|
|
1064
1052
|
variables: {}
|
|
1065
1053
|
script:
|
|
1066
|
-
-
|
|
1067
|
-
-
|
|
1054
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1055
|
+
- collapseable_section_end "injectvars"
|
|
1068
1056
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
1069
1057
|
artifacts:
|
|
1070
1058
|
paths:
|
|
@@ -1083,35 +1071,34 @@ variables:
|
|
|
1083
1071
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1084
1072
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1085
1073
|
script:
|
|
1086
|
-
-
|
|
1074
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1087
1075
|
- export ENV_SHORT="stage"
|
|
1088
1076
|
- export APP_DIR="api"
|
|
1089
1077
|
- export ENV_TYPE="stage"
|
|
1090
1078
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1091
1079
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1092
1080
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1093
|
-
- export
|
|
1081
|
+
- export HOSTNAME="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1094
1082
|
- export ROOT_URL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1095
|
-
- export
|
|
1096
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1083
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1097
1084
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1098
1085
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
1099
1086
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
1100
1087
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_stage_api_GCLOUD_DEPLOY_credentialsKey"
|
|
1101
1088
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
1102
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1089
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
1103
1090
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
1104
1091
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api"
|
|
1105
1092
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"
|
|
1106
1093
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
1107
1094
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1108
|
-
-
|
|
1109
|
-
-
|
|
1095
|
+
- collapseable_section_end "injectvars"
|
|
1096
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
1110
1097
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")
|
|
1111
1098
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")
|
|
1112
1099
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
1113
|
-
-
|
|
1114
|
-
-
|
|
1100
|
+
- collapseable_section_end "prepare"
|
|
1101
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
1115
1102
|
- |
|
|
1116
1103
|
cat > ____envvars.yaml <<EOF
|
|
1117
1104
|
ENV_SHORT: |-
|
|
@@ -1121,40 +1108,38 @@ variables:
|
|
|
1121
1108
|
ENV_TYPE: |-
|
|
1122
1109
|
stage
|
|
1123
1110
|
BUILD_INFO_BUILD_ID: |-
|
|
1124
|
-
|
|
1111
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1125
1112
|
BUILD_INFO_BUILD_TIME: |-
|
|
1126
|
-
|
|
1113
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1127
1114
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1128
|
-
|
|
1129
|
-
|
|
1130
|
-
|
|
1115
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1116
|
+
HOSTNAME: |-
|
|
1117
|
+
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1131
1118
|
ROOT_URL: |-
|
|
1132
|
-
|
|
1133
|
-
|
|
1134
|
-
|
|
1135
|
-
HOST_CANONICAL: |-
|
|
1136
|
-
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1119
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1120
|
+
HOSTNAME_INTERNAL: |-
|
|
1121
|
+
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1137
1122
|
ROOT_URL_INTERNAL: |-
|
|
1138
|
-
|
|
1123
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1139
1124
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
1140
1125
|
google-project-id
|
|
1141
1126
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
1142
1127
|
europe-west6
|
|
1143
1128
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
1144
|
-
|
|
1129
|
+
$(printf %s "$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
1145
1130
|
_ALL_ENV_VAR_KEYS: |-
|
|
1146
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1131
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
1147
1132
|
|
|
1148
1133
|
EOF
|
|
1149
|
-
-
|
|
1150
|
-
-
|
|
1134
|
+
- collapseable_section_end "writeenvvars"
|
|
1135
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
1151
1136
|
- gcloud run deploy pan-test-app-stage-api --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=stage,env-name=stage,build-type=node,cloud-run-service-name=pan-test-app-stage-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
1152
|
-
-
|
|
1153
|
-
-
|
|
1137
|
+
- collapseable_section_end "deploy"
|
|
1138
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
1154
1139
|
- gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-stage-api --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
1155
1140
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api@$version --quiet --delete-tags; done
|
|
1156
1141
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done
|
|
1157
|
-
-
|
|
1142
|
+
- collapseable_section_end "cleanup"
|
|
1158
1143
|
- echo 'Uploading SBOM to Dependency Track'
|
|
1159
1144
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
1160
1145
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -1185,9 +1170,9 @@ variables:
|
|
|
1185
1170
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1186
1171
|
GIT_STRATEGY: none
|
|
1187
1172
|
script:
|
|
1188
|
-
-
|
|
1173
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1189
1174
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1190
|
-
-
|
|
1175
|
+
- collapseable_section_end "injectvars"
|
|
1191
1176
|
- set +e
|
|
1192
1177
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")
|
|
1193
1178
|
- gcloud run services delete pan-test-app-stage-api --project=google-project-id --region=europe-west6
|
|
@@ -1230,7 +1215,7 @@ variables:
|
|
|
1230
1215
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1231
1216
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
1232
1217
|
script:
|
|
1233
|
-
-
|
|
1218
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1234
1219
|
- export APP_DIR="api"
|
|
1235
1220
|
- export DOCKER_BUILD_CONTEXT="."
|
|
1236
1221
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -1246,20 +1231,20 @@ variables:
|
|
|
1246
1231
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
1247
1232
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1248
1233
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
1249
|
-
-
|
|
1234
|
+
- collapseable_section_end "injectvars"
|
|
1250
1235
|
- ensureNodeDockerfile
|
|
1251
|
-
-
|
|
1236
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1252
1237
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")
|
|
1253
1238
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
1254
|
-
-
|
|
1255
|
-
-
|
|
1239
|
+
- collapseable_section_end "docker-login"
|
|
1240
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1256
1241
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1257
|
-
-
|
|
1258
|
-
-
|
|
1242
|
+
- collapseable_section_end "docker-build"
|
|
1243
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1259
1244
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1260
1245
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1261
1246
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1262
|
-
-
|
|
1247
|
+
- collapseable_section_end "docker-push"
|
|
1263
1248
|
cache:
|
|
1264
1249
|
- key: api-yarn
|
|
1265
1250
|
policy: pull
|
|
@@ -1277,8 +1262,8 @@ variables:
|
|
|
1277
1262
|
image: aquasec/trivy:0.38.3
|
|
1278
1263
|
variables: {}
|
|
1279
1264
|
script:
|
|
1280
|
-
-
|
|
1281
|
-
-
|
|
1265
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1266
|
+
- collapseable_section_end "injectvars"
|
|
1282
1267
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
1283
1268
|
artifacts:
|
|
1284
1269
|
paths:
|
|
@@ -1297,35 +1282,34 @@ variables:
|
|
|
1297
1282
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1298
1283
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1299
1284
|
script:
|
|
1300
|
-
-
|
|
1285
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1301
1286
|
- export ENV_SHORT="prod"
|
|
1302
1287
|
- export APP_DIR="api"
|
|
1303
1288
|
- export ENV_TYPE="prod"
|
|
1304
1289
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1305
1290
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1306
1291
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1307
|
-
- export
|
|
1292
|
+
- export HOSTNAME="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1308
1293
|
- export ROOT_URL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1309
|
-
- export
|
|
1310
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1294
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1311
1295
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1312
1296
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
1313
1297
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
1314
1298
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_prod_api_GCLOUD_DEPLOY_credentialsKey"
|
|
1315
1299
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
1316
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1300
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
1317
1301
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
1318
1302
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api"
|
|
1319
1303
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"
|
|
1320
1304
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
1321
1305
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1322
|
-
-
|
|
1323
|
-
-
|
|
1306
|
+
- collapseable_section_end "injectvars"
|
|
1307
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
1324
1308
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")
|
|
1325
1309
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")
|
|
1326
1310
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
1327
|
-
-
|
|
1328
|
-
-
|
|
1311
|
+
- collapseable_section_end "prepare"
|
|
1312
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
1329
1313
|
- |
|
|
1330
1314
|
cat > ____envvars.yaml <<EOF
|
|
1331
1315
|
ENV_SHORT: |-
|
|
@@ -1335,40 +1319,38 @@ variables:
|
|
|
1335
1319
|
ENV_TYPE: |-
|
|
1336
1320
|
prod
|
|
1337
1321
|
BUILD_INFO_BUILD_ID: |-
|
|
1338
|
-
|
|
1322
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1339
1323
|
BUILD_INFO_BUILD_TIME: |-
|
|
1340
|
-
|
|
1324
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1341
1325
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1342
|
-
|
|
1343
|
-
|
|
1344
|
-
|
|
1326
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1327
|
+
HOSTNAME: |-
|
|
1328
|
+
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1345
1329
|
ROOT_URL: |-
|
|
1346
|
-
|
|
1347
|
-
|
|
1348
|
-
|
|
1349
|
-
HOST_CANONICAL: |-
|
|
1350
|
-
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1330
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1331
|
+
HOSTNAME_INTERNAL: |-
|
|
1332
|
+
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1351
1333
|
ROOT_URL_INTERNAL: |-
|
|
1352
|
-
|
|
1334
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1353
1335
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
1354
1336
|
google-project-id
|
|
1355
1337
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
1356
1338
|
europe-west6
|
|
1357
1339
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
1358
|
-
|
|
1340
|
+
$(printf %s "$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
1359
1341
|
_ALL_ENV_VAR_KEYS: |-
|
|
1360
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1342
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
1361
1343
|
|
|
1362
1344
|
EOF
|
|
1363
|
-
-
|
|
1364
|
-
-
|
|
1345
|
+
- collapseable_section_end "writeenvvars"
|
|
1346
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
1365
1347
|
- gcloud run deploy pan-test-app-prod-api --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=prod,env-name=prod,build-type=node,cloud-run-service-name=pan-test-app-prod-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
1366
|
-
-
|
|
1367
|
-
-
|
|
1348
|
+
- collapseable_section_end "deploy"
|
|
1349
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
1368
1350
|
- gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-prod-api --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | tail -n +6 | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
1369
1351
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +7 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api@$version --quiet --delete-tags; done
|
|
1370
1352
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done
|
|
1371
|
-
-
|
|
1353
|
+
- collapseable_section_end "cleanup"
|
|
1372
1354
|
- echo 'Uploading SBOM to Dependency Track'
|
|
1373
1355
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
1374
1356
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -1399,9 +1381,9 @@ variables:
|
|
|
1399
1381
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1400
1382
|
GIT_STRATEGY: none
|
|
1401
1383
|
script:
|
|
1402
|
-
-
|
|
1384
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1403
1385
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1404
|
-
-
|
|
1386
|
+
- collapseable_section_end "injectvars"
|
|
1405
1387
|
- set +e
|
|
1406
1388
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")
|
|
1407
1389
|
- gcloud run services delete pan-test-app-prod-api --project=google-project-id --region=europe-west6
|
|
@@ -1444,7 +1426,7 @@ variables:
|
|
|
1444
1426
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1445
1427
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
1446
1428
|
script:
|
|
1447
|
-
-
|
|
1429
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1448
1430
|
- export APP_DIR="www"
|
|
1449
1431
|
- export DOCKER_BUILD_CONTEXT="."
|
|
1450
1432
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -1460,20 +1442,20 @@ variables:
|
|
|
1460
1442
|
COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
|
|
1461
1443
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1462
1444
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
1463
|
-
-
|
|
1445
|
+
- collapseable_section_end "injectvars"
|
|
1464
1446
|
- ensureNodeDockerfile
|
|
1465
|
-
-
|
|
1447
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1466
1448
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")
|
|
1467
1449
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
1468
|
-
-
|
|
1469
|
-
-
|
|
1450
|
+
- collapseable_section_end "docker-login"
|
|
1451
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1470
1452
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1471
|
-
-
|
|
1472
|
-
-
|
|
1453
|
+
- collapseable_section_end "docker-build"
|
|
1454
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1473
1455
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1474
1456
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1475
1457
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1476
|
-
-
|
|
1458
|
+
- collapseable_section_end "docker-push"
|
|
1477
1459
|
cache:
|
|
1478
1460
|
- key: www-yarn
|
|
1479
1461
|
policy: pull
|
|
@@ -1493,8 +1475,8 @@ variables:
|
|
|
1493
1475
|
image: aquasec/trivy:0.38.3
|
|
1494
1476
|
variables: {}
|
|
1495
1477
|
script:
|
|
1496
|
-
-
|
|
1497
|
-
-
|
|
1478
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1479
|
+
- collapseable_section_end "injectvars"
|
|
1498
1480
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
1499
1481
|
artifacts:
|
|
1500
1482
|
paths:
|
|
@@ -1515,36 +1497,35 @@ variables:
|
|
|
1515
1497
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1516
1498
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1517
1499
|
script:
|
|
1518
|
-
-
|
|
1500
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1519
1501
|
- export ENV_SHORT="dev"
|
|
1520
1502
|
- export APP_DIR="www"
|
|
1521
1503
|
- export ENV_TYPE="dev"
|
|
1522
1504
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1523
1505
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1524
1506
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1525
|
-
- export
|
|
1507
|
+
- export HOSTNAME="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1526
1508
|
- export ROOT_URL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1527
|
-
- export
|
|
1528
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1509
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1529
1510
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1530
1511
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
1531
1512
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
1532
1513
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_dev_www_GCLOUD_DEPLOY_credentialsKey"
|
|
1533
1514
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
1534
1515
|
- export API_URL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"
|
|
1535
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1516
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\",\\"API_URL\\"]"
|
|
1536
1517
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
1537
1518
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/www"
|
|
1538
1519
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www"
|
|
1539
1520
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
1540
1521
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1541
|
-
-
|
|
1542
|
-
-
|
|
1522
|
+
- collapseable_section_end "injectvars"
|
|
1523
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
1543
1524
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")
|
|
1544
1525
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")
|
|
1545
1526
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
1546
|
-
-
|
|
1547
|
-
-
|
|
1527
|
+
- collapseable_section_end "prepare"
|
|
1528
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
1548
1529
|
- |
|
|
1549
1530
|
cat > ____envvars.yaml <<EOF
|
|
1550
1531
|
ENV_SHORT: |-
|
|
@@ -1554,42 +1535,40 @@ variables:
|
|
|
1554
1535
|
ENV_TYPE: |-
|
|
1555
1536
|
dev
|
|
1556
1537
|
BUILD_INFO_BUILD_ID: |-
|
|
1557
|
-
|
|
1538
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1558
1539
|
BUILD_INFO_BUILD_TIME: |-
|
|
1559
|
-
|
|
1540
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1560
1541
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1561
|
-
|
|
1562
|
-
|
|
1563
|
-
|
|
1542
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1543
|
+
HOSTNAME: |-
|
|
1544
|
+
$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1564
1545
|
ROOT_URL: |-
|
|
1565
|
-
|
|
1566
|
-
|
|
1567
|
-
|
|
1568
|
-
HOST_CANONICAL: |-
|
|
1569
|
-
$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1546
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1547
|
+
HOSTNAME_INTERNAL: |-
|
|
1548
|
+
$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1570
1549
|
ROOT_URL_INTERNAL: |-
|
|
1571
|
-
|
|
1550
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1572
1551
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
1573
1552
|
google-project-id
|
|
1574
1553
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
1575
1554
|
europe-west6
|
|
1576
1555
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
1577
|
-
|
|
1556
|
+
$(printf %s "$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
1578
1557
|
API_URL: |-
|
|
1579
|
-
|
|
1558
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')/graphql
|
|
1580
1559
|
_ALL_ENV_VAR_KEYS: |-
|
|
1581
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1560
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
|
|
1582
1561
|
|
|
1583
1562
|
EOF
|
|
1584
|
-
-
|
|
1585
|
-
-
|
|
1563
|
+
- collapseable_section_end "writeenvvars"
|
|
1564
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
1586
1565
|
- gcloud run deploy pan-test-app-dev-www --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/www:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=dev,env-name=dev,build-type=node,cloud-run-service-name=pan-test-app-dev-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
1587
|
-
-
|
|
1588
|
-
-
|
|
1566
|
+
- collapseable_section_end "deploy"
|
|
1567
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
1589
1568
|
- gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-dev-www --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
1590
1569
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/www@$version --quiet --delete-tags; done
|
|
1591
1570
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1592
|
-
-
|
|
1571
|
+
- collapseable_section_end "cleanup"
|
|
1593
1572
|
- echo 'Uploading SBOM to Dependency Track'
|
|
1594
1573
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
1595
1574
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -1629,9 +1608,9 @@ variables:
|
|
|
1629
1608
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1630
1609
|
GIT_STRATEGY: none
|
|
1631
1610
|
script:
|
|
1632
|
-
-
|
|
1611
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1633
1612
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1634
|
-
-
|
|
1613
|
+
- collapseable_section_end "injectvars"
|
|
1635
1614
|
- set +e
|
|
1636
1615
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")
|
|
1637
1616
|
- gcloud run services delete pan-test-app-dev-www --project=google-project-id --region=europe-west6
|
|
@@ -1676,7 +1655,7 @@ variables:
|
|
|
1676
1655
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1677
1656
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
1678
1657
|
script:
|
|
1679
|
-
-
|
|
1658
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1680
1659
|
- export APP_DIR="www"
|
|
1681
1660
|
- export DOCKER_BUILD_CONTEXT="."
|
|
1682
1661
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -1692,20 +1671,20 @@ variables:
|
|
|
1692
1671
|
COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
|
|
1693
1672
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1694
1673
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
1695
|
-
-
|
|
1674
|
+
- collapseable_section_end "injectvars"
|
|
1696
1675
|
- ensureNodeDockerfile
|
|
1697
|
-
-
|
|
1676
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1698
1677
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")
|
|
1699
1678
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
1700
|
-
-
|
|
1701
|
-
-
|
|
1679
|
+
- collapseable_section_end "docker-login"
|
|
1680
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1702
1681
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1703
|
-
-
|
|
1704
|
-
-
|
|
1682
|
+
- collapseable_section_end "docker-build"
|
|
1683
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1705
1684
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1706
1685
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1707
1686
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1708
|
-
-
|
|
1687
|
+
- collapseable_section_end "docker-push"
|
|
1709
1688
|
cache:
|
|
1710
1689
|
- key: www-yarn
|
|
1711
1690
|
policy: pull
|
|
@@ -1723,8 +1702,8 @@ variables:
|
|
|
1723
1702
|
image: aquasec/trivy:0.38.3
|
|
1724
1703
|
variables: {}
|
|
1725
1704
|
script:
|
|
1726
|
-
-
|
|
1727
|
-
-
|
|
1705
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1706
|
+
- collapseable_section_end "injectvars"
|
|
1728
1707
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
1729
1708
|
artifacts:
|
|
1730
1709
|
paths:
|
|
@@ -1743,36 +1722,35 @@ variables:
|
|
|
1743
1722
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1744
1723
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1745
1724
|
script:
|
|
1746
|
-
-
|
|
1725
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1747
1726
|
- export ENV_SHORT="review"
|
|
1748
1727
|
- export APP_DIR="www"
|
|
1749
1728
|
- export ENV_TYPE="review"
|
|
1750
1729
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1751
1730
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1752
1731
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1753
|
-
- export
|
|
1732
|
+
- export HOSTNAME="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1754
1733
|
- export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1755
|
-
- export
|
|
1756
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1734
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1757
1735
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1758
1736
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
1759
1737
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
1760
1738
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_review_www_GCLOUD_DEPLOY_credentialsKey"
|
|
1761
1739
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_review_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
1762
1740
|
- export API_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"
|
|
1763
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1741
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\",\\"API_URL\\"]"
|
|
1764
1742
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
1765
1743
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"
|
|
1766
1744
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www"
|
|
1767
1745
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
1768
1746
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1769
|
-
-
|
|
1770
|
-
-
|
|
1747
|
+
- collapseable_section_end "injectvars"
|
|
1748
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
1771
1749
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")
|
|
1772
1750
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")
|
|
1773
1751
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
1774
|
-
-
|
|
1775
|
-
-
|
|
1752
|
+
- collapseable_section_end "prepare"
|
|
1753
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
1776
1754
|
- |
|
|
1777
1755
|
cat > ____envvars.yaml <<EOF
|
|
1778
1756
|
ENV_SHORT: |-
|
|
@@ -1782,45 +1760,43 @@ variables:
|
|
|
1782
1760
|
ENV_TYPE: |-
|
|
1783
1761
|
review
|
|
1784
1762
|
BUILD_INFO_BUILD_ID: |-
|
|
1785
|
-
|
|
1763
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1786
1764
|
BUILD_INFO_BUILD_TIME: |-
|
|
1787
|
-
|
|
1765
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1788
1766
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1789
|
-
|
|
1790
|
-
|
|
1791
|
-
|
|
1767
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1768
|
+
HOSTNAME: |-
|
|
1769
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1792
1770
|
ROOT_URL: |-
|
|
1793
|
-
|
|
1794
|
-
|
|
1795
|
-
|
|
1796
|
-
HOST_CANONICAL: |-
|
|
1797
|
-
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1771
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1772
|
+
HOSTNAME_INTERNAL: |-
|
|
1773
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1798
1774
|
ROOT_URL_INTERNAL: |-
|
|
1799
|
-
|
|
1775
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1800
1776
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
1801
1777
|
google-project-id
|
|
1802
1778
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
1803
1779
|
europe-west6
|
|
1804
1780
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
1805
|
-
|
|
1781
|
+
$(printf %s "$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
1806
1782
|
API_URL: |-
|
|
1807
|
-
|
|
1783
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')/graphql
|
|
1808
1784
|
_ALL_ENV_VAR_KEYS: |-
|
|
1809
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1785
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
|
|
1810
1786
|
|
|
1811
1787
|
EOF
|
|
1812
|
-
-
|
|
1813
|
-
-
|
|
1788
|
+
- collapseable_section_end "writeenvvars"
|
|
1789
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
1814
1790
|
- gcloud run deploy $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-service-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
1815
|
-
-
|
|
1816
|
-
-
|
|
1791
|
+
- collapseable_section_end "deploy"
|
|
1792
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
1817
1793
|
- gcloud run revisions list --project=google-project-id --region=europe-west6 --service=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
1818
1794
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })@$version --quiet --delete-tags; done
|
|
1819
1795
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
1820
1796
|
- set +e
|
|
1821
1797
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/www --quiet --delete-tags
|
|
1822
1798
|
- set -e
|
|
1823
|
-
-
|
|
1799
|
+
- collapseable_section_end "cleanup"
|
|
1824
1800
|
- echo 'Uploading SBOM to Dependency Track'
|
|
1825
1801
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
1826
1802
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -1858,9 +1834,9 @@ variables:
|
|
|
1858
1834
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1859
1835
|
GIT_STRATEGY: none
|
|
1860
1836
|
script:
|
|
1861
|
-
-
|
|
1837
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1862
1838
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1863
|
-
-
|
|
1839
|
+
- collapseable_section_end "injectvars"
|
|
1864
1840
|
- set +e
|
|
1865
1841
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")
|
|
1866
1842
|
- gcloud run services delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --project=google-project-id --region=europe-west6
|
|
@@ -1906,7 +1882,7 @@ variables:
|
|
|
1906
1882
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1907
1883
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
1908
1884
|
script:
|
|
1909
|
-
-
|
|
1885
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1910
1886
|
- export APP_DIR="www"
|
|
1911
1887
|
- export DOCKER_BUILD_CONTEXT="."
|
|
1912
1888
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -1922,20 +1898,20 @@ variables:
|
|
|
1922
1898
|
COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
|
|
1923
1899
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1924
1900
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
1925
|
-
-
|
|
1901
|
+
- collapseable_section_end "injectvars"
|
|
1926
1902
|
- ensureNodeDockerfile
|
|
1927
|
-
-
|
|
1903
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1928
1904
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")
|
|
1929
1905
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
1930
|
-
-
|
|
1931
|
-
-
|
|
1906
|
+
- collapseable_section_end "docker-login"
|
|
1907
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1932
1908
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1933
|
-
-
|
|
1934
|
-
-
|
|
1909
|
+
- collapseable_section_end "docker-build"
|
|
1910
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1935
1911
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1936
1912
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1937
1913
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1938
|
-
-
|
|
1914
|
+
- collapseable_section_end "docker-push"
|
|
1939
1915
|
cache:
|
|
1940
1916
|
- key: www-yarn
|
|
1941
1917
|
policy: pull
|
|
@@ -1953,8 +1929,8 @@ variables:
|
|
|
1953
1929
|
image: aquasec/trivy:0.38.3
|
|
1954
1930
|
variables: {}
|
|
1955
1931
|
script:
|
|
1956
|
-
-
|
|
1957
|
-
-
|
|
1932
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1933
|
+
- collapseable_section_end "injectvars"
|
|
1958
1934
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
1959
1935
|
artifacts:
|
|
1960
1936
|
paths:
|
|
@@ -1973,36 +1949,35 @@ variables:
|
|
|
1973
1949
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1974
1950
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1975
1951
|
script:
|
|
1976
|
-
-
|
|
1952
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1977
1953
|
- export ENV_SHORT="stage"
|
|
1978
1954
|
- export APP_DIR="www"
|
|
1979
1955
|
- export ENV_TYPE="stage"
|
|
1980
1956
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1981
1957
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1982
1958
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1983
|
-
- export
|
|
1959
|
+
- export HOSTNAME="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1984
1960
|
- export ROOT_URL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1985
|
-
- export
|
|
1986
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1961
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1987
1962
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1988
1963
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
1989
1964
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
1990
1965
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_stage_www_GCLOUD_DEPLOY_credentialsKey"
|
|
1991
1966
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
1992
1967
|
- export API_URL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"
|
|
1993
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1968
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\",\\"API_URL\\"]"
|
|
1994
1969
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
1995
1970
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/www"
|
|
1996
1971
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www"
|
|
1997
1972
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
1998
1973
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1999
|
-
-
|
|
2000
|
-
-
|
|
1974
|
+
- collapseable_section_end "injectvars"
|
|
1975
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
2001
1976
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")
|
|
2002
1977
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")
|
|
2003
1978
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
2004
|
-
-
|
|
2005
|
-
-
|
|
1979
|
+
- collapseable_section_end "prepare"
|
|
1980
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
2006
1981
|
- |
|
|
2007
1982
|
cat > ____envvars.yaml <<EOF
|
|
2008
1983
|
ENV_SHORT: |-
|
|
@@ -2012,42 +1987,40 @@ variables:
|
|
|
2012
1987
|
ENV_TYPE: |-
|
|
2013
1988
|
stage
|
|
2014
1989
|
BUILD_INFO_BUILD_ID: |-
|
|
2015
|
-
|
|
1990
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
2016
1991
|
BUILD_INFO_BUILD_TIME: |-
|
|
2017
|
-
|
|
1992
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
2018
1993
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
2019
|
-
|
|
2020
|
-
|
|
2021
|
-
|
|
1994
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1995
|
+
HOSTNAME: |-
|
|
1996
|
+
$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
2022
1997
|
ROOT_URL: |-
|
|
2023
|
-
|
|
2024
|
-
|
|
2025
|
-
|
|
2026
|
-
HOST_CANONICAL: |-
|
|
2027
|
-
$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1998
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1999
|
+
HOSTNAME_INTERNAL: |-
|
|
2000
|
+
$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
2028
2001
|
ROOT_URL_INTERNAL: |-
|
|
2029
|
-
|
|
2002
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
2030
2003
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
2031
2004
|
google-project-id
|
|
2032
2005
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
2033
2006
|
europe-west6
|
|
2034
2007
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
2035
|
-
|
|
2008
|
+
$(printf %s "$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
2036
2009
|
API_URL: |-
|
|
2037
|
-
|
|
2010
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')/graphql
|
|
2038
2011
|
_ALL_ENV_VAR_KEYS: |-
|
|
2039
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
2012
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
|
|
2040
2013
|
|
|
2041
2014
|
EOF
|
|
2042
|
-
-
|
|
2043
|
-
-
|
|
2015
|
+
- collapseable_section_end "writeenvvars"
|
|
2016
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
2044
2017
|
- gcloud run deploy pan-test-app-stage-www --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/www:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=stage,env-name=stage,build-type=node,cloud-run-service-name=pan-test-app-stage-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
2045
|
-
-
|
|
2046
|
-
-
|
|
2018
|
+
- collapseable_section_end "deploy"
|
|
2019
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
2047
2020
|
- gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-stage-www --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
2048
2021
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/www@$version --quiet --delete-tags; done
|
|
2049
2022
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
2050
|
-
-
|
|
2023
|
+
- collapseable_section_end "cleanup"
|
|
2051
2024
|
- echo 'Uploading SBOM to Dependency Track'
|
|
2052
2025
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
2053
2026
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -2078,9 +2051,9 @@ variables:
|
|
|
2078
2051
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
2079
2052
|
GIT_STRATEGY: none
|
|
2080
2053
|
script:
|
|
2081
|
-
-
|
|
2054
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
2082
2055
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
2083
|
-
-
|
|
2056
|
+
- collapseable_section_end "injectvars"
|
|
2084
2057
|
- set +e
|
|
2085
2058
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")
|
|
2086
2059
|
- gcloud run services delete pan-test-app-stage-www --project=google-project-id --region=europe-west6
|
|
@@ -2123,7 +2096,7 @@ variables:
|
|
|
2123
2096
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
2124
2097
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
2125
2098
|
script:
|
|
2126
|
-
-
|
|
2099
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
2127
2100
|
- export APP_DIR="www"
|
|
2128
2101
|
- export DOCKER_BUILD_CONTEXT="."
|
|
2129
2102
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -2139,20 +2112,20 @@ variables:
|
|
|
2139
2112
|
COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
|
|
2140
2113
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
2141
2114
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
2142
|
-
-
|
|
2115
|
+
- collapseable_section_end "injectvars"
|
|
2143
2116
|
- ensureNodeDockerfile
|
|
2144
|
-
-
|
|
2117
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
2145
2118
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")
|
|
2146
2119
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
2147
|
-
-
|
|
2148
|
-
-
|
|
2120
|
+
- collapseable_section_end "docker-login"
|
|
2121
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
2149
2122
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
2150
|
-
-
|
|
2151
|
-
-
|
|
2123
|
+
- collapseable_section_end "docker-build"
|
|
2124
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
2152
2125
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
2153
2126
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
2154
2127
|
- docker push $DOCKER_CACHE_IMAGE
|
|
2155
|
-
-
|
|
2128
|
+
- collapseable_section_end "docker-push"
|
|
2156
2129
|
cache:
|
|
2157
2130
|
- key: www-yarn
|
|
2158
2131
|
policy: pull
|
|
@@ -2170,8 +2143,8 @@ variables:
|
|
|
2170
2143
|
image: aquasec/trivy:0.38.3
|
|
2171
2144
|
variables: {}
|
|
2172
2145
|
script:
|
|
2173
|
-
-
|
|
2174
|
-
-
|
|
2146
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
2147
|
+
- collapseable_section_end "injectvars"
|
|
2175
2148
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" www
|
|
2176
2149
|
artifacts:
|
|
2177
2150
|
paths:
|
|
@@ -2190,36 +2163,35 @@ variables:
|
|
|
2190
2163
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
2191
2164
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
2192
2165
|
script:
|
|
2193
|
-
-
|
|
2166
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
2194
2167
|
- export ENV_SHORT="prod"
|
|
2195
2168
|
- export APP_DIR="www"
|
|
2196
2169
|
- export ENV_TYPE="prod"
|
|
2197
2170
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
2198
2171
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
2199
2172
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
2200
|
-
- export
|
|
2173
|
+
- export HOSTNAME="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
2201
2174
|
- export ROOT_URL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
2202
|
-
- export
|
|
2203
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
2175
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
2204
2176
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
2205
2177
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
2206
2178
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
2207
2179
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_prod_www_GCLOUD_DEPLOY_credentialsKey"
|
|
2208
2180
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix"
|
|
2209
2181
|
- export API_URL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')/graphql"
|
|
2210
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
2182
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\",\\"API_URL\\"]"
|
|
2211
2183
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
2212
2184
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/www"
|
|
2213
2185
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www"
|
|
2214
2186
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
2215
2187
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
2216
|
-
-
|
|
2217
|
-
-
|
|
2188
|
+
- collapseable_section_end "injectvars"
|
|
2189
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
2218
2190
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")
|
|
2219
2191
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")
|
|
2220
2192
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
2221
|
-
-
|
|
2222
|
-
-
|
|
2193
|
+
- collapseable_section_end "prepare"
|
|
2194
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
2223
2195
|
- |
|
|
2224
2196
|
cat > ____envvars.yaml <<EOF
|
|
2225
2197
|
ENV_SHORT: |-
|
|
@@ -2229,42 +2201,40 @@ variables:
|
|
|
2229
2201
|
ENV_TYPE: |-
|
|
2230
2202
|
prod
|
|
2231
2203
|
BUILD_INFO_BUILD_ID: |-
|
|
2232
|
-
|
|
2204
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
2233
2205
|
BUILD_INFO_BUILD_TIME: |-
|
|
2234
|
-
|
|
2206
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
2235
2207
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
2236
|
-
|
|
2237
|
-
|
|
2238
|
-
|
|
2208
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
2209
|
+
HOSTNAME: |-
|
|
2210
|
+
$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
2239
2211
|
ROOT_URL: |-
|
|
2240
|
-
|
|
2241
|
-
|
|
2242
|
-
|
|
2243
|
-
HOST_CANONICAL: |-
|
|
2244
|
-
$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
2212
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
2213
|
+
HOSTNAME_INTERNAL: |-
|
|
2214
|
+
$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
2245
2215
|
ROOT_URL_INTERNAL: |-
|
|
2246
|
-
|
|
2216
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
2247
2217
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
2248
2218
|
google-project-id
|
|
2249
2219
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
2250
2220
|
europe-west6
|
|
2251
2221
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
2252
|
-
|
|
2222
|
+
$(printf %s "$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
2253
2223
|
API_URL: |-
|
|
2254
|
-
|
|
2224
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')/graphql
|
|
2255
2225
|
_ALL_ENV_VAR_KEYS: |-
|
|
2256
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
2226
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix","API_URL"]
|
|
2257
2227
|
|
|
2258
2228
|
EOF
|
|
2259
|
-
-
|
|
2260
|
-
-
|
|
2229
|
+
- collapseable_section_end "writeenvvars"
|
|
2230
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
2261
2231
|
- gcloud run deploy pan-test-app-prod-www --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/www:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=prod,env-name=prod,build-type=node,cloud-run-service-name=pan-test-app-prod-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
2262
|
-
-
|
|
2263
|
-
-
|
|
2232
|
+
- collapseable_section_end "deploy"
|
|
2233
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
2264
2234
|
- gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-prod-www --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | tail -n +6 | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
2265
2235
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +7 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/www@$version --quiet --delete-tags; done
|
|
2266
2236
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done
|
|
2267
|
-
-
|
|
2237
|
+
- collapseable_section_end "cleanup"
|
|
2268
2238
|
- echo 'Uploading SBOM to Dependency Track'
|
|
2269
2239
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
2270
2240
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -2295,9 +2265,9 @@ variables:
|
|
|
2295
2265
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
2296
2266
|
GIT_STRATEGY: none
|
|
2297
2267
|
script:
|
|
2298
|
-
-
|
|
2268
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
2299
2269
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
2300
|
-
-
|
|
2270
|
+
- collapseable_section_end "injectvars"
|
|
2301
2271
|
- set +e
|
|
2302
2272
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")
|
|
2303
2273
|
- gcloud run services delete pan-test-app-prod-www --project=google-project-id --region=europe-west6
|