@catladder/pipeline 1.170.1 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bash/BashExpression.d.ts +1 -6
- package/dist/bash/BashExpression.js +2 -15
- package/dist/bash/bashEscape.d.ts +34 -0
- package/dist/bash/bashEscape.js +114 -0
- package/dist/bash/bashYaml.js +25 -2
- package/dist/bash/getInjectVarsScript.js +4 -2
- package/dist/bash/index.d.ts +2 -0
- package/dist/bash/index.js +26 -0
- package/dist/build/base/createAppBuildJob.js +3 -3
- package/dist/build/base/writeDotEnv.js +6 -4
- package/dist/build/custom/testJob.js +12 -12
- package/dist/build/docker.d.ts +3 -3
- package/dist/build/node/buildJob.js +1 -1
- package/dist/build/node/cache.d.ts +2 -4
- package/dist/build/node/cache.js +3 -24
- package/dist/build/node/testJob.js +11 -11
- package/dist/build/rails/build.js +1 -1
- package/dist/build/rails/test.js +8 -8
- package/dist/build/types.d.ts +0 -10
- package/dist/constants.js +1 -1
- package/dist/context/createComponentContext.js +0 -1
- package/dist/context/getEnvConfig.js +2 -1
- package/dist/context/getEnvironment.js +1 -2
- package/dist/context/getEnvironmentVariables.d.ts +5 -6
- package/dist/context/getEnvironmentVariables.js +50 -38
- package/dist/deploy/base/deploy.js +3 -3
- package/dist/deploy/cloudRun/createJobs/getCloudRunDeployScripts.js +2 -2
- package/dist/deploy/cloudRun/index.js +2 -2
- package/dist/deploy/cloudRun/utils/getServiceName.d.ts +1 -1
- package/dist/deploy/kubernetes/cloudSql/index.d.ts +2 -2
- package/dist/deploy/kubernetes/cloudSql/index.js +3 -14
- package/dist/deploy/kubernetes/deployJob.js +1 -3
- package/dist/deploy/kubernetes/index.js +2 -2
- package/dist/deploy/kubernetes/kubeEnv.d.ts +3 -3
- package/dist/deploy/kubernetes/kubeValues.d.ts +3 -4
- package/dist/deploy/kubernetes/kubeValues.js +2 -3
- package/dist/deploy/types/base.d.ts +0 -6
- package/dist/deploy/types/kubernetes.d.ts +1 -34
- package/dist/globalScriptFunctions/index.d.ts +14 -0
- package/dist/globalScriptFunctions/index.js +37 -0
- package/dist/index.d.ts +3 -1
- package/dist/index.js +3 -1
- package/dist/pipeline/gitlab/createGitlabJobs.js +3 -5
- package/dist/pipeline/gitlab/createGitlabPipeline.d.ts +1 -0
- package/dist/pipeline/gitlab/createGitlabPipeline.js +38 -2
- package/dist/pipeline/packageManager.js +1 -1
- package/dist/runner/index.d.ts +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/dist/types/config.d.ts +6 -9
- package/dist/types/context.d.ts +2 -9
- package/dist/types/gitlab-types.d.ts +1 -0
- package/dist/types/jobs.d.ts +0 -8
- package/dist/utils/gitlab.js +4 -1
- package/dist/utils/writeFiles.js +1 -7
- package/dist/variables/VariableValue.d.ts +3 -0
- package/dist/variables/VariableValue.js +5 -0
- package/dist/variables/VariableValueContainingReferences.d.ts +24 -0
- package/dist/variables/VariableValueContainingReferences.js +97 -0
- package/dist/variables/__tests__/resolveAllReferences.test.js +219 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.js +171 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.js +202 -0
- package/dist/variables/__tests__/variableValue.test.d.ts +1 -0
- package/dist/variables/__tests__/variableValue.test.js +36 -0
- package/dist/variables/resolveAllReferences.d.ts +3 -0
- package/dist/{bash/replaceAsync.js → variables/resolveAllReferences.js} +60 -40
- package/dist/variables/resolveAllReferencesOnce.d.ts +5 -0
- package/dist/variables/resolveAllReferencesOnce.js +191 -0
- package/dist/variables/resolveReferencesOnce.d.ts +8 -0
- package/dist/variables/resolveReferencesOnce.js +22 -0
- package/examples/__snapshots__/cloud-run-http2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-memory-limit.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-meteor-with-worker.test.ts.snap +312 -222
- package/examples/__snapshots__/cloud-run-nextjs.test.ts.snap +1436 -0
- package/examples/__snapshots__/cloud-run-no-cpu-throttling.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-no-service.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-non-public.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-post-stop-job.test.ts.snap +313 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc-connector.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-gen2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-increase-timout.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-with-volumes.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-storybook.test.ts.snap +294 -220
- package/examples/__snapshots__/cloud-run-with-ngnix.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-with-sql-reuse-db.test.ts.snap +652 -486
- package/examples/__snapshots__/cloud-run-with-sql.test.ts.snap +282 -288
- package/examples/__snapshots__/cloud-run-with-worker.test.ts.snap +312 -238
- package/examples/__snapshots__/custom-build-job-with-tests.test.ts.snap +284 -194
- package/examples/__snapshots__/custom-build-job.test.ts.snap +278 -188
- package/examples/__snapshots__/custom-deploy.test.ts.snap +220 -154
- package/examples/__snapshots__/custom-envs.test.ts.snap +216 -126
- package/examples/__snapshots__/custom-sbom-java.test.ts.snap +278 -188
- package/examples/__snapshots__/git-submodule.test.ts.snap +312 -238
- package/examples/__snapshots__/kubernetes-application-customization.test.ts.snap +231 -253
- package/examples/__snapshots__/kubernetes-with-cloud-sql.test.ts.snap +240 -262
- package/examples/__snapshots__/kubernetes-with-jobs.test.ts.snap +504 -506
- package/examples/__snapshots__/kubernetes-with-mongodb.test.ts.snap +239 -261
- package/examples/__snapshots__/local-dot-env.test.ts.snap +236 -238
- package/examples/__snapshots__/meteor-kubernetes.test.ts.snap +236 -242
- package/examples/__snapshots__/multiline-var.test.ts.snap +1355 -973
- package/examples/__snapshots__/native-app.test.ts.snap +438 -392
- package/examples/__snapshots__/node-build-with-custom-image.test.ts.snap +312 -238
- package/examples/__snapshots__/node-build-with-docker-additions.test.ts.snap +312 -238
- package/examples/__snapshots__/rails-k8s-with-worker-dockerfile.test.ts.snap +186 -188
- package/examples/__snapshots__/rails-k8s-with-worker.test.ts.snap +162 -164
- package/examples/__snapshots__/referencing-other-vars.test.ts.snap +971 -765
- package/examples/__snapshots__/wait-for-other-deploy.test.ts.snap +330 -228
- package/examples/__snapshots__/{workspace-api-www-custom-cache.test.ts.snap → workspace-api-www-turbo-cache.test.ts.snap} +457 -499
- package/examples/__snapshots__/workspace-api-www.test.ts.snap +452 -482
- package/examples/{workspace-api-www-custom-cache.test.ts → cloud-run-nextjs.test.ts} +2 -2
- package/examples/cloud-run-nextjs.ts +28 -0
- package/examples/cloud-run-with-sql.ts +0 -1
- package/examples/kubernetes-application-customization.ts +1 -0
- package/examples/kubernetes-with-cloud-sql.ts +1 -0
- package/examples/kubernetes-with-jobs.ts +1 -0
- package/examples/kubernetes-with-mongodb.ts +1 -0
- package/examples/meteor-kubernetes.ts +1 -1
- package/examples/native-app.ts +10 -7
- package/examples/rails-k8s-with-worker.ts +7 -1
- package/examples/{kubernetes-with-cloud-sql-legacy.test.ts → workspace-api-www-turbo-cache.test.ts} +2 -2
- package/examples/{workspace-api-www-custom-cache.ts → workspace-api-www-turbo-cache.ts} +4 -3
- package/examples/workspace-api-www.ts +3 -2
- package/package.json +2 -6
- package/src/bash/BashExpression.ts +0 -13
- package/src/bash/bashEscape.ts +158 -0
- package/src/bash/bashYaml.ts +36 -2
- package/src/bash/getInjectVarsScript.ts +11 -2
- package/src/bash/index.ts +2 -0
- package/src/build/base/createAppBuildJob.ts +0 -1
- package/src/build/base/writeDotEnv.ts +6 -6
- package/src/build/custom/testJob.ts +0 -1
- package/src/build/node/buildJob.ts +2 -2
- package/src/build/node/cache.ts +0 -29
- package/src/build/node/testJob.ts +0 -1
- package/src/build/rails/build.ts +0 -1
- package/src/build/rails/test.ts +0 -1
- package/src/build/types.ts +0 -13
- package/src/context/createComponentContext.ts +0 -1
- package/src/context/getEnvConfig.ts +2 -2
- package/src/context/getEnvironment.ts +1 -1
- package/src/context/getEnvironmentContext.ts +1 -1
- package/src/context/getEnvironmentVariables.ts +44 -51
- package/src/deploy/base/deploy.ts +1 -1
- package/src/deploy/cloudRun/createJobs/getCloudRunDeployScripts.ts +4 -12
- package/src/deploy/cloudRun/index.ts +2 -2
- package/src/deploy/kubernetes/cloudSql/index.ts +3 -16
- package/src/deploy/kubernetes/deployJob.ts +0 -2
- package/src/deploy/kubernetes/index.ts +2 -2
- package/src/deploy/kubernetes/kubeEnv.ts +3 -3
- package/src/deploy/kubernetes/kubeValues.ts +5 -8
- package/src/deploy/types/base.ts +0 -6
- package/src/deploy/types/kubernetes.ts +1 -36
- package/src/globalScriptFunctions/index.ts +30 -0
- package/src/index.ts +2 -0
- package/src/pipeline/gitlab/createGitlabJobs.ts +1 -4
- package/src/pipeline/gitlab/createGitlabPipeline.ts +8 -1
- package/src/pipeline/packageManager.ts +7 -5
- package/src/runner/index.ts +0 -1
- package/src/types/config.ts +6 -9
- package/src/types/context.ts +3 -9
- package/src/types/gitlab-types.ts +1 -0
- package/src/types/jobs.ts +0 -8
- package/src/utils/gitlab.ts +19 -2
- package/src/utils/writeFiles.ts +1 -2
- package/src/variables/VariableValue.ts +6 -0
- package/src/variables/VariableValueContainingReferences.ts +89 -0
- package/src/variables/__tests__/resolveAllReferences.test.ts +110 -0
- package/src/variables/__tests__/resolveAllReferencesOnce.test.ts +64 -0
- package/src/variables/__tests__/resolveReferencesOnce.test.ts +117 -0
- package/src/variables/__tests__/variableValue.test.ts +73 -0
- package/src/variables/resolveAllReferences.ts +46 -0
- package/src/variables/resolveAllReferencesOnce.ts +44 -0
- package/src/variables/resolveReferencesOnce.ts +29 -0
- package/bin/catladder-gitlab-dev.js +0 -3
- package/bin/catladder-gitlab.js +0 -3
- package/dist/bash/replaceAsync.d.ts +0 -2
- package/dist/bundles/catladder-gitlab/index.js +0 -15
- package/dist/context/__tests__/resolveReferences.test.js +0 -368
- package/dist/context/resolveReferences.d.ts +0 -6
- package/dist/context/resolveReferences.js +0 -286
- package/dist/deploy/kubernetes/processSecretsAsFiles.d.ts +0 -85
- package/dist/deploy/kubernetes/processSecretsAsFiles.js +0 -33
- package/examples/__snapshots__/kubernetes-with-cloud-sql-legacy.test.ts.snap +0 -1795
- package/examples/kubernetes-with-cloud-sql-legacy.ts +0 -35
- package/scripts/bundle +0 -2
- package/src/bash/replaceAsync.ts +0 -49
- package/src/context/__tests__/resolveReferences.test.ts +0 -148
- package/src/context/resolveReferences.ts +0 -93
- package/src/deploy/kubernetes/processSecretsAsFiles.ts +0 -35
- /package/dist/{context/__tests__/resolveReferences.test.d.ts → variables/__tests__/resolveAllReferences.test.d.ts} +0 -0
|
@@ -45,6 +45,36 @@ variables:
|
|
|
45
45
|
CACHE_COMPRESSION_LEVEL: fast
|
|
46
46
|
TRANSFER_METER_FREQUENCY: 5s
|
|
47
47
|
GIT_DEPTH: '1'
|
|
48
|
+
before_script:
|
|
49
|
+
- |-
|
|
50
|
+
function escapeForDotEnv () {
|
|
51
|
+
input="\${1:-$(cat)}"
|
|
52
|
+
input="\${input//$'\\n'/\\\\n}"
|
|
53
|
+
if [[ "$input" == *\\\\n* ]]; then
|
|
54
|
+
if [[ "$input" == *\\"* && "$input" == *\\'* && "$input" == *\\\`* ]]; then
|
|
55
|
+
printf "\\"%s\\"\\n" "$input"
|
|
56
|
+
elif [[ "$input" == *\\"* && "$input" == *\\'* ]]; then
|
|
57
|
+
printf "\`%s\`\\n" "$input"
|
|
58
|
+
elif [[ "$input" == *\\"* ]]; then
|
|
59
|
+
printf "'%s'\\n" "$input"
|
|
60
|
+
else
|
|
61
|
+
printf "\\"%s\\"\\n" "$input"
|
|
62
|
+
fi
|
|
63
|
+
else
|
|
64
|
+
printf "%s\\n" "$input"
|
|
65
|
+
fi
|
|
66
|
+
}
|
|
67
|
+
- |-
|
|
68
|
+
function collapseable_section_start () {
|
|
69
|
+
local section_title="\${1}"
|
|
70
|
+
local section_description="\${2:-$section_title}"
|
|
71
|
+
echo -e "section_start:\`date +%s\`:\${section_title}[collapsed=true]\\r\\e[0K\${section_description}"
|
|
72
|
+
}
|
|
73
|
+
- |-
|
|
74
|
+
function collapseable_section_end () {
|
|
75
|
+
local section_title="\${1}"
|
|
76
|
+
echo -e "section_end:\`date +%s\`:\${section_title}\\r\\e[0K"
|
|
77
|
+
}
|
|
48
78
|
web 🛡 audit:
|
|
49
79
|
stage: test
|
|
50
80
|
image: path/to/docker/jobs-default:the-version
|
|
@@ -53,9 +83,9 @@ web 🛡 audit:
|
|
|
53
83
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
54
84
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
55
85
|
script:
|
|
56
|
-
-
|
|
86
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
57
87
|
- export APP_PATH="app"
|
|
58
|
-
-
|
|
88
|
+
- collapseable_section_end "injectvars"
|
|
59
89
|
- cd app
|
|
60
90
|
- yarn npm audit --environment production
|
|
61
91
|
rules:
|
|
@@ -79,21 +109,21 @@ web 👮 lint:
|
|
|
79
109
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
80
110
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
81
111
|
script:
|
|
82
|
-
-
|
|
112
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
83
113
|
- export APP_PATH="app"
|
|
84
|
-
-
|
|
85
|
-
-
|
|
114
|
+
- collapseable_section_end "injectvars"
|
|
115
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
86
116
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
87
117
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
88
|
-
-
|
|
118
|
+
- collapseable_section_end "nodeinstall"
|
|
89
119
|
- cd app
|
|
90
|
-
-
|
|
120
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
91
121
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
92
122
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
93
|
-
-
|
|
94
|
-
-
|
|
123
|
+
- collapseable_section_end "nodeinstall"
|
|
124
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
95
125
|
- yarn install --immutable
|
|
96
|
-
-
|
|
126
|
+
- collapseable_section_end "yarninstall"
|
|
97
127
|
- yarn lint
|
|
98
128
|
cache:
|
|
99
129
|
- key: app-yarn
|
|
@@ -120,21 +150,21 @@ web 🧪 test:
|
|
|
120
150
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
121
151
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
122
152
|
script:
|
|
123
|
-
-
|
|
153
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
124
154
|
- export APP_PATH="app"
|
|
125
|
-
-
|
|
126
|
-
-
|
|
155
|
+
- collapseable_section_end "injectvars"
|
|
156
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
127
157
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
128
158
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
129
|
-
-
|
|
159
|
+
- collapseable_section_end "nodeinstall"
|
|
130
160
|
- cd app
|
|
131
|
-
-
|
|
161
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
132
162
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
133
163
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
134
|
-
-
|
|
135
|
-
-
|
|
164
|
+
- collapseable_section_end "nodeinstall"
|
|
165
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
136
166
|
- yarn install --immutable
|
|
137
|
-
-
|
|
167
|
+
- collapseable_section_end "yarninstall"
|
|
138
168
|
- yarn test
|
|
139
169
|
cache:
|
|
140
170
|
- key: app-yarn
|
|
@@ -161,7 +191,7 @@ web 🧪 test:
|
|
|
161
191
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
162
192
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
163
193
|
script:
|
|
164
|
-
-
|
|
194
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
165
195
|
- export METEOR_DISABLE_OPTIMISTIC_CACHING="1"
|
|
166
196
|
- export ENV_SHORT="dev"
|
|
167
197
|
- export APP_DIR="app"
|
|
@@ -169,30 +199,29 @@ web 🧪 test:
|
|
|
169
199
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
170
200
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
171
201
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
172
|
-
- export
|
|
202
|
+
- export HOSTNAME="web.dev.my-app.pan.panter.cloud"
|
|
173
203
|
- export ROOT_URL="https://web.dev.my-app.pan.panter.cloud"
|
|
174
|
-
- export
|
|
175
|
-
- export HOST_CANONICAL="web.dev.my-app.pan.panter.cloud"
|
|
204
|
+
- export HOSTNAME_INTERNAL="web.dev.my-app.pan.panter.cloud"
|
|
176
205
|
- export ROOT_URL_INTERNAL="https://web.dev.my-app.pan.panter.cloud"
|
|
177
206
|
- export KUBE_NAMESPACE="pan-my-app-dev"
|
|
178
207
|
- export KUBE_APP_NAME="web"
|
|
179
208
|
- export KUBE_APP_NAME_PREFIX=""
|
|
180
209
|
- export MONGODB_ROOT_PASSWORD="$CL_dev_web_MONGODB_ROOT_PASSWORD"
|
|
181
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
182
|
-
-
|
|
210
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\"]"
|
|
211
|
+
- collapseable_section_end "injectvars"
|
|
183
212
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json
|
|
184
|
-
-
|
|
213
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
185
214
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
186
215
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
187
|
-
-
|
|
216
|
+
- collapseable_section_end "nodeinstall"
|
|
188
217
|
- cd app
|
|
189
|
-
-
|
|
218
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
190
219
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
191
220
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
192
|
-
-
|
|
193
|
-
-
|
|
221
|
+
- collapseable_section_end "nodeinstall"
|
|
222
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
194
223
|
- yarn install --immutable
|
|
195
|
-
-
|
|
224
|
+
- collapseable_section_end "yarninstall"
|
|
196
225
|
- echo "add healthcheck package"
|
|
197
226
|
- meteor add panter:healthroute --allow-superuser
|
|
198
227
|
- meteor add qualia:prod-shell --allow-superuser
|
|
@@ -245,7 +274,7 @@ web 🧪 test:
|
|
|
245
274
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
246
275
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
247
276
|
script:
|
|
248
|
-
-
|
|
277
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
249
278
|
- export APP_DIR="app"
|
|
250
279
|
- export DOCKER_BUILD_CONTEXT="."
|
|
251
280
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
@@ -254,19 +283,19 @@ web 🧪 test:
|
|
|
254
283
|
- export DOCKER_IMAGE="$CI_REGISTRY_IMAGE/$DOCKER_IMAGE_NAME"
|
|
255
284
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
256
285
|
- export METEOR_INSTALL_SCRIPTS=""
|
|
257
|
-
-
|
|
286
|
+
- collapseable_section_end "injectvars"
|
|
258
287
|
- ensureMeteorDockerfile
|
|
259
|
-
-
|
|
288
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
260
289
|
- docker login --username gitlab-ci-token --password $CI_JOB_TOKEN $CI_REGISTRY
|
|
261
|
-
-
|
|
262
|
-
-
|
|
290
|
+
- collapseable_section_end "docker-login"
|
|
291
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
263
292
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
264
|
-
-
|
|
265
|
-
-
|
|
293
|
+
- collapseable_section_end "docker-build"
|
|
294
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
266
295
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
267
296
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
268
297
|
- docker push $DOCKER_CACHE_IMAGE
|
|
269
|
-
-
|
|
298
|
+
- collapseable_section_end "docker-push"
|
|
270
299
|
rules:
|
|
271
300
|
- when: never
|
|
272
301
|
if: $CI_COMMIT_MESSAGE =~ /^chore\\(release\\).*/
|
|
@@ -280,8 +309,8 @@ web 🧪 test:
|
|
|
280
309
|
image: aquasec/trivy:0.38.3
|
|
281
310
|
variables: {}
|
|
282
311
|
script:
|
|
283
|
-
-
|
|
284
|
-
-
|
|
312
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
313
|
+
- collapseable_section_end "injectvars"
|
|
285
314
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
286
315
|
artifacts:
|
|
287
316
|
paths:
|
|
@@ -302,23 +331,22 @@ web 🧪 test:
|
|
|
302
331
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
303
332
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
304
333
|
script:
|
|
305
|
-
-
|
|
334
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
306
335
|
- export ENV_SHORT="dev"
|
|
307
336
|
- export APP_DIR="app"
|
|
308
337
|
- export ENV_TYPE="dev"
|
|
309
338
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
310
339
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
311
340
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
312
|
-
- export
|
|
341
|
+
- export HOSTNAME="web.dev.my-app.pan.panter.cloud"
|
|
313
342
|
- export ROOT_URL="https://web.dev.my-app.pan.panter.cloud"
|
|
314
|
-
- export
|
|
315
|
-
- export HOST_CANONICAL="web.dev.my-app.pan.panter.cloud"
|
|
343
|
+
- export HOSTNAME_INTERNAL="web.dev.my-app.pan.panter.cloud"
|
|
316
344
|
- export ROOT_URL_INTERNAL="https://web.dev.my-app.pan.panter.cloud"
|
|
317
345
|
- export KUBE_NAMESPACE="pan-my-app-dev"
|
|
318
346
|
- export KUBE_APP_NAME="web"
|
|
319
347
|
- export KUBE_APP_NAME_PREFIX=""
|
|
320
348
|
- export MONGODB_ROOT_PASSWORD="$CL_dev_web_MONGODB_ROOT_PASSWORD"
|
|
321
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
349
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\"]"
|
|
322
350
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
323
351
|
- export DOCKER_CACHE_IMAGE="$CI_REGISTRY_IMAGE/caches/web"
|
|
324
352
|
- export DOCKER_IMAGE_NAME="dev/web"
|
|
@@ -330,19 +358,18 @@ web 🧪 test:
|
|
|
330
358
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
331
359
|
- export HELM_ARGS=""
|
|
332
360
|
- export COMPONENT_NAME="web"
|
|
333
|
-
-
|
|
334
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
361
|
+
- collapseable_section_end "injectvars"
|
|
335
362
|
- kubectl config set-cluster "kube-pan-my-app-dev-web" --server="$CL_dev_web_KUBE_URL" --certificate-authority <(echo $CL_dev_web_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
336
363
|
- kubectl config set-credentials "kube-pan-my-app-dev-web" --token="$CL_dev_web_KUBE_TOKEN"
|
|
337
364
|
- kubectl config set-context "kube-pan-my-app-dev-web" --cluster="kube-pan-my-app-dev-web" --user="kube-pan-my-app-dev-web" --namespace="pan-my-app-dev"
|
|
338
365
|
- kubectl config use-context "kube-pan-my-app-dev-web"
|
|
339
|
-
-
|
|
366
|
+
- collapseable_section_start "writeallvalues" "Write __all_values.yml for helm deployment"
|
|
340
367
|
- |
|
|
341
368
|
cat > __all_values.yml <<EOF
|
|
342
369
|
env:
|
|
343
370
|
secret:
|
|
344
371
|
MONGODB_ROOT_PASSWORD: |-
|
|
345
|
-
|
|
372
|
+
$(printf %s "$CL_dev_web_MONGODB_ROOT_PASSWORD" | sed '1!s/^/ /')
|
|
346
373
|
MONGO_URL: |-
|
|
347
374
|
mongodb://root:$CL_dev_web_MONGODB_ROOT_PASSWORD@web-mongodb.pan-my-app-dev.svc.cluster.local:27017/app?authSource=admin
|
|
348
375
|
public:
|
|
@@ -353,18 +380,16 @@ web 🧪 test:
|
|
|
353
380
|
ENV_TYPE: |-
|
|
354
381
|
dev
|
|
355
382
|
BUILD_INFO_BUILD_ID: |-
|
|
356
|
-
|
|
383
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
357
384
|
BUILD_INFO_BUILD_TIME: |-
|
|
358
|
-
|
|
385
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
359
386
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
360
|
-
|
|
361
|
-
|
|
387
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
388
|
+
HOSTNAME: |-
|
|
362
389
|
web.dev.my-app.pan.panter.cloud
|
|
363
390
|
ROOT_URL: |-
|
|
364
391
|
https://web.dev.my-app.pan.panter.cloud
|
|
365
|
-
|
|
366
|
-
web.dev.my-app.pan.panter.cloud
|
|
367
|
-
HOST_CANONICAL: |-
|
|
392
|
+
HOSTNAME_INTERNAL: |-
|
|
368
393
|
web.dev.my-app.pan.panter.cloud
|
|
369
394
|
ROOT_URL_INTERNAL: |-
|
|
370
395
|
https://web.dev.my-app.pan.panter.cloud
|
|
@@ -374,7 +399,7 @@ web 🧪 test:
|
|
|
374
399
|
web
|
|
375
400
|
KUBE_APP_NAME_PREFIX: ""
|
|
376
401
|
_ALL_ENV_VAR_KEYS: |-
|
|
377
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
402
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","KUBE_NAMESPACE","KUBE_APP_NAME","KUBE_APP_NAME_PREFIX","MONGODB_ROOT_PASSWORD"]
|
|
378
403
|
application:
|
|
379
404
|
host: |-
|
|
380
405
|
web.dev.my-app.pan.panter.cloud
|
|
@@ -421,7 +446,7 @@ web 🧪 test:
|
|
|
421
446
|
standalone
|
|
422
447
|
|
|
423
448
|
EOF
|
|
424
|
-
-
|
|
449
|
+
- collapseable_section_end "writeallvalues"
|
|
425
450
|
- kubernetesCreateSecret
|
|
426
451
|
- kubernetesDeploy
|
|
427
452
|
- echo 'Uploading SBOM to Dependency Track'
|
|
@@ -466,31 +491,29 @@ web 🧪 test:
|
|
|
466
491
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
467
492
|
GIT_STRATEGY: none
|
|
468
493
|
script:
|
|
469
|
-
-
|
|
494
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
470
495
|
- export ENV_SHORT="dev"
|
|
471
496
|
- export APP_DIR="app"
|
|
472
497
|
- export ENV_TYPE="dev"
|
|
473
498
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
474
499
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
475
500
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
476
|
-
- export
|
|
501
|
+
- export HOSTNAME="web.dev.my-app.pan.panter.cloud"
|
|
477
502
|
- export ROOT_URL="https://web.dev.my-app.pan.panter.cloud"
|
|
478
|
-
- export
|
|
479
|
-
- export HOST_CANONICAL="web.dev.my-app.pan.panter.cloud"
|
|
503
|
+
- export HOSTNAME_INTERNAL="web.dev.my-app.pan.panter.cloud"
|
|
480
504
|
- export ROOT_URL_INTERNAL="https://web.dev.my-app.pan.panter.cloud"
|
|
481
505
|
- export KUBE_NAMESPACE="pan-my-app-dev"
|
|
482
506
|
- export KUBE_APP_NAME="web"
|
|
483
507
|
- export KUBE_APP_NAME_PREFIX=""
|
|
484
508
|
- export MONGODB_ROOT_PASSWORD="$CL_dev_web_MONGODB_ROOT_PASSWORD"
|
|
485
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
509
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\"]"
|
|
486
510
|
- export RELEASE_NAME="pan-my-app-dev-web"
|
|
487
511
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
488
512
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-web"
|
|
489
513
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
490
514
|
- export HELM_ARGS=""
|
|
491
515
|
- export COMPONENT_NAME="web"
|
|
492
|
-
-
|
|
493
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
516
|
+
- collapseable_section_end "injectvars"
|
|
494
517
|
- kubectl config set-cluster "kube-pan-my-app-dev-web" --server="$CL_dev_web_KUBE_URL" --certificate-authority <(echo $CL_dev_web_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
495
518
|
- kubectl config set-credentials "kube-pan-my-app-dev-web" --token="$CL_dev_web_KUBE_TOKEN"
|
|
496
519
|
- kubectl config set-context "kube-pan-my-app-dev-web" --cluster="kube-pan-my-app-dev-web" --user="kube-pan-my-app-dev-web" --namespace="pan-my-app-dev"
|
|
@@ -526,31 +549,29 @@ web 🧪 test:
|
|
|
526
549
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
527
550
|
GIT_STRATEGY: none
|
|
528
551
|
script:
|
|
529
|
-
-
|
|
552
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
530
553
|
- export ENV_SHORT="dev"
|
|
531
554
|
- export APP_DIR="app"
|
|
532
555
|
- export ENV_TYPE="dev"
|
|
533
556
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
534
557
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
535
558
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
536
|
-
- export
|
|
559
|
+
- export HOSTNAME="web.dev.my-app.pan.panter.cloud"
|
|
537
560
|
- export ROOT_URL="https://web.dev.my-app.pan.panter.cloud"
|
|
538
|
-
- export
|
|
539
|
-
- export HOST_CANONICAL="web.dev.my-app.pan.panter.cloud"
|
|
561
|
+
- export HOSTNAME_INTERNAL="web.dev.my-app.pan.panter.cloud"
|
|
540
562
|
- export ROOT_URL_INTERNAL="https://web.dev.my-app.pan.panter.cloud"
|
|
541
563
|
- export KUBE_NAMESPACE="pan-my-app-dev"
|
|
542
564
|
- export KUBE_APP_NAME="web"
|
|
543
565
|
- export KUBE_APP_NAME_PREFIX=""
|
|
544
566
|
- export MONGODB_ROOT_PASSWORD="$CL_dev_web_MONGODB_ROOT_PASSWORD"
|
|
545
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
567
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\"]"
|
|
546
568
|
- export RELEASE_NAME="pan-my-app-dev-web"
|
|
547
569
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
548
570
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-web"
|
|
549
571
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
550
572
|
- export HELM_ARGS=""
|
|
551
573
|
- export COMPONENT_NAME="web"
|
|
552
|
-
-
|
|
553
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
574
|
+
- collapseable_section_end "injectvars"
|
|
554
575
|
- kubectl config set-cluster "kube-pan-my-app-dev-web" --server="$CL_dev_web_KUBE_URL" --certificate-authority <(echo $CL_dev_web_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
555
576
|
- kubectl config set-credentials "kube-pan-my-app-dev-web" --token="$CL_dev_web_KUBE_TOKEN"
|
|
556
577
|
- kubectl config set-context "kube-pan-my-app-dev-web" --cluster="kube-pan-my-app-dev-web" --user="kube-pan-my-app-dev-web" --namespace="pan-my-app-dev"
|
|
@@ -581,7 +602,7 @@ web 🧪 test:
|
|
|
581
602
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
582
603
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
583
604
|
script:
|
|
584
|
-
-
|
|
605
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
585
606
|
- export METEOR_DISABLE_OPTIMISTIC_CACHING="1"
|
|
586
607
|
- export ENV_SHORT="review"
|
|
587
608
|
- export APP_DIR="app"
|
|
@@ -589,30 +610,29 @@ web 🧪 test:
|
|
|
589
610
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
590
611
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
591
612
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
592
|
-
- export
|
|
613
|
+
- export HOSTNAME="web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
593
614
|
- export ROOT_URL="https://web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
594
|
-
- export
|
|
595
|
-
- export HOST_CANONICAL="web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
615
|
+
- export HOSTNAME_INTERNAL="web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
596
616
|
- export ROOT_URL_INTERNAL="https://web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
597
617
|
- export KUBE_NAMESPACE="pan-my-app-review"
|
|
598
618
|
- export KUBE_APP_NAME="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web"
|
|
599
619
|
- export KUBE_APP_NAME_PREFIX="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-"
|
|
600
620
|
- export MONGODB_ROOT_PASSWORD="$CL_review_web_MONGODB_ROOT_PASSWORD"
|
|
601
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
602
|
-
-
|
|
621
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\"]"
|
|
622
|
+
- collapseable_section_end "injectvars"
|
|
603
623
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json
|
|
604
|
-
-
|
|
624
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
605
625
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
606
626
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
607
|
-
-
|
|
627
|
+
- collapseable_section_end "nodeinstall"
|
|
608
628
|
- cd app
|
|
609
|
-
-
|
|
629
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
610
630
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
611
631
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
612
|
-
-
|
|
613
|
-
-
|
|
632
|
+
- collapseable_section_end "nodeinstall"
|
|
633
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
614
634
|
- yarn install --immutable
|
|
615
|
-
-
|
|
635
|
+
- collapseable_section_end "yarninstall"
|
|
616
636
|
- echo "add healthcheck package"
|
|
617
637
|
- meteor add panter:healthroute --allow-superuser
|
|
618
638
|
- meteor add qualia:prod-shell --allow-superuser
|
|
@@ -663,7 +683,7 @@ web 🧪 test:
|
|
|
663
683
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
664
684
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
665
685
|
script:
|
|
666
|
-
-
|
|
686
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
667
687
|
- export APP_DIR="app"
|
|
668
688
|
- export DOCKER_BUILD_CONTEXT="."
|
|
669
689
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
@@ -672,19 +692,19 @@ web 🧪 test:
|
|
|
672
692
|
- export DOCKER_IMAGE="$CI_REGISTRY_IMAGE/$DOCKER_IMAGE_NAME"
|
|
673
693
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
674
694
|
- export METEOR_INSTALL_SCRIPTS=""
|
|
675
|
-
-
|
|
695
|
+
- collapseable_section_end "injectvars"
|
|
676
696
|
- ensureMeteorDockerfile
|
|
677
|
-
-
|
|
697
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
678
698
|
- docker login --username gitlab-ci-token --password $CI_JOB_TOKEN $CI_REGISTRY
|
|
679
|
-
-
|
|
680
|
-
-
|
|
699
|
+
- collapseable_section_end "docker-login"
|
|
700
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
681
701
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
682
|
-
-
|
|
683
|
-
-
|
|
702
|
+
- collapseable_section_end "docker-build"
|
|
703
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
684
704
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
685
705
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
686
706
|
- docker push $DOCKER_CACHE_IMAGE
|
|
687
|
-
-
|
|
707
|
+
- collapseable_section_end "docker-push"
|
|
688
708
|
rules:
|
|
689
709
|
- if: $CI_MERGE_REQUEST_ID
|
|
690
710
|
needs:
|
|
@@ -696,8 +716,8 @@ web 🧪 test:
|
|
|
696
716
|
image: aquasec/trivy:0.38.3
|
|
697
717
|
variables: {}
|
|
698
718
|
script:
|
|
699
|
-
-
|
|
700
|
-
-
|
|
719
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
720
|
+
- collapseable_section_end "injectvars"
|
|
701
721
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
702
722
|
artifacts:
|
|
703
723
|
paths:
|
|
@@ -716,23 +736,22 @@ web 🧪 test:
|
|
|
716
736
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
717
737
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
718
738
|
script:
|
|
719
|
-
-
|
|
739
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
720
740
|
- export ENV_SHORT="review"
|
|
721
741
|
- export APP_DIR="app"
|
|
722
742
|
- export ENV_TYPE="review"
|
|
723
743
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
724
744
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
725
745
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
726
|
-
- export
|
|
746
|
+
- export HOSTNAME="web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
727
747
|
- export ROOT_URL="https://web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
728
|
-
- export
|
|
729
|
-
- export HOST_CANONICAL="web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
748
|
+
- export HOSTNAME_INTERNAL="web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
730
749
|
- export ROOT_URL_INTERNAL="https://web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
731
750
|
- export KUBE_NAMESPACE="pan-my-app-review"
|
|
732
751
|
- export KUBE_APP_NAME="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web"
|
|
733
752
|
- export KUBE_APP_NAME_PREFIX="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-"
|
|
734
753
|
- export MONGODB_ROOT_PASSWORD="$CL_review_web_MONGODB_ROOT_PASSWORD"
|
|
735
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
754
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\"]"
|
|
736
755
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
737
756
|
- export DOCKER_CACHE_IMAGE="$CI_REGISTRY_IMAGE/caches/web"
|
|
738
757
|
- export DOCKER_IMAGE_NAME="review/web"
|
|
@@ -744,19 +763,18 @@ web 🧪 test:
|
|
|
744
763
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
745
764
|
- export HELM_ARGS=""
|
|
746
765
|
- export COMPONENT_NAME="web"
|
|
747
|
-
-
|
|
748
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
766
|
+
- collapseable_section_end "injectvars"
|
|
749
767
|
- kubectl config set-cluster "kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --server="$CL_review_web_KUBE_URL" --certificate-authority <(echo $CL_review_web_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
750
768
|
- kubectl config set-credentials "kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --token="$CL_review_web_KUBE_TOKEN"
|
|
751
769
|
- kubectl config set-context "kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --cluster="kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --user="kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --namespace="pan-my-app-review"
|
|
752
770
|
- kubectl config use-context "kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web"
|
|
753
|
-
-
|
|
771
|
+
- collapseable_section_start "writeallvalues" "Write __all_values.yml for helm deployment"
|
|
754
772
|
- |
|
|
755
773
|
cat > __all_values.yml <<EOF
|
|
756
774
|
env:
|
|
757
775
|
secret:
|
|
758
776
|
MONGODB_ROOT_PASSWORD: |-
|
|
759
|
-
|
|
777
|
+
$(printf %s "$CL_review_web_MONGODB_ROOT_PASSWORD" | sed '1!s/^/ /')
|
|
760
778
|
MONGO_URL: |-
|
|
761
779
|
mongodb://root:$CL_review_web_MONGODB_ROOT_PASSWORD@$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web-mongodb.pan-my-app-review.svc.cluster.local:27017/app?authSource=admin
|
|
762
780
|
public:
|
|
@@ -767,32 +785,30 @@ web 🧪 test:
|
|
|
767
785
|
ENV_TYPE: |-
|
|
768
786
|
review
|
|
769
787
|
BUILD_INFO_BUILD_ID: |-
|
|
770
|
-
|
|
788
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
771
789
|
BUILD_INFO_BUILD_TIME: |-
|
|
772
|
-
|
|
790
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
773
791
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
774
|
-
|
|
775
|
-
|
|
776
|
-
|
|
792
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
793
|
+
HOSTNAME: |-
|
|
794
|
+
$(printf %s "web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
777
795
|
ROOT_URL: |-
|
|
778
|
-
|
|
779
|
-
|
|
780
|
-
|
|
781
|
-
HOST_CANONICAL: |-
|
|
782
|
-
$(printf %s "web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud" | sed 's/^/ /')
|
|
796
|
+
$(printf %s "https://web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
797
|
+
HOSTNAME_INTERNAL: |-
|
|
798
|
+
$(printf %s "web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
783
799
|
ROOT_URL_INTERNAL: |-
|
|
784
|
-
|
|
800
|
+
$(printf %s "https://web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
785
801
|
KUBE_NAMESPACE: |-
|
|
786
802
|
pan-my-app-review
|
|
787
803
|
KUBE_APP_NAME: |-
|
|
788
|
-
|
|
804
|
+
$(printf %s "$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" | sed '1!s/^/ /')
|
|
789
805
|
KUBE_APP_NAME_PREFIX: |-
|
|
790
|
-
|
|
806
|
+
$(printf %s "$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-" | sed '1!s/^/ /')
|
|
791
807
|
_ALL_ENV_VAR_KEYS: |-
|
|
792
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
808
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","KUBE_NAMESPACE","KUBE_APP_NAME","KUBE_APP_NAME_PREFIX","MONGODB_ROOT_PASSWORD"]
|
|
793
809
|
application:
|
|
794
810
|
host: |-
|
|
795
|
-
|
|
811
|
+
$(printf %s "web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
796
812
|
command: |-
|
|
797
813
|
node main.js
|
|
798
814
|
livenessProbe:
|
|
@@ -836,7 +852,7 @@ web 🧪 test:
|
|
|
836
852
|
standalone
|
|
837
853
|
|
|
838
854
|
EOF
|
|
839
|
-
-
|
|
855
|
+
- collapseable_section_end "writeallvalues"
|
|
840
856
|
- kubernetesCreateSecret
|
|
841
857
|
- kubernetesDeploy
|
|
842
858
|
- echo 'Uploading SBOM to Dependency Track'
|
|
@@ -879,31 +895,29 @@ web 🧪 test:
|
|
|
879
895
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
880
896
|
GIT_STRATEGY: none
|
|
881
897
|
script:
|
|
882
|
-
-
|
|
898
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
883
899
|
- export ENV_SHORT="review"
|
|
884
900
|
- export APP_DIR="app"
|
|
885
901
|
- export ENV_TYPE="review"
|
|
886
902
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
887
903
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
888
904
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
889
|
-
- export
|
|
905
|
+
- export HOSTNAME="web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
890
906
|
- export ROOT_URL="https://web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
891
|
-
- export
|
|
892
|
-
- export HOST_CANONICAL="web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
907
|
+
- export HOSTNAME_INTERNAL="web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
893
908
|
- export ROOT_URL_INTERNAL="https://web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
894
909
|
- export KUBE_NAMESPACE="pan-my-app-review"
|
|
895
910
|
- export KUBE_APP_NAME="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web"
|
|
896
911
|
- export KUBE_APP_NAME_PREFIX="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-"
|
|
897
912
|
- export MONGODB_ROOT_PASSWORD="$CL_review_web_MONGODB_ROOT_PASSWORD"
|
|
898
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
913
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\"]"
|
|
899
914
|
- export RELEASE_NAME="pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web"
|
|
900
915
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
901
916
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-web"
|
|
902
917
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
903
918
|
- export HELM_ARGS=""
|
|
904
919
|
- export COMPONENT_NAME="web"
|
|
905
|
-
-
|
|
906
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
920
|
+
- collapseable_section_end "injectvars"
|
|
907
921
|
- kubectl config set-cluster "kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --server="$CL_review_web_KUBE_URL" --certificate-authority <(echo $CL_review_web_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
908
922
|
- kubectl config set-credentials "kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --token="$CL_review_web_KUBE_TOKEN"
|
|
909
923
|
- kubectl config set-context "kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --cluster="kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --user="kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --namespace="pan-my-app-review"
|
|
@@ -937,31 +951,29 @@ web 🧪 test:
|
|
|
937
951
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
938
952
|
GIT_STRATEGY: none
|
|
939
953
|
script:
|
|
940
|
-
-
|
|
954
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
941
955
|
- export ENV_SHORT="review"
|
|
942
956
|
- export APP_DIR="app"
|
|
943
957
|
- export ENV_TYPE="review"
|
|
944
958
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
945
959
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
946
960
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
947
|
-
- export
|
|
961
|
+
- export HOSTNAME="web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
948
962
|
- export ROOT_URL="https://web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
949
|
-
- export
|
|
950
|
-
- export HOST_CANONICAL="web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
963
|
+
- export HOSTNAME_INTERNAL="web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
951
964
|
- export ROOT_URL_INTERNAL="https://web.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.my-app.pan.panter.cloud"
|
|
952
965
|
- export KUBE_NAMESPACE="pan-my-app-review"
|
|
953
966
|
- export KUBE_APP_NAME="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web"
|
|
954
967
|
- export KUBE_APP_NAME_PREFIX="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-"
|
|
955
968
|
- export MONGODB_ROOT_PASSWORD="$CL_review_web_MONGODB_ROOT_PASSWORD"
|
|
956
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
969
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\"]"
|
|
957
970
|
- export RELEASE_NAME="pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web"
|
|
958
971
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
959
972
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-web"
|
|
960
973
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
961
974
|
- export HELM_ARGS=""
|
|
962
975
|
- export COMPONENT_NAME="web"
|
|
963
|
-
-
|
|
964
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
976
|
+
- collapseable_section_end "injectvars"
|
|
965
977
|
- kubectl config set-cluster "kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --server="$CL_review_web_KUBE_URL" --certificate-authority <(echo $CL_review_web_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
966
978
|
- kubectl config set-credentials "kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --token="$CL_review_web_KUBE_TOKEN"
|
|
967
979
|
- kubectl config set-context "kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --cluster="kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --user="kube-pan-my-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-web" --namespace="pan-my-app-review"
|
|
@@ -990,7 +1002,7 @@ web 🧪 test:
|
|
|
990
1002
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
991
1003
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
992
1004
|
script:
|
|
993
|
-
-
|
|
1005
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
994
1006
|
- export METEOR_DISABLE_OPTIMISTIC_CACHING="1"
|
|
995
1007
|
- export ENV_SHORT="stage"
|
|
996
1008
|
- export APP_DIR="app"
|
|
@@ -998,30 +1010,29 @@ web 🧪 test:
|
|
|
998
1010
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
999
1011
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1000
1012
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1001
|
-
- export
|
|
1013
|
+
- export HOSTNAME="web.stage.my-app.pan.panter.cloud"
|
|
1002
1014
|
- export ROOT_URL="https://web.stage.my-app.pan.panter.cloud"
|
|
1003
|
-
- export
|
|
1004
|
-
- export HOST_CANONICAL="web.stage.my-app.pan.panter.cloud"
|
|
1015
|
+
- export HOSTNAME_INTERNAL="web.stage.my-app.pan.panter.cloud"
|
|
1005
1016
|
- export ROOT_URL_INTERNAL="https://web.stage.my-app.pan.panter.cloud"
|
|
1006
1017
|
- export KUBE_NAMESPACE="pan-my-app-stage"
|
|
1007
1018
|
- export KUBE_APP_NAME="web"
|
|
1008
1019
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1009
1020
|
- export MONGODB_ROOT_PASSWORD="$CL_stage_web_MONGODB_ROOT_PASSWORD"
|
|
1010
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1011
|
-
-
|
|
1021
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\"]"
|
|
1022
|
+
- collapseable_section_end "injectvars"
|
|
1012
1023
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json
|
|
1013
|
-
-
|
|
1024
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1014
1025
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1015
1026
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1016
|
-
-
|
|
1027
|
+
- collapseable_section_end "nodeinstall"
|
|
1017
1028
|
- cd app
|
|
1018
|
-
-
|
|
1029
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1019
1030
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1020
1031
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1021
|
-
-
|
|
1022
|
-
-
|
|
1032
|
+
- collapseable_section_end "nodeinstall"
|
|
1033
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
1023
1034
|
- yarn install --immutable
|
|
1024
|
-
-
|
|
1035
|
+
- collapseable_section_end "yarninstall"
|
|
1025
1036
|
- echo "add healthcheck package"
|
|
1026
1037
|
- meteor add panter:healthroute --allow-superuser
|
|
1027
1038
|
- meteor add qualia:prod-shell --allow-superuser
|
|
@@ -1072,7 +1083,7 @@ web 🧪 test:
|
|
|
1072
1083
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1073
1084
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
1074
1085
|
script:
|
|
1075
|
-
-
|
|
1086
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1076
1087
|
- export APP_DIR="app"
|
|
1077
1088
|
- export DOCKER_BUILD_CONTEXT="."
|
|
1078
1089
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
@@ -1081,19 +1092,19 @@ web 🧪 test:
|
|
|
1081
1092
|
- export DOCKER_IMAGE="$CI_REGISTRY_IMAGE/$DOCKER_IMAGE_NAME"
|
|
1082
1093
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
1083
1094
|
- export METEOR_INSTALL_SCRIPTS=""
|
|
1084
|
-
-
|
|
1095
|
+
- collapseable_section_end "injectvars"
|
|
1085
1096
|
- ensureMeteorDockerfile
|
|
1086
|
-
-
|
|
1097
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1087
1098
|
- docker login --username gitlab-ci-token --password $CI_JOB_TOKEN $CI_REGISTRY
|
|
1088
|
-
-
|
|
1089
|
-
-
|
|
1099
|
+
- collapseable_section_end "docker-login"
|
|
1100
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1090
1101
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1091
|
-
-
|
|
1092
|
-
-
|
|
1102
|
+
- collapseable_section_end "docker-build"
|
|
1103
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1093
1104
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1094
1105
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1095
1106
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1096
|
-
-
|
|
1107
|
+
- collapseable_section_end "docker-push"
|
|
1097
1108
|
rules:
|
|
1098
1109
|
- if: $CI_COMMIT_TAG
|
|
1099
1110
|
needs:
|
|
@@ -1105,8 +1116,8 @@ web 🧪 test:
|
|
|
1105
1116
|
image: aquasec/trivy:0.38.3
|
|
1106
1117
|
variables: {}
|
|
1107
1118
|
script:
|
|
1108
|
-
-
|
|
1109
|
-
-
|
|
1119
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1120
|
+
- collapseable_section_end "injectvars"
|
|
1110
1121
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
1111
1122
|
artifacts:
|
|
1112
1123
|
paths:
|
|
@@ -1125,23 +1136,22 @@ web 🧪 test:
|
|
|
1125
1136
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1126
1137
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1127
1138
|
script:
|
|
1128
|
-
-
|
|
1139
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1129
1140
|
- export ENV_SHORT="stage"
|
|
1130
1141
|
- export APP_DIR="app"
|
|
1131
1142
|
- export ENV_TYPE="stage"
|
|
1132
1143
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1133
1144
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1134
1145
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1135
|
-
- export
|
|
1146
|
+
- export HOSTNAME="web.stage.my-app.pan.panter.cloud"
|
|
1136
1147
|
- export ROOT_URL="https://web.stage.my-app.pan.panter.cloud"
|
|
1137
|
-
- export
|
|
1138
|
-
- export HOST_CANONICAL="web.stage.my-app.pan.panter.cloud"
|
|
1148
|
+
- export HOSTNAME_INTERNAL="web.stage.my-app.pan.panter.cloud"
|
|
1139
1149
|
- export ROOT_URL_INTERNAL="https://web.stage.my-app.pan.panter.cloud"
|
|
1140
1150
|
- export KUBE_NAMESPACE="pan-my-app-stage"
|
|
1141
1151
|
- export KUBE_APP_NAME="web"
|
|
1142
1152
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1143
1153
|
- export MONGODB_ROOT_PASSWORD="$CL_stage_web_MONGODB_ROOT_PASSWORD"
|
|
1144
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1154
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\"]"
|
|
1145
1155
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
1146
1156
|
- export DOCKER_CACHE_IMAGE="$CI_REGISTRY_IMAGE/caches/web"
|
|
1147
1157
|
- export DOCKER_IMAGE_NAME="stage/web"
|
|
@@ -1153,19 +1163,18 @@ web 🧪 test:
|
|
|
1153
1163
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1154
1164
|
- export HELM_ARGS=""
|
|
1155
1165
|
- export COMPONENT_NAME="web"
|
|
1156
|
-
-
|
|
1157
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1166
|
+
- collapseable_section_end "injectvars"
|
|
1158
1167
|
- kubectl config set-cluster "kube-pan-my-app-stage-web" --server="$CL_stage_web_KUBE_URL" --certificate-authority <(echo $CL_stage_web_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1159
1168
|
- kubectl config set-credentials "kube-pan-my-app-stage-web" --token="$CL_stage_web_KUBE_TOKEN"
|
|
1160
1169
|
- kubectl config set-context "kube-pan-my-app-stage-web" --cluster="kube-pan-my-app-stage-web" --user="kube-pan-my-app-stage-web" --namespace="pan-my-app-stage"
|
|
1161
1170
|
- kubectl config use-context "kube-pan-my-app-stage-web"
|
|
1162
|
-
-
|
|
1171
|
+
- collapseable_section_start "writeallvalues" "Write __all_values.yml for helm deployment"
|
|
1163
1172
|
- |
|
|
1164
1173
|
cat > __all_values.yml <<EOF
|
|
1165
1174
|
env:
|
|
1166
1175
|
secret:
|
|
1167
1176
|
MONGODB_ROOT_PASSWORD: |-
|
|
1168
|
-
|
|
1177
|
+
$(printf %s "$CL_stage_web_MONGODB_ROOT_PASSWORD" | sed '1!s/^/ /')
|
|
1169
1178
|
MONGO_URL: |-
|
|
1170
1179
|
mongodb://root:$CL_stage_web_MONGODB_ROOT_PASSWORD@web-mongodb.pan-my-app-stage.svc.cluster.local:27017/app?authSource=admin
|
|
1171
1180
|
public:
|
|
@@ -1176,18 +1185,16 @@ web 🧪 test:
|
|
|
1176
1185
|
ENV_TYPE: |-
|
|
1177
1186
|
stage
|
|
1178
1187
|
BUILD_INFO_BUILD_ID: |-
|
|
1179
|
-
|
|
1188
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1180
1189
|
BUILD_INFO_BUILD_TIME: |-
|
|
1181
|
-
|
|
1190
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1182
1191
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1183
|
-
|
|
1184
|
-
|
|
1192
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1193
|
+
HOSTNAME: |-
|
|
1185
1194
|
web.stage.my-app.pan.panter.cloud
|
|
1186
1195
|
ROOT_URL: |-
|
|
1187
1196
|
https://web.stage.my-app.pan.panter.cloud
|
|
1188
|
-
|
|
1189
|
-
web.stage.my-app.pan.panter.cloud
|
|
1190
|
-
HOST_CANONICAL: |-
|
|
1197
|
+
HOSTNAME_INTERNAL: |-
|
|
1191
1198
|
web.stage.my-app.pan.panter.cloud
|
|
1192
1199
|
ROOT_URL_INTERNAL: |-
|
|
1193
1200
|
https://web.stage.my-app.pan.panter.cloud
|
|
@@ -1197,7 +1204,7 @@ web 🧪 test:
|
|
|
1197
1204
|
web
|
|
1198
1205
|
KUBE_APP_NAME_PREFIX: ""
|
|
1199
1206
|
_ALL_ENV_VAR_KEYS: |-
|
|
1200
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1207
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","KUBE_NAMESPACE","KUBE_APP_NAME","KUBE_APP_NAME_PREFIX","MONGODB_ROOT_PASSWORD"]
|
|
1201
1208
|
application:
|
|
1202
1209
|
host: |-
|
|
1203
1210
|
web.stage.my-app.pan.panter.cloud
|
|
@@ -1244,7 +1251,7 @@ web 🧪 test:
|
|
|
1244
1251
|
standalone
|
|
1245
1252
|
|
|
1246
1253
|
EOF
|
|
1247
|
-
-
|
|
1254
|
+
- collapseable_section_end "writeallvalues"
|
|
1248
1255
|
- kubernetesCreateSecret
|
|
1249
1256
|
- kubernetesDeploy
|
|
1250
1257
|
- echo 'Uploading SBOM to Dependency Track'
|
|
@@ -1280,31 +1287,29 @@ web 🧪 test:
|
|
|
1280
1287
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1281
1288
|
GIT_STRATEGY: none
|
|
1282
1289
|
script:
|
|
1283
|
-
-
|
|
1290
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1284
1291
|
- export ENV_SHORT="stage"
|
|
1285
1292
|
- export APP_DIR="app"
|
|
1286
1293
|
- export ENV_TYPE="stage"
|
|
1287
1294
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1288
1295
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1289
1296
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1290
|
-
- export
|
|
1297
|
+
- export HOSTNAME="web.stage.my-app.pan.panter.cloud"
|
|
1291
1298
|
- export ROOT_URL="https://web.stage.my-app.pan.panter.cloud"
|
|
1292
|
-
- export
|
|
1293
|
-
- export HOST_CANONICAL="web.stage.my-app.pan.panter.cloud"
|
|
1299
|
+
- export HOSTNAME_INTERNAL="web.stage.my-app.pan.panter.cloud"
|
|
1294
1300
|
- export ROOT_URL_INTERNAL="https://web.stage.my-app.pan.panter.cloud"
|
|
1295
1301
|
- export KUBE_NAMESPACE="pan-my-app-stage"
|
|
1296
1302
|
- export KUBE_APP_NAME="web"
|
|
1297
1303
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1298
1304
|
- export MONGODB_ROOT_PASSWORD="$CL_stage_web_MONGODB_ROOT_PASSWORD"
|
|
1299
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1305
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\"]"
|
|
1300
1306
|
- export RELEASE_NAME="pan-my-app-stage-web"
|
|
1301
1307
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
1302
1308
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-web"
|
|
1303
1309
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1304
1310
|
- export HELM_ARGS=""
|
|
1305
1311
|
- export COMPONENT_NAME="web"
|
|
1306
|
-
-
|
|
1307
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1312
|
+
- collapseable_section_end "injectvars"
|
|
1308
1313
|
- kubectl config set-cluster "kube-pan-my-app-stage-web" --server="$CL_stage_web_KUBE_URL" --certificate-authority <(echo $CL_stage_web_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1309
1314
|
- kubectl config set-credentials "kube-pan-my-app-stage-web" --token="$CL_stage_web_KUBE_TOKEN"
|
|
1310
1315
|
- kubectl config set-context "kube-pan-my-app-stage-web" --cluster="kube-pan-my-app-stage-web" --user="kube-pan-my-app-stage-web" --namespace="pan-my-app-stage"
|
|
@@ -1338,31 +1343,29 @@ web 🧪 test:
|
|
|
1338
1343
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1339
1344
|
GIT_STRATEGY: none
|
|
1340
1345
|
script:
|
|
1341
|
-
-
|
|
1346
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1342
1347
|
- export ENV_SHORT="stage"
|
|
1343
1348
|
- export APP_DIR="app"
|
|
1344
1349
|
- export ENV_TYPE="stage"
|
|
1345
1350
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1346
1351
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1347
1352
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1348
|
-
- export
|
|
1353
|
+
- export HOSTNAME="web.stage.my-app.pan.panter.cloud"
|
|
1349
1354
|
- export ROOT_URL="https://web.stage.my-app.pan.panter.cloud"
|
|
1350
|
-
- export
|
|
1351
|
-
- export HOST_CANONICAL="web.stage.my-app.pan.panter.cloud"
|
|
1355
|
+
- export HOSTNAME_INTERNAL="web.stage.my-app.pan.panter.cloud"
|
|
1352
1356
|
- export ROOT_URL_INTERNAL="https://web.stage.my-app.pan.panter.cloud"
|
|
1353
1357
|
- export KUBE_NAMESPACE="pan-my-app-stage"
|
|
1354
1358
|
- export KUBE_APP_NAME="web"
|
|
1355
1359
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1356
1360
|
- export MONGODB_ROOT_PASSWORD="$CL_stage_web_MONGODB_ROOT_PASSWORD"
|
|
1357
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1361
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\"]"
|
|
1358
1362
|
- export RELEASE_NAME="pan-my-app-stage-web"
|
|
1359
1363
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
1360
1364
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-web"
|
|
1361
1365
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1362
1366
|
- export HELM_ARGS=""
|
|
1363
1367
|
- export COMPONENT_NAME="web"
|
|
1364
|
-
-
|
|
1365
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1368
|
+
- collapseable_section_end "injectvars"
|
|
1366
1369
|
- kubectl config set-cluster "kube-pan-my-app-stage-web" --server="$CL_stage_web_KUBE_URL" --certificate-authority <(echo $CL_stage_web_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1367
1370
|
- kubectl config set-credentials "kube-pan-my-app-stage-web" --token="$CL_stage_web_KUBE_TOKEN"
|
|
1368
1371
|
- kubectl config set-context "kube-pan-my-app-stage-web" --cluster="kube-pan-my-app-stage-web" --user="kube-pan-my-app-stage-web" --namespace="pan-my-app-stage"
|
|
@@ -1391,7 +1394,7 @@ web 🧪 test:
|
|
|
1391
1394
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1392
1395
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
1393
1396
|
script:
|
|
1394
|
-
-
|
|
1397
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1395
1398
|
- export METEOR_DISABLE_OPTIMISTIC_CACHING="1"
|
|
1396
1399
|
- export ENV_SHORT="prod"
|
|
1397
1400
|
- export APP_DIR="app"
|
|
@@ -1399,31 +1402,30 @@ web 🧪 test:
|
|
|
1399
1402
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1400
1403
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1401
1404
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1402
|
-
- export
|
|
1405
|
+
- export HOSTNAME="www.example.com"
|
|
1403
1406
|
- export ROOT_URL="https://www.example.com"
|
|
1404
|
-
- export
|
|
1405
|
-
- export HOST_CANONICAL="web.prod.my-app.pan.panter.cloud"
|
|
1407
|
+
- export HOSTNAME_INTERNAL="web.prod.my-app.pan.panter.cloud"
|
|
1406
1408
|
- export ROOT_URL_INTERNAL="https://web.prod.my-app.pan.panter.cloud"
|
|
1407
1409
|
- export KUBE_NAMESPACE="pan-my-app-prod"
|
|
1408
1410
|
- export KUBE_APP_NAME="web"
|
|
1409
1411
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1410
1412
|
- export MONGODB_ROOT_PASSWORD="$CL_prod_web_MONGODB_ROOT_PASSWORD"
|
|
1411
1413
|
- export MONGODB_REPLICASET_KEY="$CL_prod_web_MONGODB_REPLICASET_KEY"
|
|
1412
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1413
|
-
-
|
|
1414
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
1415
|
+
- collapseable_section_end "injectvars"
|
|
1414
1416
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json
|
|
1415
|
-
-
|
|
1417
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1416
1418
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1417
1419
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1418
|
-
-
|
|
1420
|
+
- collapseable_section_end "nodeinstall"
|
|
1419
1421
|
- cd app
|
|
1420
|
-
-
|
|
1422
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1421
1423
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1422
1424
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1423
|
-
-
|
|
1424
|
-
-
|
|
1425
|
+
- collapseable_section_end "nodeinstall"
|
|
1426
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
1425
1427
|
- yarn install --immutable
|
|
1426
|
-
-
|
|
1428
|
+
- collapseable_section_end "yarninstall"
|
|
1427
1429
|
- echo "add healthcheck package"
|
|
1428
1430
|
- meteor add panter:healthroute --allow-superuser
|
|
1429
1431
|
- meteor add qualia:prod-shell --allow-superuser
|
|
@@ -1474,7 +1476,7 @@ web 🧪 test:
|
|
|
1474
1476
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1475
1477
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
1476
1478
|
script:
|
|
1477
|
-
-
|
|
1479
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1478
1480
|
- export APP_DIR="app"
|
|
1479
1481
|
- export DOCKER_BUILD_CONTEXT="."
|
|
1480
1482
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
@@ -1483,19 +1485,19 @@ web 🧪 test:
|
|
|
1483
1485
|
- export DOCKER_IMAGE="$CI_REGISTRY_IMAGE/$DOCKER_IMAGE_NAME"
|
|
1484
1486
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
1485
1487
|
- export METEOR_INSTALL_SCRIPTS=""
|
|
1486
|
-
-
|
|
1488
|
+
- collapseable_section_end "injectvars"
|
|
1487
1489
|
- ensureMeteorDockerfile
|
|
1488
|
-
-
|
|
1490
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1489
1491
|
- docker login --username gitlab-ci-token --password $CI_JOB_TOKEN $CI_REGISTRY
|
|
1490
|
-
-
|
|
1491
|
-
-
|
|
1492
|
+
- collapseable_section_end "docker-login"
|
|
1493
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1492
1494
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1493
|
-
-
|
|
1494
|
-
-
|
|
1495
|
+
- collapseable_section_end "docker-build"
|
|
1496
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1495
1497
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1496
1498
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1497
1499
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1498
|
-
-
|
|
1500
|
+
- collapseable_section_end "docker-push"
|
|
1499
1501
|
rules:
|
|
1500
1502
|
- if: $CI_COMMIT_TAG
|
|
1501
1503
|
needs:
|
|
@@ -1507,8 +1509,8 @@ web 🧪 test:
|
|
|
1507
1509
|
image: aquasec/trivy:0.38.3
|
|
1508
1510
|
variables: {}
|
|
1509
1511
|
script:
|
|
1510
|
-
-
|
|
1511
|
-
-
|
|
1512
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1513
|
+
- collapseable_section_end "injectvars"
|
|
1512
1514
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
1513
1515
|
artifacts:
|
|
1514
1516
|
paths:
|
|
@@ -1527,24 +1529,23 @@ web 🧪 test:
|
|
|
1527
1529
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1528
1530
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1529
1531
|
script:
|
|
1530
|
-
-
|
|
1532
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1531
1533
|
- export ENV_SHORT="prod"
|
|
1532
1534
|
- export APP_DIR="app"
|
|
1533
1535
|
- export ENV_TYPE="prod"
|
|
1534
1536
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1535
1537
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1536
1538
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1537
|
-
- export
|
|
1539
|
+
- export HOSTNAME="www.example.com"
|
|
1538
1540
|
- export ROOT_URL="https://www.example.com"
|
|
1539
|
-
- export
|
|
1540
|
-
- export HOST_CANONICAL="web.prod.my-app.pan.panter.cloud"
|
|
1541
|
+
- export HOSTNAME_INTERNAL="web.prod.my-app.pan.panter.cloud"
|
|
1541
1542
|
- export ROOT_URL_INTERNAL="https://web.prod.my-app.pan.panter.cloud"
|
|
1542
1543
|
- export KUBE_NAMESPACE="pan-my-app-prod"
|
|
1543
1544
|
- export KUBE_APP_NAME="web"
|
|
1544
1545
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1545
1546
|
- export MONGODB_ROOT_PASSWORD="$CL_prod_web_MONGODB_ROOT_PASSWORD"
|
|
1546
1547
|
- export MONGODB_REPLICASET_KEY="$CL_prod_web_MONGODB_REPLICASET_KEY"
|
|
1547
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1548
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
1548
1549
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
1549
1550
|
- export DOCKER_CACHE_IMAGE="$CI_REGISTRY_IMAGE/caches/web"
|
|
1550
1551
|
- export DOCKER_IMAGE_NAME="prod/web"
|
|
@@ -1556,21 +1557,20 @@ web 🧪 test:
|
|
|
1556
1557
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1557
1558
|
- export HELM_ARGS=""
|
|
1558
1559
|
- export COMPONENT_NAME="web"
|
|
1559
|
-
-
|
|
1560
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1560
|
+
- collapseable_section_end "injectvars"
|
|
1561
1561
|
- kubectl config set-cluster "kube-pan-my-app-prod-web" --server="$CL_prod_web_KUBE_URL" --certificate-authority <(echo $CL_prod_web_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1562
1562
|
- kubectl config set-credentials "kube-pan-my-app-prod-web" --token="$CL_prod_web_KUBE_TOKEN"
|
|
1563
1563
|
- kubectl config set-context "kube-pan-my-app-prod-web" --cluster="kube-pan-my-app-prod-web" --user="kube-pan-my-app-prod-web" --namespace="pan-my-app-prod"
|
|
1564
1564
|
- kubectl config use-context "kube-pan-my-app-prod-web"
|
|
1565
|
-
-
|
|
1565
|
+
- collapseable_section_start "writeallvalues" "Write __all_values.yml for helm deployment"
|
|
1566
1566
|
- |
|
|
1567
1567
|
cat > __all_values.yml <<EOF
|
|
1568
1568
|
env:
|
|
1569
1569
|
secret:
|
|
1570
1570
|
MONGODB_ROOT_PASSWORD: |-
|
|
1571
|
-
|
|
1571
|
+
$(printf %s "$CL_prod_web_MONGODB_ROOT_PASSWORD" | sed '1!s/^/ /')
|
|
1572
1572
|
MONGODB_REPLICASET_KEY: |-
|
|
1573
|
-
|
|
1573
|
+
$(printf %s "$CL_prod_web_MONGODB_REPLICASET_KEY" | sed '1!s/^/ /')
|
|
1574
1574
|
MONGO_URL: |-
|
|
1575
1575
|
mongodb://root:$CL_prod_web_MONGODB_ROOT_PASSWORD@web-mongodb-0.web-mongodb-headless.pan-my-app-prod.svc.cluster.local:27017,web-mongodb-1.web-mongodb-headless.pan-my-app-prod.svc.cluster.local:27017/app?replicaSet=rs0&authSource=admin
|
|
1576
1576
|
MONGO_OPLOG_URL: |-
|
|
@@ -1583,18 +1583,16 @@ web 🧪 test:
|
|
|
1583
1583
|
ENV_TYPE: |-
|
|
1584
1584
|
prod
|
|
1585
1585
|
BUILD_INFO_BUILD_ID: |-
|
|
1586
|
-
|
|
1586
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1587
1587
|
BUILD_INFO_BUILD_TIME: |-
|
|
1588
|
-
|
|
1588
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1589
1589
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1590
|
-
|
|
1591
|
-
|
|
1590
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1591
|
+
HOSTNAME: |-
|
|
1592
1592
|
www.example.com
|
|
1593
1593
|
ROOT_URL: |-
|
|
1594
1594
|
https://www.example.com
|
|
1595
|
-
|
|
1596
|
-
web.prod.my-app.pan.panter.cloud
|
|
1597
|
-
HOST_CANONICAL: |-
|
|
1595
|
+
HOSTNAME_INTERNAL: |-
|
|
1598
1596
|
web.prod.my-app.pan.panter.cloud
|
|
1599
1597
|
ROOT_URL_INTERNAL: |-
|
|
1600
1598
|
https://web.prod.my-app.pan.panter.cloud
|
|
@@ -1604,7 +1602,7 @@ web 🧪 test:
|
|
|
1604
1602
|
web
|
|
1605
1603
|
KUBE_APP_NAME_PREFIX: ""
|
|
1606
1604
|
_ALL_ENV_VAR_KEYS: |-
|
|
1607
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1605
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","KUBE_NAMESPACE","KUBE_APP_NAME","KUBE_APP_NAME_PREFIX","MONGODB_ROOT_PASSWORD","MONGODB_REPLICASET_KEY"]
|
|
1608
1606
|
application:
|
|
1609
1607
|
host: |-
|
|
1610
1608
|
www.example.com
|
|
@@ -1664,7 +1662,7 @@ web 🧪 test:
|
|
|
1664
1662
|
8Gi
|
|
1665
1663
|
|
|
1666
1664
|
EOF
|
|
1667
|
-
-
|
|
1665
|
+
- collapseable_section_end "writeallvalues"
|
|
1668
1666
|
- kubernetesCreateSecret
|
|
1669
1667
|
- kubernetesDeploy
|
|
1670
1668
|
- echo 'Uploading SBOM to Dependency Track'
|
|
@@ -1700,32 +1698,30 @@ web 🧪 test:
|
|
|
1700
1698
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1701
1699
|
GIT_STRATEGY: none
|
|
1702
1700
|
script:
|
|
1703
|
-
-
|
|
1701
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1704
1702
|
- export ENV_SHORT="prod"
|
|
1705
1703
|
- export APP_DIR="app"
|
|
1706
1704
|
- export ENV_TYPE="prod"
|
|
1707
1705
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1708
1706
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1709
1707
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1710
|
-
- export
|
|
1708
|
+
- export HOSTNAME="www.example.com"
|
|
1711
1709
|
- export ROOT_URL="https://www.example.com"
|
|
1712
|
-
- export
|
|
1713
|
-
- export HOST_CANONICAL="web.prod.my-app.pan.panter.cloud"
|
|
1710
|
+
- export HOSTNAME_INTERNAL="web.prod.my-app.pan.panter.cloud"
|
|
1714
1711
|
- export ROOT_URL_INTERNAL="https://web.prod.my-app.pan.panter.cloud"
|
|
1715
1712
|
- export KUBE_NAMESPACE="pan-my-app-prod"
|
|
1716
1713
|
- export KUBE_APP_NAME="web"
|
|
1717
1714
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1718
1715
|
- export MONGODB_ROOT_PASSWORD="$CL_prod_web_MONGODB_ROOT_PASSWORD"
|
|
1719
1716
|
- export MONGODB_REPLICASET_KEY="$CL_prod_web_MONGODB_REPLICASET_KEY"
|
|
1720
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1717
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
1721
1718
|
- export RELEASE_NAME="pan-my-app-prod-web"
|
|
1722
1719
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
1723
1720
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-web"
|
|
1724
1721
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1725
1722
|
- export HELM_ARGS=""
|
|
1726
1723
|
- export COMPONENT_NAME="web"
|
|
1727
|
-
-
|
|
1728
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1724
|
+
- collapseable_section_end "injectvars"
|
|
1729
1725
|
- kubectl config set-cluster "kube-pan-my-app-prod-web" --server="$CL_prod_web_KUBE_URL" --certificate-authority <(echo $CL_prod_web_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1730
1726
|
- kubectl config set-credentials "kube-pan-my-app-prod-web" --token="$CL_prod_web_KUBE_TOKEN"
|
|
1731
1727
|
- kubectl config set-context "kube-pan-my-app-prod-web" --cluster="kube-pan-my-app-prod-web" --user="kube-pan-my-app-prod-web" --namespace="pan-my-app-prod"
|
|
@@ -1759,32 +1755,30 @@ web 🧪 test:
|
|
|
1759
1755
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1760
1756
|
GIT_STRATEGY: none
|
|
1761
1757
|
script:
|
|
1762
|
-
-
|
|
1758
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1763
1759
|
- export ENV_SHORT="prod"
|
|
1764
1760
|
- export APP_DIR="app"
|
|
1765
1761
|
- export ENV_TYPE="prod"
|
|
1766
1762
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1767
1763
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1768
1764
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1769
|
-
- export
|
|
1765
|
+
- export HOSTNAME="www.example.com"
|
|
1770
1766
|
- export ROOT_URL="https://www.example.com"
|
|
1771
|
-
- export
|
|
1772
|
-
- export HOST_CANONICAL="web.prod.my-app.pan.panter.cloud"
|
|
1767
|
+
- export HOSTNAME_INTERNAL="web.prod.my-app.pan.panter.cloud"
|
|
1773
1768
|
- export ROOT_URL_INTERNAL="https://web.prod.my-app.pan.panter.cloud"
|
|
1774
1769
|
- export KUBE_NAMESPACE="pan-my-app-prod"
|
|
1775
1770
|
- export KUBE_APP_NAME="web"
|
|
1776
1771
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1777
1772
|
- export MONGODB_ROOT_PASSWORD="$CL_prod_web_MONGODB_ROOT_PASSWORD"
|
|
1778
1773
|
- export MONGODB_REPLICASET_KEY="$CL_prod_web_MONGODB_REPLICASET_KEY"
|
|
1779
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1774
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
1780
1775
|
- export RELEASE_NAME="pan-my-app-prod-web"
|
|
1781
1776
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
1782
1777
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-web"
|
|
1783
1778
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1784
1779
|
- export HELM_ARGS=""
|
|
1785
1780
|
- export COMPONENT_NAME="web"
|
|
1786
|
-
-
|
|
1787
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1781
|
+
- collapseable_section_end "injectvars"
|
|
1788
1782
|
- kubectl config set-cluster "kube-pan-my-app-prod-web" --server="$CL_prod_web_KUBE_URL" --certificate-authority <(echo $CL_prod_web_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1789
1783
|
- kubectl config set-credentials "kube-pan-my-app-prod-web" --token="$CL_prod_web_KUBE_TOKEN"
|
|
1790
1784
|
- kubectl config set-context "kube-pan-my-app-prod-web" --cluster="kube-pan-my-app-prod-web" --user="kube-pan-my-app-prod-web" --namespace="pan-my-app-prod"
|