55 lines
1.8 KiB
YAML
55 lines
1.8 KiB
YAML
stages:
|
|
- build
|
|
- deploy
|
|
|
|
variables:
|
|
IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA
|
|
IMAGE_TAG_LATEST: $CI_REGISTRY_IMAGE:latest
|
|
|
|
build_and_push:
|
|
stage: build
|
|
image: docker:29
|
|
services:
|
|
- name: docker:29-dind
|
|
command: ["--tls=false"]
|
|
variables:
|
|
DOCKER_TLS_CERTDIR: ""
|
|
DOCKER_HOST: tcp://docker:2375
|
|
rules:
|
|
- if: '$CI_COMMIT_BRANCH == "main"'
|
|
script:
|
|
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
|
|
- docker build --target production -t "$IMAGE_TAG" -t "$IMAGE_TAG_LATEST" .
|
|
- docker push "$IMAGE_TAG"
|
|
- docker push "$IMAGE_TAG_LATEST"
|
|
|
|
deploy_production:
|
|
stage: deploy
|
|
image: alpine:3.20
|
|
environment:
|
|
name: production
|
|
url: https://api-finance.ai-assistant-bot.xyz
|
|
rules:
|
|
- if: '$CI_COMMIT_BRANCH == "main"'
|
|
when: manual
|
|
allow_failure: false
|
|
before_script:
|
|
- apk add --no-cache openssh-client rsync
|
|
- mkdir -p ~/.ssh
|
|
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
|
|
- chmod 600 ~/.ssh/id_rsa
|
|
- ssh-keyscan -H "$DEPLOY_HOST" >> ~/.ssh/known_hosts
|
|
script:
|
|
- ssh "$DEPLOY_USER@$DEPLOY_HOST" "mkdir -p /opt/apps/api-finance"
|
|
- rsync -az --delete \
|
|
--exclude='.git' \
|
|
--exclude='.env' \
|
|
--exclude='.env.*' \
|
|
--exclude='node_modules' \
|
|
--exclude='coverage' \
|
|
--exclude='dist' \
|
|
./ "$DEPLOY_USER@$DEPLOY_HOST:/opt/apps/api-finance/"
|
|
- ssh "$DEPLOY_USER@$DEPLOY_HOST" "docker login -u '$CI_REGISTRY_USER' -p '$CI_REGISTRY_PASSWORD' '$CI_REGISTRY'"
|
|
- ssh "$DEPLOY_USER@$DEPLOY_HOST" "cd /opt/apps/api-finance && APP_IMAGE='$IMAGE_TAG' docker compose -f docker-compose.server.yml pull"
|
|
- ssh "$DEPLOY_USER@$DEPLOY_HOST" "cd /opt/apps/api-finance && APP_IMAGE='$IMAGE_TAG' docker compose -f docker-compose.server.yml up -d"
|