.gitlab-ci.yml 2.48 KB
Newer Older
1 2
default:
  image: ${CI_REGISTRY_IMAGE}:latest
mh's avatar
mh committed
3

4 5
stages:
  - helper
mh's avatar
mh committed
6
  - build
mh's avatar
mh committed
7
  - deploy
mh's avatar
mh committed
8 9 10 11 12

variables:
  DEPLOY_BASE: dev/review
  DEPLOY_SLUG: dev/review/$CI_PROJECT_NAME/$CI_COMMIT_REF_SLUG

13 14
helper:
  image: registry.code.immerda.ch/immerda/container-images/buildah/centos:8
mh's avatar
mh committed
15
  stage: helper
16 17 18 19 20 21 22 23 24
  tags:
    - buildah
  rules:
    - if: '$CI_PIPELINE_SOURCE == "schedule"'
    - changes:
      - Containerfile
      - build.sh
  script:
    ./build.sh
mh's avatar
mh committed
25 26 27 28 29

build:
  tags:
    - container
  stage: build
mh's avatar
mh committed
30 31
  variables:
    GIT_SUBMODULE_STRATEGY: normal
mh's avatar
mh committed
32
  script:
mh's avatar
mh committed
33 34
    - bundle exec rake cleanup
    - bundle exec rake site
mh's avatar
mh committed
35 36
    - mv _site public
    - tar cfz site.tar.gz public
mh's avatar
mh committed
37 38 39 40 41
  artifacts:
    paths:
      - site.tar.gz
    expire_in: 1 day

mh's avatar
mh committed
42 43 44 45 46 47 48
deploy:
  tags:
    - container
  stage: deploy
  # It's currently not possible to use env vars which are / were set in the script: part above.
  environment:
    name: $DEPLOY_BASE/$CI_PROJECT_NAME/$CI_COMMIT_REF_SLUG
mh's avatar
mh committed
49
    url: https://www.immerda.ch/$DEPLOY_BASE/$CI_PROJECT_NAME/$CI_COMMIT_REF_SLUG
mh's avatar
mh committed
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68
  only:
    # This job relies on secret env vars, which are only available in our repo.
    - branches@immerda/content/www.immerda.ch
  variables:
    GIT_STRATEGY: none
  script:
    # Start SSH agent
    - eval $(ssh-agent -s)
    # Add the SSH key stored in the $PUSH_KEY variable to the agent store
    # It is the base64 encoded private key
    - echo "${DEPLOY_KEY}" | base64 -d | ssh-add - > /dev/null
    - mkdir -p --mode=0700 ~/.ssh
    - printf "${DEPLOY_HOST_FPS}
      " > ~/.ssh/known_hosts
    - tar fxv site.tar.gz
    # In case we're not dealing with the master branch, create the review dir on the webserver.
    # We need to catch possible errors, as lftp seems buggy: It fails if the dir already exists,
    # even if called with the -f option, which should ignore errors (like this one).
    # lftp needs a "dummy" password, even if key-based authentication is used.
mh's avatar
mh committed
69 70
    - if ! [ "$CI_COMMIT_REF_SLUG" == "master" ]; then
        DEPLOY_SLUG="www/$DEPLOY_SLUG";
mh's avatar
mh committed
71 72 73 74 75
        export DEPLOY_SLUG;
        lftp -e "mkdir -fp $DEPLOY_SLUG; quit" -u $DEPLOY_USER,dummy sftp://$DEPLOY_HOST || /bin/true;
      else
        DEPLOY_SLUG="www";
        export DEPLOY_SLUG;
mh's avatar
mh committed
76
      fi;
mh's avatar
mh committed
77
      echo "${DEPLOY_HOST_FPS}" | awk '{ print $1 }' | while read -r host; do
mh's avatar
mh committed
78
        echo "Deploying to ${host}";
mh's avatar
mh committed
79
        lftp -e "mirror -eRv -x ^dev/ public $DEPLOY_SLUG; quit;" -u $DEPLOY_USER,dummy sftp://$host;
mh's avatar
mh committed
80 81 82
      done
    # TODO: Implement clean up: Remove the review dir once the merge to master happened.