Skip to content

Instantly share code, notes, and snippets.

@arnehaese
Created August 23, 2021 08:41
Show Gist options
  • Save arnehaese/f4c95b39e88bdcac8b07e545c7750d44 to your computer and use it in GitHub Desktop.
Save arnehaese/f4c95b39e88bdcac8b07e545c7750d44 to your computer and use it in GitHub Desktop.
stages:
- .pre
- build
- package
- staging
- smoketest
- promote
- production
variables:
APP_DIR: app/ecs-poc/
DOCKER_BUILDKIT: 1
StageImageRepositoryUrl: $AWS_ACCOUNT_NUMBER.dkr.ecr.eu-west-1.amazonaws.com/$PROJECT_NAME-stage-ecr
ImageTag: $CI_COMMIT_REF_SLUG-$CI_COMMIT_SHORT_SHA
deployReview:
stage: staging
image: registry.gitlab.com/gitlab-org/cloud-deploy/aws-base:latest
script:
- cd cfn
- export Stage=$CI_ENVIRONMENT_SLUG
- ./app-deploy-review.sh
- echo review-url https://$CI_ENVIRONMENT_SLUG.subdomain.kreuzwerker.de
environment:
name: review/$CI_COMMIT_REF_NAME
url: https://$CI_ENVIRONMENT_SLUG.subdomain.kreuzwerker.de/hello
on_stop: stopReview
only:
- branches
except:
- master
stopReview:
image: registry.gitlab.com/gitlab-org/cloud-deploy/aws-base:latest
stage: staging
script:
- cd cfn
- export Stage=$CI_ENVIRONMENT_SLUG
- ./app-destroy-review.sh
when: manual
environment:
name: review/$CI_COMMIT_REF_NAME
action: stop
only:
- branches
except:
- master
getCredentials:
stage: .pre
image: registry.gitlab.com/gitlab-org/cloud-deploy/aws-base:latest
interruptible: true
only:
- branches
script:
- aws --region eu-west-1 ecr get-login-password > credentials
artifacts:
paths:
- credentials
.deployInfra:
stage: .pre
image: registry.gitlab.com/gitlab-org/cloud-deploy/aws-base:latest
only:
- master
script:
- cd cfn
- ./deploy-infra.sh
deployInfraStaging:
extends: .deployInfra
variables:
Stage: stage
resource_group: staging
deployInfraProduction:
extends: .deployInfra
variables:
Stage: prod
resource_group: production
build:
stage: build
image: openjdk:11
interruptible: true
only:
- branches
script:
- cd $APP_DIR
- ./gradlew build
artifacts:
paths:
- $APP_DIR/build/libs/*.jar
cache:
paths:
- $GRADLE_HOME/caches/
package:
# Official docker image.
image: docker:latest
interruptible: true
only:
- branches
stage: package
services:
- docker:dind
before_script:
# need to implement a check and wait until artifacts are accessible in the container
- ls -lah
- ls -lah /
- ls -lah /builds
- mount
- find / -name credentials 2> /dev/null
- docker login -u AWS --password-stdin $StageImageRepositoryUrl < credentials
script:
- cd $APP_DIR
- docker build --pull -t "$StageImageRepositoryUrl:$ImageTag" .
- docker push "$StageImageRepositoryUrl:$ImageTag"
artifacts:
paths:
- credentials
- $APP_DIR/build/libs/*.jar
resource_group: staging
staging:
extends: .deploy
stage: staging
variables:
Stage: stage
resource_group: staging
.deploy:
image: registry.gitlab.com/gitlab-org/cloud-deploy/aws-base:latest
only:
- master
script:
- cd cfn
- ./app-deploy.sh
environment:
name: $CI_JOB_STAGE
url: https://$Stage.subdomain.kreuzwerker.de/hello
smoketest:
stage: smoketest
only:
- master
before_script:
# install jq to parse JSON retrieved by CURL
- apt update
- apt install jq -y
script:
- echo check for branch $CI_COMMIT_REF_SLUG and commit id $CI_COMMIT_SHORT_SHA
- ./testApplication.sh
promote:
# Official docker image.
image: docker:latest
only:
- master
# when: manual
stage: promote
services:
- docker:dind
variables:
ProdImageRepositoryUrl: $AWS_ACCOUNT_NUMBER.dkr.ecr.eu-west-1.amazonaws.com/$PROJECT_NAME-prod-ecr
before_script:
# need to implement a check and wait until artifacts are accessible in the container
- ls -lah
- ls -lah /
- ls -lah /builds
- mount
- find / -name credentials 2> /dev/null
- docker login -u AWS --password-stdin $StageImageRepositoryUrl < credentials
script:
- docker login -u AWS --password-stdin $StageImageRepositoryUrl < credentials
- docker pull $StageImageRepositoryUrl:$ImageTag
- docker tag $StageImageRepositoryUrl:$ImageTag $ProdImageRepositoryUrl:$ImageTag
- docker push $ProdImageRepositoryUrl:$ImageTag
- echo done
artifacts:
paths:
- credentials
resource_group: production
production:
extends: .deploy
stage: production
variables:
Stage: prod
resource_group: production
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment