-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy path.gitlab-ci.yml
More file actions
123 lines (113 loc) · 3.84 KB
/
.gitlab-ci.yml
File metadata and controls
123 lines (113 loc) · 3.84 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
stages:
- versioning
- build
- deploy
variables:
VERSION_BUMP:
value: "patch"
options: ["patch", "minor", "major"]
description: "Type of version bump for the release."
workflow:
rules:
# Rule 1: Allow manual pipeline for versioned releases
- if: $CI_PIPELINE_SOURCE == "web" && $VERSION_BUMP
# Rule 2: Allow automatic pipeline for semantic version tags (e.g. v1.2.3)
- if: $CI_COMMIT_TAG =~ /^v\d+\.\d+\.\d+$/
# Rule 3: Allow automatic pipeline for our "latest" trigger tag
- if: $CI_COMMIT_TAG == "deploy-to-latest"
# --- Stage 1: Create new version tag (only on manual trigger) ---
create_new_version_tag:
stage: versioning
variables:
GIT_STRATEGY: clone
image:
name: alpine/git:latest
entrypoint: [""]
rules:
- if: $CI_PIPELINE_SOURCE == "web" && $VERSION_BUMP
before_script:
- git config --global user.email "gitlab-ci@example.com"
- git config --global user.name "GitLab CI"
- git remote set-url origin "https://CI_PROJECT_ACCESS_TOKEN:${CI_PROJECT_ACCESS_TOKEN}@${CI_SERVER_HOST}/${CI_PROJECT_PATH}.git"
script:
- |
set -e
echo "Fetching latest tag..."
git fetch --tags
LATEST_TAG=$(git describe --tags `git rev-list --tags --max-count=1` || echo "v0.0.0")
echo "Latest tag is $LATEST_TAG"
# --- CORRECTION HERE ---
# We split the version in a way that works with any shell.
VERSION_NO_V="${LATEST_TAG#v}"
IFS='.'
set -- $VERSION_NO_V
MAJOR=${1:-0}
MINOR=${2:-0}
PATCH=${3:-0}
# --- END OF CORRECTION ---
case $VERSION_BUMP in
major)
MAJOR=$((MAJOR+1)); MINOR=0; PATCH=0;;
minor)
MINOR=$((MINOR+1)); PATCH=0;;
patch)
PATCH=$((PATCH+1));;
esac
NEW_VERSION="v${MAJOR}.${MINOR}.${PATCH}"
echo "New version is $NEW_VERSION"
git tag -a "$NEW_VERSION" -m "Release $NEW_VERSION"
git push origin "$NEW_VERSION"
echo "New tag $NEW_VERSION was successfully created and pushed."
# --- Stage 2: Build Docker image (triggered by tags) ---
build_image:
stage: build
image: docker:27
variables:
DOCKER_HOST: unix:///var/run/docker.sock
rules:
# This job runs for BOTH tag types
- if: $CI_COMMIT_TAG
script:
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
- |
set -e
# Logic: Distinguish what to build based on the tag
if [ "$CI_COMMIT_TAG" == "deploy-to-latest" ]; then
echo "🏗️ Building only ':latest' image..."
docker build -t "$CI_REGISTRY_IMAGE:latest" packages/docs/
docker push "$CI_REGISTRY_IMAGE:latest"
else
echo "🏗️ Building versioned image ($CI_COMMIT_TAG) and ':latest'..."
IMAGE_TAGGED_WITH_VERSION="$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG"
docker build -t "$IMAGE_TAGGED_WITH_VERSION" -t "$CI_REGISTRY_IMAGE:latest" packages/docs/
docker push --all-tags "$CI_REGISTRY_IMAGE"
fi
# --- Stage 3: Deploy to server (triggered by tags) ---
deploy_to_server:
stage: deploy
image: alpine:latest
needs: [build_image]
rules:
# This job runs for BOTH tag types
- if: $CI_COMMIT_TAG
before_script:
- "which ssh-agent || (apk add --update openssh-client)"
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- ssh-keyscan $SERVER_IP >> ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
script:
# This script always deploys the ":latest" version
- |
ssh $SERVER_USER@$SERVER_IP "
set -e
cd /opt/webapps/vorm-docs/
echo "IMAGE_NAME_WITH_TAG=$CI_REGISTRY_IMAGE:latest" > .env
docker login $CI_REGISTRY -u gitlab-ci-token -p $CI_JOB_TOKEN;
docker compose pull
docker compose down
docker compose up -d
docker image prune -f
"