.build-image: stage: build image: docker:latest services: - docker:dind tags: - image #variables: # DOCKER_HOST: tcp://docker:2376 # DOCKER_TLS_CERTDIR: "/certs" # DOCKER_TLS_VERIFY: 1 # DOCKER_CERT_PATH: "/certs/client" before_script: - echo $CI_REGISTRY_PASSWORD | docker login -u $CI_REGISTRY_USER --password-stdin $CI_REGISTRY script: - | docker build --pull \ -t $IMAGE_TAG \ -f $DOCKERFILE \ --build-arg COMMIT_HASH=$CI_COMMIT_SHORT_SHA \ --target $BUILD_TARGET \ $BUILD_PATH - docker push "$IMAGE_TAG" artifacts: reports: dotenv: build.env expire_in: 1 day .build-data-manager-image: extends: .build-image variables: BUILD_TARGET: "prod" BUILD_PATH: "./services" DOCKERFILE: "./services/data-manager/Dockerfile" after_script: - echo "DATA_MANAGER_IMAGE=$IMAGE_TAG" >> build.env build-data-manager-image-dev: extends: .build-data-manager-image variables: IMAGE_TAG: "$CI_REGISTRY_IMAGE/data-manager:dev" rules: - if: $CI_COMMIT_BRANCH == "development" changes: - services/data-manager/**/* build-data-manager-image-prod: extends: .build-data-manager-image variables: IMAGE_TAG: "$CI_REGISTRY_IMAGE/data-manager:latest" rules: - if: $CI_COMMIT_BRANCH == "main" changes: - services/data-manager/**/* .build-ical-image: extends: .build-image variables: BUILD_TARGET: "prod" BUILD_PATH: "./services" DOCKERFILE: "./services/ical/Dockerfile" after_script: - echo "ICAL_IMAGE=$IMAGE_TAG" >> build.env build-ical-image-dev: extends: .build-ical-image variables: IMAGE_TAG: "$CI_REGISTRY_IMAGE/ical:dev" rules: - if: $CI_COMMIT_BRANCH == "development" changes: - services/ical/**/* build-ical-image-prod: extends: .build-ical-image variables: IMAGE_TAG: "$CI_REGISTRY_IMAGE/ical:latest" rules: - if: $CI_COMMIT_BRANCH == "main" changes: - services/ical/**/* .build-frontend-image: extends: .build-image variables: BUILD_TARGET: "prod" BUILD_PATH: "./frontend" DOCKERFILE: "./frontend/Dockerfile" after_script: - echo "FRONTEND_IMAGE=$IMAGE_TAG" >> build.env build-frontend-image-dev: extends: .build-frontend-image variables: IMAGE_TAG: "$CI_REGISTRY_IMAGE/frontend:dev" rules: - if: $CI_COMMIT_BRANCH == "development" changes: - frontend/**/* build-frontend-image-prod: extends: .build-frontend-image variables: IMAGE_TAG: "$CI_REGISTRY_IMAGE/frontend:latest" rules: - if: $CI_COMMIT_BRANCH == "main" changes: - frontend/**/* .package-helm-chart: stage: package image: name: alpine/helm:3 entrypoint: [""] variables: CHARTS_DIR: $CI_PROJECT_DIR/charts VALUES_FILE: $CI_PROJECT_DIR/charts/values.yaml CHART_FILE: $CI_PROJECT_DIR/charts/Chart.yaml before_script: - apk add --no-cache gettext - echo "HELM_ARTIFACT_JOB_NAME=$CI_JOB_NAME" >> package.env - echo "PROJECT_URL=$PROJECT_URL" >> package.env - echo "PROJECT_NAME=$PROJECT_NAME" >> package.env - echo "Updating deployment URLs..." - ': "${DATA_MANAGER_IMAGE:=$CI_REGISTRY_IMAGE/data-manager:$FALLBACK_TAG}"' - ': "${ICAL_IMAGE:=$CI_REGISTRY_IMAGE/ical:$FALLBACK_TAG}"' - ': "${FRONTEND_IMAGE:=$CI_REGISTRY_IMAGE/frontend:$FALLBACK_TAG}"' - export DATA_MANAGER_IMAGE ICAL_IMAGE FRONTEND_IMAGE - yq e -i '(.dataManager.image.name) = env(DATA_MANAGER_IMAGE)' $VALUES_FILE - yq e -i '(.ical.image.name) = env(ICAL_IMAGE)' $VALUES_FILE - yq e -i '(.frontend.image.name) = env(FRONTEND_IMAGE)' $VALUES_FILE - yq e -i '(.frontend.host) = env(PROJECT_URL)' $VALUES_FILE after_script: - yq e -i 'explode(.)' "$VALUES_FILE" - helm dependency update $CHARTS_DIR - helm package $CHARTS_DIR --destination ./ artifacts: paths: - "*.tgz" reports: dotenv: package.env expire_in: 1 day package-helm-chart-dev: extends: .package-helm-chart variables: PROJECT_URL: $PROJECT_URL_DEV PROJECT_NAME: $CI_PROJECT_NAME-dev FALLBACK_TAG: dev script: - yq e -i '(.production) = false' $VALUES_FILE rules: - if: '$CI_COMMIT_BRANCH == "development"' changes: - services/data-manager/**/* - services/ical/**/* - frontend/**/* - charts/**/* package-helm-chart-prod: extends: .package-helm-chart variables: PROJECT_URL: $PROJECT_URL_PROD PROJECT_NAME: $CI_PROJECT_NAME FALLBACK_TAG: latest script: - yq e -i '(.frontend.googleSiteVerification) = env(GOOGLE_VERIFICATION)' $VALUES_FILE - | cat < configmap-google.yaml {{- if .Values.production }} apiVersion: v1 kind: ConfigMap metadata: name: configmap-google namespace: $PROJECT_NAME data: $GOOGLE_VERIFICATION.html: | google-site-verification: $GOOGLE_VERIFICATION.html {{- end }} EOF - envsubst < configmap-google.yaml > $CHARTS_DIR/templates/configmap-google.yaml rules: - if: '$CI_COMMIT_BRANCH == "main"' changes: - services/data-manager/**/* - services/ical/**/* - frontend/**/* - charts/**/* trigger_deploy: stage: deploy image: alpine:latest before_script: - apk add --no-cache curl script: - echo "Triggering deploy pipeline ..." - | curl -X POST \ -F "token=$CI_DEPLOY_REPO_TRIGGER_TOKEN" \ -F "ref=$CI_DEPLOY_REPO_REF" \ -F "variables[UPSTREAM_PROJECT_NAME]=$PROJECT_NAME" \ -F "variables[UPSTREAM_PROJECT_ID]=$CI_PROJECT_ID" \ -F "variables[UPSTREAM_COMMIT_REF_NAME]=$CI_COMMIT_REF_NAME" \ -F "variables[UPSTREAM_HELM_ARTIFACT_JOB_NAME]=$HELM_ARTIFACT_JOB_NAME" \ -F "variables[UPSTREAM_REGISTRY_PATH]=$CI_REGISTRY_IMAGE" \ "$CI_API_V4_URL/projects/$CI_DEPLOY_REPO_ID/trigger/pipeline" - "echo 'The $PROJECT_NAME can be viewed on: $PROJECT_URL'" rules: - if: '$CI_COMMIT_BRANCH == "main" || $CI_COMMIT_BRANCH == "development"'