Some important notes:
- You need to create
SHARED_CI_ACCESS_TOKEN
which is a PERSONAL yes I said PERSONAL access token with read and write access. At some point gitlab will probably have project level access tokens but for now the only way to get a lot of features to work is to use your own personal access token. Maybe you will want to use a service account but service accounts can be expensive. If you leave the organization, all the things that used your access token will suddenly break after you leave! Sounds funny unless you're not the person leaving... :(. - You need to create a UNMANAGED kubernetes cluster in gitlab. That means that the checkbox that enables gitlab to manage it must be UNCHECKED. That kubernetes cluster must be matched to the environment
development.1
- You should have a separate kubernetes cluster for each environment but this pipeline would still work for multiple environments on a single cluster provided you have enough resources. Using same k8s cluster for multiple environments is definitely not recommended.
- You need to create
GIT_SSH_PK
which is a base64 encoded private key for a deploy key. Not a deploy token. A deploy key that has WRITE access to the repository. - You need to install the gitlab runner on your kubernetes cluster. You can do this through the gilab ui under the
Applications
tab of your settings for your cluster. - You need to have a helm chart which sets the values of
.Values.nodejs.annotations
to themeta.annotations
of thedeployment
specification for the helm chart. I haven't tested whether or not daemonsets or statefulsets work. - This of course could be modified for non nodejs apps. Just switch out the
cryptexlabs/ts-node-ci:1.2.0
with an image that has all the tools you need installed - WARNING: Automatic deletion of tags is enabled by default so that tags more than 90 days old will be automatically deleted. You need to configure expiration policy using one of the two methods:
- Use pipeline:
- You need to create a schedule to delete old jobs with a variable name
SCHEDULE_NAME
and valuecleanup-image-tags
otherwise the job to cleanup old image tags will not run. - Disable the setting in
Settings
->CI / CD
->Cleanup policy for tags
- You need to create a schedule to delete old jobs with a variable name
- Use built in expiration policy:
- Go to
Settings
->CI / CD
->Cleanup policy for tags
- Add an expression
^commit-.*
for the settingTags with names matching this regex pattern will expire:
so that only your commit tags will be deleted
- Go to
- Use pipeline:
- The pipeline is broken basically into these steps:
- test: run unit tests and make sure app version in package.json hasn't been modified manually
- docker-build: builds a docker image for the revision number and pushes it to gitlab ci.
- version-push: This creates a new semantic version based on whether you chose to run the
patch
,minor
ormajor
job.- Having different jobs for each of these things is basically a hack workaround for gitlab not having a dropdown to select these things. For a potential solution to this problem see https://gitlab.com/gitlab-org/gitlab/-/issues/22629
- Update the version in the npm
package.json
using yarn version - Pull docker image previously built add a tag with the same version as the version in the package.json
- Update appVersion in the helm
Chart.yaml
- Update nodejs.image.tag in the helm
values.yaml
- Create a commit with the changes in
package.json
,Chart.yaml
, andvalues.yaml
- Create a git tag with the same version
- Push the tag
- Push the new commit to master
- deploy:
- After the
docker-build
step this pipeline will also automatically create a new deployment to the development.1 environment. You can disable this by changing the rule fromwhen: on_success
towhen: manual
- After the
version-push
step pushes a new tag with the commit message containing[bump version]
a new pipeline will be created only for the tag. A pipeline will not be created when pushing a commit containing[bump version]
to any branch. So you shouldn't use that in your commit messages. - When the deployment pipeline is created after receiving a new tag it will automatically deploy the tag (which is the same image that was previously deployed) to the
development.1
environment. You can disable auto deploy by changingwhen: on_success
towhen: manual
- After the
- You can deploy manually to the
development.1.
environment from any pipeline created on any branch without having to create a new tag. The images for these deployments will be eventually deleted automatically so make sure to eventually create a tag. - You CANNOT modify the the namespace that assets are deployed to by overriding
$KUBE_NAMESPACE
variable if you want Deploy Boards to work. For more information on the issue see https://gitlab.com/gitlab-org/gitlab/-/issues/228717 - Deploy Boards only work on Silver and above plans. Personally $20/month with a 12 month commitment isn't worth it for me considering all the problems.