-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
80 lines (74 loc) · 2.61 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
stages:
- build
- test
- deploy
variables:
DOCKER_DRIVER: overlay2
DOCKER_REGISTRY: ${CI_REGISTRY}
# Docker image name to use when building
CONTAINER_IMAGE: ${CI_REGISTRY_IMAGE}:${CI_COMMIT_REF_SLUG}-${CI_BUILD_REF}
# Git Repo of ansible playbooks
PLAYBOOK_REPO_URL: https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.dhe.duke.edu/gcb-informatics/gcb-ansible-cd.git
# Playbook branch or ref to checkout
PLAYBOOK_REF: master
# Directory to place ansible playbooks repo
PLAYBOOK_DIR: gcb-ansible-cd
# Ansible playbook to use
DEPLOY_PLAYBOOK: d4s2-webapp.yml
# SSH key to use when running ansible
DEPLOY_KEY: /home/gitlab-runner/.ssh/bespin-gitlab-runner-deploy-id_rsa
# Decryption key for gcb-ansible-cd
GIT_CRYPT_KEY: /home/gitlab-runner/.git-crypt/gcb-ansible-cd-git-crypt.key
# Causes docker-compose commands to use this file
COMPOSE_FILE: docker-compose.test.yml
# Prevent simultaneous builds from using the same container names during test
COMPOSE_PROJECT_NAME: d4s2-${CI_COMMIT_REF_SLUG}-${CI_BUILD_REF}
# The gitlab runner environment will have CI_JOB_TOKEN set, which can be used as the
# docker password for the GitLab container registry
before_script:
- echo "Logging in to $DOCKER_REGISTRY"
- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $DOCKER_REGISTRY
# Build docker images. Always build the base image before the apache image
# Pushes back to the repo in case subsequent step runs on different host
build:
stage: build
tags:
- docker-build
script:
- docker build -t $CONTAINER_IMAGE .
- docker push $CONTAINER_IMAGE
# Test the code inside the built docker image using docker-compose
test:
stage: test
tags:
- docker-build
script:
- docker-compose up -d db
- docker-compose run web sh -c "until pg_isready -h db;do sleep 1; done; python manage.py test"
- docker-compose down
# Deploy images using ansible-playbook
# Clones the private gcb-ansible-cd playbook from GitLab that uses public roles submodule
# Passes in docker registry credentials as ansible extra variables
# Requires that ansible has already been installed on the gitlab runner host, and that the
# SSH private key (DEPLOY_KEY) can login and sudo all
# Also requires the symmetric git-crypt key to be placed on the gitlab runner (GIT_CRYPT_KEY)
deploy-dev:
stage: deploy
tags:
- docker-build
script:
- DEPLOY_USER=ubuntu DEPLOY_GROUP=d4s2-dev ./gitlab-deploy.sh
environment:
name: development
only:
- deploy-dev
deploy-prod:
stage: deploy
tags:
- docker-build
script:
- DEPLOY_USER=gcbdeploy DEPLOY_GROUP=d4s2-prod ./gitlab-deploy.sh
environment:
name: production
only:
- deploy-prod