HTWK/htwkalender
1
1
Fork 0
mirror of https://gitlab.dit.htwk-leipzig.de/htwk-software/htwkalender.git synced 2025-08-11 14:13:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

add k8s deployment, improved Dockerfiles and docker-compose.yaml files

Browse Source
This commit is contained in:
Justin Kreller
2025-02-09 22:36:17 +00:00
parent f6a7dd78ae
commit c3be6dd63a
18 changed files with 748 additions and 263 deletions
Download Patch File Download Diff File Expand all files Collapse all files

262
charts/ci-build-deploy.yml Normal file
View File

@@ -0,0 +1,262 @@
.build-image:
stage: build
image: docker:latest
services:
- docker:dind
tags:
- image
#variables:
# DOCKER_HOST: tcp://docker:2376
# DOCKER_TLS_CERTDIR: "/certs"
# DOCKER_TLS_VERIFY: 1
# DOCKER_CERT_PATH: "/certs/client"
before_script:
- echo $CI_REGISTRY_PASSWORD | docker login -u $CI_REGISTRY_USER --password-stdin $CI_REGISTRY
script:
- |
docker build --pull \
-t $IMAGE_TAG \
-f $DOCKERFILE \
--target $BUILD_TARGET \
$BUILD_PATH
- docker push "$IMAGE_TAG"
artifacts:
paths:
- .env_file
expire_in: 1 hour
.build-data-manager-image:
extends: .build-image
variables:
BUILD_TARGET: "prod"
BUILD_PATH: "./services"
DOCKERFILE: "./services/data-manager/Dockerfile"
after_script:
- echo "export DATA_MANAGER_IMAGE=$IMAGE_TAG" >> .env_file
build-data-manager-image-dev:
extends: .build-data-manager-image
variables:
IMAGE_TAG: "$CI_REGISTRY_IMAGE/data-manager:dev"
rules:
- if: $CI_COMMIT_BRANCH == "development"
changes:
- services/data-manager/**/*
build-data-manager-image-prod:
extends: .build-data-manager-image
variables:
IMAGE_TAG: "$CI_REGISTRY_IMAGE/data-manager:latest"
rules:
- if: $CI_COMMIT_BRANCH == "main"
changes:
- services/data-manager/**/*
.build-ical-image:
extends: .build-image
variables:
BUILD_TARGET: "prod"
BUILD_PATH: "./services"
DOCKERFILE: "./services/ical/Dockerfile"
after_script:
- echo "export ICAL_IMAGE=$IMAGE_TAG" >> .env_file
build-ical-image-dev:
extends: .build-ical-image
variables:
IMAGE_TAG: "$CI_REGISTRY_IMAGE/ical:dev"
needs:
- job: build-data-manager-image-dev
rules:
- if: $CI_COMMIT_BRANCH == "development"
changes:
- services/ical/**/*
build-ical-image-prod:
extends: .build-ical-image
variables:
IMAGE_TAG: "$CI_REGISTRY_IMAGE/ical:latest"
needs:
- job: build-data-manager-image-prod
rules:
- if: $CI_COMMIT_BRANCH == "main"
changes:
- services/ical/**/*
.build-frontend-image:
extends: .build-image
variables:
BUILD_TARGET: "prod"
BUILD_PATH: "./frontend"
DOCKERFILE: "./frontend/Dockerfile"
after_script:
- echo "export FRONTEND_IMAGE=$IMAGE_TAG" >> .env_file
build-frontend-image-dev:
extends: .build-frontend-image
variables:
IMAGE_TAG: "$CI_REGISTRY_IMAGE/frontend:dev"
needs:
- job: build-ical-image-dev
rules:
- if: $CI_COMMIT_BRANCH == "development"
changes:
- frontend/**/*
build-frontend-image-prod:
extends: .build-frontend-image
variables:
IMAGE_TAG: "$CI_REGISTRY_IMAGE/frontend:latest"
needs:
- job: build-ical-image-prod
rules:
- if: $CI_COMMIT_BRANCH == "main"
changes:
- frontend/**/*
.package-helm-chart:
stage: package
image:
name: alpine/helm:3
entrypoint: [""]
variables:
CHARTS_DIR: $CI_PROJECT_DIR/charts
VALUES_FILE: $CI_PROJECT_DIR/charts/values.yaml
CHART_FILE: $CI_PROJECT_DIR/charts/Chart.yaml
before_script:
- apk add --no-cache gettext
- echo "HELM_ARTIFACT_JOB_NAME=$CI_JOB_NAME" >> .env_file
- echo "PROJECT_URL=$PROJECT_URL" >> .env_file
- echo "PROJECT_NAME=$PROJECT_NAME" >> .env_file
- source .env_file
- echo "Updating deployment URLs..."
- yq e -i '(.dataManager.image.name) = env(DATA_MANAGER_IMAGE)' $VALUES_FILE
- yq e -i '(.ical.image.name) = env(ICAL_IMAGE)' $VALUES_FILE
- yq e -i '(.frontend.image.name) = env(FRONTEND_IMAGE)' $VALUES_FILE
- yq e -i '(.frontend.host) = env(PROJECT_URL)' $VALUES_FILE
after_script:
- yq e -i 'explode(.)' "$VALUES_FILE"
- helm dependency update $CHARTS_DIR
- helm package $CHARTS_DIR --destination ./
artifacts:
paths:
- "*.tgz"
- .env_file
expire_in: 1 hour
package-helm-chart-dev:
extends: .package-helm-chart
variables:
PROJECT_URL: $PROJECT_URL_DEV
PROJECT_NAME: $CI_PROJECT_NAME-dev
script:
- yq e -i '(.production) = false' $VALUES_FILE
needs:
- build-frontend-image-dev
rules:
- if: '$CI_COMMIT_BRANCH == "development"'
changes:
- services/data-manager/**/*
- services/ical/**/*
- frontend/**/*
package-helm-chart-prod:
extends: .package-helm-chart
variables:
PROJECT_URL: $PROJECT_URL_PROD
PROJECT_NAME: $CI_PROJECT_NAME
script:
- yq e -i '(.frontend.googleSiteVerification) = env(GOOGLE_VERIFICATION)' $VALUES_FILE
- |
cat <<EOF > configmap-google.yaml
{{- if .Values.production }}
apiVersion: v1
kind: ConfigMap
metadata:
name: configmap-google
namespace: $PROJECT_NAME
data:
$GOOGLE_VERIFICATION.html: |
google-site-verification: $GOOGLE_VERIFICATION.html
{{- end }}
EOF
- envsubst < configmap-google.yaml > $CHARTS_DIR/templates/configmap-google.yaml
needs:
- build-frontend-image-prod
rules:
- if: '$CI_COMMIT_BRANCH == "main"'
changes:
- services/data-manager/**/*
- services/ical/**/*
- frontend/**/*
trigger_deploy:
stage: deploy
image: alpine:latest
before_script:
- apk add --no-cache curl
- source .env_file
script:
- echo "Triggering deploy pipeline ..."
- |
curl -X POST \
-F "token=$CI_DEPLOY_REPO_TRIGGER_TOKEN" \
-F "ref=$CI_DEPLOY_REPO_REF" \
-F "variables[UPSTREAM_PROJECT_NAME]=$PROJECT_NAME" \
-F "variables[UPSTREAM_PROJECT_ID]=$CI_PROJECT_ID" \
-F "variables[UPSTREAM_COMMIT_REF_NAME]=$CI_COMMIT_REF_NAME" \
-F "variables[UPSTREAM_HELM_ARTIFACT_JOB_NAME]=$HELM_ARTIFACT_JOB_NAME" \
-F "variables[UPSTREAM_REGISTRY_PATH]=$CI_REGISTRY_IMAGE" \
"$CI_API_V4_URL/projects/$CI_DEPLOY_REPO_ID/trigger/pipeline"
- "echo 'The $PROJECT_NAME can be viewed on: $PROJECT_URL'"
rules:
- if: '$CI_COMMIT_BRANCH == "main" || $CI_COMMIT_BRANCH == "development"'
deploy-dev:
stage: deploy
image: alpine:latest
before_script:
- apk add --no-cache openssh-client sed
- eval $(ssh-agent -s)
- ssh-add <(echo "$CI_SSH_KEY" | tr -d '\r')
script:
- sed -i -e "s|DOCKER_REGISTRY_REPO|$CI_REGISTRY_IMAGE|" docker-compose.dev.yml
- sed -i -e "s|DEV_TAG|dev|" docker-compose.dev.yml
- 'scp -P $CI_SSH_PORT -o StrictHostKeyChecking=no -o LogLevel=ERROR ./docker-compose.dev.yml
./reverseproxy.dev.conf $CI_SSH_USER@$CI_SSH_DEV_HOST:/home/$CI_SSH_USER/docker/htwkalender/
'
- 'ssh -p $CI_SSH_PORT -o StrictHostKeyChecking=no -o LogLevel=ERROR $CI_SSH_USER@$CI_SSH_DEV_HOST
"cd /home/$CI_SSH_USER/docker/htwkalender/ && docker login -u $CI_REGISTRY_USER
-p $CI_REGISTRY_PASSWORD $CI_REGISTRY && docker compose -f ./docker-compose.dev.yml
down && docker compose -f ./docker-compose.dev.yml up -d --remove-orphans && docker
logout"
'
rules:
- if: $CI_COMMIT_BRANCH == "development"
deploy-main:
stage: deploy
image: alpine:latest
before_script:
- apk add --no-cache openssh-client sed # install dependencies
- eval $(ssh-agent -s) # set some ssh variables
- ssh-add <(echo "$CI_SSH_KEY" | tr -d '\r')
script:
# replace some placeholders
- sed -i -e "s|DOCKER_REGISTRY_REPO|$CI_REGISTRY_IMAGE|" docker-compose.prod.yml
- sed -i -e "s|PROD_TAG|latest|" docker-compose.prod.yml
# upload necessary files to the server
- >
scp -P $CI_SSH_PORT -o StrictHostKeyChecking=no -o LogLevel=ERROR ./docker-compose.prod.yml ./reverseproxy.conf
$CI_SSH_USER@$CI_SSH_HOST:/home/$CI_SSH_USER/docker/htwkalender/
# ssh to the server and start the service
- >
ssh -p $CI_SSH_PORT -o StrictHostKeyChecking=no -o LogLevel=ERROR $CI_SSH_USER@$CI_SSH_HOST
"cd /home/$CI_SSH_USER/docker/htwkalender/ &&
docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY &&
docker compose -f ./docker-compose.prod.yml down && docker compose -f ./docker-compose.prod.yml up -d --remove-orphans && docker logout &&
docker exec --user root htwkalender-htwkalender-frontend-1 /bin/sh -c \"echo 'google-site-verification: $GOOGLE_VERIFICATION.html' > ./$GOOGLE_VERIFICATION.html\" "
rules:
- if: $CI_COMMIT_BRANCH == "main"