diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6d5f90a..c5edfb3 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,10 +1,18 @@ -# You can override the included template(s) by including variable overrides -# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings -# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/pipeline/#customization -# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings -# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings -# Note that environment variables can be set in several places -# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence +#Calendar implementation for the HTWK Leipzig timetable. Evaluation and display of the individual dates in iCal format. +#Copyright (C) 2024 HTWKalender support@htwkalender.de + +#This program is free software: you can redistribute it and/or modify +#it under the terms of the GNU Affero General Public License as published by +#the Free Software Foundation, either version 3 of the License, or +#(at your option) any later version. + +#This program is distributed in the hope that it will be useful, +#but WITHOUT ANY WARRANTY; without even the implied warranty of +#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +#GNU Affero General Public License for more details. + +#You should have received a copy of the GNU Affero General Public License +#along with this program. If not, see . stages: - lint - build @@ -237,25 +245,24 @@ deploy-all: stage: deploy image: alpine:latest before_script: - - apk add --no-cache openssh-client sed - - eval $(ssh-agent -s) - - ssh-add <(echo "$CI_SSH_KEY" | tr -d '\r') + - apk add --no-cache openssh-client sed # install dependencies + - eval $(ssh-agent -s) # set some ssh variables + - ssh-add <(echo "$CI_SSH_KEY" | tr -d '\r') script: - - sed -i -e "s|DOCKER_REGISTRY_REPO|$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG|" docker-compose.prod.yml - - 'scp -P $CI_SSH_PORT -o StrictHostKeyChecking=no -o LogLevel=ERROR ./docker-compose.prod.yml - ./reverseproxy.conf $CI_SSH_USER@$CI_SSH_HOST:/home/$CI_SSH_USER/docker/htwkalender/ - - ' - - 'ssh -p $CI_SSH_PORT -o StrictHostKeyChecking=no -o LogLevel=ERROR $CI_SSH_USER@$CI_SSH_HOST - "cd /home/$CI_SSH_USER/docker/htwkalender/ && docker login -u $CI_REGISTRY_USER - -p $CI_REGISTRY_PASSWORD $CI_REGISTRY && docker compose -f ./docker-compose.prod.yml - down && docker compose -f ./docker-compose.prod.yml up -d --remove-orphans && - docker logout && docker exec --user root htwkalender-htwkalender-frontend-1 /bin/sh - -c \"echo ''google-site-verification: $GOOGLE_VERIFICATION.html'' > ./$GOOGLE_VERIFICATION.html\" - " - - ' + # replace some placeholders + - sed -i -e "s|DOCKER_REGISTRY_REPO|$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG|" docker-compose.prod.yml + # upload necessary files to the server + - > + scp -P $CI_SSH_PORT -o StrictHostKeyChecking=no -o LogLevel=ERROR ./docker-compose.prod.yml ./reverseproxy.conf + $CI_SSH_USER@$CI_SSH_HOST:/home/$CI_SSH_USER/docker/htwkalender/ + # ssh to the server and start the service + - > + ssh -p $CI_SSH_PORT -o StrictHostKeyChecking=no -o LogLevel=ERROR $CI_SSH_USER@$CI_SSH_HOST + "cd /home/$CI_SSH_USER/docker/htwkalender/ && + docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY && + docker compose -f ./docker-compose.prod.yml down && docker compose -f ./docker-compose.prod.yml up -d --remove-orphans && docker logout && + docker exec --user root htwkalender-htwkalender-frontend-1 /bin/sh -c \"echo 'google-site-verification: $GOOGLE_VERIFICATION.html' > ./$GOOGLE_VERIFICATION.html\" " rules: - - if: $CI_COMMIT_BRANCH == "main" + - if: $CI_COMMIT_BRANCH == "main" include: - template: Security/Dependency-Scanning.gitlab-ci.yml