@catladder/pipeline 1.170.1 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bash/BashExpression.d.ts +1 -6
- package/dist/bash/BashExpression.js +2 -15
- package/dist/bash/bashEscape.d.ts +34 -0
- package/dist/bash/bashEscape.js +114 -0
- package/dist/bash/bashYaml.js +25 -2
- package/dist/bash/getInjectVarsScript.js +4 -2
- package/dist/bash/index.d.ts +2 -0
- package/dist/bash/index.js +26 -0
- package/dist/build/base/createAppBuildJob.js +3 -3
- package/dist/build/base/writeDotEnv.js +6 -4
- package/dist/build/custom/testJob.js +12 -12
- package/dist/build/docker.d.ts +3 -3
- package/dist/build/node/buildJob.js +1 -1
- package/dist/build/node/cache.d.ts +2 -4
- package/dist/build/node/cache.js +3 -24
- package/dist/build/node/testJob.js +11 -11
- package/dist/build/rails/build.js +1 -1
- package/dist/build/rails/test.js +8 -8
- package/dist/build/types.d.ts +0 -10
- package/dist/constants.js +1 -1
- package/dist/context/createComponentContext.js +0 -1
- package/dist/context/getEnvConfig.js +2 -1
- package/dist/context/getEnvironment.js +1 -2
- package/dist/context/getEnvironmentVariables.d.ts +5 -6
- package/dist/context/getEnvironmentVariables.js +50 -38
- package/dist/deploy/base/deploy.js +3 -3
- package/dist/deploy/cloudRun/createJobs/getCloudRunDeployScripts.js +2 -2
- package/dist/deploy/cloudRun/index.js +2 -2
- package/dist/deploy/cloudRun/utils/getServiceName.d.ts +1 -1
- package/dist/deploy/kubernetes/cloudSql/index.d.ts +2 -2
- package/dist/deploy/kubernetes/cloudSql/index.js +3 -14
- package/dist/deploy/kubernetes/deployJob.js +1 -3
- package/dist/deploy/kubernetes/index.js +2 -2
- package/dist/deploy/kubernetes/kubeEnv.d.ts +3 -3
- package/dist/deploy/kubernetes/kubeValues.d.ts +3 -4
- package/dist/deploy/kubernetes/kubeValues.js +2 -3
- package/dist/deploy/types/base.d.ts +0 -6
- package/dist/deploy/types/kubernetes.d.ts +1 -34
- package/dist/globalScriptFunctions/index.d.ts +14 -0
- package/dist/globalScriptFunctions/index.js +37 -0
- package/dist/index.d.ts +3 -1
- package/dist/index.js +3 -1
- package/dist/pipeline/gitlab/createGitlabJobs.js +3 -5
- package/dist/pipeline/gitlab/createGitlabPipeline.d.ts +1 -0
- package/dist/pipeline/gitlab/createGitlabPipeline.js +38 -2
- package/dist/pipeline/packageManager.js +1 -1
- package/dist/runner/index.d.ts +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/dist/types/config.d.ts +6 -9
- package/dist/types/context.d.ts +2 -9
- package/dist/types/gitlab-types.d.ts +1 -0
- package/dist/types/jobs.d.ts +0 -8
- package/dist/utils/gitlab.js +4 -1
- package/dist/utils/writeFiles.js +1 -7
- package/dist/variables/VariableValue.d.ts +3 -0
- package/dist/variables/VariableValue.js +5 -0
- package/dist/variables/VariableValueContainingReferences.d.ts +24 -0
- package/dist/variables/VariableValueContainingReferences.js +97 -0
- package/dist/variables/__tests__/resolveAllReferences.test.js +219 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.js +171 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.js +202 -0
- package/dist/variables/__tests__/variableValue.test.d.ts +1 -0
- package/dist/variables/__tests__/variableValue.test.js +36 -0
- package/dist/variables/resolveAllReferences.d.ts +3 -0
- package/dist/{bash/replaceAsync.js → variables/resolveAllReferences.js} +60 -40
- package/dist/variables/resolveAllReferencesOnce.d.ts +5 -0
- package/dist/variables/resolveAllReferencesOnce.js +191 -0
- package/dist/variables/resolveReferencesOnce.d.ts +8 -0
- package/dist/variables/resolveReferencesOnce.js +22 -0
- package/examples/__snapshots__/cloud-run-http2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-memory-limit.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-meteor-with-worker.test.ts.snap +312 -222
- package/examples/__snapshots__/cloud-run-nextjs.test.ts.snap +1436 -0
- package/examples/__snapshots__/cloud-run-no-cpu-throttling.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-no-service.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-non-public.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-post-stop-job.test.ts.snap +313 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc-connector.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-gen2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-increase-timout.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-with-volumes.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-storybook.test.ts.snap +294 -220
- package/examples/__snapshots__/cloud-run-with-ngnix.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-with-sql-reuse-db.test.ts.snap +652 -486
- package/examples/__snapshots__/cloud-run-with-sql.test.ts.snap +282 -288
- package/examples/__snapshots__/cloud-run-with-worker.test.ts.snap +312 -238
- package/examples/__snapshots__/custom-build-job-with-tests.test.ts.snap +284 -194
- package/examples/__snapshots__/custom-build-job.test.ts.snap +278 -188
- package/examples/__snapshots__/custom-deploy.test.ts.snap +220 -154
- package/examples/__snapshots__/custom-envs.test.ts.snap +216 -126
- package/examples/__snapshots__/custom-sbom-java.test.ts.snap +278 -188
- package/examples/__snapshots__/git-submodule.test.ts.snap +312 -238
- package/examples/__snapshots__/kubernetes-application-customization.test.ts.snap +231 -253
- package/examples/__snapshots__/kubernetes-with-cloud-sql.test.ts.snap +240 -262
- package/examples/__snapshots__/kubernetes-with-jobs.test.ts.snap +504 -506
- package/examples/__snapshots__/kubernetes-with-mongodb.test.ts.snap +239 -261
- package/examples/__snapshots__/local-dot-env.test.ts.snap +236 -238
- package/examples/__snapshots__/meteor-kubernetes.test.ts.snap +236 -242
- package/examples/__snapshots__/multiline-var.test.ts.snap +1355 -973
- package/examples/__snapshots__/native-app.test.ts.snap +438 -392
- package/examples/__snapshots__/node-build-with-custom-image.test.ts.snap +312 -238
- package/examples/__snapshots__/node-build-with-docker-additions.test.ts.snap +312 -238
- package/examples/__snapshots__/rails-k8s-with-worker-dockerfile.test.ts.snap +186 -188
- package/examples/__snapshots__/rails-k8s-with-worker.test.ts.snap +162 -164
- package/examples/__snapshots__/referencing-other-vars.test.ts.snap +971 -765
- package/examples/__snapshots__/wait-for-other-deploy.test.ts.snap +330 -228
- package/examples/__snapshots__/{workspace-api-www-custom-cache.test.ts.snap → workspace-api-www-turbo-cache.test.ts.snap} +457 -499
- package/examples/__snapshots__/workspace-api-www.test.ts.snap +452 -482
- package/examples/{workspace-api-www-custom-cache.test.ts → cloud-run-nextjs.test.ts} +2 -2
- package/examples/cloud-run-nextjs.ts +28 -0
- package/examples/cloud-run-with-sql.ts +0 -1
- package/examples/kubernetes-application-customization.ts +1 -0
- package/examples/kubernetes-with-cloud-sql.ts +1 -0
- package/examples/kubernetes-with-jobs.ts +1 -0
- package/examples/kubernetes-with-mongodb.ts +1 -0
- package/examples/meteor-kubernetes.ts +1 -1
- package/examples/native-app.ts +10 -7
- package/examples/rails-k8s-with-worker.ts +7 -1
- package/examples/{kubernetes-with-cloud-sql-legacy.test.ts → workspace-api-www-turbo-cache.test.ts} +2 -2
- package/examples/{workspace-api-www-custom-cache.ts → workspace-api-www-turbo-cache.ts} +4 -3
- package/examples/workspace-api-www.ts +3 -2
- package/package.json +2 -6
- package/scripts/generate-examples-test.ts +0 -7
- package/src/bash/BashExpression.ts +0 -13
- package/src/bash/bashEscape.ts +158 -0
- package/src/bash/bashYaml.ts +36 -2
- package/src/bash/getInjectVarsScript.ts +11 -2
- package/src/bash/index.ts +2 -0
- package/src/build/base/createAppBuildJob.ts +0 -1
- package/src/build/base/writeDotEnv.ts +6 -6
- package/src/build/custom/testJob.ts +0 -1
- package/src/build/node/buildJob.ts +2 -2
- package/src/build/node/cache.ts +0 -29
- package/src/build/node/testJob.ts +0 -1
- package/src/build/rails/build.ts +0 -1
- package/src/build/rails/test.ts +0 -1
- package/src/build/types.ts +0 -13
- package/src/context/createComponentContext.ts +0 -1
- package/src/context/getEnvConfig.ts +2 -2
- package/src/context/getEnvironment.ts +1 -1
- package/src/context/getEnvironmentContext.ts +1 -1
- package/src/context/getEnvironmentVariables.ts +44 -51
- package/src/deploy/base/deploy.ts +1 -1
- package/src/deploy/cloudRun/createJobs/getCloudRunDeployScripts.ts +4 -12
- package/src/deploy/cloudRun/index.ts +2 -2
- package/src/deploy/kubernetes/cloudSql/index.ts +3 -16
- package/src/deploy/kubernetes/deployJob.ts +0 -2
- package/src/deploy/kubernetes/index.ts +2 -2
- package/src/deploy/kubernetes/kubeEnv.ts +3 -3
- package/src/deploy/kubernetes/kubeValues.ts +5 -8
- package/src/deploy/types/base.ts +0 -6
- package/src/deploy/types/kubernetes.ts +1 -36
- package/src/globalScriptFunctions/index.ts +30 -0
- package/src/index.ts +2 -0
- package/src/pipeline/gitlab/createGitlabJobs.ts +1 -4
- package/src/pipeline/gitlab/createGitlabPipeline.ts +8 -1
- package/src/pipeline/packageManager.ts +7 -5
- package/src/runner/index.ts +0 -1
- package/src/types/config.ts +6 -9
- package/src/types/context.ts +3 -9
- package/src/types/gitlab-types.ts +1 -0
- package/src/types/jobs.ts +0 -8
- package/src/utils/gitlab.ts +19 -2
- package/src/utils/writeFiles.ts +1 -2
- package/src/variables/VariableValue.ts +6 -0
- package/src/variables/VariableValueContainingReferences.ts +89 -0
- package/src/variables/__tests__/resolveAllReferences.test.ts +110 -0
- package/src/variables/__tests__/resolveAllReferencesOnce.test.ts +64 -0
- package/src/variables/__tests__/resolveReferencesOnce.test.ts +117 -0
- package/src/variables/__tests__/variableValue.test.ts +73 -0
- package/src/variables/resolveAllReferences.ts +46 -0
- package/src/variables/resolveAllReferencesOnce.ts +44 -0
- package/src/variables/resolveReferencesOnce.ts +29 -0
- package/bin/catladder-gitlab-dev.js +0 -3
- package/bin/catladder-gitlab.js +0 -3
- package/dist/bash/replaceAsync.d.ts +0 -2
- package/dist/bundles/catladder-gitlab/index.js +0 -15
- package/dist/context/__tests__/resolveReferences.test.js +0 -368
- package/dist/context/resolveReferences.d.ts +0 -6
- package/dist/context/resolveReferences.js +0 -286
- package/dist/deploy/kubernetes/processSecretsAsFiles.d.ts +0 -85
- package/dist/deploy/kubernetes/processSecretsAsFiles.js +0 -33
- package/examples/__snapshots__/kubernetes-with-cloud-sql-legacy.test.ts.snap +0 -1795
- package/examples/kubernetes-with-cloud-sql-legacy.ts +0 -35
- package/scripts/bundle +0 -2
- package/src/bash/replaceAsync.ts +0 -49
- package/src/context/__tests__/resolveReferences.test.ts +0 -148
- package/src/context/resolveReferences.ts +0 -93
- package/src/deploy/kubernetes/processSecretsAsFiles.ts +0 -35
- /package/dist/{context/__tests__/resolveReferences.test.d.ts → variables/__tests__/resolveAllReferences.test.d.ts} +0 -0
|
@@ -46,6 +46,36 @@ variables:
|
|
|
46
46
|
TRANSFER_METER_FREQUENCY: 5s
|
|
47
47
|
GIT_DEPTH: '1'
|
|
48
48
|
GIT_SUBMODULE_STRATEGY: recursive
|
|
49
|
+
before_script:
|
|
50
|
+
- |-
|
|
51
|
+
function escapeForDotEnv () {
|
|
52
|
+
input="\${1:-$(cat)}"
|
|
53
|
+
input="\${input//$'\\n'/\\\\n}"
|
|
54
|
+
if [[ "$input" == *\\\\n* ]]; then
|
|
55
|
+
if [[ "$input" == *\\"* && "$input" == *\\'* && "$input" == *\\\`* ]]; then
|
|
56
|
+
printf "\\"%s\\"\\n" "$input"
|
|
57
|
+
elif [[ "$input" == *\\"* && "$input" == *\\'* ]]; then
|
|
58
|
+
printf "\`%s\`\\n" "$input"
|
|
59
|
+
elif [[ "$input" == *\\"* ]]; then
|
|
60
|
+
printf "'%s'\\n" "$input"
|
|
61
|
+
else
|
|
62
|
+
printf "\\"%s\\"\\n" "$input"
|
|
63
|
+
fi
|
|
64
|
+
else
|
|
65
|
+
printf "%s\\n" "$input"
|
|
66
|
+
fi
|
|
67
|
+
}
|
|
68
|
+
- |-
|
|
69
|
+
function collapseable_section_start () {
|
|
70
|
+
local section_title="\${1}"
|
|
71
|
+
local section_description="\${2:-$section_title}"
|
|
72
|
+
echo -e "section_start:\`date +%s\`:\${section_title}[collapsed=true]\\r\\e[0K\${section_description}"
|
|
73
|
+
}
|
|
74
|
+
- |-
|
|
75
|
+
function collapseable_section_end () {
|
|
76
|
+
local section_title="\${1}"
|
|
77
|
+
echo -e "section_end:\`date +%s\`:\${section_title}\\r\\e[0K"
|
|
78
|
+
}
|
|
49
79
|
app 🛡 audit:
|
|
50
80
|
stage: test
|
|
51
81
|
image: path/to/docker/jobs-default:the-version
|
|
@@ -54,9 +84,9 @@ app 🛡 audit:
|
|
|
54
84
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
55
85
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
56
86
|
script:
|
|
57
|
-
-
|
|
87
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
58
88
|
- export APP_PATH="app"
|
|
59
|
-
-
|
|
89
|
+
- collapseable_section_end "injectvars"
|
|
60
90
|
- cd app
|
|
61
91
|
- yarn npm audit --environment production
|
|
62
92
|
rules:
|
|
@@ -80,21 +110,21 @@ app 👮 lint:
|
|
|
80
110
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
81
111
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
82
112
|
script:
|
|
83
|
-
-
|
|
113
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
84
114
|
- export APP_PATH="app"
|
|
85
|
-
-
|
|
86
|
-
-
|
|
115
|
+
- collapseable_section_end "injectvars"
|
|
116
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
87
117
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
88
118
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
89
|
-
-
|
|
119
|
+
- collapseable_section_end "nodeinstall"
|
|
90
120
|
- cd app
|
|
91
|
-
-
|
|
121
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
92
122
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
93
123
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
94
|
-
-
|
|
95
|
-
-
|
|
124
|
+
- collapseable_section_end "nodeinstall"
|
|
125
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
96
126
|
- yarn install --immutable
|
|
97
|
-
-
|
|
127
|
+
- collapseable_section_end "yarninstall"
|
|
98
128
|
- yarn lint
|
|
99
129
|
cache:
|
|
100
130
|
- key: app-yarn
|
|
@@ -121,21 +151,21 @@ app 🧪 test:
|
|
|
121
151
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
122
152
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
123
153
|
script:
|
|
124
|
-
-
|
|
154
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
125
155
|
- export APP_PATH="app"
|
|
126
|
-
-
|
|
127
|
-
-
|
|
156
|
+
- collapseable_section_end "injectvars"
|
|
157
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
128
158
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
129
159
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
130
|
-
-
|
|
160
|
+
- collapseable_section_end "nodeinstall"
|
|
131
161
|
- cd app
|
|
132
|
-
-
|
|
162
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
133
163
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
134
164
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
135
|
-
-
|
|
136
|
-
-
|
|
165
|
+
- collapseable_section_end "nodeinstall"
|
|
166
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
137
167
|
- yarn install --immutable
|
|
138
|
-
-
|
|
168
|
+
- collapseable_section_end "yarninstall"
|
|
139
169
|
- yarn test
|
|
140
170
|
cache:
|
|
141
171
|
- key: app-yarn
|
|
@@ -162,37 +192,53 @@ app 🧪 test:
|
|
|
162
192
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
163
193
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
164
194
|
script:
|
|
165
|
-
-
|
|
195
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
166
196
|
- export ENV_SHORT="dev"
|
|
167
197
|
- export APP_DIR="app"
|
|
168
198
|
- export ENV_TYPE="dev"
|
|
169
199
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
170
200
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
171
201
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
172
|
-
- export
|
|
202
|
+
- export HOSTNAME="$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
173
203
|
- export ROOT_URL="https://$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
174
|
-
- export
|
|
175
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
204
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
176
205
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
177
206
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="my-project-id"
|
|
178
207
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
179
208
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_dev_app_GCLOUD_DEPLOY_credentialsKey"
|
|
180
209
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix"
|
|
181
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
182
|
-
-
|
|
210
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
211
|
+
- collapseable_section_end "injectvars"
|
|
212
|
+
- collapseable_section_start "write-dotenv-app" "write dot env for app"
|
|
213
|
+
- |-
|
|
214
|
+
cat <<EOF > app/.env
|
|
215
|
+
ENV_SHORT=dev
|
|
216
|
+
APP_DIR=app
|
|
217
|
+
ENV_TYPE=dev
|
|
218
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
219
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
220
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
221
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
222
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=my-project-id
|
|
223
|
+
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
224
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_dev_app_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
225
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
226
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
227
|
+
EOF
|
|
228
|
+
- collapseable_section_end "write-dotenv-app"
|
|
183
229
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json
|
|
184
|
-
-
|
|
230
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
185
231
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
186
232
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
187
|
-
-
|
|
233
|
+
- collapseable_section_end "nodeinstall"
|
|
188
234
|
- cd app
|
|
189
|
-
-
|
|
235
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
190
236
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
191
237
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
192
|
-
-
|
|
193
|
-
-
|
|
238
|
+
- collapseable_section_end "nodeinstall"
|
|
239
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
194
240
|
- yarn install --immutable
|
|
195
|
-
-
|
|
241
|
+
- collapseable_section_end "yarninstall"
|
|
196
242
|
- yarn build
|
|
197
243
|
cache:
|
|
198
244
|
- key: app-yarn
|
|
@@ -203,15 +249,13 @@ app 🧪 test:
|
|
|
203
249
|
policy: pull-push
|
|
204
250
|
paths:
|
|
205
251
|
- app/node_modules
|
|
206
|
-
- key: app-next-cache
|
|
207
|
-
policy: pull-push
|
|
208
|
-
paths:
|
|
209
|
-
- app/.next/cache
|
|
210
252
|
artifacts:
|
|
211
253
|
paths:
|
|
212
254
|
- app/__build_info.json
|
|
213
255
|
- app/.next
|
|
214
256
|
- app/dist
|
|
257
|
+
exclude:
|
|
258
|
+
- app/.env
|
|
215
259
|
expire_in: 1 day
|
|
216
260
|
when: always
|
|
217
261
|
reports: {}
|
|
@@ -239,7 +283,7 @@ app 🧪 test:
|
|
|
239
283
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
240
284
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
241
285
|
script:
|
|
242
|
-
-
|
|
286
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
243
287
|
- export APP_DIR="app"
|
|
244
288
|
- export DOCKER_BUILD_CONTEXT="."
|
|
245
289
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -255,20 +299,20 @@ app 🧪 test:
|
|
|
255
299
|
COPY --chown=node:node app/yarn.lock /app/app/yarn.lock
|
|
256
300
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
257
301
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
258
|
-
-
|
|
302
|
+
- collapseable_section_end "injectvars"
|
|
259
303
|
- ensureNodeDockerfile
|
|
260
|
-
-
|
|
304
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
261
305
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_app_GCLOUD_DEPLOY_credentialsKey")
|
|
262
306
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
263
|
-
-
|
|
264
|
-
-
|
|
307
|
+
- collapseable_section_end "docker-login"
|
|
308
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
265
309
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
266
|
-
-
|
|
267
|
-
-
|
|
310
|
+
- collapseable_section_end "docker-build"
|
|
311
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
268
312
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
269
313
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
270
314
|
- docker push $DOCKER_CACHE_IMAGE
|
|
271
|
-
-
|
|
315
|
+
- collapseable_section_end "docker-push"
|
|
272
316
|
cache:
|
|
273
317
|
- key: app-yarn
|
|
274
318
|
policy: pull
|
|
@@ -287,8 +331,8 @@ app 🧪 test:
|
|
|
287
331
|
image: aquasec/trivy:0.38.3
|
|
288
332
|
variables: {}
|
|
289
333
|
script:
|
|
290
|
-
-
|
|
291
|
-
-
|
|
334
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
335
|
+
- collapseable_section_end "injectvars"
|
|
292
336
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
293
337
|
artifacts:
|
|
294
338
|
paths:
|
|
@@ -309,35 +353,34 @@ app 🧪 test:
|
|
|
309
353
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
310
354
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
311
355
|
script:
|
|
312
|
-
-
|
|
356
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
313
357
|
- export ENV_SHORT="dev"
|
|
314
358
|
- export APP_DIR="app"
|
|
315
359
|
- export ENV_TYPE="dev"
|
|
316
360
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
317
361
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
318
362
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
319
|
-
- export
|
|
363
|
+
- export HOSTNAME="$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
320
364
|
- export ROOT_URL="https://$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
321
|
-
- export
|
|
322
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
365
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
323
366
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
324
367
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="my-project-id"
|
|
325
368
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
326
369
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_dev_app_GCLOUD_DEPLOY_credentialsKey"
|
|
327
370
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix"
|
|
328
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
371
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
329
372
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
330
373
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/dev/app"
|
|
331
374
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/app"
|
|
332
375
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
333
376
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
334
|
-
-
|
|
335
|
-
-
|
|
377
|
+
- collapseable_section_end "injectvars"
|
|
378
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
336
379
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_app_GCLOUD_DEPLOY_credentialsKey")
|
|
337
380
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe my-project-id --format="value(projectNumber)")
|
|
338
381
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
339
|
-
-
|
|
340
|
-
-
|
|
382
|
+
- collapseable_section_end "prepare"
|
|
383
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
341
384
|
- |
|
|
342
385
|
cat > ____envvars.yaml <<EOF
|
|
343
386
|
ENV_SHORT: |-
|
|
@@ -347,40 +390,38 @@ app 🧪 test:
|
|
|
347
390
|
ENV_TYPE: |-
|
|
348
391
|
dev
|
|
349
392
|
BUILD_INFO_BUILD_ID: |-
|
|
350
|
-
|
|
393
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
351
394
|
BUILD_INFO_BUILD_TIME: |-
|
|
352
|
-
|
|
395
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
353
396
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
354
|
-
|
|
355
|
-
|
|
356
|
-
|
|
397
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
398
|
+
HOSTNAME: |-
|
|
399
|
+
$(printf %s "$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
357
400
|
ROOT_URL: |-
|
|
358
|
-
|
|
359
|
-
|
|
360
|
-
|
|
361
|
-
HOST_CANONICAL: |-
|
|
362
|
-
$(printf %s "$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
401
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
402
|
+
HOSTNAME_INTERNAL: |-
|
|
403
|
+
$(printf %s "$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
363
404
|
ROOT_URL_INTERNAL: |-
|
|
364
|
-
|
|
405
|
+
$(printf %s "https://$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
365
406
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
366
407
|
my-project-id
|
|
367
408
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
368
409
|
europe-west6
|
|
369
410
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
370
|
-
|
|
411
|
+
$(printf %s "$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
371
412
|
_ALL_ENV_VAR_KEYS: |-
|
|
372
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
413
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
373
414
|
|
|
374
415
|
EOF
|
|
375
|
-
-
|
|
376
|
-
-
|
|
416
|
+
- collapseable_section_end "writeenvvars"
|
|
417
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
377
418
|
- gcloud run deploy pan-test-app-dev-app --command="yarn,start" --image=europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/dev/app:$DOCKER_IMAGE_TAG --project=my-project-id --region=europe-west6 --labels=customer-name=pan,component-name=app,app-name=test-app,env-type=dev,env-name=dev,build-type=node,cloud-run-service-name=pan-test-app-dev-app --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
378
|
-
-
|
|
379
|
-
-
|
|
419
|
+
- collapseable_section_end "deploy"
|
|
420
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
380
421
|
- gcloud run revisions list --project=my-project-id --region=europe-west6 --service=pan-test-app-dev-app --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=my-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
381
422
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/dev/app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/dev/app@$version --quiet --delete-tags; done
|
|
382
423
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/app@$version --quiet --delete-tags; done
|
|
383
|
-
-
|
|
424
|
+
- collapseable_section_end "cleanup"
|
|
384
425
|
- echo 'Uploading SBOM to Dependency Track'
|
|
385
426
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/app" "https://$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
386
427
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-app-$CL_dev_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -422,9 +463,9 @@ app 🧪 test:
|
|
|
422
463
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
423
464
|
GIT_STRATEGY: none
|
|
424
465
|
script:
|
|
425
|
-
-
|
|
466
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
426
467
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
427
|
-
-
|
|
468
|
+
- collapseable_section_end "injectvars"
|
|
428
469
|
- set +e
|
|
429
470
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_dev_app_GCLOUD_DEPLOY_credentialsKey")
|
|
430
471
|
- gcloud run services delete pan-test-app-dev-app --project=my-project-id --region=europe-west6
|
|
@@ -460,37 +501,53 @@ app 🧪 test:
|
|
|
460
501
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
461
502
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
462
503
|
script:
|
|
463
|
-
-
|
|
504
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
464
505
|
- export ENV_SHORT="review"
|
|
465
506
|
- export APP_DIR="app"
|
|
466
507
|
- export ENV_TYPE="review"
|
|
467
508
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
468
509
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
469
510
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
470
|
-
- export
|
|
511
|
+
- export HOSTNAME="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
471
512
|
- export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
472
|
-
- export
|
|
473
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
513
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
474
514
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
475
515
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="my-project-id"
|
|
476
516
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
477
517
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_review_app_GCLOUD_DEPLOY_credentialsKey"
|
|
478
518
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_review_app_GCLOUD_RUN_canonicalHostSuffix"
|
|
479
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
480
|
-
-
|
|
519
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
520
|
+
- collapseable_section_end "injectvars"
|
|
521
|
+
- collapseable_section_start "write-dotenv-app" "write dot env for app"
|
|
522
|
+
- |-
|
|
523
|
+
cat <<EOF > app/.env
|
|
524
|
+
ENV_SHORT=review
|
|
525
|
+
APP_DIR=app
|
|
526
|
+
ENV_TYPE=review
|
|
527
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
528
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
529
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
530
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
531
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=my-project-id
|
|
532
|
+
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
533
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_review_app_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
534
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
535
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
536
|
+
EOF
|
|
537
|
+
- collapseable_section_end "write-dotenv-app"
|
|
481
538
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json
|
|
482
|
-
-
|
|
539
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
483
540
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
484
541
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
485
|
-
-
|
|
542
|
+
- collapseable_section_end "nodeinstall"
|
|
486
543
|
- cd app
|
|
487
|
-
-
|
|
544
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
488
545
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
489
546
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
490
|
-
-
|
|
491
|
-
-
|
|
547
|
+
- collapseable_section_end "nodeinstall"
|
|
548
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
492
549
|
- yarn install --immutable
|
|
493
|
-
-
|
|
550
|
+
- collapseable_section_end "yarninstall"
|
|
494
551
|
- yarn build
|
|
495
552
|
cache:
|
|
496
553
|
- key: app-yarn
|
|
@@ -501,15 +558,13 @@ app 🧪 test:
|
|
|
501
558
|
policy: pull-push
|
|
502
559
|
paths:
|
|
503
560
|
- app/node_modules
|
|
504
|
-
- key: app-next-cache
|
|
505
|
-
policy: pull-push
|
|
506
|
-
paths:
|
|
507
|
-
- app/.next/cache
|
|
508
561
|
artifacts:
|
|
509
562
|
paths:
|
|
510
563
|
- app/__build_info.json
|
|
511
564
|
- app/.next
|
|
512
565
|
- app/dist
|
|
566
|
+
exclude:
|
|
567
|
+
- app/.env
|
|
513
568
|
expire_in: 1 day
|
|
514
569
|
when: always
|
|
515
570
|
reports: {}
|
|
@@ -535,7 +590,7 @@ app 🧪 test:
|
|
|
535
590
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
536
591
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
537
592
|
script:
|
|
538
|
-
-
|
|
593
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
539
594
|
- export APP_DIR="app"
|
|
540
595
|
- export DOCKER_BUILD_CONTEXT="."
|
|
541
596
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -551,20 +606,20 @@ app 🧪 test:
|
|
|
551
606
|
COPY --chown=node:node app/yarn.lock /app/app/yarn.lock
|
|
552
607
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
553
608
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
554
|
-
-
|
|
609
|
+
- collapseable_section_end "injectvars"
|
|
555
610
|
- ensureNodeDockerfile
|
|
556
|
-
-
|
|
611
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
557
612
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_app_GCLOUD_DEPLOY_credentialsKey")
|
|
558
613
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
559
|
-
-
|
|
560
|
-
-
|
|
614
|
+
- collapseable_section_end "docker-login"
|
|
615
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
561
616
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
562
|
-
-
|
|
563
|
-
-
|
|
617
|
+
- collapseable_section_end "docker-build"
|
|
618
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
564
619
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
565
620
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
566
621
|
- docker push $DOCKER_CACHE_IMAGE
|
|
567
|
-
-
|
|
622
|
+
- collapseable_section_end "docker-push"
|
|
568
623
|
cache:
|
|
569
624
|
- key: app-yarn
|
|
570
625
|
policy: pull
|
|
@@ -581,8 +636,8 @@ app 🧪 test:
|
|
|
581
636
|
image: aquasec/trivy:0.38.3
|
|
582
637
|
variables: {}
|
|
583
638
|
script:
|
|
584
|
-
-
|
|
585
|
-
-
|
|
639
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
640
|
+
- collapseable_section_end "injectvars"
|
|
586
641
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
587
642
|
artifacts:
|
|
588
643
|
paths:
|
|
@@ -601,35 +656,34 @@ app 🧪 test:
|
|
|
601
656
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
602
657
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
603
658
|
script:
|
|
604
|
-
-
|
|
659
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
605
660
|
- export ENV_SHORT="review"
|
|
606
661
|
- export APP_DIR="app"
|
|
607
662
|
- export ENV_TYPE="review"
|
|
608
663
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
609
664
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
610
665
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
611
|
-
- export
|
|
666
|
+
- export HOSTNAME="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
612
667
|
- export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
613
|
-
- export
|
|
614
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
668
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
615
669
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
616
670
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="my-project-id"
|
|
617
671
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
618
672
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_review_app_GCLOUD_DEPLOY_credentialsKey"
|
|
619
673
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_review_app_GCLOUD_RUN_canonicalHostSuffix"
|
|
620
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
674
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
621
675
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
622
676
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/review/app/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"
|
|
623
677
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/app"
|
|
624
678
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
625
679
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
626
|
-
-
|
|
627
|
-
-
|
|
680
|
+
- collapseable_section_end "injectvars"
|
|
681
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
628
682
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_app_GCLOUD_DEPLOY_credentialsKey")
|
|
629
683
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe my-project-id --format="value(projectNumber)")
|
|
630
684
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
631
|
-
-
|
|
632
|
-
-
|
|
685
|
+
- collapseable_section_end "prepare"
|
|
686
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
633
687
|
- |
|
|
634
688
|
cat > ____envvars.yaml <<EOF
|
|
635
689
|
ENV_SHORT: |-
|
|
@@ -639,43 +693,41 @@ app 🧪 test:
|
|
|
639
693
|
ENV_TYPE: |-
|
|
640
694
|
review
|
|
641
695
|
BUILD_INFO_BUILD_ID: |-
|
|
642
|
-
|
|
696
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
643
697
|
BUILD_INFO_BUILD_TIME: |-
|
|
644
|
-
|
|
698
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
645
699
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
646
|
-
|
|
647
|
-
|
|
648
|
-
|
|
700
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
701
|
+
HOSTNAME: |-
|
|
702
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
649
703
|
ROOT_URL: |-
|
|
650
|
-
|
|
651
|
-
|
|
652
|
-
|
|
653
|
-
HOST_CANONICAL: |-
|
|
654
|
-
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
704
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
705
|
+
HOSTNAME_INTERNAL: |-
|
|
706
|
+
$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
655
707
|
ROOT_URL_INTERNAL: |-
|
|
656
|
-
|
|
708
|
+
$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
657
709
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
658
710
|
my-project-id
|
|
659
711
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
660
712
|
europe-west6
|
|
661
713
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
662
|
-
|
|
714
|
+
$(printf %s "$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
663
715
|
_ALL_ENV_VAR_KEYS: |-
|
|
664
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
716
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
665
717
|
|
|
666
718
|
EOF
|
|
667
|
-
-
|
|
668
|
-
-
|
|
719
|
+
- collapseable_section_end "writeenvvars"
|
|
720
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
669
721
|
- gcloud run deploy $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app" | awk '{print tolower($0)}') --command="yarn,start" --image=europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/review/app/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=my-project-id --region=europe-west6 --labels=customer-name=pan,component-name=app,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-service-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app" | awk '{print tolower($0)}') --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
670
|
-
-
|
|
671
|
-
-
|
|
722
|
+
- collapseable_section_end "deploy"
|
|
723
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
672
724
|
- gcloud run revisions list --project=my-project-id --region=europe-west6 --service=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app" | awk '{print tolower($0)}') --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=my-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
673
725
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/review/app/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/review/app/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })@$version --quiet --delete-tags; done
|
|
674
726
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/app@$version --quiet --delete-tags; done
|
|
675
727
|
- set +e
|
|
676
728
|
- gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/review/app --quiet --delete-tags
|
|
677
729
|
- set -e
|
|
678
|
-
-
|
|
730
|
+
- collapseable_section_end "cleanup"
|
|
679
731
|
- echo 'Uploading SBOM to Dependency Track'
|
|
680
732
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/app" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
681
733
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app-$CL_review_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -715,9 +767,9 @@ app 🧪 test:
|
|
|
715
767
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
716
768
|
GIT_STRATEGY: none
|
|
717
769
|
script:
|
|
718
|
-
-
|
|
770
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
719
771
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
720
|
-
-
|
|
772
|
+
- collapseable_section_end "injectvars"
|
|
721
773
|
- set +e
|
|
722
774
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_review_app_GCLOUD_DEPLOY_credentialsKey")
|
|
723
775
|
- gcloud run services delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-app" | awk '{print tolower($0)}') --project=my-project-id --region=europe-west6
|
|
@@ -754,37 +806,53 @@ app 🧪 test:
|
|
|
754
806
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
755
807
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
756
808
|
script:
|
|
757
|
-
-
|
|
809
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
758
810
|
- export ENV_SHORT="stage"
|
|
759
811
|
- export APP_DIR="app"
|
|
760
812
|
- export ENV_TYPE="stage"
|
|
761
813
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
762
814
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
763
815
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
764
|
-
- export
|
|
816
|
+
- export HOSTNAME="$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
765
817
|
- export ROOT_URL="https://$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
766
|
-
- export
|
|
767
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
818
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
768
819
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
769
820
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="my-project-id"
|
|
770
821
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
771
822
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_stage_app_GCLOUD_DEPLOY_credentialsKey"
|
|
772
823
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix"
|
|
773
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
774
|
-
-
|
|
824
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
825
|
+
- collapseable_section_end "injectvars"
|
|
826
|
+
- collapseable_section_start "write-dotenv-app" "write dot env for app"
|
|
827
|
+
- |-
|
|
828
|
+
cat <<EOF > app/.env
|
|
829
|
+
ENV_SHORT=stage
|
|
830
|
+
APP_DIR=app
|
|
831
|
+
ENV_TYPE=stage
|
|
832
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
833
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
834
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
835
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
836
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=my-project-id
|
|
837
|
+
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
838
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_stage_app_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
839
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
840
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
841
|
+
EOF
|
|
842
|
+
- collapseable_section_end "write-dotenv-app"
|
|
775
843
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json
|
|
776
|
-
-
|
|
844
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
777
845
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
778
846
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
779
|
-
-
|
|
847
|
+
- collapseable_section_end "nodeinstall"
|
|
780
848
|
- cd app
|
|
781
|
-
-
|
|
849
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
782
850
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
783
851
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
784
|
-
-
|
|
785
|
-
-
|
|
852
|
+
- collapseable_section_end "nodeinstall"
|
|
853
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
786
854
|
- yarn install --immutable
|
|
787
|
-
-
|
|
855
|
+
- collapseable_section_end "yarninstall"
|
|
788
856
|
- yarn build
|
|
789
857
|
cache:
|
|
790
858
|
- key: app-yarn
|
|
@@ -795,15 +863,13 @@ app 🧪 test:
|
|
|
795
863
|
policy: pull-push
|
|
796
864
|
paths:
|
|
797
865
|
- app/node_modules
|
|
798
|
-
- key: app-next-cache
|
|
799
|
-
policy: pull-push
|
|
800
|
-
paths:
|
|
801
|
-
- app/.next/cache
|
|
802
866
|
artifacts:
|
|
803
867
|
paths:
|
|
804
868
|
- app/__build_info.json
|
|
805
869
|
- app/.next
|
|
806
870
|
- app/dist
|
|
871
|
+
exclude:
|
|
872
|
+
- app/.env
|
|
807
873
|
expire_in: 1 day
|
|
808
874
|
when: always
|
|
809
875
|
reports: {}
|
|
@@ -829,7 +895,7 @@ app 🧪 test:
|
|
|
829
895
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
830
896
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
831
897
|
script:
|
|
832
|
-
-
|
|
898
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
833
899
|
- export APP_DIR="app"
|
|
834
900
|
- export DOCKER_BUILD_CONTEXT="."
|
|
835
901
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -845,20 +911,20 @@ app 🧪 test:
|
|
|
845
911
|
COPY --chown=node:node app/yarn.lock /app/app/yarn.lock
|
|
846
912
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
847
913
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
848
|
-
-
|
|
914
|
+
- collapseable_section_end "injectvars"
|
|
849
915
|
- ensureNodeDockerfile
|
|
850
|
-
-
|
|
916
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
851
917
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_app_GCLOUD_DEPLOY_credentialsKey")
|
|
852
918
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
853
|
-
-
|
|
854
|
-
-
|
|
919
|
+
- collapseable_section_end "docker-login"
|
|
920
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
855
921
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
856
|
-
-
|
|
857
|
-
-
|
|
922
|
+
- collapseable_section_end "docker-build"
|
|
923
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
858
924
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
859
925
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
860
926
|
- docker push $DOCKER_CACHE_IMAGE
|
|
861
|
-
-
|
|
927
|
+
- collapseable_section_end "docker-push"
|
|
862
928
|
cache:
|
|
863
929
|
- key: app-yarn
|
|
864
930
|
policy: pull
|
|
@@ -875,8 +941,8 @@ app 🧪 test:
|
|
|
875
941
|
image: aquasec/trivy:0.38.3
|
|
876
942
|
variables: {}
|
|
877
943
|
script:
|
|
878
|
-
-
|
|
879
|
-
-
|
|
944
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
945
|
+
- collapseable_section_end "injectvars"
|
|
880
946
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
881
947
|
artifacts:
|
|
882
948
|
paths:
|
|
@@ -895,35 +961,34 @@ app 🧪 test:
|
|
|
895
961
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
896
962
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
897
963
|
script:
|
|
898
|
-
-
|
|
964
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
899
965
|
- export ENV_SHORT="stage"
|
|
900
966
|
- export APP_DIR="app"
|
|
901
967
|
- export ENV_TYPE="stage"
|
|
902
968
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
903
969
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
904
970
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
905
|
-
- export
|
|
971
|
+
- export HOSTNAME="$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
906
972
|
- export ROOT_URL="https://$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
907
|
-
- export
|
|
908
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
973
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
909
974
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
910
975
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="my-project-id"
|
|
911
976
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
912
977
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_stage_app_GCLOUD_DEPLOY_credentialsKey"
|
|
913
978
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix"
|
|
914
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
979
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
915
980
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
916
981
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/stage/app"
|
|
917
982
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/app"
|
|
918
983
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
919
984
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
920
|
-
-
|
|
921
|
-
-
|
|
985
|
+
- collapseable_section_end "injectvars"
|
|
986
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
922
987
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_app_GCLOUD_DEPLOY_credentialsKey")
|
|
923
988
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe my-project-id --format="value(projectNumber)")
|
|
924
989
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
925
|
-
-
|
|
926
|
-
-
|
|
990
|
+
- collapseable_section_end "prepare"
|
|
991
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
927
992
|
- |
|
|
928
993
|
cat > ____envvars.yaml <<EOF
|
|
929
994
|
ENV_SHORT: |-
|
|
@@ -933,40 +998,38 @@ app 🧪 test:
|
|
|
933
998
|
ENV_TYPE: |-
|
|
934
999
|
stage
|
|
935
1000
|
BUILD_INFO_BUILD_ID: |-
|
|
936
|
-
|
|
1001
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
937
1002
|
BUILD_INFO_BUILD_TIME: |-
|
|
938
|
-
|
|
1003
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
939
1004
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
940
|
-
|
|
941
|
-
|
|
942
|
-
|
|
1005
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1006
|
+
HOSTNAME: |-
|
|
1007
|
+
$(printf %s "$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
943
1008
|
ROOT_URL: |-
|
|
944
|
-
|
|
945
|
-
|
|
946
|
-
|
|
947
|
-
HOST_CANONICAL: |-
|
|
948
|
-
$(printf %s "$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1009
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1010
|
+
HOSTNAME_INTERNAL: |-
|
|
1011
|
+
$(printf %s "$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
949
1012
|
ROOT_URL_INTERNAL: |-
|
|
950
|
-
|
|
1013
|
+
$(printf %s "https://$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
951
1014
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
952
1015
|
my-project-id
|
|
953
1016
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
954
1017
|
europe-west6
|
|
955
1018
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
956
|
-
|
|
1019
|
+
$(printf %s "$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
957
1020
|
_ALL_ENV_VAR_KEYS: |-
|
|
958
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1021
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
959
1022
|
|
|
960
1023
|
EOF
|
|
961
|
-
-
|
|
962
|
-
-
|
|
1024
|
+
- collapseable_section_end "writeenvvars"
|
|
1025
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
963
1026
|
- gcloud run deploy pan-test-app-stage-app --command="yarn,start" --image=europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/stage/app:$DOCKER_IMAGE_TAG --project=my-project-id --region=europe-west6 --labels=customer-name=pan,component-name=app,app-name=test-app,env-type=stage,env-name=stage,build-type=node,cloud-run-service-name=pan-test-app-stage-app --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
964
|
-
-
|
|
965
|
-
-
|
|
1027
|
+
- collapseable_section_end "deploy"
|
|
1028
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
966
1029
|
- gcloud run revisions list --project=my-project-id --region=europe-west6 --service=pan-test-app-stage-app --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=my-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
967
1030
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/stage/app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/stage/app@$version --quiet --delete-tags; done
|
|
968
1031
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/app@$version --quiet --delete-tags; done
|
|
969
|
-
-
|
|
1032
|
+
- collapseable_section_end "cleanup"
|
|
970
1033
|
- echo 'Uploading SBOM to Dependency Track'
|
|
971
1034
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/app" "https://$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
972
1035
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-app-$CL_stage_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -999,9 +1062,9 @@ app 🧪 test:
|
|
|
999
1062
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1000
1063
|
GIT_STRATEGY: none
|
|
1001
1064
|
script:
|
|
1002
|
-
-
|
|
1065
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1003
1066
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1004
|
-
-
|
|
1067
|
+
- collapseable_section_end "injectvars"
|
|
1005
1068
|
- set +e
|
|
1006
1069
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_stage_app_GCLOUD_DEPLOY_credentialsKey")
|
|
1007
1070
|
- gcloud run services delete pan-test-app-stage-app --project=my-project-id --region=europe-west6
|
|
@@ -1035,37 +1098,53 @@ app 🧪 test:
|
|
|
1035
1098
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1036
1099
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
1037
1100
|
script:
|
|
1038
|
-
-
|
|
1101
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1039
1102
|
- export ENV_SHORT="prod"
|
|
1040
1103
|
- export APP_DIR="app"
|
|
1041
1104
|
- export ENV_TYPE="prod"
|
|
1042
1105
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1043
1106
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1044
1107
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1045
|
-
- export
|
|
1108
|
+
- export HOSTNAME="$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1046
1109
|
- export ROOT_URL="https://$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1047
|
-
- export
|
|
1048
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1110
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1049
1111
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1050
1112
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="my-project-id"
|
|
1051
1113
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
1052
1114
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_prod_app_GCLOUD_DEPLOY_credentialsKey"
|
|
1053
1115
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix"
|
|
1054
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1055
|
-
-
|
|
1116
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
1117
|
+
- collapseable_section_end "injectvars"
|
|
1118
|
+
- collapseable_section_start "write-dotenv-app" "write dot env for app"
|
|
1119
|
+
- |-
|
|
1120
|
+
cat <<EOF > app/.env
|
|
1121
|
+
ENV_SHORT=prod
|
|
1122
|
+
APP_DIR=app
|
|
1123
|
+
ENV_TYPE=prod
|
|
1124
|
+
HOSTNAME=$(printf %s "$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1125
|
+
ROOT_URL=$(printf %s "https://$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1126
|
+
HOSTNAME_INTERNAL=$(printf %s "$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1127
|
+
ROOT_URL_INTERNAL=$(printf %s "https://$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | escapeForDotEnv)
|
|
1128
|
+
DEPLOY_CLOUD_RUN_PROJECT_ID=my-project-id
|
|
1129
|
+
DEPLOY_CLOUD_RUN_REGION=europe-west6
|
|
1130
|
+
GCLOUD_DEPLOY_credentialsKey=$(printf %s "$CL_prod_app_GCLOUD_DEPLOY_credentialsKey" | escapeForDotEnv)
|
|
1131
|
+
GCLOUD_RUN_canonicalHostSuffix=$(printf %s "$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | escapeForDotEnv)
|
|
1132
|
+
_ALL_ENV_VAR_KEYS=["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
1133
|
+
EOF
|
|
1134
|
+
- collapseable_section_end "write-dotenv-app"
|
|
1056
1135
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > app/__build_info.json
|
|
1057
|
-
-
|
|
1136
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1058
1137
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1059
1138
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1060
|
-
-
|
|
1139
|
+
- collapseable_section_end "nodeinstall"
|
|
1061
1140
|
- cd app
|
|
1062
|
-
-
|
|
1141
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1063
1142
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1064
1143
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1065
|
-
-
|
|
1066
|
-
-
|
|
1144
|
+
- collapseable_section_end "nodeinstall"
|
|
1145
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
1067
1146
|
- yarn install --immutable
|
|
1068
|
-
-
|
|
1147
|
+
- collapseable_section_end "yarninstall"
|
|
1069
1148
|
- yarn build
|
|
1070
1149
|
cache:
|
|
1071
1150
|
- key: app-yarn
|
|
@@ -1076,15 +1155,13 @@ app 🧪 test:
|
|
|
1076
1155
|
policy: pull-push
|
|
1077
1156
|
paths:
|
|
1078
1157
|
- app/node_modules
|
|
1079
|
-
- key: app-next-cache
|
|
1080
|
-
policy: pull-push
|
|
1081
|
-
paths:
|
|
1082
|
-
- app/.next/cache
|
|
1083
1158
|
artifacts:
|
|
1084
1159
|
paths:
|
|
1085
1160
|
- app/__build_info.json
|
|
1086
1161
|
- app/.next
|
|
1087
1162
|
- app/dist
|
|
1163
|
+
exclude:
|
|
1164
|
+
- app/.env
|
|
1088
1165
|
expire_in: 1 day
|
|
1089
1166
|
when: always
|
|
1090
1167
|
reports: {}
|
|
@@ -1110,7 +1187,7 @@ app 🧪 test:
|
|
|
1110
1187
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1111
1188
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
1112
1189
|
script:
|
|
1113
|
-
-
|
|
1190
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1114
1191
|
- export APP_DIR="app"
|
|
1115
1192
|
- export DOCKER_BUILD_CONTEXT="."
|
|
1116
1193
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
@@ -1126,20 +1203,20 @@ app 🧪 test:
|
|
|
1126
1203
|
COPY --chown=node:node app/yarn.lock /app/app/yarn.lock
|
|
1127
1204
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1128
1205
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
1129
|
-
-
|
|
1206
|
+
- collapseable_section_end "injectvars"
|
|
1130
1207
|
- ensureNodeDockerfile
|
|
1131
|
-
-
|
|
1208
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1132
1209
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_app_GCLOUD_DEPLOY_credentialsKey")
|
|
1133
1210
|
- gcloud auth configure-docker europe-west6-docker.pkg.dev
|
|
1134
|
-
-
|
|
1135
|
-
-
|
|
1211
|
+
- collapseable_section_end "docker-login"
|
|
1212
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1136
1213
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1137
|
-
-
|
|
1138
|
-
-
|
|
1214
|
+
- collapseable_section_end "docker-build"
|
|
1215
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1139
1216
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1140
1217
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1141
1218
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1142
|
-
-
|
|
1219
|
+
- collapseable_section_end "docker-push"
|
|
1143
1220
|
cache:
|
|
1144
1221
|
- key: app-yarn
|
|
1145
1222
|
policy: pull
|
|
@@ -1156,8 +1233,8 @@ app 🧪 test:
|
|
|
1156
1233
|
image: aquasec/trivy:0.38.3
|
|
1157
1234
|
variables: {}
|
|
1158
1235
|
script:
|
|
1159
|
-
-
|
|
1160
|
-
-
|
|
1236
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1237
|
+
- collapseable_section_end "injectvars"
|
|
1161
1238
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" app
|
|
1162
1239
|
artifacts:
|
|
1163
1240
|
paths:
|
|
@@ -1176,35 +1253,34 @@ app 🧪 test:
|
|
|
1176
1253
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1177
1254
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1178
1255
|
script:
|
|
1179
|
-
-
|
|
1256
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1180
1257
|
- export ENV_SHORT="prod"
|
|
1181
1258
|
- export APP_DIR="app"
|
|
1182
1259
|
- export ENV_TYPE="prod"
|
|
1183
1260
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1184
1261
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1185
1262
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1186
|
-
- export
|
|
1263
|
+
- export HOSTNAME="$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1187
1264
|
- export ROOT_URL="https://$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1188
|
-
- export
|
|
1189
|
-
- export HOST_CANONICAL="$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1265
|
+
- export HOSTNAME_INTERNAL="$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1190
1266
|
- export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"
|
|
1191
1267
|
- export DEPLOY_CLOUD_RUN_PROJECT_ID="my-project-id"
|
|
1192
1268
|
- export DEPLOY_CLOUD_RUN_REGION="europe-west6"
|
|
1193
1269
|
- export GCLOUD_DEPLOY_credentialsKey="$CL_prod_app_GCLOUD_DEPLOY_credentialsKey"
|
|
1194
1270
|
- export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix"
|
|
1195
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1271
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"
|
|
1196
1272
|
- export DOCKER_REGISTRY="europe-west6-docker.pkg.dev"
|
|
1197
1273
|
- export DOCKER_IMAGE="europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/prod/app"
|
|
1198
1274
|
- export DOCKER_CACHE_IMAGE="europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/app"
|
|
1199
1275
|
- export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"
|
|
1200
1276
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1201
|
-
-
|
|
1202
|
-
-
|
|
1277
|
+
- collapseable_section_end "injectvars"
|
|
1278
|
+
- collapseable_section_start "prepare" "Prepare..."
|
|
1203
1279
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_app_GCLOUD_DEPLOY_credentialsKey")
|
|
1204
1280
|
- export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe my-project-id --format="value(projectNumber)")
|
|
1205
1281
|
- 'echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"'
|
|
1206
|
-
-
|
|
1207
|
-
-
|
|
1282
|
+
- collapseable_section_end "prepare"
|
|
1283
|
+
- collapseable_section_start "writeenvvars" "Write env vars to file"
|
|
1208
1284
|
- |
|
|
1209
1285
|
cat > ____envvars.yaml <<EOF
|
|
1210
1286
|
ENV_SHORT: |-
|
|
@@ -1214,40 +1290,38 @@ app 🧪 test:
|
|
|
1214
1290
|
ENV_TYPE: |-
|
|
1215
1291
|
prod
|
|
1216
1292
|
BUILD_INFO_BUILD_ID: |-
|
|
1217
|
-
|
|
1293
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1218
1294
|
BUILD_INFO_BUILD_TIME: |-
|
|
1219
|
-
|
|
1295
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1220
1296
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1221
|
-
|
|
1222
|
-
|
|
1223
|
-
|
|
1297
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1298
|
+
HOSTNAME: |-
|
|
1299
|
+
$(printf %s "$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1224
1300
|
ROOT_URL: |-
|
|
1225
|
-
|
|
1226
|
-
|
|
1227
|
-
|
|
1228
|
-
HOST_CANONICAL: |-
|
|
1229
|
-
$(printf %s "$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/ /')
|
|
1301
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1302
|
+
HOSTNAME_INTERNAL: |-
|
|
1303
|
+
$(printf %s "$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1230
1304
|
ROOT_URL_INTERNAL: |-
|
|
1231
|
-
|
|
1305
|
+
$(printf %s "https://$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed '1!s/^/ /')
|
|
1232
1306
|
DEPLOY_CLOUD_RUN_PROJECT_ID: |-
|
|
1233
1307
|
my-project-id
|
|
1234
1308
|
DEPLOY_CLOUD_RUN_REGION: |-
|
|
1235
1309
|
europe-west6
|
|
1236
1310
|
GCLOUD_RUN_canonicalHostSuffix: |-
|
|
1237
|
-
|
|
1311
|
+
$(printf %s "$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | sed '1!s/^/ /')
|
|
1238
1312
|
_ALL_ENV_VAR_KEYS: |-
|
|
1239
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1313
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
|
|
1240
1314
|
|
|
1241
1315
|
EOF
|
|
1242
|
-
-
|
|
1243
|
-
-
|
|
1316
|
+
- collapseable_section_end "writeenvvars"
|
|
1317
|
+
- collapseable_section_start "deploy" "Deploy to cloud run"
|
|
1244
1318
|
- gcloud run deploy pan-test-app-prod-app --command="yarn,start" --image=europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/prod/app:$DOCKER_IMAGE_TAG --project=my-project-id --region=europe-west6 --labels=customer-name=pan,component-name=app,app-name=test-app,env-type=prod,env-name=prod,build-type=node,cloud-run-service-name=pan-test-app-prod-app --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost
|
|
1245
|
-
-
|
|
1246
|
-
-
|
|
1319
|
+
- collapseable_section_end "deploy"
|
|
1320
|
+
- collapseable_section_start "cleanup" "Cleanup"
|
|
1247
1321
|
- gcloud run revisions list --project=my-project-id --region=europe-west6 --service=pan-test-app-prod-app --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | tail -n +6 | while read -r revisionname; do gcloud run revisions delete --project=my-project-id --region=europe-west6 --quiet $revisionname ; done
|
|
1248
1322
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/prod/app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +7 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/prod/app@$version --quiet --delete-tags; done
|
|
1249
1323
|
- gcloud artifacts docker images list europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/app --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete europe-west6-docker.pkg.dev/my-project-id/catladder-deploy/pan-test-app/caches/app@$version --quiet --delete-tags; done
|
|
1250
|
-
-
|
|
1324
|
+
- collapseable_section_end "cleanup"
|
|
1251
1325
|
- echo 'Uploading SBOM to Dependency Track'
|
|
1252
1326
|
- /dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/app" "https://$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true
|
|
1253
1327
|
- echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-app-$CL_prod_app_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env
|
|
@@ -1280,9 +1354,9 @@ app 🧪 test:
|
|
|
1280
1354
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1281
1355
|
GIT_STRATEGY: none
|
|
1282
1356
|
script:
|
|
1283
|
-
-
|
|
1357
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1284
1358
|
- export CLOUDSDK_CORE_DISABLE_PROMPTS="1"
|
|
1285
|
-
-
|
|
1359
|
+
- collapseable_section_end "injectvars"
|
|
1286
1360
|
- set +e
|
|
1287
1361
|
- gcloud auth activate-service-account --key-file=<(echo "$CL_prod_app_GCLOUD_DEPLOY_credentialsKey")
|
|
1288
1362
|
- gcloud run services delete pan-test-app-prod-app --project=my-project-id --region=europe-west6
|