forked from SocialGouv/vao
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci-dso.yml
132 lines (118 loc) · 3.62 KB
/
.gitlab-ci-dso.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
include:
- project: $CATALOG_PATH
file:
- vault-ci.yml
ref: main
cache:
paths:
- node_modules
variables:
TAG: ""
REGISTRY_URL: "${IMAGE_REPOSITORY}"
stages:
- init
- build-images
- deploy
init-read-secret:
stage: init
extends:
- .vault:read_secret
init-variables:
stage: init
script:
- apt-get update && apt-get install --no-install-recommends --yes git
- |
if [ -n "$(git describe --exact-match --tags $(git log -n1 --pretty='%h'))" ]; then
TAG=$(git describe --tags $(git log -n1 --pretty='%h'))
else
TAG=$(git rev-parse --short HEAD)
fi
- echo "TAG=$TAG"
- echo "TAG=$TAG" >> var.env
artifacts:
reports:
dotenv: var.env
build-backend:
variables:
WORKING_DIR: "."
DOCKERFILE: packages/backend/Dockerfile
IMAGE_NAME: backend
stage: build-images
extends:
- .kaniko:simple-build-push
build-migrations:
variables:
WORKING_DIR: packages/migrations
DOCKERFILE: Dockerfile
IMAGE_NAME: migrations
stage: build-images
extends:
- .kaniko:simple-build-push
build-frontend-usagers:
variables:
WORKING_DIR: "."
DOCKERFILE: packages/frontend-usagers/Dockerfile
IMAGE_NAME: frontend-usagers
SENTRY_PROJECT: "vao-usagers"
stage: build-images
extends:
- .kaniko:simple-build-push
build-frontend-bo:
variables:
WORKING_DIR: "."
DOCKERFILE: packages/frontend-bo/Dockerfile
IMAGE_NAME: frontend-bo
SENTRY_PROJECT: "vao-admin"
stage: build-images
extends:
- .kaniko:simple-build-push
.kaniko:simple-build-push:
variables:
DOCKERFILE: Dockerfile
WORKING_DIR: .
IMAGE_NAME: ""
SENTRY_PROJECT: ""
SENTRY_AUTH_TOKEN: "${SENTRY_AUTH_TOKEN}"
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
script:
- if [ ! -z $CA_BUNDLE ]; then cat $CA_BUNDLE >> /kaniko/ssl/certs/additional-ca-cert-bundle.crt; fi
- mkdir -p /kaniko/.docker
- echo "$DOCKER_AUTH" > /kaniko/.docker/config.json
- echo "$SENTRY_AUTH_TOKEN" > /kaniko/sentry_auth_token
- echo "SENTRY_AUTH_TOKEN="
- echo "$SENTRY_AUTH_TOKEN" | sed 's/^\(...\).*\(...\)$/\1...\2/'
- /kaniko/executor --build-arg http_proxy=$http_proxy
--build-arg https_proxy=$https_proxy
--build-arg no_proxy=$no_proxy
--build-arg SENTRY_URL="https://sentry.fabrique.social.gouv.fr"
--build-arg SENTRY_ORG="incubateur"
--build-arg SENTRY_PROJECT="$SENTRY_PROJECT"
--build-arg SENTRY_AUTH_TOKEN="$SENTRY_AUTH_TOKEN"
--build-arg SENTRY_RELEASE="$TAG"
--context="$CI_PROJECT_DIR/$WORKING_DIR"
--dockerfile="$CI_PROJECT_DIR/$WORKING_DIR/$DOCKERFILE"
--registry-mirror=nexus-docker-proxy.apps.c6.numerique-interieur.com
--destination $REGISTRY_URL/$IMAGE_NAME:$TAG
deploy:
stage: deploy
variables:
GITHUB_TOKEN_INFRA_REPO: "${GITHUB_TOKEN_INFRA_REPO}"
script:
- echo "Deploying tag $TAG from branch $CI_COMMIT_REF_SLUG"
- apt-get update && apt-get install --no-install-recommends --yes curl ca-certificates
- |
if [[ "$CI_COMMIT_REF_SLUG" == "main" ]]; then
ENVIRONMENT=main
elif [[ "$CI_COMMIT_REF_SLUG" == "preprod" ]]; then
ENVIRONMENT=preprod
fi
echo "Environment: $ENVIRONMENT"
if [[ -n "$ENVIRONMENT" ]]; then
curl -X POST \
-H "Accept: application/vnd.github.v3+json" \
-H "Authorization: token $GITHUB_TOKEN_INFRA_REPO" \
https://api.github.com/repos/DNUm-socialgouv/vao-infra-pi/dispatches \
-d "{\"event_type\":\"deploy-event\", \"client_payload\": {\"environment\": \"$ENVIRONMENT\", \"appTag\": \"$TAG\"}}"
fi