@catladder/pipeline 1.170.1 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bash/BashExpression.d.ts +1 -6
- package/dist/bash/BashExpression.js +2 -15
- package/dist/bash/bashEscape.d.ts +34 -0
- package/dist/bash/bashEscape.js +114 -0
- package/dist/bash/bashYaml.js +25 -2
- package/dist/bash/getInjectVarsScript.js +4 -2
- package/dist/bash/index.d.ts +2 -0
- package/dist/bash/index.js +26 -0
- package/dist/build/base/createAppBuildJob.js +3 -3
- package/dist/build/base/writeDotEnv.js +6 -4
- package/dist/build/custom/testJob.js +12 -12
- package/dist/build/docker.d.ts +3 -3
- package/dist/build/node/buildJob.js +1 -1
- package/dist/build/node/cache.d.ts +2 -4
- package/dist/build/node/cache.js +3 -24
- package/dist/build/node/testJob.js +11 -11
- package/dist/build/rails/build.js +1 -1
- package/dist/build/rails/test.js +8 -8
- package/dist/build/types.d.ts +0 -10
- package/dist/constants.js +1 -1
- package/dist/context/createComponentContext.js +0 -1
- package/dist/context/getEnvConfig.js +2 -1
- package/dist/context/getEnvironment.js +1 -2
- package/dist/context/getEnvironmentVariables.d.ts +5 -6
- package/dist/context/getEnvironmentVariables.js +50 -38
- package/dist/deploy/base/deploy.js +3 -3
- package/dist/deploy/cloudRun/createJobs/getCloudRunDeployScripts.js +2 -2
- package/dist/deploy/cloudRun/index.js +2 -2
- package/dist/deploy/cloudRun/utils/getServiceName.d.ts +1 -1
- package/dist/deploy/kubernetes/cloudSql/index.d.ts +2 -2
- package/dist/deploy/kubernetes/cloudSql/index.js +3 -14
- package/dist/deploy/kubernetes/deployJob.js +1 -3
- package/dist/deploy/kubernetes/index.js +2 -2
- package/dist/deploy/kubernetes/kubeEnv.d.ts +3 -3
- package/dist/deploy/kubernetes/kubeValues.d.ts +3 -4
- package/dist/deploy/kubernetes/kubeValues.js +2 -3
- package/dist/deploy/types/base.d.ts +0 -6
- package/dist/deploy/types/kubernetes.d.ts +1 -34
- package/dist/globalScriptFunctions/index.d.ts +14 -0
- package/dist/globalScriptFunctions/index.js +37 -0
- package/dist/index.d.ts +3 -1
- package/dist/index.js +3 -1
- package/dist/pipeline/gitlab/createGitlabJobs.js +3 -5
- package/dist/pipeline/gitlab/createGitlabPipeline.d.ts +1 -0
- package/dist/pipeline/gitlab/createGitlabPipeline.js +38 -2
- package/dist/pipeline/packageManager.js +1 -1
- package/dist/runner/index.d.ts +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/dist/types/config.d.ts +6 -9
- package/dist/types/context.d.ts +2 -9
- package/dist/types/gitlab-types.d.ts +1 -0
- package/dist/types/jobs.d.ts +0 -8
- package/dist/utils/gitlab.js +4 -1
- package/dist/utils/writeFiles.js +1 -7
- package/dist/variables/VariableValue.d.ts +3 -0
- package/dist/variables/VariableValue.js +5 -0
- package/dist/variables/VariableValueContainingReferences.d.ts +24 -0
- package/dist/variables/VariableValueContainingReferences.js +97 -0
- package/dist/variables/__tests__/resolveAllReferences.test.js +219 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.js +171 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.js +202 -0
- package/dist/variables/__tests__/variableValue.test.d.ts +1 -0
- package/dist/variables/__tests__/variableValue.test.js +36 -0
- package/dist/variables/resolveAllReferences.d.ts +3 -0
- package/dist/{bash/replaceAsync.js → variables/resolveAllReferences.js} +60 -40
- package/dist/variables/resolveAllReferencesOnce.d.ts +5 -0
- package/dist/variables/resolveAllReferencesOnce.js +191 -0
- package/dist/variables/resolveReferencesOnce.d.ts +8 -0
- package/dist/variables/resolveReferencesOnce.js +22 -0
- package/examples/__snapshots__/cloud-run-http2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-memory-limit.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-meteor-with-worker.test.ts.snap +312 -222
- package/examples/__snapshots__/cloud-run-nextjs.test.ts.snap +1436 -0
- package/examples/__snapshots__/cloud-run-no-cpu-throttling.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-no-service.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-non-public.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-post-stop-job.test.ts.snap +313 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc-connector.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-gen2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-increase-timout.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-with-volumes.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-storybook.test.ts.snap +294 -220
- package/examples/__snapshots__/cloud-run-with-ngnix.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-with-sql-reuse-db.test.ts.snap +652 -486
- package/examples/__snapshots__/cloud-run-with-sql.test.ts.snap +282 -288
- package/examples/__snapshots__/cloud-run-with-worker.test.ts.snap +312 -238
- package/examples/__snapshots__/custom-build-job-with-tests.test.ts.snap +284 -194
- package/examples/__snapshots__/custom-build-job.test.ts.snap +278 -188
- package/examples/__snapshots__/custom-deploy.test.ts.snap +220 -154
- package/examples/__snapshots__/custom-envs.test.ts.snap +216 -126
- package/examples/__snapshots__/custom-sbom-java.test.ts.snap +278 -188
- package/examples/__snapshots__/git-submodule.test.ts.snap +312 -238
- package/examples/__snapshots__/kubernetes-application-customization.test.ts.snap +231 -253
- package/examples/__snapshots__/kubernetes-with-cloud-sql.test.ts.snap +240 -262
- package/examples/__snapshots__/kubernetes-with-jobs.test.ts.snap +504 -506
- package/examples/__snapshots__/kubernetes-with-mongodb.test.ts.snap +239 -261
- package/examples/__snapshots__/local-dot-env.test.ts.snap +236 -238
- package/examples/__snapshots__/meteor-kubernetes.test.ts.snap +236 -242
- package/examples/__snapshots__/multiline-var.test.ts.snap +1355 -973
- package/examples/__snapshots__/native-app.test.ts.snap +438 -392
- package/examples/__snapshots__/node-build-with-custom-image.test.ts.snap +312 -238
- package/examples/__snapshots__/node-build-with-docker-additions.test.ts.snap +312 -238
- package/examples/__snapshots__/rails-k8s-with-worker-dockerfile.test.ts.snap +186 -188
- package/examples/__snapshots__/rails-k8s-with-worker.test.ts.snap +162 -164
- package/examples/__snapshots__/referencing-other-vars.test.ts.snap +971 -765
- package/examples/__snapshots__/wait-for-other-deploy.test.ts.snap +330 -228
- package/examples/__snapshots__/{workspace-api-www-custom-cache.test.ts.snap → workspace-api-www-turbo-cache.test.ts.snap} +457 -499
- package/examples/__snapshots__/workspace-api-www.test.ts.snap +452 -482
- package/examples/{workspace-api-www-custom-cache.test.ts → cloud-run-nextjs.test.ts} +2 -2
- package/examples/cloud-run-nextjs.ts +28 -0
- package/examples/cloud-run-with-sql.ts +0 -1
- package/examples/kubernetes-application-customization.ts +1 -0
- package/examples/kubernetes-with-cloud-sql.ts +1 -0
- package/examples/kubernetes-with-jobs.ts +1 -0
- package/examples/kubernetes-with-mongodb.ts +1 -0
- package/examples/meteor-kubernetes.ts +1 -1
- package/examples/native-app.ts +10 -7
- package/examples/rails-k8s-with-worker.ts +7 -1
- package/examples/{kubernetes-with-cloud-sql-legacy.test.ts → workspace-api-www-turbo-cache.test.ts} +2 -2
- package/examples/{workspace-api-www-custom-cache.ts → workspace-api-www-turbo-cache.ts} +4 -3
- package/examples/workspace-api-www.ts +3 -2
- package/package.json +2 -6
- package/scripts/generate-examples-test.ts +0 -7
- package/src/bash/BashExpression.ts +0 -13
- package/src/bash/bashEscape.ts +158 -0
- package/src/bash/bashYaml.ts +36 -2
- package/src/bash/getInjectVarsScript.ts +11 -2
- package/src/bash/index.ts +2 -0
- package/src/build/base/createAppBuildJob.ts +0 -1
- package/src/build/base/writeDotEnv.ts +6 -6
- package/src/build/custom/testJob.ts +0 -1
- package/src/build/node/buildJob.ts +2 -2
- package/src/build/node/cache.ts +0 -29
- package/src/build/node/testJob.ts +0 -1
- package/src/build/rails/build.ts +0 -1
- package/src/build/rails/test.ts +0 -1
- package/src/build/types.ts +0 -13
- package/src/context/createComponentContext.ts +0 -1
- package/src/context/getEnvConfig.ts +2 -2
- package/src/context/getEnvironment.ts +1 -1
- package/src/context/getEnvironmentContext.ts +1 -1
- package/src/context/getEnvironmentVariables.ts +44 -51
- package/src/deploy/base/deploy.ts +1 -1
- package/src/deploy/cloudRun/createJobs/getCloudRunDeployScripts.ts +4 -12
- package/src/deploy/cloudRun/index.ts +2 -2
- package/src/deploy/kubernetes/cloudSql/index.ts +3 -16
- package/src/deploy/kubernetes/deployJob.ts +0 -2
- package/src/deploy/kubernetes/index.ts +2 -2
- package/src/deploy/kubernetes/kubeEnv.ts +3 -3
- package/src/deploy/kubernetes/kubeValues.ts +5 -8
- package/src/deploy/types/base.ts +0 -6
- package/src/deploy/types/kubernetes.ts +1 -36
- package/src/globalScriptFunctions/index.ts +30 -0
- package/src/index.ts +2 -0
- package/src/pipeline/gitlab/createGitlabJobs.ts +1 -4
- package/src/pipeline/gitlab/createGitlabPipeline.ts +8 -1
- package/src/pipeline/packageManager.ts +7 -5
- package/src/runner/index.ts +0 -1
- package/src/types/config.ts +6 -9
- package/src/types/context.ts +3 -9
- package/src/types/gitlab-types.ts +1 -0
- package/src/types/jobs.ts +0 -8
- package/src/utils/gitlab.ts +19 -2
- package/src/utils/writeFiles.ts +1 -2
- package/src/variables/VariableValue.ts +6 -0
- package/src/variables/VariableValueContainingReferences.ts +89 -0
- package/src/variables/__tests__/resolveAllReferences.test.ts +110 -0
- package/src/variables/__tests__/resolveAllReferencesOnce.test.ts +64 -0
- package/src/variables/__tests__/resolveReferencesOnce.test.ts +117 -0
- package/src/variables/__tests__/variableValue.test.ts +73 -0
- package/src/variables/resolveAllReferences.ts +46 -0
- package/src/variables/resolveAllReferencesOnce.ts +44 -0
- package/src/variables/resolveReferencesOnce.ts +29 -0
- package/bin/catladder-gitlab-dev.js +0 -3
- package/bin/catladder-gitlab.js +0 -3
- package/dist/bash/replaceAsync.d.ts +0 -2
- package/dist/bundles/catladder-gitlab/index.js +0 -15
- package/dist/context/__tests__/resolveReferences.test.js +0 -368
- package/dist/context/resolveReferences.d.ts +0 -6
- package/dist/context/resolveReferences.js +0 -286
- package/dist/deploy/kubernetes/processSecretsAsFiles.d.ts +0 -85
- package/dist/deploy/kubernetes/processSecretsAsFiles.js +0 -33
- package/examples/__snapshots__/kubernetes-with-cloud-sql-legacy.test.ts.snap +0 -1795
- package/examples/kubernetes-with-cloud-sql-legacy.ts +0 -35
- package/scripts/bundle +0 -2
- package/src/bash/replaceAsync.ts +0 -49
- package/src/context/__tests__/resolveReferences.test.ts +0 -148
- package/src/context/resolveReferences.ts +0 -93
- package/src/deploy/kubernetes/processSecretsAsFiles.ts +0 -35
- /package/dist/{context/__tests__/resolveReferences.test.d.ts → variables/__tests__/resolveAllReferences.test.d.ts} +0 -0
|
@@ -45,6 +45,36 @@ variables:
|
|
|
45
45
|
CACHE_COMPRESSION_LEVEL: fast
|
|
46
46
|
TRANSFER_METER_FREQUENCY: 5s
|
|
47
47
|
GIT_DEPTH: '1'
|
|
48
|
+
before_script:
|
|
49
|
+
- |-
|
|
50
|
+
function escapeForDotEnv () {
|
|
51
|
+
input="\${1:-$(cat)}"
|
|
52
|
+
input="\${input//$'\\n'/\\\\n}"
|
|
53
|
+
if [[ "$input" == *\\\\n* ]]; then
|
|
54
|
+
if [[ "$input" == *\\"* && "$input" == *\\'* && "$input" == *\\\`* ]]; then
|
|
55
|
+
printf "\\"%s\\"\\n" "$input"
|
|
56
|
+
elif [[ "$input" == *\\"* && "$input" == *\\'* ]]; then
|
|
57
|
+
printf "\`%s\`\\n" "$input"
|
|
58
|
+
elif [[ "$input" == *\\"* ]]; then
|
|
59
|
+
printf "'%s'\\n" "$input"
|
|
60
|
+
else
|
|
61
|
+
printf "\\"%s\\"\\n" "$input"
|
|
62
|
+
fi
|
|
63
|
+
else
|
|
64
|
+
printf "%s\\n" "$input"
|
|
65
|
+
fi
|
|
66
|
+
}
|
|
67
|
+
- |-
|
|
68
|
+
function collapseable_section_start () {
|
|
69
|
+
local section_title="\${1}"
|
|
70
|
+
local section_description="\${2:-$section_title}"
|
|
71
|
+
echo -e "section_start:\`date +%s\`:\${section_title}[collapsed=true]\\r\\e[0K\${section_description}"
|
|
72
|
+
}
|
|
73
|
+
- |-
|
|
74
|
+
function collapseable_section_end () {
|
|
75
|
+
local section_title="\${1}"
|
|
76
|
+
echo -e "section_end:\`date +%s\`:\${section_title}\\r\\e[0K"
|
|
77
|
+
}
|
|
48
78
|
api 🛡 audit:
|
|
49
79
|
stage: test
|
|
50
80
|
image: path/to/docker/jobs-default:the-version
|
|
@@ -53,9 +83,9 @@ api 🛡 audit:
|
|
|
53
83
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
54
84
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
55
85
|
script:
|
|
56
|
-
-
|
|
86
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
57
87
|
- export APP_PATH="api"
|
|
58
|
-
-
|
|
88
|
+
- collapseable_section_end "injectvars"
|
|
59
89
|
- cd api
|
|
60
90
|
- yarn npm audit --environment production
|
|
61
91
|
rules:
|
|
@@ -79,21 +109,21 @@ api 👮 lint:
|
|
|
79
109
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
80
110
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
81
111
|
script:
|
|
82
|
-
-
|
|
112
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
83
113
|
- export APP_PATH="api"
|
|
84
|
-
-
|
|
85
|
-
-
|
|
114
|
+
- collapseable_section_end "injectvars"
|
|
115
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
86
116
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
87
117
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
88
|
-
-
|
|
118
|
+
- collapseable_section_end "nodeinstall"
|
|
89
119
|
- cd api
|
|
90
|
-
-
|
|
120
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
91
121
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
92
122
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
93
|
-
-
|
|
94
|
-
-
|
|
123
|
+
- collapseable_section_end "nodeinstall"
|
|
124
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
95
125
|
- yarn install --immutable
|
|
96
|
-
-
|
|
126
|
+
- collapseable_section_end "yarninstall"
|
|
97
127
|
- yarn lint
|
|
98
128
|
cache:
|
|
99
129
|
- key: api-yarn
|
|
@@ -120,21 +150,21 @@ api 🧪 test:
|
|
|
120
150
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
121
151
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
122
152
|
script:
|
|
123
|
-
-
|
|
153
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
124
154
|
- export APP_PATH="api"
|
|
125
|
-
-
|
|
126
|
-
-
|
|
155
|
+
- collapseable_section_end "injectvars"
|
|
156
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
127
157
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
128
158
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
129
|
-
-
|
|
159
|
+
- collapseable_section_end "nodeinstall"
|
|
130
160
|
- cd api
|
|
131
|
-
-
|
|
161
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
132
162
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
133
163
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
134
|
-
-
|
|
135
|
-
-
|
|
164
|
+
- collapseable_section_end "nodeinstall"
|
|
165
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
136
166
|
- yarn install --immutable
|
|
137
|
-
-
|
|
167
|
+
- collapseable_section_end "yarninstall"
|
|
138
168
|
- yarn test
|
|
139
169
|
cache:
|
|
140
170
|
- key: api-yarn
|
|
@@ -161,38 +191,37 @@ api 🧪 test:
|
|
|
161
191
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
162
192
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
163
193
|
script:
|
|
164
|
-
-
|
|
194
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
165
195
|
- export ENV_SHORT="dev"
|
|
166
196
|
- export APP_DIR="api"
|
|
167
197
|
- export ENV_TYPE="dev"
|
|
168
198
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
169
199
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
170
200
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
171
|
-
- export
|
|
201
|
+
- export HOSTNAME="api.dev.test-app.pan.panter.cloud"
|
|
172
202
|
- export ROOT_URL="https://api.dev.test-app.pan.panter.cloud"
|
|
173
|
-
- export
|
|
174
|
-
- export HOST_CANONICAL="api.dev.test-app.pan.panter.cloud"
|
|
203
|
+
- export HOSTNAME_INTERNAL="api.dev.test-app.pan.panter.cloud"
|
|
175
204
|
- export ROOT_URL_INTERNAL="https://api.dev.test-app.pan.panter.cloud"
|
|
176
205
|
- export KUBE_NAMESPACE="pan-test-app-dev"
|
|
177
206
|
- export KUBE_APP_NAME="api"
|
|
178
207
|
- export KUBE_APP_NAME_PREFIX=""
|
|
179
208
|
- export MONGODB_ROOT_PASSWORD="$CL_dev_api_MONGODB_ROOT_PASSWORD"
|
|
180
209
|
- export MONGODB_REPLICASET_KEY="$CL_dev_api_MONGODB_REPLICASET_KEY"
|
|
181
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
182
|
-
-
|
|
210
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
211
|
+
- collapseable_section_end "injectvars"
|
|
183
212
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json
|
|
184
|
-
-
|
|
213
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
185
214
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
186
215
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
187
|
-
-
|
|
216
|
+
- collapseable_section_end "nodeinstall"
|
|
188
217
|
- cd api
|
|
189
|
-
-
|
|
218
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
190
219
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
191
220
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
192
|
-
-
|
|
193
|
-
-
|
|
221
|
+
- collapseable_section_end "nodeinstall"
|
|
222
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
194
223
|
- yarn install --immutable
|
|
195
|
-
-
|
|
224
|
+
- collapseable_section_end "yarninstall"
|
|
196
225
|
- yarn build
|
|
197
226
|
cache:
|
|
198
227
|
- key: api-yarn
|
|
@@ -203,10 +232,6 @@ api 🧪 test:
|
|
|
203
232
|
policy: pull-push
|
|
204
233
|
paths:
|
|
205
234
|
- api/node_modules
|
|
206
|
-
- key: api-next-cache
|
|
207
|
-
policy: pull-push
|
|
208
|
-
paths:
|
|
209
|
-
- api/.next/cache
|
|
210
235
|
artifacts:
|
|
211
236
|
paths:
|
|
212
237
|
- api/__build_info.json
|
|
@@ -239,7 +264,7 @@ api 🧪 test:
|
|
|
239
264
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
240
265
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
241
266
|
script:
|
|
242
|
-
-
|
|
267
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
243
268
|
- export APP_DIR="api"
|
|
244
269
|
- export DOCKER_BUILD_CONTEXT="."
|
|
245
270
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
@@ -256,19 +281,19 @@ api 🧪 test:
|
|
|
256
281
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
257
282
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
258
283
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
259
|
-
-
|
|
284
|
+
- collapseable_section_end "injectvars"
|
|
260
285
|
- ensureNodeDockerfile
|
|
261
|
-
-
|
|
286
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
262
287
|
- docker login --username gitlab-ci-token --password $CI_JOB_TOKEN $CI_REGISTRY
|
|
263
|
-
-
|
|
264
|
-
-
|
|
288
|
+
- collapseable_section_end "docker-login"
|
|
289
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
265
290
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
266
|
-
-
|
|
267
|
-
-
|
|
291
|
+
- collapseable_section_end "docker-build"
|
|
292
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
268
293
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
269
294
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
270
295
|
- docker push $DOCKER_CACHE_IMAGE
|
|
271
|
-
-
|
|
296
|
+
- collapseable_section_end "docker-push"
|
|
272
297
|
cache:
|
|
273
298
|
- key: api-yarn
|
|
274
299
|
policy: pull
|
|
@@ -287,8 +312,8 @@ api 🧪 test:
|
|
|
287
312
|
image: aquasec/trivy:0.38.3
|
|
288
313
|
variables: {}
|
|
289
314
|
script:
|
|
290
|
-
-
|
|
291
|
-
-
|
|
315
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
316
|
+
- collapseable_section_end "injectvars"
|
|
292
317
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
293
318
|
artifacts:
|
|
294
319
|
paths:
|
|
@@ -309,24 +334,23 @@ api 🧪 test:
|
|
|
309
334
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
310
335
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
311
336
|
script:
|
|
312
|
-
-
|
|
337
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
313
338
|
- export ENV_SHORT="dev"
|
|
314
339
|
- export APP_DIR="api"
|
|
315
340
|
- export ENV_TYPE="dev"
|
|
316
341
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
317
342
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
318
343
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
319
|
-
- export
|
|
344
|
+
- export HOSTNAME="api.dev.test-app.pan.panter.cloud"
|
|
320
345
|
- export ROOT_URL="https://api.dev.test-app.pan.panter.cloud"
|
|
321
|
-
- export
|
|
322
|
-
- export HOST_CANONICAL="api.dev.test-app.pan.panter.cloud"
|
|
346
|
+
- export HOSTNAME_INTERNAL="api.dev.test-app.pan.panter.cloud"
|
|
323
347
|
- export ROOT_URL_INTERNAL="https://api.dev.test-app.pan.panter.cloud"
|
|
324
348
|
- export KUBE_NAMESPACE="pan-test-app-dev"
|
|
325
349
|
- export KUBE_APP_NAME="api"
|
|
326
350
|
- export KUBE_APP_NAME_PREFIX=""
|
|
327
351
|
- export MONGODB_ROOT_PASSWORD="$CL_dev_api_MONGODB_ROOT_PASSWORD"
|
|
328
352
|
- export MONGODB_REPLICASET_KEY="$CL_dev_api_MONGODB_REPLICASET_KEY"
|
|
329
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
353
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
330
354
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
331
355
|
- export DOCKER_CACHE_IMAGE="$CI_REGISTRY_IMAGE/caches/api"
|
|
332
356
|
- export DOCKER_IMAGE_NAME="dev/api"
|
|
@@ -338,21 +362,20 @@ api 🧪 test:
|
|
|
338
362
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
339
363
|
- export HELM_ARGS=""
|
|
340
364
|
- export COMPONENT_NAME="api"
|
|
341
|
-
-
|
|
342
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
365
|
+
- collapseable_section_end "injectvars"
|
|
343
366
|
- kubectl config set-cluster "kube-pan-test-app-dev-api" --server="$CL_dev_api_KUBE_URL" --certificate-authority <(echo $CL_dev_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
344
367
|
- kubectl config set-credentials "kube-pan-test-app-dev-api" --token="$CL_dev_api_KUBE_TOKEN"
|
|
345
368
|
- kubectl config set-context "kube-pan-test-app-dev-api" --cluster="kube-pan-test-app-dev-api" --user="kube-pan-test-app-dev-api" --namespace="pan-test-app-dev"
|
|
346
369
|
- kubectl config use-context "kube-pan-test-app-dev-api"
|
|
347
|
-
-
|
|
370
|
+
- collapseable_section_start "writeallvalues" "Write __all_values.yml for helm deployment"
|
|
348
371
|
- |
|
|
349
372
|
cat > __all_values.yml <<EOF
|
|
350
373
|
env:
|
|
351
374
|
secret:
|
|
352
375
|
MONGODB_ROOT_PASSWORD: |-
|
|
353
|
-
|
|
376
|
+
$(printf %s "$CL_dev_api_MONGODB_ROOT_PASSWORD" | sed '1!s/^/ /')
|
|
354
377
|
MONGODB_REPLICASET_KEY: |-
|
|
355
|
-
|
|
378
|
+
$(printf %s "$CL_dev_api_MONGODB_REPLICASET_KEY" | sed '1!s/^/ /')
|
|
356
379
|
MONGO_URL: |-
|
|
357
380
|
mongodb://root:$CL_dev_api_MONGODB_ROOT_PASSWORD@api-mongodb-0.api-mongodb-headless.pan-test-app-dev.svc.cluster.local:27017,api-mongodb-1.api-mongodb-headless.pan-test-app-dev.svc.cluster.local:27017/app?replicaSet=rs0&authSource=admin
|
|
358
381
|
MONGO_OPLOG_URL: |-
|
|
@@ -365,18 +388,16 @@ api 🧪 test:
|
|
|
365
388
|
ENV_TYPE: |-
|
|
366
389
|
dev
|
|
367
390
|
BUILD_INFO_BUILD_ID: |-
|
|
368
|
-
|
|
391
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
369
392
|
BUILD_INFO_BUILD_TIME: |-
|
|
370
|
-
|
|
393
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
371
394
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
372
|
-
|
|
373
|
-
|
|
395
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
396
|
+
HOSTNAME: |-
|
|
374
397
|
api.dev.test-app.pan.panter.cloud
|
|
375
398
|
ROOT_URL: |-
|
|
376
399
|
https://api.dev.test-app.pan.panter.cloud
|
|
377
|
-
|
|
378
|
-
api.dev.test-app.pan.panter.cloud
|
|
379
|
-
HOST_CANONICAL: |-
|
|
400
|
+
HOSTNAME_INTERNAL: |-
|
|
380
401
|
api.dev.test-app.pan.panter.cloud
|
|
381
402
|
ROOT_URL_INTERNAL: |-
|
|
382
403
|
https://api.dev.test-app.pan.panter.cloud
|
|
@@ -386,7 +407,7 @@ api 🧪 test:
|
|
|
386
407
|
api
|
|
387
408
|
KUBE_APP_NAME_PREFIX: ""
|
|
388
409
|
_ALL_ENV_VAR_KEYS: |-
|
|
389
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
410
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","KUBE_NAMESPACE","KUBE_APP_NAME","KUBE_APP_NAME_PREFIX","MONGODB_ROOT_PASSWORD","MONGODB_REPLICASET_KEY"]
|
|
390
411
|
application:
|
|
391
412
|
host: |-
|
|
392
413
|
api.dev.test-app.pan.panter.cloud
|
|
@@ -440,7 +461,7 @@ api 🧪 test:
|
|
|
440
461
|
NoSchedule
|
|
441
462
|
|
|
442
463
|
EOF
|
|
443
|
-
-
|
|
464
|
+
- collapseable_section_end "writeallvalues"
|
|
444
465
|
- kubernetesCreateSecret
|
|
445
466
|
- kubernetesDeploy
|
|
446
467
|
- echo 'Uploading SBOM to Dependency Track'
|
|
@@ -485,32 +506,30 @@ api 🧪 test:
|
|
|
485
506
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
486
507
|
GIT_STRATEGY: none
|
|
487
508
|
script:
|
|
488
|
-
-
|
|
509
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
489
510
|
- export ENV_SHORT="dev"
|
|
490
511
|
- export APP_DIR="api"
|
|
491
512
|
- export ENV_TYPE="dev"
|
|
492
513
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
493
514
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
494
515
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
495
|
-
- export
|
|
516
|
+
- export HOSTNAME="api.dev.test-app.pan.panter.cloud"
|
|
496
517
|
- export ROOT_URL="https://api.dev.test-app.pan.panter.cloud"
|
|
497
|
-
- export
|
|
498
|
-
- export HOST_CANONICAL="api.dev.test-app.pan.panter.cloud"
|
|
518
|
+
- export HOSTNAME_INTERNAL="api.dev.test-app.pan.panter.cloud"
|
|
499
519
|
- export ROOT_URL_INTERNAL="https://api.dev.test-app.pan.panter.cloud"
|
|
500
520
|
- export KUBE_NAMESPACE="pan-test-app-dev"
|
|
501
521
|
- export KUBE_APP_NAME="api"
|
|
502
522
|
- export KUBE_APP_NAME_PREFIX=""
|
|
503
523
|
- export MONGODB_ROOT_PASSWORD="$CL_dev_api_MONGODB_ROOT_PASSWORD"
|
|
504
524
|
- export MONGODB_REPLICASET_KEY="$CL_dev_api_MONGODB_REPLICASET_KEY"
|
|
505
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
525
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
506
526
|
- export RELEASE_NAME="pan-test-app-dev-api"
|
|
507
527
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
508
528
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
509
529
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
510
530
|
- export HELM_ARGS=""
|
|
511
531
|
- export COMPONENT_NAME="api"
|
|
512
|
-
-
|
|
513
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
532
|
+
- collapseable_section_end "injectvars"
|
|
514
533
|
- kubectl config set-cluster "kube-pan-test-app-dev-api" --server="$CL_dev_api_KUBE_URL" --certificate-authority <(echo $CL_dev_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
515
534
|
- kubectl config set-credentials "kube-pan-test-app-dev-api" --token="$CL_dev_api_KUBE_TOKEN"
|
|
516
535
|
- kubectl config set-context "kube-pan-test-app-dev-api" --cluster="kube-pan-test-app-dev-api" --user="kube-pan-test-app-dev-api" --namespace="pan-test-app-dev"
|
|
@@ -546,32 +565,30 @@ api 🧪 test:
|
|
|
546
565
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
547
566
|
GIT_STRATEGY: none
|
|
548
567
|
script:
|
|
549
|
-
-
|
|
568
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
550
569
|
- export ENV_SHORT="dev"
|
|
551
570
|
- export APP_DIR="api"
|
|
552
571
|
- export ENV_TYPE="dev"
|
|
553
572
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
554
573
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
555
574
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
556
|
-
- export
|
|
575
|
+
- export HOSTNAME="api.dev.test-app.pan.panter.cloud"
|
|
557
576
|
- export ROOT_URL="https://api.dev.test-app.pan.panter.cloud"
|
|
558
|
-
- export
|
|
559
|
-
- export HOST_CANONICAL="api.dev.test-app.pan.panter.cloud"
|
|
577
|
+
- export HOSTNAME_INTERNAL="api.dev.test-app.pan.panter.cloud"
|
|
560
578
|
- export ROOT_URL_INTERNAL="https://api.dev.test-app.pan.panter.cloud"
|
|
561
579
|
- export KUBE_NAMESPACE="pan-test-app-dev"
|
|
562
580
|
- export KUBE_APP_NAME="api"
|
|
563
581
|
- export KUBE_APP_NAME_PREFIX=""
|
|
564
582
|
- export MONGODB_ROOT_PASSWORD="$CL_dev_api_MONGODB_ROOT_PASSWORD"
|
|
565
583
|
- export MONGODB_REPLICASET_KEY="$CL_dev_api_MONGODB_REPLICASET_KEY"
|
|
566
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
584
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
567
585
|
- export RELEASE_NAME="pan-test-app-dev-api"
|
|
568
586
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
569
587
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
570
588
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
571
589
|
- export HELM_ARGS=""
|
|
572
590
|
- export COMPONENT_NAME="api"
|
|
573
|
-
-
|
|
574
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
591
|
+
- collapseable_section_end "injectvars"
|
|
575
592
|
- kubectl config set-cluster "kube-pan-test-app-dev-api" --server="$CL_dev_api_KUBE_URL" --certificate-authority <(echo $CL_dev_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
576
593
|
- kubectl config set-credentials "kube-pan-test-app-dev-api" --token="$CL_dev_api_KUBE_TOKEN"
|
|
577
594
|
- kubectl config set-context "kube-pan-test-app-dev-api" --cluster="kube-pan-test-app-dev-api" --user="kube-pan-test-app-dev-api" --namespace="pan-test-app-dev"
|
|
@@ -602,38 +619,37 @@ api 🧪 test:
|
|
|
602
619
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
603
620
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
604
621
|
script:
|
|
605
|
-
-
|
|
622
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
606
623
|
- export ENV_SHORT="review"
|
|
607
624
|
- export APP_DIR="api"
|
|
608
625
|
- export ENV_TYPE="review"
|
|
609
626
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
610
627
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
611
628
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
612
|
-
- export
|
|
629
|
+
- export HOSTNAME="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
613
630
|
- export ROOT_URL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
614
|
-
- export
|
|
615
|
-
- export HOST_CANONICAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
631
|
+
- export HOSTNAME_INTERNAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
616
632
|
- export ROOT_URL_INTERNAL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
617
633
|
- export KUBE_NAMESPACE="pan-test-app-review"
|
|
618
634
|
- export KUBE_APP_NAME="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
619
635
|
- export KUBE_APP_NAME_PREFIX="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-"
|
|
620
636
|
- export MONGODB_ROOT_PASSWORD="$CL_review_api_MONGODB_ROOT_PASSWORD"
|
|
621
637
|
- export MONGODB_REPLICASET_KEY="$CL_review_api_MONGODB_REPLICASET_KEY"
|
|
622
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
623
|
-
-
|
|
638
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
639
|
+
- collapseable_section_end "injectvars"
|
|
624
640
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json
|
|
625
|
-
-
|
|
641
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
626
642
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
627
643
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
628
|
-
-
|
|
644
|
+
- collapseable_section_end "nodeinstall"
|
|
629
645
|
- cd api
|
|
630
|
-
-
|
|
646
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
631
647
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
632
648
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
633
|
-
-
|
|
634
|
-
-
|
|
649
|
+
- collapseable_section_end "nodeinstall"
|
|
650
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
635
651
|
- yarn install --immutable
|
|
636
|
-
-
|
|
652
|
+
- collapseable_section_end "yarninstall"
|
|
637
653
|
- yarn build
|
|
638
654
|
cache:
|
|
639
655
|
- key: api-yarn
|
|
@@ -644,10 +660,6 @@ api 🧪 test:
|
|
|
644
660
|
policy: pull-push
|
|
645
661
|
paths:
|
|
646
662
|
- api/node_modules
|
|
647
|
-
- key: api-next-cache
|
|
648
|
-
policy: pull-push
|
|
649
|
-
paths:
|
|
650
|
-
- api/.next/cache
|
|
651
663
|
artifacts:
|
|
652
664
|
paths:
|
|
653
665
|
- api/__build_info.json
|
|
@@ -678,7 +690,7 @@ api 🧪 test:
|
|
|
678
690
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
679
691
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
680
692
|
script:
|
|
681
|
-
-
|
|
693
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
682
694
|
- export APP_DIR="api"
|
|
683
695
|
- export DOCKER_BUILD_CONTEXT="."
|
|
684
696
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
@@ -695,19 +707,19 @@ api 🧪 test:
|
|
|
695
707
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
696
708
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
697
709
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
698
|
-
-
|
|
710
|
+
- collapseable_section_end "injectvars"
|
|
699
711
|
- ensureNodeDockerfile
|
|
700
|
-
-
|
|
712
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
701
713
|
- docker login --username gitlab-ci-token --password $CI_JOB_TOKEN $CI_REGISTRY
|
|
702
|
-
-
|
|
703
|
-
-
|
|
714
|
+
- collapseable_section_end "docker-login"
|
|
715
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
704
716
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
705
|
-
-
|
|
706
|
-
-
|
|
717
|
+
- collapseable_section_end "docker-build"
|
|
718
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
707
719
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
708
720
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
709
721
|
- docker push $DOCKER_CACHE_IMAGE
|
|
710
|
-
-
|
|
722
|
+
- collapseable_section_end "docker-push"
|
|
711
723
|
cache:
|
|
712
724
|
- key: api-yarn
|
|
713
725
|
policy: pull
|
|
@@ -724,8 +736,8 @@ api 🧪 test:
|
|
|
724
736
|
image: aquasec/trivy:0.38.3
|
|
725
737
|
variables: {}
|
|
726
738
|
script:
|
|
727
|
-
-
|
|
728
|
-
-
|
|
739
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
740
|
+
- collapseable_section_end "injectvars"
|
|
729
741
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
730
742
|
artifacts:
|
|
731
743
|
paths:
|
|
@@ -744,24 +756,23 @@ api 🧪 test:
|
|
|
744
756
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
745
757
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
746
758
|
script:
|
|
747
|
-
-
|
|
759
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
748
760
|
- export ENV_SHORT="review"
|
|
749
761
|
- export APP_DIR="api"
|
|
750
762
|
- export ENV_TYPE="review"
|
|
751
763
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
752
764
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
753
765
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
754
|
-
- export
|
|
766
|
+
- export HOSTNAME="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
755
767
|
- export ROOT_URL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
756
|
-
- export
|
|
757
|
-
- export HOST_CANONICAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
768
|
+
- export HOSTNAME_INTERNAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
758
769
|
- export ROOT_URL_INTERNAL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
759
770
|
- export KUBE_NAMESPACE="pan-test-app-review"
|
|
760
771
|
- export KUBE_APP_NAME="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
761
772
|
- export KUBE_APP_NAME_PREFIX="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-"
|
|
762
773
|
- export MONGODB_ROOT_PASSWORD="$CL_review_api_MONGODB_ROOT_PASSWORD"
|
|
763
774
|
- export MONGODB_REPLICASET_KEY="$CL_review_api_MONGODB_REPLICASET_KEY"
|
|
764
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
775
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
765
776
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
766
777
|
- export DOCKER_CACHE_IMAGE="$CI_REGISTRY_IMAGE/caches/api"
|
|
767
778
|
- export DOCKER_IMAGE_NAME="review/api"
|
|
@@ -773,21 +784,20 @@ api 🧪 test:
|
|
|
773
784
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
774
785
|
- export HELM_ARGS=""
|
|
775
786
|
- export COMPONENT_NAME="api"
|
|
776
|
-
-
|
|
777
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
787
|
+
- collapseable_section_end "injectvars"
|
|
778
788
|
- kubectl config set-cluster "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --server="$CL_review_api_KUBE_URL" --certificate-authority <(echo $CL_review_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
779
789
|
- kubectl config set-credentials "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --token="$CL_review_api_KUBE_TOKEN"
|
|
780
790
|
- kubectl config set-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --cluster="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --user="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --namespace="pan-test-app-review"
|
|
781
791
|
- kubectl config use-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
782
|
-
-
|
|
792
|
+
- collapseable_section_start "writeallvalues" "Write __all_values.yml for helm deployment"
|
|
783
793
|
- |
|
|
784
794
|
cat > __all_values.yml <<EOF
|
|
785
795
|
env:
|
|
786
796
|
secret:
|
|
787
797
|
MONGODB_ROOT_PASSWORD: |-
|
|
788
|
-
|
|
798
|
+
$(printf %s "$CL_review_api_MONGODB_ROOT_PASSWORD" | sed '1!s/^/ /')
|
|
789
799
|
MONGODB_REPLICASET_KEY: |-
|
|
790
|
-
|
|
800
|
+
$(printf %s "$CL_review_api_MONGODB_REPLICASET_KEY" | sed '1!s/^/ /')
|
|
791
801
|
MONGO_URL: |-
|
|
792
802
|
mongodb://root:$CL_review_api_MONGODB_ROOT_PASSWORD@$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-mongodb-0.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-mongodb-headless.pan-test-app-review.svc.cluster.local:27017,$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-mongodb-1.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api-mongodb-headless.pan-test-app-review.svc.cluster.local:27017/app?replicaSet=rs0&authSource=admin
|
|
793
803
|
MONGO_OPLOG_URL: |-
|
|
@@ -800,32 +810,30 @@ api 🧪 test:
|
|
|
800
810
|
ENV_TYPE: |-
|
|
801
811
|
review
|
|
802
812
|
BUILD_INFO_BUILD_ID: |-
|
|
803
|
-
|
|
813
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
804
814
|
BUILD_INFO_BUILD_TIME: |-
|
|
805
|
-
|
|
815
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
806
816
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
807
|
-
|
|
808
|
-
|
|
809
|
-
|
|
817
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
818
|
+
HOSTNAME: |-
|
|
819
|
+
$(printf %s "api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
810
820
|
ROOT_URL: |-
|
|
811
|
-
|
|
812
|
-
|
|
813
|
-
|
|
814
|
-
HOST_CANONICAL: |-
|
|
815
|
-
$(printf %s "api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud" | sed 's/^/ /')
|
|
821
|
+
$(printf %s "https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
822
|
+
HOSTNAME_INTERNAL: |-
|
|
823
|
+
$(printf %s "api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
816
824
|
ROOT_URL_INTERNAL: |-
|
|
817
|
-
|
|
825
|
+
$(printf %s "https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
818
826
|
KUBE_NAMESPACE: |-
|
|
819
827
|
pan-test-app-review
|
|
820
828
|
KUBE_APP_NAME: |-
|
|
821
|
-
|
|
829
|
+
$(printf %s "$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | sed '1!s/^/ /')
|
|
822
830
|
KUBE_APP_NAME_PREFIX: |-
|
|
823
|
-
|
|
831
|
+
$(printf %s "$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-" | sed '1!s/^/ /')
|
|
824
832
|
_ALL_ENV_VAR_KEYS: |-
|
|
825
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
833
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","KUBE_NAMESPACE","KUBE_APP_NAME","KUBE_APP_NAME_PREFIX","MONGODB_ROOT_PASSWORD","MONGODB_REPLICASET_KEY"]
|
|
826
834
|
application:
|
|
827
835
|
host: |-
|
|
828
|
-
|
|
836
|
+
$(printf %s "api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
829
837
|
command: |-
|
|
830
838
|
node main.js
|
|
831
839
|
livenessProbe:
|
|
@@ -876,7 +884,7 @@ api 🧪 test:
|
|
|
876
884
|
NoSchedule
|
|
877
885
|
|
|
878
886
|
EOF
|
|
879
|
-
-
|
|
887
|
+
- collapseable_section_end "writeallvalues"
|
|
880
888
|
- kubernetesCreateSecret
|
|
881
889
|
- kubernetesDeploy
|
|
882
890
|
- echo 'Uploading SBOM to Dependency Track'
|
|
@@ -919,32 +927,30 @@ api 🧪 test:
|
|
|
919
927
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
920
928
|
GIT_STRATEGY: none
|
|
921
929
|
script:
|
|
922
|
-
-
|
|
930
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
923
931
|
- export ENV_SHORT="review"
|
|
924
932
|
- export APP_DIR="api"
|
|
925
933
|
- export ENV_TYPE="review"
|
|
926
934
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
927
935
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
928
936
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
929
|
-
- export
|
|
937
|
+
- export HOSTNAME="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
930
938
|
- export ROOT_URL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
931
|
-
- export
|
|
932
|
-
- export HOST_CANONICAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
939
|
+
- export HOSTNAME_INTERNAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
933
940
|
- export ROOT_URL_INTERNAL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
934
941
|
- export KUBE_NAMESPACE="pan-test-app-review"
|
|
935
942
|
- export KUBE_APP_NAME="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
936
943
|
- export KUBE_APP_NAME_PREFIX="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-"
|
|
937
944
|
- export MONGODB_ROOT_PASSWORD="$CL_review_api_MONGODB_ROOT_PASSWORD"
|
|
938
945
|
- export MONGODB_REPLICASET_KEY="$CL_review_api_MONGODB_REPLICASET_KEY"
|
|
939
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
946
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
940
947
|
- export RELEASE_NAME="pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
941
948
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
942
949
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
943
950
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
944
951
|
- export HELM_ARGS=""
|
|
945
952
|
- export COMPONENT_NAME="api"
|
|
946
|
-
-
|
|
947
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
953
|
+
- collapseable_section_end "injectvars"
|
|
948
954
|
- kubectl config set-cluster "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --server="$CL_review_api_KUBE_URL" --certificate-authority <(echo $CL_review_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
949
955
|
- kubectl config set-credentials "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --token="$CL_review_api_KUBE_TOKEN"
|
|
950
956
|
- kubectl config set-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --cluster="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --user="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --namespace="pan-test-app-review"
|
|
@@ -978,32 +984,30 @@ api 🧪 test:
|
|
|
978
984
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
979
985
|
GIT_STRATEGY: none
|
|
980
986
|
script:
|
|
981
|
-
-
|
|
987
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
982
988
|
- export ENV_SHORT="review"
|
|
983
989
|
- export APP_DIR="api"
|
|
984
990
|
- export ENV_TYPE="review"
|
|
985
991
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
986
992
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
987
993
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
988
|
-
- export
|
|
994
|
+
- export HOSTNAME="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
989
995
|
- export ROOT_URL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
990
|
-
- export
|
|
991
|
-
- export HOST_CANONICAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
996
|
+
- export HOSTNAME_INTERNAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
992
997
|
- export ROOT_URL_INTERNAL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
993
998
|
- export KUBE_NAMESPACE="pan-test-app-review"
|
|
994
999
|
- export KUBE_APP_NAME="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
995
1000
|
- export KUBE_APP_NAME_PREFIX="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-"
|
|
996
1001
|
- export MONGODB_ROOT_PASSWORD="$CL_review_api_MONGODB_ROOT_PASSWORD"
|
|
997
1002
|
- export MONGODB_REPLICASET_KEY="$CL_review_api_MONGODB_REPLICASET_KEY"
|
|
998
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1003
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
999
1004
|
- export RELEASE_NAME="pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
1000
1005
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
1001
1006
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
1002
1007
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1003
1008
|
- export HELM_ARGS=""
|
|
1004
1009
|
- export COMPONENT_NAME="api"
|
|
1005
|
-
-
|
|
1006
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1010
|
+
- collapseable_section_end "injectvars"
|
|
1007
1011
|
- kubectl config set-cluster "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --server="$CL_review_api_KUBE_URL" --certificate-authority <(echo $CL_review_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1008
1012
|
- kubectl config set-credentials "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --token="$CL_review_api_KUBE_TOKEN"
|
|
1009
1013
|
- kubectl config set-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --cluster="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --user="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --namespace="pan-test-app-review"
|
|
@@ -1032,38 +1036,37 @@ api 🧪 test:
|
|
|
1032
1036
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1033
1037
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
1034
1038
|
script:
|
|
1035
|
-
-
|
|
1039
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1036
1040
|
- export ENV_SHORT="stage"
|
|
1037
1041
|
- export APP_DIR="api"
|
|
1038
1042
|
- export ENV_TYPE="stage"
|
|
1039
1043
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1040
1044
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1041
1045
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1042
|
-
- export
|
|
1046
|
+
- export HOSTNAME="api.stage.test-app.pan.panter.cloud"
|
|
1043
1047
|
- export ROOT_URL="https://api.stage.test-app.pan.panter.cloud"
|
|
1044
|
-
- export
|
|
1045
|
-
- export HOST_CANONICAL="api.stage.test-app.pan.panter.cloud"
|
|
1048
|
+
- export HOSTNAME_INTERNAL="api.stage.test-app.pan.panter.cloud"
|
|
1046
1049
|
- export ROOT_URL_INTERNAL="https://api.stage.test-app.pan.panter.cloud"
|
|
1047
1050
|
- export KUBE_NAMESPACE="pan-test-app-stage"
|
|
1048
1051
|
- export KUBE_APP_NAME="api"
|
|
1049
1052
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1050
1053
|
- export MONGODB_ROOT_PASSWORD="$CL_stage_api_MONGODB_ROOT_PASSWORD"
|
|
1051
1054
|
- export MONGODB_REPLICASET_KEY="$CL_stage_api_MONGODB_REPLICASET_KEY"
|
|
1052
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1053
|
-
-
|
|
1055
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
1056
|
+
- collapseable_section_end "injectvars"
|
|
1054
1057
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json
|
|
1055
|
-
-
|
|
1058
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1056
1059
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1057
1060
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1058
|
-
-
|
|
1061
|
+
- collapseable_section_end "nodeinstall"
|
|
1059
1062
|
- cd api
|
|
1060
|
-
-
|
|
1063
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1061
1064
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1062
1065
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1063
|
-
-
|
|
1064
|
-
-
|
|
1066
|
+
- collapseable_section_end "nodeinstall"
|
|
1067
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
1065
1068
|
- yarn install --immutable
|
|
1066
|
-
-
|
|
1069
|
+
- collapseable_section_end "yarninstall"
|
|
1067
1070
|
- yarn build
|
|
1068
1071
|
cache:
|
|
1069
1072
|
- key: api-yarn
|
|
@@ -1074,10 +1077,6 @@ api 🧪 test:
|
|
|
1074
1077
|
policy: pull-push
|
|
1075
1078
|
paths:
|
|
1076
1079
|
- api/node_modules
|
|
1077
|
-
- key: api-next-cache
|
|
1078
|
-
policy: pull-push
|
|
1079
|
-
paths:
|
|
1080
|
-
- api/.next/cache
|
|
1081
1080
|
artifacts:
|
|
1082
1081
|
paths:
|
|
1083
1082
|
- api/__build_info.json
|
|
@@ -1108,7 +1107,7 @@ api 🧪 test:
|
|
|
1108
1107
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1109
1108
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
1110
1109
|
script:
|
|
1111
|
-
-
|
|
1110
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1112
1111
|
- export APP_DIR="api"
|
|
1113
1112
|
- export DOCKER_BUILD_CONTEXT="."
|
|
1114
1113
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
@@ -1125,19 +1124,19 @@ api 🧪 test:
|
|
|
1125
1124
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
1126
1125
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1127
1126
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
1128
|
-
-
|
|
1127
|
+
- collapseable_section_end "injectvars"
|
|
1129
1128
|
- ensureNodeDockerfile
|
|
1130
|
-
-
|
|
1129
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1131
1130
|
- docker login --username gitlab-ci-token --password $CI_JOB_TOKEN $CI_REGISTRY
|
|
1132
|
-
-
|
|
1133
|
-
-
|
|
1131
|
+
- collapseable_section_end "docker-login"
|
|
1132
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1134
1133
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1135
|
-
-
|
|
1136
|
-
-
|
|
1134
|
+
- collapseable_section_end "docker-build"
|
|
1135
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1137
1136
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1138
1137
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1139
1138
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1140
|
-
-
|
|
1139
|
+
- collapseable_section_end "docker-push"
|
|
1141
1140
|
cache:
|
|
1142
1141
|
- key: api-yarn
|
|
1143
1142
|
policy: pull
|
|
@@ -1154,8 +1153,8 @@ api 🧪 test:
|
|
|
1154
1153
|
image: aquasec/trivy:0.38.3
|
|
1155
1154
|
variables: {}
|
|
1156
1155
|
script:
|
|
1157
|
-
-
|
|
1158
|
-
-
|
|
1156
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1157
|
+
- collapseable_section_end "injectvars"
|
|
1159
1158
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
1160
1159
|
artifacts:
|
|
1161
1160
|
paths:
|
|
@@ -1174,24 +1173,23 @@ api 🧪 test:
|
|
|
1174
1173
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1175
1174
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1176
1175
|
script:
|
|
1177
|
-
-
|
|
1176
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1178
1177
|
- export ENV_SHORT="stage"
|
|
1179
1178
|
- export APP_DIR="api"
|
|
1180
1179
|
- export ENV_TYPE="stage"
|
|
1181
1180
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1182
1181
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1183
1182
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1184
|
-
- export
|
|
1183
|
+
- export HOSTNAME="api.stage.test-app.pan.panter.cloud"
|
|
1185
1184
|
- export ROOT_URL="https://api.stage.test-app.pan.panter.cloud"
|
|
1186
|
-
- export
|
|
1187
|
-
- export HOST_CANONICAL="api.stage.test-app.pan.panter.cloud"
|
|
1185
|
+
- export HOSTNAME_INTERNAL="api.stage.test-app.pan.panter.cloud"
|
|
1188
1186
|
- export ROOT_URL_INTERNAL="https://api.stage.test-app.pan.panter.cloud"
|
|
1189
1187
|
- export KUBE_NAMESPACE="pan-test-app-stage"
|
|
1190
1188
|
- export KUBE_APP_NAME="api"
|
|
1191
1189
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1192
1190
|
- export MONGODB_ROOT_PASSWORD="$CL_stage_api_MONGODB_ROOT_PASSWORD"
|
|
1193
1191
|
- export MONGODB_REPLICASET_KEY="$CL_stage_api_MONGODB_REPLICASET_KEY"
|
|
1194
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1192
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
1195
1193
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
1196
1194
|
- export DOCKER_CACHE_IMAGE="$CI_REGISTRY_IMAGE/caches/api"
|
|
1197
1195
|
- export DOCKER_IMAGE_NAME="stage/api"
|
|
@@ -1203,21 +1201,20 @@ api 🧪 test:
|
|
|
1203
1201
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1204
1202
|
- export HELM_ARGS=""
|
|
1205
1203
|
- export COMPONENT_NAME="api"
|
|
1206
|
-
-
|
|
1207
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1204
|
+
- collapseable_section_end "injectvars"
|
|
1208
1205
|
- kubectl config set-cluster "kube-pan-test-app-stage-api" --server="$CL_stage_api_KUBE_URL" --certificate-authority <(echo $CL_stage_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1209
1206
|
- kubectl config set-credentials "kube-pan-test-app-stage-api" --token="$CL_stage_api_KUBE_TOKEN"
|
|
1210
1207
|
- kubectl config set-context "kube-pan-test-app-stage-api" --cluster="kube-pan-test-app-stage-api" --user="kube-pan-test-app-stage-api" --namespace="pan-test-app-stage"
|
|
1211
1208
|
- kubectl config use-context "kube-pan-test-app-stage-api"
|
|
1212
|
-
-
|
|
1209
|
+
- collapseable_section_start "writeallvalues" "Write __all_values.yml for helm deployment"
|
|
1213
1210
|
- |
|
|
1214
1211
|
cat > __all_values.yml <<EOF
|
|
1215
1212
|
env:
|
|
1216
1213
|
secret:
|
|
1217
1214
|
MONGODB_ROOT_PASSWORD: |-
|
|
1218
|
-
|
|
1215
|
+
$(printf %s "$CL_stage_api_MONGODB_ROOT_PASSWORD" | sed '1!s/^/ /')
|
|
1219
1216
|
MONGODB_REPLICASET_KEY: |-
|
|
1220
|
-
|
|
1217
|
+
$(printf %s "$CL_stage_api_MONGODB_REPLICASET_KEY" | sed '1!s/^/ /')
|
|
1221
1218
|
MONGO_URL: |-
|
|
1222
1219
|
mongodb://root:$CL_stage_api_MONGODB_ROOT_PASSWORD@api-mongodb-0.api-mongodb-headless.pan-test-app-stage.svc.cluster.local:27017,api-mongodb-1.api-mongodb-headless.pan-test-app-stage.svc.cluster.local:27017/app?replicaSet=rs0&authSource=admin
|
|
1223
1220
|
MONGO_OPLOG_URL: |-
|
|
@@ -1230,18 +1227,16 @@ api 🧪 test:
|
|
|
1230
1227
|
ENV_TYPE: |-
|
|
1231
1228
|
stage
|
|
1232
1229
|
BUILD_INFO_BUILD_ID: |-
|
|
1233
|
-
|
|
1230
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1234
1231
|
BUILD_INFO_BUILD_TIME: |-
|
|
1235
|
-
|
|
1232
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1236
1233
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1237
|
-
|
|
1238
|
-
|
|
1234
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1235
|
+
HOSTNAME: |-
|
|
1239
1236
|
api.stage.test-app.pan.panter.cloud
|
|
1240
1237
|
ROOT_URL: |-
|
|
1241
1238
|
https://api.stage.test-app.pan.panter.cloud
|
|
1242
|
-
|
|
1243
|
-
api.stage.test-app.pan.panter.cloud
|
|
1244
|
-
HOST_CANONICAL: |-
|
|
1239
|
+
HOSTNAME_INTERNAL: |-
|
|
1245
1240
|
api.stage.test-app.pan.panter.cloud
|
|
1246
1241
|
ROOT_URL_INTERNAL: |-
|
|
1247
1242
|
https://api.stage.test-app.pan.panter.cloud
|
|
@@ -1251,7 +1246,7 @@ api 🧪 test:
|
|
|
1251
1246
|
api
|
|
1252
1247
|
KUBE_APP_NAME_PREFIX: ""
|
|
1253
1248
|
_ALL_ENV_VAR_KEYS: |-
|
|
1254
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1249
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","KUBE_NAMESPACE","KUBE_APP_NAME","KUBE_APP_NAME_PREFIX","MONGODB_ROOT_PASSWORD","MONGODB_REPLICASET_KEY"]
|
|
1255
1250
|
application:
|
|
1256
1251
|
host: |-
|
|
1257
1252
|
api.stage.test-app.pan.panter.cloud
|
|
@@ -1305,7 +1300,7 @@ api 🧪 test:
|
|
|
1305
1300
|
NoSchedule
|
|
1306
1301
|
|
|
1307
1302
|
EOF
|
|
1308
|
-
-
|
|
1303
|
+
- collapseable_section_end "writeallvalues"
|
|
1309
1304
|
- kubernetesCreateSecret
|
|
1310
1305
|
- kubernetesDeploy
|
|
1311
1306
|
- echo 'Uploading SBOM to Dependency Track'
|
|
@@ -1341,32 +1336,30 @@ api 🧪 test:
|
|
|
1341
1336
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1342
1337
|
GIT_STRATEGY: none
|
|
1343
1338
|
script:
|
|
1344
|
-
-
|
|
1339
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1345
1340
|
- export ENV_SHORT="stage"
|
|
1346
1341
|
- export APP_DIR="api"
|
|
1347
1342
|
- export ENV_TYPE="stage"
|
|
1348
1343
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1349
1344
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1350
1345
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1351
|
-
- export
|
|
1346
|
+
- export HOSTNAME="api.stage.test-app.pan.panter.cloud"
|
|
1352
1347
|
- export ROOT_URL="https://api.stage.test-app.pan.panter.cloud"
|
|
1353
|
-
- export
|
|
1354
|
-
- export HOST_CANONICAL="api.stage.test-app.pan.panter.cloud"
|
|
1348
|
+
- export HOSTNAME_INTERNAL="api.stage.test-app.pan.panter.cloud"
|
|
1355
1349
|
- export ROOT_URL_INTERNAL="https://api.stage.test-app.pan.panter.cloud"
|
|
1356
1350
|
- export KUBE_NAMESPACE="pan-test-app-stage"
|
|
1357
1351
|
- export KUBE_APP_NAME="api"
|
|
1358
1352
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1359
1353
|
- export MONGODB_ROOT_PASSWORD="$CL_stage_api_MONGODB_ROOT_PASSWORD"
|
|
1360
1354
|
- export MONGODB_REPLICASET_KEY="$CL_stage_api_MONGODB_REPLICASET_KEY"
|
|
1361
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1355
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
1362
1356
|
- export RELEASE_NAME="pan-test-app-stage-api"
|
|
1363
1357
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
1364
1358
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
1365
1359
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1366
1360
|
- export HELM_ARGS=""
|
|
1367
1361
|
- export COMPONENT_NAME="api"
|
|
1368
|
-
-
|
|
1369
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1362
|
+
- collapseable_section_end "injectvars"
|
|
1370
1363
|
- kubectl config set-cluster "kube-pan-test-app-stage-api" --server="$CL_stage_api_KUBE_URL" --certificate-authority <(echo $CL_stage_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1371
1364
|
- kubectl config set-credentials "kube-pan-test-app-stage-api" --token="$CL_stage_api_KUBE_TOKEN"
|
|
1372
1365
|
- kubectl config set-context "kube-pan-test-app-stage-api" --cluster="kube-pan-test-app-stage-api" --user="kube-pan-test-app-stage-api" --namespace="pan-test-app-stage"
|
|
@@ -1400,32 +1393,30 @@ api 🧪 test:
|
|
|
1400
1393
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1401
1394
|
GIT_STRATEGY: none
|
|
1402
1395
|
script:
|
|
1403
|
-
-
|
|
1396
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1404
1397
|
- export ENV_SHORT="stage"
|
|
1405
1398
|
- export APP_DIR="api"
|
|
1406
1399
|
- export ENV_TYPE="stage"
|
|
1407
1400
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1408
1401
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1409
1402
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1410
|
-
- export
|
|
1403
|
+
- export HOSTNAME="api.stage.test-app.pan.panter.cloud"
|
|
1411
1404
|
- export ROOT_URL="https://api.stage.test-app.pan.panter.cloud"
|
|
1412
|
-
- export
|
|
1413
|
-
- export HOST_CANONICAL="api.stage.test-app.pan.panter.cloud"
|
|
1405
|
+
- export HOSTNAME_INTERNAL="api.stage.test-app.pan.panter.cloud"
|
|
1414
1406
|
- export ROOT_URL_INTERNAL="https://api.stage.test-app.pan.panter.cloud"
|
|
1415
1407
|
- export KUBE_NAMESPACE="pan-test-app-stage"
|
|
1416
1408
|
- export KUBE_APP_NAME="api"
|
|
1417
1409
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1418
1410
|
- export MONGODB_ROOT_PASSWORD="$CL_stage_api_MONGODB_ROOT_PASSWORD"
|
|
1419
1411
|
- export MONGODB_REPLICASET_KEY="$CL_stage_api_MONGODB_REPLICASET_KEY"
|
|
1420
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1412
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
1421
1413
|
- export RELEASE_NAME="pan-test-app-stage-api"
|
|
1422
1414
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
1423
1415
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
1424
1416
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1425
1417
|
- export HELM_ARGS=""
|
|
1426
1418
|
- export COMPONENT_NAME="api"
|
|
1427
|
-
-
|
|
1428
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1419
|
+
- collapseable_section_end "injectvars"
|
|
1429
1420
|
- kubectl config set-cluster "kube-pan-test-app-stage-api" --server="$CL_stage_api_KUBE_URL" --certificate-authority <(echo $CL_stage_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1430
1421
|
- kubectl config set-credentials "kube-pan-test-app-stage-api" --token="$CL_stage_api_KUBE_TOKEN"
|
|
1431
1422
|
- kubectl config set-context "kube-pan-test-app-stage-api" --cluster="kube-pan-test-app-stage-api" --user="kube-pan-test-app-stage-api" --namespace="pan-test-app-stage"
|
|
@@ -1454,38 +1445,37 @@ api 🧪 test:
|
|
|
1454
1445
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1455
1446
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
1456
1447
|
script:
|
|
1457
|
-
-
|
|
1448
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1458
1449
|
- export ENV_SHORT="prod"
|
|
1459
1450
|
- export APP_DIR="api"
|
|
1460
1451
|
- export ENV_TYPE="prod"
|
|
1461
1452
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1462
1453
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1463
1454
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1464
|
-
- export
|
|
1455
|
+
- export HOSTNAME="api.prod.test-app.pan.panter.cloud"
|
|
1465
1456
|
- export ROOT_URL="https://api.prod.test-app.pan.panter.cloud"
|
|
1466
|
-
- export
|
|
1467
|
-
- export HOST_CANONICAL="api.prod.test-app.pan.panter.cloud"
|
|
1457
|
+
- export HOSTNAME_INTERNAL="api.prod.test-app.pan.panter.cloud"
|
|
1468
1458
|
- export ROOT_URL_INTERNAL="https://api.prod.test-app.pan.panter.cloud"
|
|
1469
1459
|
- export KUBE_NAMESPACE="pan-test-app-prod"
|
|
1470
1460
|
- export KUBE_APP_NAME="api"
|
|
1471
1461
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1472
1462
|
- export MONGODB_ROOT_PASSWORD="$CL_prod_api_MONGODB_ROOT_PASSWORD"
|
|
1473
1463
|
- export MONGODB_REPLICASET_KEY="$CL_prod_api_MONGODB_REPLICASET_KEY"
|
|
1474
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1475
|
-
-
|
|
1464
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
1465
|
+
- collapseable_section_end "injectvars"
|
|
1476
1466
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json
|
|
1477
|
-
-
|
|
1467
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1478
1468
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1479
1469
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1480
|
-
-
|
|
1470
|
+
- collapseable_section_end "nodeinstall"
|
|
1481
1471
|
- cd api
|
|
1482
|
-
-
|
|
1472
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1483
1473
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1484
1474
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1485
|
-
-
|
|
1486
|
-
-
|
|
1475
|
+
- collapseable_section_end "nodeinstall"
|
|
1476
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
1487
1477
|
- yarn install --immutable
|
|
1488
|
-
-
|
|
1478
|
+
- collapseable_section_end "yarninstall"
|
|
1489
1479
|
- yarn build
|
|
1490
1480
|
cache:
|
|
1491
1481
|
- key: api-yarn
|
|
@@ -1496,10 +1486,6 @@ api 🧪 test:
|
|
|
1496
1486
|
policy: pull-push
|
|
1497
1487
|
paths:
|
|
1498
1488
|
- api/node_modules
|
|
1499
|
-
- key: api-next-cache
|
|
1500
|
-
policy: pull-push
|
|
1501
|
-
paths:
|
|
1502
|
-
- api/.next/cache
|
|
1503
1489
|
artifacts:
|
|
1504
1490
|
paths:
|
|
1505
1491
|
- api/__build_info.json
|
|
@@ -1530,7 +1516,7 @@ api 🧪 test:
|
|
|
1530
1516
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1531
1517
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
1532
1518
|
script:
|
|
1533
|
-
-
|
|
1519
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1534
1520
|
- export APP_DIR="api"
|
|
1535
1521
|
- export DOCKER_BUILD_CONTEXT="."
|
|
1536
1522
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
@@ -1547,19 +1533,19 @@ api 🧪 test:
|
|
|
1547
1533
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
1548
1534
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1549
1535
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
1550
|
-
-
|
|
1536
|
+
- collapseable_section_end "injectvars"
|
|
1551
1537
|
- ensureNodeDockerfile
|
|
1552
|
-
-
|
|
1538
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1553
1539
|
- docker login --username gitlab-ci-token --password $CI_JOB_TOKEN $CI_REGISTRY
|
|
1554
|
-
-
|
|
1555
|
-
-
|
|
1540
|
+
- collapseable_section_end "docker-login"
|
|
1541
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1556
1542
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1557
|
-
-
|
|
1558
|
-
-
|
|
1543
|
+
- collapseable_section_end "docker-build"
|
|
1544
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1559
1545
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1560
1546
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1561
1547
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1562
|
-
-
|
|
1548
|
+
- collapseable_section_end "docker-push"
|
|
1563
1549
|
cache:
|
|
1564
1550
|
- key: api-yarn
|
|
1565
1551
|
policy: pull
|
|
@@ -1576,8 +1562,8 @@ api 🧪 test:
|
|
|
1576
1562
|
image: aquasec/trivy:0.38.3
|
|
1577
1563
|
variables: {}
|
|
1578
1564
|
script:
|
|
1579
|
-
-
|
|
1580
|
-
-
|
|
1565
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1566
|
+
- collapseable_section_end "injectvars"
|
|
1581
1567
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
1582
1568
|
artifacts:
|
|
1583
1569
|
paths:
|
|
@@ -1596,24 +1582,23 @@ api 🧪 test:
|
|
|
1596
1582
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1597
1583
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1598
1584
|
script:
|
|
1599
|
-
-
|
|
1585
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1600
1586
|
- export ENV_SHORT="prod"
|
|
1601
1587
|
- export APP_DIR="api"
|
|
1602
1588
|
- export ENV_TYPE="prod"
|
|
1603
1589
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1604
1590
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1605
1591
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1606
|
-
- export
|
|
1592
|
+
- export HOSTNAME="api.prod.test-app.pan.panter.cloud"
|
|
1607
1593
|
- export ROOT_URL="https://api.prod.test-app.pan.panter.cloud"
|
|
1608
|
-
- export
|
|
1609
|
-
- export HOST_CANONICAL="api.prod.test-app.pan.panter.cloud"
|
|
1594
|
+
- export HOSTNAME_INTERNAL="api.prod.test-app.pan.panter.cloud"
|
|
1610
1595
|
- export ROOT_URL_INTERNAL="https://api.prod.test-app.pan.panter.cloud"
|
|
1611
1596
|
- export KUBE_NAMESPACE="pan-test-app-prod"
|
|
1612
1597
|
- export KUBE_APP_NAME="api"
|
|
1613
1598
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1614
1599
|
- export MONGODB_ROOT_PASSWORD="$CL_prod_api_MONGODB_ROOT_PASSWORD"
|
|
1615
1600
|
- export MONGODB_REPLICASET_KEY="$CL_prod_api_MONGODB_REPLICASET_KEY"
|
|
1616
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1601
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
1617
1602
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
1618
1603
|
- export DOCKER_CACHE_IMAGE="$CI_REGISTRY_IMAGE/caches/api"
|
|
1619
1604
|
- export DOCKER_IMAGE_NAME="prod/api"
|
|
@@ -1625,21 +1610,20 @@ api 🧪 test:
|
|
|
1625
1610
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1626
1611
|
- export HELM_ARGS=""
|
|
1627
1612
|
- export COMPONENT_NAME="api"
|
|
1628
|
-
-
|
|
1629
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1613
|
+
- collapseable_section_end "injectvars"
|
|
1630
1614
|
- kubectl config set-cluster "kube-pan-test-app-prod-api" --server="$CL_prod_api_KUBE_URL" --certificate-authority <(echo $CL_prod_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1631
1615
|
- kubectl config set-credentials "kube-pan-test-app-prod-api" --token="$CL_prod_api_KUBE_TOKEN"
|
|
1632
1616
|
- kubectl config set-context "kube-pan-test-app-prod-api" --cluster="kube-pan-test-app-prod-api" --user="kube-pan-test-app-prod-api" --namespace="pan-test-app-prod"
|
|
1633
1617
|
- kubectl config use-context "kube-pan-test-app-prod-api"
|
|
1634
|
-
-
|
|
1618
|
+
- collapseable_section_start "writeallvalues" "Write __all_values.yml for helm deployment"
|
|
1635
1619
|
- |
|
|
1636
1620
|
cat > __all_values.yml <<EOF
|
|
1637
1621
|
env:
|
|
1638
1622
|
secret:
|
|
1639
1623
|
MONGODB_ROOT_PASSWORD: |-
|
|
1640
|
-
|
|
1624
|
+
$(printf %s "$CL_prod_api_MONGODB_ROOT_PASSWORD" | sed '1!s/^/ /')
|
|
1641
1625
|
MONGODB_REPLICASET_KEY: |-
|
|
1642
|
-
|
|
1626
|
+
$(printf %s "$CL_prod_api_MONGODB_REPLICASET_KEY" | sed '1!s/^/ /')
|
|
1643
1627
|
MONGO_URL: |-
|
|
1644
1628
|
mongodb://root:$CL_prod_api_MONGODB_ROOT_PASSWORD@api-mongodb-0.api-mongodb-headless.pan-test-app-prod.svc.cluster.local:27017,api-mongodb-1.api-mongodb-headless.pan-test-app-prod.svc.cluster.local:27017/app?replicaSet=rs0&authSource=admin
|
|
1645
1629
|
MONGO_OPLOG_URL: |-
|
|
@@ -1652,18 +1636,16 @@ api 🧪 test:
|
|
|
1652
1636
|
ENV_TYPE: |-
|
|
1653
1637
|
prod
|
|
1654
1638
|
BUILD_INFO_BUILD_ID: |-
|
|
1655
|
-
|
|
1639
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1656
1640
|
BUILD_INFO_BUILD_TIME: |-
|
|
1657
|
-
|
|
1641
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1658
1642
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1659
|
-
|
|
1660
|
-
|
|
1643
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1644
|
+
HOSTNAME: |-
|
|
1661
1645
|
api.prod.test-app.pan.panter.cloud
|
|
1662
1646
|
ROOT_URL: |-
|
|
1663
1647
|
https://api.prod.test-app.pan.panter.cloud
|
|
1664
|
-
|
|
1665
|
-
api.prod.test-app.pan.panter.cloud
|
|
1666
|
-
HOST_CANONICAL: |-
|
|
1648
|
+
HOSTNAME_INTERNAL: |-
|
|
1667
1649
|
api.prod.test-app.pan.panter.cloud
|
|
1668
1650
|
ROOT_URL_INTERNAL: |-
|
|
1669
1651
|
https://api.prod.test-app.pan.panter.cloud
|
|
@@ -1673,7 +1655,7 @@ api 🧪 test:
|
|
|
1673
1655
|
api
|
|
1674
1656
|
KUBE_APP_NAME_PREFIX: ""
|
|
1675
1657
|
_ALL_ENV_VAR_KEYS: |-
|
|
1676
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1658
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","KUBE_NAMESPACE","KUBE_APP_NAME","KUBE_APP_NAME_PREFIX","MONGODB_ROOT_PASSWORD","MONGODB_REPLICASET_KEY"]
|
|
1677
1659
|
application:
|
|
1678
1660
|
host: |-
|
|
1679
1661
|
api.prod.test-app.pan.panter.cloud
|
|
@@ -1727,7 +1709,7 @@ api 🧪 test:
|
|
|
1727
1709
|
NoSchedule
|
|
1728
1710
|
|
|
1729
1711
|
EOF
|
|
1730
|
-
-
|
|
1712
|
+
- collapseable_section_end "writeallvalues"
|
|
1731
1713
|
- kubernetesCreateSecret
|
|
1732
1714
|
- kubernetesDeploy
|
|
1733
1715
|
- echo 'Uploading SBOM to Dependency Track'
|
|
@@ -1763,32 +1745,30 @@ api 🧪 test:
|
|
|
1763
1745
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1764
1746
|
GIT_STRATEGY: none
|
|
1765
1747
|
script:
|
|
1766
|
-
-
|
|
1748
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1767
1749
|
- export ENV_SHORT="prod"
|
|
1768
1750
|
- export APP_DIR="api"
|
|
1769
1751
|
- export ENV_TYPE="prod"
|
|
1770
1752
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1771
1753
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1772
1754
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1773
|
-
- export
|
|
1755
|
+
- export HOSTNAME="api.prod.test-app.pan.panter.cloud"
|
|
1774
1756
|
- export ROOT_URL="https://api.prod.test-app.pan.panter.cloud"
|
|
1775
|
-
- export
|
|
1776
|
-
- export HOST_CANONICAL="api.prod.test-app.pan.panter.cloud"
|
|
1757
|
+
- export HOSTNAME_INTERNAL="api.prod.test-app.pan.panter.cloud"
|
|
1777
1758
|
- export ROOT_URL_INTERNAL="https://api.prod.test-app.pan.panter.cloud"
|
|
1778
1759
|
- export KUBE_NAMESPACE="pan-test-app-prod"
|
|
1779
1760
|
- export KUBE_APP_NAME="api"
|
|
1780
1761
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1781
1762
|
- export MONGODB_ROOT_PASSWORD="$CL_prod_api_MONGODB_ROOT_PASSWORD"
|
|
1782
1763
|
- export MONGODB_REPLICASET_KEY="$CL_prod_api_MONGODB_REPLICASET_KEY"
|
|
1783
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1764
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
1784
1765
|
- export RELEASE_NAME="pan-test-app-prod-api"
|
|
1785
1766
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
1786
1767
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
1787
1768
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1788
1769
|
- export HELM_ARGS=""
|
|
1789
1770
|
- export COMPONENT_NAME="api"
|
|
1790
|
-
-
|
|
1791
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1771
|
+
- collapseable_section_end "injectvars"
|
|
1792
1772
|
- kubectl config set-cluster "kube-pan-test-app-prod-api" --server="$CL_prod_api_KUBE_URL" --certificate-authority <(echo $CL_prod_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1793
1773
|
- kubectl config set-credentials "kube-pan-test-app-prod-api" --token="$CL_prod_api_KUBE_TOKEN"
|
|
1794
1774
|
- kubectl config set-context "kube-pan-test-app-prod-api" --cluster="kube-pan-test-app-prod-api" --user="kube-pan-test-app-prod-api" --namespace="pan-test-app-prod"
|
|
@@ -1822,32 +1802,30 @@ api 🧪 test:
|
|
|
1822
1802
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1823
1803
|
GIT_STRATEGY: none
|
|
1824
1804
|
script:
|
|
1825
|
-
-
|
|
1805
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1826
1806
|
- export ENV_SHORT="prod"
|
|
1827
1807
|
- export APP_DIR="api"
|
|
1828
1808
|
- export ENV_TYPE="prod"
|
|
1829
1809
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1830
1810
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1831
1811
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1832
|
-
- export
|
|
1812
|
+
- export HOSTNAME="api.prod.test-app.pan.panter.cloud"
|
|
1833
1813
|
- export ROOT_URL="https://api.prod.test-app.pan.panter.cloud"
|
|
1834
|
-
- export
|
|
1835
|
-
- export HOST_CANONICAL="api.prod.test-app.pan.panter.cloud"
|
|
1814
|
+
- export HOSTNAME_INTERNAL="api.prod.test-app.pan.panter.cloud"
|
|
1836
1815
|
- export ROOT_URL_INTERNAL="https://api.prod.test-app.pan.panter.cloud"
|
|
1837
1816
|
- export KUBE_NAMESPACE="pan-test-app-prod"
|
|
1838
1817
|
- export KUBE_APP_NAME="api"
|
|
1839
1818
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1840
1819
|
- export MONGODB_ROOT_PASSWORD="$CL_prod_api_MONGODB_ROOT_PASSWORD"
|
|
1841
1820
|
- export MONGODB_REPLICASET_KEY="$CL_prod_api_MONGODB_REPLICASET_KEY"
|
|
1842
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1821
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"MONGODB_ROOT_PASSWORD\\",\\"MONGODB_REPLICASET_KEY\\"]"
|
|
1843
1822
|
- export RELEASE_NAME="pan-test-app-prod-api"
|
|
1844
1823
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
1845
1824
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
1846
1825
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1847
1826
|
- export HELM_ARGS=""
|
|
1848
1827
|
- export COMPONENT_NAME="api"
|
|
1849
|
-
-
|
|
1850
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1828
|
+
- collapseable_section_end "injectvars"
|
|
1851
1829
|
- kubectl config set-cluster "kube-pan-test-app-prod-api" --server="$CL_prod_api_KUBE_URL" --certificate-authority <(echo $CL_prod_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1852
1830
|
- kubectl config set-credentials "kube-pan-test-app-prod-api" --token="$CL_prod_api_KUBE_TOKEN"
|
|
1853
1831
|
- kubectl config set-context "kube-pan-test-app-prod-api" --cluster="kube-pan-test-app-prod-api" --user="kube-pan-test-app-prod-api" --namespace="pan-test-app-prod"
|