@catladder/pipeline 1.170.1 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bash/BashExpression.d.ts +1 -6
- package/dist/bash/BashExpression.js +2 -15
- package/dist/bash/bashEscape.d.ts +34 -0
- package/dist/bash/bashEscape.js +114 -0
- package/dist/bash/bashYaml.js +25 -2
- package/dist/bash/getInjectVarsScript.js +4 -2
- package/dist/bash/index.d.ts +2 -0
- package/dist/bash/index.js +26 -0
- package/dist/build/base/createAppBuildJob.js +3 -3
- package/dist/build/base/writeDotEnv.js +6 -4
- package/dist/build/custom/testJob.js +12 -12
- package/dist/build/docker.d.ts +3 -3
- package/dist/build/node/buildJob.js +1 -1
- package/dist/build/node/cache.d.ts +2 -4
- package/dist/build/node/cache.js +3 -24
- package/dist/build/node/testJob.js +11 -11
- package/dist/build/rails/build.js +1 -1
- package/dist/build/rails/test.js +8 -8
- package/dist/build/types.d.ts +0 -10
- package/dist/constants.js +1 -1
- package/dist/context/createComponentContext.js +0 -1
- package/dist/context/getEnvConfig.js +2 -1
- package/dist/context/getEnvironment.js +1 -2
- package/dist/context/getEnvironmentVariables.d.ts +5 -6
- package/dist/context/getEnvironmentVariables.js +50 -38
- package/dist/deploy/base/deploy.js +3 -3
- package/dist/deploy/cloudRun/createJobs/getCloudRunDeployScripts.js +2 -2
- package/dist/deploy/cloudRun/index.js +2 -2
- package/dist/deploy/cloudRun/utils/getServiceName.d.ts +1 -1
- package/dist/deploy/kubernetes/cloudSql/index.d.ts +2 -2
- package/dist/deploy/kubernetes/cloudSql/index.js +3 -14
- package/dist/deploy/kubernetes/deployJob.js +1 -3
- package/dist/deploy/kubernetes/index.js +2 -2
- package/dist/deploy/kubernetes/kubeEnv.d.ts +3 -3
- package/dist/deploy/kubernetes/kubeValues.d.ts +3 -4
- package/dist/deploy/kubernetes/kubeValues.js +2 -3
- package/dist/deploy/types/base.d.ts +0 -6
- package/dist/deploy/types/kubernetes.d.ts +1 -34
- package/dist/globalScriptFunctions/index.d.ts +14 -0
- package/dist/globalScriptFunctions/index.js +37 -0
- package/dist/index.d.ts +3 -1
- package/dist/index.js +3 -1
- package/dist/pipeline/gitlab/createGitlabJobs.js +3 -5
- package/dist/pipeline/gitlab/createGitlabPipeline.d.ts +1 -0
- package/dist/pipeline/gitlab/createGitlabPipeline.js +38 -2
- package/dist/pipeline/packageManager.js +1 -1
- package/dist/runner/index.d.ts +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/dist/types/config.d.ts +6 -9
- package/dist/types/context.d.ts +2 -9
- package/dist/types/gitlab-types.d.ts +1 -0
- package/dist/types/jobs.d.ts +0 -8
- package/dist/utils/gitlab.js +4 -1
- package/dist/utils/writeFiles.js +1 -7
- package/dist/variables/VariableValue.d.ts +3 -0
- package/dist/variables/VariableValue.js +5 -0
- package/dist/variables/VariableValueContainingReferences.d.ts +24 -0
- package/dist/variables/VariableValueContainingReferences.js +97 -0
- package/dist/variables/__tests__/resolveAllReferences.test.js +219 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.js +171 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.js +202 -0
- package/dist/variables/__tests__/variableValue.test.d.ts +1 -0
- package/dist/variables/__tests__/variableValue.test.js +36 -0
- package/dist/variables/resolveAllReferences.d.ts +3 -0
- package/dist/{bash/replaceAsync.js → variables/resolveAllReferences.js} +60 -40
- package/dist/variables/resolveAllReferencesOnce.d.ts +5 -0
- package/dist/variables/resolveAllReferencesOnce.js +191 -0
- package/dist/variables/resolveReferencesOnce.d.ts +8 -0
- package/dist/variables/resolveReferencesOnce.js +22 -0
- package/examples/__snapshots__/cloud-run-http2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-memory-limit.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-meteor-with-worker.test.ts.snap +312 -222
- package/examples/__snapshots__/cloud-run-nextjs.test.ts.snap +1436 -0
- package/examples/__snapshots__/cloud-run-no-cpu-throttling.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-no-service.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-non-public.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-post-stop-job.test.ts.snap +313 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc-connector.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-gen2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-increase-timout.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-with-volumes.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-storybook.test.ts.snap +294 -220
- package/examples/__snapshots__/cloud-run-with-ngnix.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-with-sql-reuse-db.test.ts.snap +652 -486
- package/examples/__snapshots__/cloud-run-with-sql.test.ts.snap +282 -288
- package/examples/__snapshots__/cloud-run-with-worker.test.ts.snap +312 -238
- package/examples/__snapshots__/custom-build-job-with-tests.test.ts.snap +284 -194
- package/examples/__snapshots__/custom-build-job.test.ts.snap +278 -188
- package/examples/__snapshots__/custom-deploy.test.ts.snap +220 -154
- package/examples/__snapshots__/custom-envs.test.ts.snap +216 -126
- package/examples/__snapshots__/custom-sbom-java.test.ts.snap +278 -188
- package/examples/__snapshots__/git-submodule.test.ts.snap +312 -238
- package/examples/__snapshots__/kubernetes-application-customization.test.ts.snap +231 -253
- package/examples/__snapshots__/kubernetes-with-cloud-sql.test.ts.snap +240 -262
- package/examples/__snapshots__/kubernetes-with-jobs.test.ts.snap +504 -506
- package/examples/__snapshots__/kubernetes-with-mongodb.test.ts.snap +239 -261
- package/examples/__snapshots__/local-dot-env.test.ts.snap +236 -238
- package/examples/__snapshots__/meteor-kubernetes.test.ts.snap +236 -242
- package/examples/__snapshots__/multiline-var.test.ts.snap +1355 -973
- package/examples/__snapshots__/native-app.test.ts.snap +438 -392
- package/examples/__snapshots__/node-build-with-custom-image.test.ts.snap +312 -238
- package/examples/__snapshots__/node-build-with-docker-additions.test.ts.snap +312 -238
- package/examples/__snapshots__/rails-k8s-with-worker-dockerfile.test.ts.snap +186 -188
- package/examples/__snapshots__/rails-k8s-with-worker.test.ts.snap +162 -164
- package/examples/__snapshots__/referencing-other-vars.test.ts.snap +971 -765
- package/examples/__snapshots__/wait-for-other-deploy.test.ts.snap +330 -228
- package/examples/__snapshots__/{workspace-api-www-custom-cache.test.ts.snap → workspace-api-www-turbo-cache.test.ts.snap} +457 -499
- package/examples/__snapshots__/workspace-api-www.test.ts.snap +452 -482
- package/examples/{workspace-api-www-custom-cache.test.ts → cloud-run-nextjs.test.ts} +2 -2
- package/examples/cloud-run-nextjs.ts +28 -0
- package/examples/cloud-run-with-sql.ts +0 -1
- package/examples/kubernetes-application-customization.ts +1 -0
- package/examples/kubernetes-with-cloud-sql.ts +1 -0
- package/examples/kubernetes-with-jobs.ts +1 -0
- package/examples/kubernetes-with-mongodb.ts +1 -0
- package/examples/meteor-kubernetes.ts +1 -1
- package/examples/native-app.ts +10 -7
- package/examples/rails-k8s-with-worker.ts +7 -1
- package/examples/{kubernetes-with-cloud-sql-legacy.test.ts → workspace-api-www-turbo-cache.test.ts} +2 -2
- package/examples/{workspace-api-www-custom-cache.ts → workspace-api-www-turbo-cache.ts} +4 -3
- package/examples/workspace-api-www.ts +3 -2
- package/package.json +2 -6
- package/scripts/generate-examples-test.ts +0 -7
- package/src/bash/BashExpression.ts +0 -13
- package/src/bash/bashEscape.ts +158 -0
- package/src/bash/bashYaml.ts +36 -2
- package/src/bash/getInjectVarsScript.ts +11 -2
- package/src/bash/index.ts +2 -0
- package/src/build/base/createAppBuildJob.ts +0 -1
- package/src/build/base/writeDotEnv.ts +6 -6
- package/src/build/custom/testJob.ts +0 -1
- package/src/build/node/buildJob.ts +2 -2
- package/src/build/node/cache.ts +0 -29
- package/src/build/node/testJob.ts +0 -1
- package/src/build/rails/build.ts +0 -1
- package/src/build/rails/test.ts +0 -1
- package/src/build/types.ts +0 -13
- package/src/context/createComponentContext.ts +0 -1
- package/src/context/getEnvConfig.ts +2 -2
- package/src/context/getEnvironment.ts +1 -1
- package/src/context/getEnvironmentContext.ts +1 -1
- package/src/context/getEnvironmentVariables.ts +44 -51
- package/src/deploy/base/deploy.ts +1 -1
- package/src/deploy/cloudRun/createJobs/getCloudRunDeployScripts.ts +4 -12
- package/src/deploy/cloudRun/index.ts +2 -2
- package/src/deploy/kubernetes/cloudSql/index.ts +3 -16
- package/src/deploy/kubernetes/deployJob.ts +0 -2
- package/src/deploy/kubernetes/index.ts +2 -2
- package/src/deploy/kubernetes/kubeEnv.ts +3 -3
- package/src/deploy/kubernetes/kubeValues.ts +5 -8
- package/src/deploy/types/base.ts +0 -6
- package/src/deploy/types/kubernetes.ts +1 -36
- package/src/globalScriptFunctions/index.ts +30 -0
- package/src/index.ts +2 -0
- package/src/pipeline/gitlab/createGitlabJobs.ts +1 -4
- package/src/pipeline/gitlab/createGitlabPipeline.ts +8 -1
- package/src/pipeline/packageManager.ts +7 -5
- package/src/runner/index.ts +0 -1
- package/src/types/config.ts +6 -9
- package/src/types/context.ts +3 -9
- package/src/types/gitlab-types.ts +1 -0
- package/src/types/jobs.ts +0 -8
- package/src/utils/gitlab.ts +19 -2
- package/src/utils/writeFiles.ts +1 -2
- package/src/variables/VariableValue.ts +6 -0
- package/src/variables/VariableValueContainingReferences.ts +89 -0
- package/src/variables/__tests__/resolveAllReferences.test.ts +110 -0
- package/src/variables/__tests__/resolveAllReferencesOnce.test.ts +64 -0
- package/src/variables/__tests__/resolveReferencesOnce.test.ts +117 -0
- package/src/variables/__tests__/variableValue.test.ts +73 -0
- package/src/variables/resolveAllReferences.ts +46 -0
- package/src/variables/resolveAllReferencesOnce.ts +44 -0
- package/src/variables/resolveReferencesOnce.ts +29 -0
- package/bin/catladder-gitlab-dev.js +0 -3
- package/bin/catladder-gitlab.js +0 -3
- package/dist/bash/replaceAsync.d.ts +0 -2
- package/dist/bundles/catladder-gitlab/index.js +0 -15
- package/dist/context/__tests__/resolveReferences.test.js +0 -368
- package/dist/context/resolveReferences.d.ts +0 -6
- package/dist/context/resolveReferences.js +0 -286
- package/dist/deploy/kubernetes/processSecretsAsFiles.d.ts +0 -85
- package/dist/deploy/kubernetes/processSecretsAsFiles.js +0 -33
- package/examples/__snapshots__/kubernetes-with-cloud-sql-legacy.test.ts.snap +0 -1795
- package/examples/kubernetes-with-cloud-sql-legacy.ts +0 -35
- package/scripts/bundle +0 -2
- package/src/bash/replaceAsync.ts +0 -49
- package/src/context/__tests__/resolveReferences.test.ts +0 -148
- package/src/context/resolveReferences.ts +0 -93
- package/src/deploy/kubernetes/processSecretsAsFiles.ts +0 -35
- /package/dist/{context/__tests__/resolveReferences.test.d.ts → variables/__tests__/resolveAllReferences.test.d.ts} +0 -0
|
@@ -45,6 +45,36 @@ variables:
|
|
|
45
45
|
CACHE_COMPRESSION_LEVEL: fast
|
|
46
46
|
TRANSFER_METER_FREQUENCY: 5s
|
|
47
47
|
GIT_DEPTH: '1'
|
|
48
|
+
before_script:
|
|
49
|
+
- |-
|
|
50
|
+
function escapeForDotEnv () {
|
|
51
|
+
input="\${1:-$(cat)}"
|
|
52
|
+
input="\${input//$'\\n'/\\\\n}"
|
|
53
|
+
if [[ "$input" == *\\\\n* ]]; then
|
|
54
|
+
if [[ "$input" == *\\"* && "$input" == *\\'* && "$input" == *\\\`* ]]; then
|
|
55
|
+
printf "\\"%s\\"\\n" "$input"
|
|
56
|
+
elif [[ "$input" == *\\"* && "$input" == *\\'* ]]; then
|
|
57
|
+
printf "\`%s\`\\n" "$input"
|
|
58
|
+
elif [[ "$input" == *\\"* ]]; then
|
|
59
|
+
printf "'%s'\\n" "$input"
|
|
60
|
+
else
|
|
61
|
+
printf "\\"%s\\"\\n" "$input"
|
|
62
|
+
fi
|
|
63
|
+
else
|
|
64
|
+
printf "%s\\n" "$input"
|
|
65
|
+
fi
|
|
66
|
+
}
|
|
67
|
+
- |-
|
|
68
|
+
function collapseable_section_start () {
|
|
69
|
+
local section_title="\${1}"
|
|
70
|
+
local section_description="\${2:-$section_title}"
|
|
71
|
+
echo -e "section_start:\`date +%s\`:\${section_title}[collapsed=true]\\r\\e[0K\${section_description}"
|
|
72
|
+
}
|
|
73
|
+
- |-
|
|
74
|
+
function collapseable_section_end () {
|
|
75
|
+
local section_title="\${1}"
|
|
76
|
+
echo -e "section_end:\`date +%s\`:\${section_title}\\r\\e[0K"
|
|
77
|
+
}
|
|
48
78
|
api 🛡 audit:
|
|
49
79
|
stage: test
|
|
50
80
|
image: path/to/docker/jobs-default:the-version
|
|
@@ -53,9 +83,9 @@ api 🛡 audit:
|
|
|
53
83
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
54
84
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
55
85
|
script:
|
|
56
|
-
-
|
|
86
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
57
87
|
- export APP_PATH="api"
|
|
58
|
-
-
|
|
88
|
+
- collapseable_section_end "injectvars"
|
|
59
89
|
- cd api
|
|
60
90
|
- yarn npm audit --environment production
|
|
61
91
|
rules:
|
|
@@ -79,21 +109,21 @@ api 👮 lint:
|
|
|
79
109
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
80
110
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
81
111
|
script:
|
|
82
|
-
-
|
|
112
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
83
113
|
- export APP_PATH="api"
|
|
84
|
-
-
|
|
85
|
-
-
|
|
114
|
+
- collapseable_section_end "injectvars"
|
|
115
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
86
116
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
87
117
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
88
|
-
-
|
|
118
|
+
- collapseable_section_end "nodeinstall"
|
|
89
119
|
- cd api
|
|
90
|
-
-
|
|
120
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
91
121
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
92
122
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
93
|
-
-
|
|
94
|
-
-
|
|
123
|
+
- collapseable_section_end "nodeinstall"
|
|
124
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
95
125
|
- yarn install --immutable
|
|
96
|
-
-
|
|
126
|
+
- collapseable_section_end "yarninstall"
|
|
97
127
|
- yarn lint
|
|
98
128
|
cache:
|
|
99
129
|
- key: api-yarn
|
|
@@ -120,21 +150,21 @@ api 🧪 test:
|
|
|
120
150
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
121
151
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
122
152
|
script:
|
|
123
|
-
-
|
|
153
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
124
154
|
- export APP_PATH="api"
|
|
125
|
-
-
|
|
126
|
-
-
|
|
155
|
+
- collapseable_section_end "injectvars"
|
|
156
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
127
157
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
128
158
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
129
|
-
-
|
|
159
|
+
- collapseable_section_end "nodeinstall"
|
|
130
160
|
- cd api
|
|
131
|
-
-
|
|
161
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
132
162
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
133
163
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
134
|
-
-
|
|
135
|
-
-
|
|
164
|
+
- collapseable_section_end "nodeinstall"
|
|
165
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
136
166
|
- yarn install --immutable
|
|
137
|
-
-
|
|
167
|
+
- collapseable_section_end "yarninstall"
|
|
138
168
|
- yarn test
|
|
139
169
|
cache:
|
|
140
170
|
- key: api-yarn
|
|
@@ -161,37 +191,53 @@ api 🧪 test:
|
|
|
161
191
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
162
192
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
163
193
|
script:
|
|
164
|
-
-
|
|
194
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
165
195
|
- export ENV_SHORT="dev"
|
|
166
196
|
- export APP_DIR="api"
|
|
167
197
|
- export ENV_TYPE="dev"
|
|
168
198
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
169
199
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
170
200
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
171
|
-
- export
|
|
201
|
+
- export HOSTNAME="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
172
202
|
- export ROOT_URL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
173
|
-
- export
|
|
174
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
203
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
175
204
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
176
205
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
177
206
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
178
207
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_dev_api_GCLOUD_DEPLOY_credentialsKey"
|
|
179
208
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
180
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
181
|
-
-
|
|
209
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
210
|
+
- collapseable_section_end "injectvars"
|
|
211
|
+
- collapseable_section_start "write-dotenv-api" "write dot env for api"
|
|
212
|
+
- |-
|
|
213
|
+
cat <<EOF > api/.env
|
|
214
|
+
ENV_SHORT=dev
|
|
215
|
+
APP_DIR=api
|
|
216
|
+
ENV_TYPE=dev
|
|
217
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
218
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
219
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
220
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
221
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
|
|
222
|
+
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
223
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
224
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
225
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
226
|
+
EOF
|
|
227
|
+
- collapseable_section_end "write-dotenv-api"
|
|
182
228
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json
|
|
183
|
-
-
|
|
229
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
184
230
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
185
231
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
186
|
-
-
|
|
232
|
+
- collapseable_section_end "nodeinstall"
|
|
187
233
|
- cd api
|
|
188
|
-
-
|
|
234
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
189
235
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
190
236
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
191
|
-
-
|
|
192
|
-
-
|
|
237
|
+
- collapseable_section_end "nodeinstall"
|
|
238
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
193
239
|
- yarn install --immutable
|
|
194
|
-
-
|
|
240
|
+
- collapseable_section_end "yarninstall"
|
|
195
241
|
- yarn build
|
|
196
242
|
cache:
|
|
197
243
|
- key: api-yarn
|
|
@@ -202,15 +248,13 @@ api 🧪 test:
|
|
|
202
248
|
policy: pull-push
|
|
203
249
|
paths:
|
|
204
250
|
- api/node_modules
|
|
205
|
-
- key: api-next-cache
|
|
206
|
-
policy: pull-push
|
|
207
|
-
paths:
|
|
208
|
-
- api/.next/cache
|
|
209
251
|
artifacts:
|
|
210
252
|
paths:
|
|
211
253
|
- api/__build_info.json
|
|
212
254
|
- api/.next
|
|
213
255
|
- api/dist
|
|
256
|
+
exclude:
|
|
257
|
+
- api/.env
|
|
214
258
|
expire_in: 1 day
|
|
215
259
|
when: always
|
|
216
260
|
reports: {}
|
|
@@ -238,7 +282,7 @@ api 🧪 test:
|
|
|
238
282
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
239
283
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
240
284
|
script:
|
|
241
|
-
-
|
|
285
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
242
286
|
- export APP_DIR="api"
|
|
243
287
|
- export DOCKER_BUILD_CONTEXT="."
|
|
244
288
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -254,20 +298,20 @@ api 🧪 test:
|
|
|
254
298
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
255
299
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
256
300
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
257
|
-
-
|
|
301
|
+
- collapseable_section_end "injectvars"
|
|
258
302
|
- ensureNodeDockerfile
|
|
259
|
-
-
|
|
303
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
260
304
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")
|
|
261
305
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
262
|
-
-
|
|
263
|
-
-
|
|
306
|
+
- collapseable_section_end "docker-login"
|
|
307
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
264
308
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
265
|
-
-
|
|
266
|
-
-
|
|
309
|
+
- collapseable_section_end "docker-build"
|
|
310
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
267
311
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
268
312
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
269
313
|
- docker push $DOCKER_CACHE_IMAGE
|
|
270
|
-
-
|
|
314
|
+
- collapseable_section_end "docker-push"
|
|
271
315
|
cache:
|
|
272
316
|
- key: api-yarn
|
|
273
317
|
policy: pull
|
|
@@ -286,8 +330,8 @@ api 🧪 test:
|
|
|
286
330
|
image: aquasec/trivy:0.38.3
|
|
287
331
|
variables: {}
|
|
288
332
|
script:
|
|
289
|
-
-
|
|
290
|
-
-
|
|
333
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
334
|
+
- collapseable_section_end "injectvars"
|
|
291
335
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
292
336
|
artifacts:
|
|
293
337
|
paths:
|
|
@@ -308,35 +352,34 @@ api 🧪 test:
|
|
|
308
352
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
309
353
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
310
354
|
script:
|
|
311
|
-
-
|
|
355
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
312
356
|
- export ENV_SHORT="dev"
|
|
313
357
|
- export APP_DIR="api"
|
|
314
358
|
- export ENV_TYPE="dev"
|
|
315
359
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
316
360
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
317
361
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
318
|
-
- export
|
|
362
|
+
- export HOSTNAME="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
319
363
|
- export ROOT_URL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
320
|
-
- export
|
|
321
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
364
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
322
365
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
323
366
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
324
367
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
325
368
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_dev_api_GCLOUD_DEPLOY_credentialsKey"
|
|
326
369
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
327
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
370
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
328
371
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
329
372
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api"
|
|
330
373
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"
|
|
331
374
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
332
375
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
333
|
-
-
|
|
334
|
-
-
|
|
376
|
+
- collapseable_section_end "injectvars"
|
|
377
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
335
378
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")
|
|
336
379
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")
|
|
337
380
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
338
|
-
-
|
|
339
|
-
-
|
|
381
|
+
- collapseable_section_end "prepare"
|
|
382
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
340
383
|
- |
|
|
341
384
|
cat > ____envvars.yaml <<EOF
|
|
342
385
|
ENV_SHORT: |-
|
|
@@ -346,40 +389,38 @@ api 🧪 test:
|
|
|
346
389
|
ENV_TYPE: |-
|
|
347
390
|
dev
|
|
348
391
|
BUILD_INFO_BUILD_ID: |-
|
|
349
|
-
|
|
392
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
350
393
|
BUILD_INFO_BUILD_TIME: |-
|
|
351
|
-
|
|
394
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
352
395
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
353
|
-
|
|
354
|
-
|
|
355
|
-
|
|
396
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
397
|
+
HOSTNAME: |-
|
|
398
|
+
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
356
399
|
ROOT_URL: |-
|
|
357
|
-
|
|
358
|
-
|
|
359
|
-
|
|
360
|
-
HOST_CANONICAL: |-
|
|
361
|
-
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
400
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
401
|
+
HOSTNAME_INTERNAL: |-
|
|
402
|
+
$(printf %s "$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
362
403
|
ROOT_URL_INTERNAL: |-
|
|
363
|
-
|
|
404
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
364
405
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
365
406
|
google-project-id
|
|
366
407
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
367
408
|
europe-west6
|
|
368
409
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
369
|
-
|
|
410
|
+
$(printf %s "$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
370
411
|
_ALL_ENV_VAR_KEYS: |-
|
|
371
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
412
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
372
413
|
|
|
373
414
|
EOF
|
|
374
|
-
-
|
|
375
|
-
-
|
|
415
|
+
- collapseable_section_end "writeenvvars"
|
|
416
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
376
417
|
- gcloud run deploy pan-test-app-dev-api --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=dev,env-name=dev,build-type=node,cloud-run-service-name=pan-test-app-dev-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost --execution-environment=gen2
|
|
377
|
-
-
|
|
378
|
-
-
|
|
418
|
+
- collapseable_section_end "deploy"
|
|
419
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
379
420
|
- gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-dev-api --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
380
421
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/dev/api@$version --quiet --delete-tags; done
|
|
381
422
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done
|
|
382
|
-
-
|
|
423
|
+
- collapseable_section_end "cleanup"
|
|
383
424
|
- echo 'Uploading SBOM to Dependency Track'
|
|
384
425
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
385
426
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-api-$CL_dev_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -421,9 +462,9 @@ api 🧪 test:
|
|
|
421
462
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
422
463
|
GIT_STRATEGY: none
|
|
423
464
|
script:
|
|
424
|
-
-
|
|
465
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
425
466
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
426
|
-
-
|
|
467
|
+
- collapseable_section_end "injectvars"
|
|
427
468
|
- set +e
|
|
428
469
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_api_GCLOUD_DEPLOY_credentialsKey")
|
|
429
470
|
- gcloud run services delete pan-test-app-dev-api --project=google-project-id --region=europe-west6
|
|
@@ -459,37 +500,53 @@ api 🧪 test:
|
|
|
459
500
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
460
501
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
461
502
|
script:
|
|
462
|
-
-
|
|
503
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
463
504
|
- export ENV_SHORT="review"
|
|
464
505
|
- export APP_DIR="api"
|
|
465
506
|
- export ENV_TYPE="review"
|
|
466
507
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
467
508
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
468
509
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
469
|
-
- export
|
|
510
|
+
- export HOSTNAME="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
470
511
|
- export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
471
|
-
- export
|
|
472
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
512
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
473
513
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
474
514
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
475
515
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
476
516
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_review_api_GCLOUD_DEPLOY_credentialsKey"
|
|
477
517
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_review_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
478
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
479
|
-
-
|
|
518
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
519
|
+
- collapseable_section_end "injectvars"
|
|
520
|
+
- collapseable_section_start "write-dotenv-api" "write dot env for api"
|
|
521
|
+
- |-
|
|
522
|
+
cat <<EOF > api/.env
|
|
523
|
+
ENV_SHORT=review
|
|
524
|
+
APP_DIR=api
|
|
525
|
+
ENV_TYPE=review
|
|
526
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
527
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
528
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
529
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
530
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
|
|
531
|
+
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
532
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_review_api_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
533
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
534
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
535
|
+
EOF
|
|
536
|
+
- collapseable_section_end "write-dotenv-api"
|
|
480
537
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json
|
|
481
|
-
-
|
|
538
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
482
539
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
483
540
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
484
|
-
-
|
|
541
|
+
- collapseable_section_end "nodeinstall"
|
|
485
542
|
- cd api
|
|
486
|
-
-
|
|
543
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
487
544
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
488
545
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
489
|
-
-
|
|
490
|
-
-
|
|
546
|
+
- collapseable_section_end "nodeinstall"
|
|
547
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
491
548
|
- yarn install --immutable
|
|
492
|
-
-
|
|
549
|
+
- collapseable_section_end "yarninstall"
|
|
493
550
|
- yarn build
|
|
494
551
|
cache:
|
|
495
552
|
- key: api-yarn
|
|
@@ -500,15 +557,13 @@ api 🧪 test:
|
|
|
500
557
|
policy: pull-push
|
|
501
558
|
paths:
|
|
502
559
|
- api/node_modules
|
|
503
|
-
- key: api-next-cache
|
|
504
|
-
policy: pull-push
|
|
505
|
-
paths:
|
|
506
|
-
- api/.next/cache
|
|
507
560
|
artifacts:
|
|
508
561
|
paths:
|
|
509
562
|
- api/__build_info.json
|
|
510
563
|
- api/.next
|
|
511
564
|
- api/dist
|
|
565
|
+
exclude:
|
|
566
|
+
- api/.env
|
|
512
567
|
expire_in: 1 day
|
|
513
568
|
when: always
|
|
514
569
|
reports: {}
|
|
@@ -534,7 +589,7 @@ api 🧪 test:
|
|
|
534
589
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
535
590
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
536
591
|
script:
|
|
537
|
-
-
|
|
592
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
538
593
|
- export APP_DIR="api"
|
|
539
594
|
- export DOCKER_BUILD_CONTEXT="."
|
|
540
595
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -550,20 +605,20 @@ api 🧪 test:
|
|
|
550
605
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
551
606
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
552
607
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
553
|
-
-
|
|
608
|
+
- collapseable_section_end "injectvars"
|
|
554
609
|
- ensureNodeDockerfile
|
|
555
|
-
-
|
|
610
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
556
611
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")
|
|
557
612
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
558
|
-
-
|
|
559
|
-
-
|
|
613
|
+
- collapseable_section_end "docker-login"
|
|
614
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
560
615
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
561
|
-
-
|
|
562
|
-
-
|
|
616
|
+
- collapseable_section_end "docker-build"
|
|
617
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
563
618
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
564
619
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
565
620
|
- docker push $DOCKER_CACHE_IMAGE
|
|
566
|
-
-
|
|
621
|
+
- collapseable_section_end "docker-push"
|
|
567
622
|
cache:
|
|
568
623
|
- key: api-yarn
|
|
569
624
|
policy: pull
|
|
@@ -580,8 +635,8 @@ api 🧪 test:
|
|
|
580
635
|
image: aquasec/trivy:0.38.3
|
|
581
636
|
variables: {}
|
|
582
637
|
script:
|
|
583
|
-
-
|
|
584
|
-
-
|
|
638
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
639
|
+
- collapseable_section_end "injectvars"
|
|
585
640
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
586
641
|
artifacts:
|
|
587
642
|
paths:
|
|
@@ -600,35 +655,34 @@ api 🧪 test:
|
|
|
600
655
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
601
656
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
602
657
|
script:
|
|
603
|
-
-
|
|
658
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
604
659
|
- export ENV_SHORT="review"
|
|
605
660
|
- export APP_DIR="api"
|
|
606
661
|
- export ENV_TYPE="review"
|
|
607
662
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
608
663
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
609
664
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
610
|
-
- export
|
|
665
|
+
- export HOSTNAME="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
611
666
|
- export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
612
|
-
- export
|
|
613
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
667
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
614
668
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
615
669
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
616
670
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
617
671
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_review_api_GCLOUD_DEPLOY_credentialsKey"
|
|
618
672
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_review_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
619
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
673
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
620
674
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
621
675
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"
|
|
622
676
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"
|
|
623
677
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
624
678
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
625
|
-
-
|
|
626
|
-
-
|
|
679
|
+
- collapseable_section_end "injectvars"
|
|
680
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
627
681
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")
|
|
628
682
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")
|
|
629
683
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
630
|
-
-
|
|
631
|
-
-
|
|
684
|
+
- collapseable_section_end "prepare"
|
|
685
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
632
686
|
- |
|
|
633
687
|
cat > ____envvars.yaml <<EOF
|
|
634
688
|
ENV_SHORT: |-
|
|
@@ -638,43 +692,41 @@ api 🧪 test:
|
|
|
638
692
|
ENV_TYPE: |-
|
|
639
693
|
review
|
|
640
694
|
BUILD_INFO_BUILD_ID: |-
|
|
641
|
-
|
|
695
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
642
696
|
BUILD_INFO_BUILD_TIME: |-
|
|
643
|
-
|
|
697
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
644
698
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
645
|
-
|
|
646
|
-
|
|
647
|
-
|
|
699
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
700
|
+
HOSTNAME: |-
|
|
701
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
648
702
|
ROOT_URL: |-
|
|
649
|
-
|
|
650
|
-
|
|
651
|
-
|
|
652
|
-
HOST_CANONICAL: |-
|
|
653
|
-
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
703
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
704
|
+
HOSTNAME_INTERNAL: |-
|
|
705
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
654
706
|
ROOT_URL_INTERNAL: |-
|
|
655
|
-
|
|
707
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
656
708
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
657
709
|
google-project-id
|
|
658
710
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
659
711
|
europe-west6
|
|
660
712
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
661
|
-
|
|
713
|
+
$(printf %s "$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
662
714
|
_ALL_ENV_VAR_KEYS: |-
|
|
663
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
715
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
664
716
|
|
|
665
717
|
EOF
|
|
666
|
-
-
|
|
667
|
-
-
|
|
718
|
+
- collapseable_section_end "writeenvvars"
|
|
719
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
668
720
|
- gcloud run deploy $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-service-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost --execution-environment=gen2
|
|
669
|
-
-
|
|
670
|
-
-
|
|
721
|
+
- collapseable_section_end "deploy"
|
|
722
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
671
723
|
- gcloud run revisions list --project=google-project-id --region=europe-west6 --service=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
672
724
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })@$version --quiet --delete-tags; done
|
|
673
725
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done
|
|
674
726
|
- set +e
|
|
675
727
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/review/api --quiet --delete-tags
|
|
676
728
|
- set -e
|
|
677
|
-
-
|
|
729
|
+
- collapseable_section_end "cleanup"
|
|
678
730
|
- echo 'Uploading SBOM to Dependency Track'
|
|
679
731
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
680
732
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-$CL_review_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -714,9 +766,9 @@ api 🧪 test:
|
|
|
714
766
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
715
767
|
GIT_STRATEGY: none
|
|
716
768
|
script:
|
|
717
|
-
-
|
|
769
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
718
770
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
719
|
-
-
|
|
771
|
+
- collapseable_section_end "injectvars"
|
|
720
772
|
- set +e
|
|
721
773
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_api_GCLOUD_DEPLOY_credentialsKey")
|
|
722
774
|
- gcloud run services delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | awk '{print tolower($0)}') --project=google-project-id --region=europe-west6
|
|
@@ -753,37 +805,53 @@ api 🧪 test:
|
|
|
753
805
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
754
806
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
755
807
|
script:
|
|
756
|
-
-
|
|
808
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
757
809
|
- export ENV_SHORT="stage"
|
|
758
810
|
- export APP_DIR="api"
|
|
759
811
|
- export ENV_TYPE="stage"
|
|
760
812
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
761
813
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
762
814
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
763
|
-
- export
|
|
815
|
+
- export HOSTNAME="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
764
816
|
- export ROOT_URL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
765
|
-
- export
|
|
766
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
817
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
767
818
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
768
819
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
769
820
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
770
821
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_stage_api_GCLOUD_DEPLOY_credentialsKey"
|
|
771
822
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
772
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
773
|
-
-
|
|
823
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
824
|
+
- collapseable_section_end "injectvars"
|
|
825
|
+
- collapseable_section_start "write-dotenv-api" "write dot env for api"
|
|
826
|
+
- |-
|
|
827
|
+
cat <<EOF > api/.env
|
|
828
|
+
ENV_SHORT=stage
|
|
829
|
+
APP_DIR=api
|
|
830
|
+
ENV_TYPE=stage
|
|
831
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
832
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
833
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
834
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
835
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
|
|
836
|
+
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
837
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
838
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
839
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
840
|
+
EOF
|
|
841
|
+
- collapseable_section_end "write-dotenv-api"
|
|
774
842
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json
|
|
775
|
-
-
|
|
843
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
776
844
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
777
845
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
778
|
-
-
|
|
846
|
+
- collapseable_section_end "nodeinstall"
|
|
779
847
|
- cd api
|
|
780
|
-
-
|
|
848
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
781
849
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
782
850
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
783
|
-
-
|
|
784
|
-
-
|
|
851
|
+
- collapseable_section_end "nodeinstall"
|
|
852
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
785
853
|
- yarn install --immutable
|
|
786
|
-
-
|
|
854
|
+
- collapseable_section_end "yarninstall"
|
|
787
855
|
- yarn build
|
|
788
856
|
cache:
|
|
789
857
|
- key: api-yarn
|
|
@@ -794,15 +862,13 @@ api 🧪 test:
|
|
|
794
862
|
policy: pull-push
|
|
795
863
|
paths:
|
|
796
864
|
- api/node_modules
|
|
797
|
-
- key: api-next-cache
|
|
798
|
-
policy: pull-push
|
|
799
|
-
paths:
|
|
800
|
-
- api/.next/cache
|
|
801
865
|
artifacts:
|
|
802
866
|
paths:
|
|
803
867
|
- api/__build_info.json
|
|
804
868
|
- api/.next
|
|
805
869
|
- api/dist
|
|
870
|
+
exclude:
|
|
871
|
+
- api/.env
|
|
806
872
|
expire_in: 1 day
|
|
807
873
|
when: always
|
|
808
874
|
reports: {}
|
|
@@ -828,7 +894,7 @@ api 🧪 test:
|
|
|
828
894
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
829
895
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
830
896
|
script:
|
|
831
|
-
-
|
|
897
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
832
898
|
- export APP_DIR="api"
|
|
833
899
|
- export DOCKER_BUILD_CONTEXT="."
|
|
834
900
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -844,20 +910,20 @@ api 🧪 test:
|
|
|
844
910
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
845
911
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
846
912
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
847
|
-
-
|
|
913
|
+
- collapseable_section_end "injectvars"
|
|
848
914
|
- ensureNodeDockerfile
|
|
849
|
-
-
|
|
915
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
850
916
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")
|
|
851
917
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
852
|
-
-
|
|
853
|
-
-
|
|
918
|
+
- collapseable_section_end "docker-login"
|
|
919
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
854
920
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
855
|
-
-
|
|
856
|
-
-
|
|
921
|
+
- collapseable_section_end "docker-build"
|
|
922
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
857
923
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
858
924
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
859
925
|
- docker push $DOCKER_CACHE_IMAGE
|
|
860
|
-
-
|
|
926
|
+
- collapseable_section_end "docker-push"
|
|
861
927
|
cache:
|
|
862
928
|
- key: api-yarn
|
|
863
929
|
policy: pull
|
|
@@ -874,8 +940,8 @@ api 🧪 test:
|
|
|
874
940
|
image: aquasec/trivy:0.38.3
|
|
875
941
|
variables: {}
|
|
876
942
|
script:
|
|
877
|
-
-
|
|
878
|
-
-
|
|
943
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
944
|
+
- collapseable_section_end "injectvars"
|
|
879
945
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
880
946
|
artifacts:
|
|
881
947
|
paths:
|
|
@@ -894,35 +960,34 @@ api 🧪 test:
|
|
|
894
960
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
895
961
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
896
962
|
script:
|
|
897
|
-
-
|
|
963
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
898
964
|
- export ENV_SHORT="stage"
|
|
899
965
|
- export APP_DIR="api"
|
|
900
966
|
- export ENV_TYPE="stage"
|
|
901
967
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
902
968
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
903
969
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
904
|
-
- export
|
|
970
|
+
- export HOSTNAME="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
905
971
|
- export ROOT_URL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
906
|
-
- export
|
|
907
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
972
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
908
973
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
909
974
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
910
975
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
911
976
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_stage_api_GCLOUD_DEPLOY_credentialsKey"
|
|
912
977
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
913
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
978
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
914
979
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
915
980
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api"
|
|
916
981
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"
|
|
917
982
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
918
983
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
919
|
-
-
|
|
920
|
-
-
|
|
984
|
+
- collapseable_section_end "injectvars"
|
|
985
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
921
986
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")
|
|
922
987
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")
|
|
923
988
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
924
|
-
-
|
|
925
|
-
-
|
|
989
|
+
- collapseable_section_end "prepare"
|
|
990
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
926
991
|
- |
|
|
927
992
|
cat > ____envvars.yaml <<EOF
|
|
928
993
|
ENV_SHORT: |-
|
|
@@ -932,40 +997,38 @@ api 🧪 test:
|
|
|
932
997
|
ENV_TYPE: |-
|
|
933
998
|
stage
|
|
934
999
|
BUILD_INFO_BUILD_ID: |-
|
|
935
|
-
|
|
1000
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
936
1001
|
BUILD_INFO_BUILD_TIME: |-
|
|
937
|
-
|
|
1002
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
938
1003
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
939
|
-
|
|
940
|
-
|
|
941
|
-
|
|
1004
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1005
|
+
HOSTNAME: |-
|
|
1006
|
+
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
942
1007
|
ROOT_URL: |-
|
|
943
|
-
|
|
944
|
-
|
|
945
|
-
|
|
946
|
-
HOST_CANONICAL: |-
|
|
947
|
-
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1008
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1009
|
+
HOSTNAME_INTERNAL: |-
|
|
1010
|
+
$(printf %s "$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
948
1011
|
ROOT_URL_INTERNAL: |-
|
|
949
|
-
|
|
1012
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
950
1013
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
951
1014
|
google-project-id
|
|
952
1015
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
953
1016
|
europe-west6
|
|
954
1017
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
955
|
-
|
|
1018
|
+
$(printf %s "$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
956
1019
|
_ALL_ENV_VAR_KEYS: |-
|
|
957
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1020
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
958
1021
|
|
|
959
1022
|
EOF
|
|
960
|
-
-
|
|
961
|
-
-
|
|
1023
|
+
- collapseable_section_end "writeenvvars"
|
|
1024
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
962
1025
|
- gcloud run deploy pan-test-app-stage-api --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=stage,env-name=stage,build-type=node,cloud-run-service-name=pan-test-app-stage-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost --execution-environment=gen2
|
|
963
|
-
-
|
|
964
|
-
-
|
|
1026
|
+
- collapseable_section_end "deploy"
|
|
1027
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
965
1028
|
- gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-stage-api --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
966
1029
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/stage/api@$version --quiet --delete-tags; done
|
|
967
1030
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done
|
|
968
|
-
-
|
|
1031
|
+
- collapseable_section_end "cleanup"
|
|
969
1032
|
- echo 'Uploading SBOM to Dependency Track'
|
|
970
1033
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
971
1034
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-api-$CL_stage_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -998,9 +1061,9 @@ api 🧪 test:
|
|
|
998
1061
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
999
1062
|
GIT_STRATEGY: none
|
|
1000
1063
|
script:
|
|
1001
|
-
-
|
|
1064
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1002
1065
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1003
|
-
-
|
|
1066
|
+
- collapseable_section_end "injectvars"
|
|
1004
1067
|
- set +e
|
|
1005
1068
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_api_GCLOUD_DEPLOY_credentialsKey")
|
|
1006
1069
|
- gcloud run services delete pan-test-app-stage-api --project=google-project-id --region=europe-west6
|
|
@@ -1034,37 +1097,53 @@ api 🧪 test:
|
|
|
1034
1097
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1035
1098
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
1036
1099
|
script:
|
|
1037
|
-
-
|
|
1100
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1038
1101
|
- export ENV_SHORT="prod"
|
|
1039
1102
|
- export APP_DIR="api"
|
|
1040
1103
|
- export ENV_TYPE="prod"
|
|
1041
1104
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1042
1105
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1043
1106
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1044
|
-
- export
|
|
1107
|
+
- export HOSTNAME="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1045
1108
|
- export ROOT_URL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1046
|
-
- export
|
|
1047
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1109
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1048
1110
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1049
1111
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
1050
1112
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
1051
1113
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_prod_api_GCLOUD_DEPLOY_credentialsKey"
|
|
1052
1114
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
1053
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1054
|
-
-
|
|
1115
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
1116
|
+
- collapseable_section_end "injectvars"
|
|
1117
|
+
- collapseable_section_start "write-dotenv-api" "write dot env for api"
|
|
1118
|
+
- |-
|
|
1119
|
+
cat <<EOF > api/.env
|
|
1120
|
+
ENV_SHORT=prod
|
|
1121
|
+
APP_DIR=api
|
|
1122
|
+
ENV_TYPE=prod
|
|
1123
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1124
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1125
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1126
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1127
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=google-project-id
|
|
1128
|
+
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
1129
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
1130
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
1131
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
1132
|
+
EOF
|
|
1133
|
+
- collapseable_section_end "write-dotenv-api"
|
|
1055
1134
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json
|
|
1056
|
-
-
|
|
1135
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1057
1136
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1058
1137
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1059
|
-
-
|
|
1138
|
+
- collapseable_section_end "nodeinstall"
|
|
1060
1139
|
- cd api
|
|
1061
|
-
-
|
|
1140
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1062
1141
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1063
1142
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1064
|
-
-
|
|
1065
|
-
-
|
|
1143
|
+
- collapseable_section_end "nodeinstall"
|
|
1144
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
1066
1145
|
- yarn install --immutable
|
|
1067
|
-
-
|
|
1146
|
+
- collapseable_section_end "yarninstall"
|
|
1068
1147
|
- yarn build
|
|
1069
1148
|
cache:
|
|
1070
1149
|
- key: api-yarn
|
|
@@ -1075,15 +1154,13 @@ api 🧪 test:
|
|
|
1075
1154
|
policy: pull-push
|
|
1076
1155
|
paths:
|
|
1077
1156
|
- api/node_modules
|
|
1078
|
-
- key: api-next-cache
|
|
1079
|
-
policy: pull-push
|
|
1080
|
-
paths:
|
|
1081
|
-
- api/.next/cache
|
|
1082
1157
|
artifacts:
|
|
1083
1158
|
paths:
|
|
1084
1159
|
- api/__build_info.json
|
|
1085
1160
|
- api/.next
|
|
1086
1161
|
- api/dist
|
|
1162
|
+
exclude:
|
|
1163
|
+
- api/.env
|
|
1087
1164
|
expire_in: 1 day
|
|
1088
1165
|
when: always
|
|
1089
1166
|
reports: {}
|
|
@@ -1109,7 +1186,7 @@ api 🧪 test:
|
|
|
1109
1186
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1110
1187
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
1111
1188
|
script:
|
|
1112
|
-
-
|
|
1189
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1113
1190
|
- export APP_DIR="api"
|
|
1114
1191
|
- export DOCKER_BUILD_CONTEXT="."
|
|
1115
1192
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -1125,20 +1202,20 @@ api 🧪 test:
|
|
|
1125
1202
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
1126
1203
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1127
1204
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
1128
|
-
-
|
|
1205
|
+
- collapseable_section_end "injectvars"
|
|
1129
1206
|
- ensureNodeDockerfile
|
|
1130
|
-
-
|
|
1207
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1131
1208
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")
|
|
1132
1209
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
1133
|
-
-
|
|
1134
|
-
-
|
|
1210
|
+
- collapseable_section_end "docker-login"
|
|
1211
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1135
1212
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1136
|
-
-
|
|
1137
|
-
-
|
|
1213
|
+
- collapseable_section_end "docker-build"
|
|
1214
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1138
1215
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1139
1216
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1140
1217
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1141
|
-
-
|
|
1218
|
+
- collapseable_section_end "docker-push"
|
|
1142
1219
|
cache:
|
|
1143
1220
|
- key: api-yarn
|
|
1144
1221
|
policy: pull
|
|
@@ -1155,8 +1232,8 @@ api 🧪 test:
|
|
|
1155
1232
|
image: aquasec/trivy:0.38.3
|
|
1156
1233
|
variables: {}
|
|
1157
1234
|
script:
|
|
1158
|
-
-
|
|
1159
|
-
-
|
|
1235
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1236
|
+
- collapseable_section_end "injectvars"
|
|
1160
1237
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
1161
1238
|
artifacts:
|
|
1162
1239
|
paths:
|
|
@@ -1175,35 +1252,34 @@ api 🧪 test:
|
|
|
1175
1252
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1176
1253
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1177
1254
|
script:
|
|
1178
|
-
-
|
|
1255
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1179
1256
|
- export ENV_SHORT="prod"
|
|
1180
1257
|
- export APP_DIR="api"
|
|
1181
1258
|
- export ENV_TYPE="prod"
|
|
1182
1259
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1183
1260
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1184
1261
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1185
|
-
- export
|
|
1262
|
+
- export HOSTNAME="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1186
1263
|
- export ROOT_URL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1187
|
-
- export
|
|
1188
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1264
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1189
1265
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1190
1266
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="google-project-id"
|
|
1191
1267
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
1192
1268
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_prod_api_GCLOUD_DEPLOY_credentialsKey"
|
|
1193
1269
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix"
|
|
1194
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1270
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
1195
1271
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
1196
1272
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api"
|
|
1197
1273
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api"
|
|
1198
1274
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
1199
1275
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1200
|
-
-
|
|
1201
|
-
-
|
|
1276
|
+
- collapseable_section_end "injectvars"
|
|
1277
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
1202
1278
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")
|
|
1203
1279
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe google-project-id --format="value(projectNumber)")
|
|
1204
1280
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
1205
|
-
-
|
|
1206
|
-
-
|
|
1281
|
+
- collapseable_section_end "prepare"
|
|
1282
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
1207
1283
|
- |
|
|
1208
1284
|
cat > ____envvars.yaml <<EOF
|
|
1209
1285
|
ENV_SHORT: |-
|
|
@@ -1213,40 +1289,38 @@ api 🧪 test:
|
|
|
1213
1289
|
ENV_TYPE: |-
|
|
1214
1290
|
prod
|
|
1215
1291
|
BUILD_INFO_BUILD_ID: |-
|
|
1216
|
-
|
|
1292
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1217
1293
|
BUILD_INFO_BUILD_TIME: |-
|
|
1218
|
-
|
|
1294
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1219
1295
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1220
|
-
|
|
1221
|
-
|
|
1222
|
-
|
|
1296
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1297
|
+
HOSTNAME: |-
|
|
1298
|
+
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1223
1299
|
ROOT_URL: |-
|
|
1224
|
-
|
|
1225
|
-
|
|
1226
|
-
|
|
1227
|
-
HOST_CANONICAL: |-
|
|
1228
|
-
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1300
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1301
|
+
HOSTNAME_INTERNAL: |-
|
|
1302
|
+
$(printf %s "$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1229
1303
|
ROOT_URL_INTERNAL: |-
|
|
1230
|
-
|
|
1304
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1231
1305
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
1232
1306
|
google-project-id
|
|
1233
1307
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
1234
1308
|
europe-west6
|
|
1235
1309
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
1236
|
-
|
|
1310
|
+
$(printf %s "$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
1237
1311
|
_ALL_ENV_VAR_KEYS: |-
|
|
1238
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1312
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
1239
1313
|
|
|
1240
1314
|
EOF
|
|
1241
|
-
-
|
|
1242
|
-
-
|
|
1315
|
+
- collapseable_section_end "writeenvvars"
|
|
1316
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
1243
1317
|
- gcloud run deploy pan-test-app-prod-api --command="yarn,start" --image=europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api:$DOCKER_IMAGE_TAG --project=google-project-id --region=europe-west6 --labels=customer-name=pan,component-name=api,app-name=test-app,env-type=prod,env-name=prod,build-type=node,cloud-run-service-name=pan-test-app-prod-api --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost --execution-environment=gen2
|
|
1244
|
-
-
|
|
1245
|
-
-
|
|
1318
|
+
- collapseable_section_end "deploy"
|
|
1319
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
1246
1320
|
- gcloud run revisions list --project=google-project-id --region=europe-west6 --service=pan-test-app-prod-api --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | tail -n +6 | while read -r revisionname; do gcloud run revisions delete --project=google-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
1247
1321
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +7 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/prod/api@$version --quiet --delete-tags; done
|
|
1248
1322
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/google-project-id/catladder-deploy/pan-test-app/caches/api@$version --quiet --delete-tags; done
|
|
1249
|
-
-
|
|
1323
|
+
- collapseable_section_end "cleanup"
|
|
1250
1324
|
- echo 'Uploading SBOM to Dependency Track'
|
|
1251
1325
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/api" "https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
1252
1326
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-api-$CL_prod_api_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -1279,9 +1353,9 @@ api 🧪 test:
|
|
|
1279
1353
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1280
1354
|
GIT_STRATEGY: none
|
|
1281
1355
|
script:
|
|
1282
|
-
-
|
|
1356
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1283
1357
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1284
|
-
-
|
|
1358
|
+
- collapseable_section_end "injectvars"
|
|
1285
1359
|
- set +e
|
|
1286
1360
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_api_GCLOUD_DEPLOY_credentialsKey")
|
|
1287
1361
|
- gcloud run services delete pan-test-app-prod-api --project=google-project-id --region=europe-west6
|