-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy path.gitlab-ci.yml
282 lines (256 loc) · 7.69 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
image: thecodingmachine/php:8.3-v4-cli
stages:
- prepare
- testing
- build
- deploy
variables:
APP_IMAGE_NAME: "$CI_REGISTRY_IMAGE/app"
WEB_IMAGE_NAME: "$CI_REGISTRY_IMAGE/web"
DB_IMAGE_NAME: "$CI_REGISTRY_IMAGE/db"
PHP_EXTENSION_INTL: 1
PHP_EXTENSION_IMAGICK: 1
#######################
# Shared script steps #
#######################
# GitLab do not supports bash syntax in the "variables" definitions,
# so we use custom step to define all necessary environment variables
.defineVars: &defineVars |-
export VERSION="${CI_COMMIT_TAG:-${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHORT_SHA}}"
export APP_VERSIONED_IMAGE_NAME="$APP_IMAGE_NAME:$VERSION"
export APP_LATEST_IMAGE_NAME="$APP_IMAGE_NAME:latest"
export WEB_VERSIONED_IMAGE_NAME="$WEB_IMAGE_NAME:$VERSION"
export WEB_LATEST_IMAGE_NAME="$WEB_IMAGE_NAME:latest"
export DB_VERSIONED_IMAGE_NAME="$DB_IMAGE_NAME:$VERSION"
export DB_LATEST_IMAGE_NAME="$DB_IMAGE_NAME:latest"
.dockerLogin: &dockerLogin |-
docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
.installSentry: &installSentry |-
apk add --update-cache --upgrade curl bash
curl -sL https://sentry.io/get-cli/ | bash
.setupSSH: &setupSSH |-
mkdir ~/.ssh
echo -e "Host *\n StrictHostKeyChecking no\n" > ~/.ssh/config
eval $(ssh-agent -s)
echo "$SSH_DEPLOY_KEY" | tr -d '\r' | ssh-add -
###################
# Steps to extend #
###################
.vendorCache: &vendorCache
key: composer
paths:
- vendor
policy: pull
#################
# Prepare stage #
#################
Composer:
stage: prepare
cache:
<<: *vendorCache
policy: pull-push
before_script:
- composer config github-oauth.github.com "$GITHUB_TOKEN"
script:
- composer install --ignore-platform-reqs
#################
# Testing stage #
#################
PHP-CS-Fixer:
stage: testing
cache:
- *vendorCache
- key: php-cs-fixer-$CI_COMMIT_REF_SLUG
fallback_keys:
- php-cs-fixer-$CI_DEFAULT_BRANCH
paths:
- .php-cs-fixer.cache
when: always
script:
- vendor/bin/php-cs-fixer fix -v --dry-run
Codeception:
stage: testing
cache: *vendorCache
services:
- name: redis:4.0.10-alpine
alias: redis
- name: bitnami/mariadb:10.3.20-debian-9-r4
alias: db
variables:
# App config
DB_HOST: "db"
DB_DATABASE: "ely_accounts_test"
DB_USER: "ely_accounts_tester"
DB_PASSWORD: "ely_accounts_tester_password"
REDIS_HOST: "redis"
REDIS_PORT: "6379"
# MariaDB config
ALLOW_EMPTY_PASSWORD: "yes"
MARIADB_DATABASE: "ely_accounts_test"
MARIADB_USER: "ely_accounts_tester"
MARIADB_PASSWORD: "ely_accounts_tester_password"
before_script:
# Install wait-for-it script
- sudo curl "https://raw.githubusercontent.com/vishnubob/wait-for-it/81b1373f17855/wait-for-it.sh" -o /usr/local/bin/wait-for-it
- sudo chmod a+x /usr/local/bin/wait-for-it
# Add SVG support (remove after https://github.com/thecodingmachine/docker-images-php/issues/393 will be resolved)
- sudo apt update
- sudo apt install -y libmagickcore-6.q16-6-extra
script:
- php yii rbac/generate
- wait-for-it "${DB_HOST}:3306" -s -t 0 -- php yii migrate/up --interactive=0
- vendor/bin/codecept run
PHPStan:
stage: testing
cache:
- *vendorCache
- key: phpstan-$CI_COMMIT_REF_SLUG
fallback_keys:
- phpstan-$CI_DEFAULT_BRANCH
paths:
- .phpstan
when: on_success
before_script:
- |
echo -e "includes: [phpstan.dist.neon]\nparameters:\n tmpDir: .phpstan\n reportUnmatchedIgnoredErrors: false" > phpstan.neon
script:
- vendor/bin/codecept build
- vendor/bin/phpstan analyse --no-progress --memory-limit 2G
###############
# Build stage #
###############
Docker:
stage: build
image: docker:20.10.21
services:
- docker:20.10.21-dind
variables:
# Use TLS https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#tls-enabled
DOCKER_HOST: tcp://docker:2376
DOCKER_TLS_CERTDIR: "/certs"
before_script:
- *defineVars
- *dockerLogin
- sed -i -e "s/{{PLACE_VERSION_HERE}}/$VERSION/g" common/config/config.php
script:
# Download previous images to use them as a cache
- docker pull "$APP_LATEST_IMAGE_NAME" || true
- docker pull "$WEB_LATEST_IMAGE_NAME" || true
- docker pull "$DB_LATEST_IMAGE_NAME" || true
# Build images
- >
docker build .
--pull
--target app
--build-arg "build_env=prod"
--cache-from "$APP_LATEST_IMAGE_NAME"
-t "$APP_VERSIONED_IMAGE_NAME"
-t "$APP_LATEST_IMAGE_NAME"
- >
docker build .
--pull
--target web
--build-arg "build_env=prod"
--cache-from "$APP_VERSIONED_IMAGE_NAME"
--cache-from "$WEB_LATEST_IMAGE_NAME"
-t "$WEB_VERSIONED_IMAGE_NAME"
-t "$WEB_LATEST_IMAGE_NAME"
- >
docker build .
--pull
--target db
--build-arg "build_env=prod"
--cache-from "$APP_VERSIONED_IMAGE_NAME"
--cache-from "$WEB_VERSIONED_IMAGE_NAME"
--cache-from "$DB_LATEST_IMAGE_NAME"
-t "$DB_VERSIONED_IMAGE_NAME"
-t "$DB_LATEST_IMAGE_NAME"
# Push images to the registry
- docker push $APP_VERSIONED_IMAGE_NAME
- docker push $APP_LATEST_IMAGE_NAME
- docker push $WEB_VERSIONED_IMAGE_NAME
- docker push $WEB_LATEST_IMAGE_NAME
- docker push $DB_VERSIONED_IMAGE_NAME
- docker push $DB_LATEST_IMAGE_NAME
rules:
- if: '$CI_COMMIT_TAG'
when: on_success
- if: '$CI_COMMIT_BRANCH == "master"'
when: on_success
- if: '$CI_COMMIT_MESSAGE =~ /\[deploy.*\]/'
when: on_success
# Default:
- when: never
##########
# Deploy #
##########
.beforeSentryDeploy: &beforeSentryDeploy |-
sentry-cli releases new $VERSION
sentry-cli releases set-commits --commit "elyby/accounts@${CI_COMMIT_SHA}" $VERSION
.afterSentryDeploy: &afterSentryDeploy |-
sentry-cli releases deploys $VERSION new -e $CI_ENVIRONMENT_NAME
sentry-cli releases finalize $VERSION
.deployJob:
stage: deploy
image: docksal/ssh-agent:1.3
needs:
- Docker
variables:
GIT_STRATEGY: none
before_script:
- *defineVars
- *installSentry
- *setupSSH
script:
- *beforeSentryDeploy
# Escape $ with backslash to prevent value evaluation from CI container.
# We're not using $APP_LATEST_IMAGE_NAME because on remote server might be
# a different semantic of preferred image version tag
- |
ssh -J [email protected]:4534 -p 722 "root@$VM_HOST_NAME" /bin/bash << EOF
set -e
cd "$VM_DEPLOY_PATH"
docker pull "$APP_VERSIONED_IMAGE_NAME"
docker pull "$WEB_VERSIONED_IMAGE_NAME"
docker tag "$APP_VERSIONED_IMAGE_NAME" "$APP_IMAGE_NAME:latest"
docker tag "$WEB_VERSIONED_IMAGE_NAME" "$WEB_IMAGE_NAME:latest"
docker-compose stop app worker cron
docker-compose rm -fv app worker cron
docker-compose up -d --scale worker=3 app worker cron
docker-compose stop web
docker-compose rm -fv web
docker-compose up -d web
EOF
- *afterSentryDeploy
Dev:
extends:
- .deployJob
environment:
name: Development
variables:
VM_HOST_NAME: playground.ely.local
VM_DEPLOY_PATH: /srv/dev.account.ely.by
rules:
- if: '$CI_COMMIT_TAG'
when: on_success
- if: '$CI_COMMIT_BRANCH == "master"'
when: on_success
- if: '$CI_COMMIT_MESSAGE =~ /\[deploy dev\]/'
when: on_success
# Default:
- when: never
Prod:
extends:
- .deployJob
environment:
name: Production
variables:
VM_HOST_NAME: accounts.ely.local
VM_DEPLOY_PATH: /srv
rules:
- if: '$CI_COMMIT_BRANCH != "master"'
when: never
- if: '$CI_COMMIT_MESSAGE =~ /\[deploy\]/'
when: on_success
# Default:
- when: manual