feature/2-secure-configurations #2
|
|
@ -0,0 +1,6 @@
|
|||
**/node_modules
|
||||
.gitignore
|
||||
.dockerignore
|
||||
Dockerfile
|
||||
docker-compose.yml
|
||||
package-lock.json
|
||||
|
|
@ -0,0 +1,77 @@
|
|||
---
|
||||
global-variables:
|
||||
release: &release ${DRONE_BRANCH##/**}
|
||||
environment: &environment
|
||||
CRE_REGISTRY_IMAGE: registry.fyloz.dev:5443/colorrecipesexplorer/frontend
|
||||
CRE_PORT: 9102
|
||||
CRE_RELEASE: *release
|
||||
alpine-image: &alpine-image alpine:latest
|
||||
docker-registry-repo: &docker-registry-repo registry.fyloz.dev:5443/colorrecipesexplorer/frontend
|
||||
|
||||
kind: pipeline
|
||||
name: default
|
||||
type: docker
|
||||
|
||||
steps:
|
||||
- name: set-docker-tags-latest
|
||||
image: *alpine-image
|
||||
environment:
|
||||
<<: *environment
|
||||
commands:
|
||||
- echo -n "latest" > .tags
|
||||
when:
|
||||
branch: develop
|
||||
|
||||
- name: set-docker-tags-release
|
||||
image: *alpine-image
|
||||
environment:
|
||||
<<: *environment
|
||||
commands:
|
||||
- echo -n "latest-release,$CRE_RELEASE" > .tags
|
||||
when:
|
||||
branch: release/**
|
||||
|
||||
- name: containerize-dev
|
||||
image: plugins/docker
|
||||
environment:
|
||||
<<: *environment
|
||||
settings:
|
||||
repo: *docker-registry-repo
|
||||
when:
|
||||
branch:
|
||||
- develop
|
||||
- release/**
|
||||
|
||||
- name: deploy
|
||||
image: alpine:latest
|
||||
environment:
|
||||
<<: *environment
|
||||
CRE_REGISTRY_IMAGE: *docker-registry-repo
|
||||
DEPLOY_SERVER:
|
||||
from_secret: deploy_server
|
||||
DEPLOY_SERVER_USERNAME:
|
||||
from_secret: deploy_server_username
|
||||
DEPLOY_SERVER_SSH_PORT:
|
||||
from_secret: deploy_server_ssh_port
|
||||
DEPLOY_SERVER_SSH_KEY:
|
||||
from_secret: deploy_server_ssh_key
|
||||
DEPLOY_CONTAINER_NAME: cre_frontend-${DRONE_BRANCH}
|
||||
commands:
|
||||
- apk update
|
||||
- apk add --no-cache openssh-client
|
||||
- mkdir -p ~/.ssh
|
||||
- echo "$DEPLOY_SERVER_SSH_KEY" | tr -d '\r' > ~/.ssh/id_rsa
|
||||
- chmod 700 ~/.ssh/id_rsa
|
||||
- eval $(ssh-agent -s)
|
||||
- ssh-add ~/.ssh/id_rsa
|
||||
- ssh-keyscan -p $DEPLOY_SERVER_SSH_PORT -H $DEPLOY_SERVER >> ~/.ssh/known_hosts
|
||||
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
|
||||
- ssh -p $DEPLOY_SERVER_SSH_PORT $DEPLOY_SERVER_USERNAME@$DEPLOY_SERVER "docker stop $DEPLOY_CONTAINER_NAME || true && docker rm $DEPLOY_CONTAINER_NAME || true"
|
||||
- ssh -p $DEPLOY_SERVER_SSH_PORT $DEPLOY_SERVER_USERNAME@$DEPLOY_SERVER "docker pull $CRE_REGISTRY_IMAGE:$CRE_RELEASE"
|
||||
- ssh -p $DEPLOY_SERVER_SSH_PORT $DEPLOY_SERVER_USERNAME@$DEPLOY_SERVER "docker run -d -p $CRE_PORT:80 --name=$DEPLOY_CONTAINER_NAME $CRE_REGISTRY_IMAGE:$CRE_RELEASE"
|
||||
when:
|
||||
branch: release/**
|
||||
trigger:
|
||||
branch:
|
||||
- develop
|
||||
- master
|
||||
|
|
@ -1,72 +0,0 @@
|
|||
variables:
|
||||
CI_REGISTRY_IMAGE_NG: "$CI_REGISTRY_IMAGE:latest-ng"
|
||||
CI_REGISTRY_IMAGE_FRONTEND: "$CI_REGISTRY_IMAGE:latest"
|
||||
|
||||
before_script:
|
||||
- docker info
|
||||
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
||||
|
||||
stages:
|
||||
- build
|
||||
- package
|
||||
- deploy
|
||||
|
||||
.only-master:
|
||||
only:
|
||||
- master
|
||||
|
||||
build:
|
||||
stage: build
|
||||
extends: .only-master
|
||||
script:
|
||||
- docker pull $CI_REGISTRY_IMAGE_NG || true
|
||||
- docker build --cache-from $CI_REGISTRY_IMAGE_NG -f ng.Dockerfile -t $CI_REGISTRY_IMAGE_NG .
|
||||
- docker push $CI_REGISTRY_IMAGE_NG
|
||||
|
||||
package:
|
||||
stage: package
|
||||
needs: ['build']
|
||||
extends: .only-master
|
||||
variables:
|
||||
PACKAGE_CONTAINER_NAME: "cre_frontend_package"
|
||||
ARTIFACT_NAME: "ColorRecipesExplorer-frontend-$CI_PIPELINE_IID"
|
||||
script:
|
||||
- apk update
|
||||
- apk add --no-cache zip
|
||||
- mkdir dist
|
||||
- docker run --name $PACKAGE_CONTAINER_NAME $CI_REGISTRY_IMAGE_NG ng build --configuration=$ANGULAR_CONFIGURATION --output-hashing=none --stats-json --source-map=false
|
||||
- docker cp $PACKAGE_CONTAINER_NAME:/usr/src/cre/dist/color-recipes-explorer-frontend/ dist/
|
||||
- zip -r $ARTIFACT_NAME.zip dist/
|
||||
- docker build -t $CI_REGISTRY_IMAGE_FRONTEND --build-arg ARTIFACT_NAME=$ARTIFACT_NAME .
|
||||
- docker push $CI_REGISTRY_IMAGE_FRONTEND
|
||||
after_script:
|
||||
- docker stop $PACKAGE_CONTAINER_NAME || true
|
||||
- docker rm $PACKAGE_CONTAINER_NAME || true
|
||||
artifacts:
|
||||
paths:
|
||||
- $ARTIFACT_NAME.zip
|
||||
expire_in: 1 week
|
||||
|
||||
deploy:
|
||||
stage: deploy
|
||||
image: alpine:latest
|
||||
needs: ['package']
|
||||
extends: .only-master
|
||||
variables:
|
||||
DEPLOYED_CONTAINER_NAME: "cre_frontend"
|
||||
before_script:
|
||||
- apk update
|
||||
- apk add --no-cache openssh-client
|
||||
- mkdir -p ~/.ssh
|
||||
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
|
||||
- chmod 700 ~/.ssh/id_rsa
|
||||
- eval $(ssh-agent -s)
|
||||
- ssh-add ~/.ssh/id_rsa
|
||||
- ssh-keyscan -p $DEPLOYMENT_SERVER_SSH_PORT -H $DEPLOYMENT_SERVER >> ~/.ssh/known_hosts
|
||||
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
|
||||
script:
|
||||
- ssh -p $DEPLOYMENT_SERVER_SSH_PORT $DEPLOYMENT_SERVER_USERNAME@$DEPLOYMENT_SERVER "docker stop $DEPLOYED_CONTAINER_NAME || true && docker rm $DEPLOYED_CONTAINER_NAME || true"
|
||||
- ssh -p $DEPLOYMENT_SERVER_SSH_PORT $DEPLOYMENT_SERVER_USERNAME@$DEPLOYMENT_SERVER "docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY && docker pull $CI_REGISTRY_IMAGE_FRONTEND"
|
||||
- ssh -p $DEPLOYMENT_SERVER_SSH_PORT $DEPLOYMENT_SERVER_USERNAME@$DEPLOYMENT_SERVER "docker run -d -p $PORT:80 --name=$DEPLOYED_CONTAINER_NAME $CI_REGISTRY_IMAGE_FRONTEND"
|
||||
|
||||
|
||||
34
Dockerfile
34
Dockerfile
|
|
@ -1,17 +1,29 @@
|
|||
FROM nginx:mainline-alpine
|
||||
|
||||
WORKDIR /usr/bin/cre/
|
||||
|
||||
ARG ARTIFACT_NAME=ColorRecipesExplorer-ng
|
||||
COPY $ARTIFACT_NAME.zip .
|
||||
COPY nginx.conf /etc/nginx/nginx.conf
|
||||
FROM alpine:latest AS build
|
||||
WORKDIR /usr/src/
|
||||
|
||||
RUN apk update
|
||||
RUN apk add --no-cache zip
|
||||
RUN apk add --no-cache nodejs npm
|
||||
|
||||
RUN unzip $ARTIFACT_NAME.zip
|
||||
RUN rm $ARTIFACT_NAME.zip
|
||||
RUN npm install -g typescript@4.0.7 && \
|
||||
npm install -g @angular/cli@11.2.9 || true --fo
|
||||
|
||||
EXPOSE 80
|
||||
ENV NG_CLI_ANALYTICS=ci
|
||||
|
||||
COPY . .
|
||||
|
||||
ARG ANGULAR_CONFIGURATION=production
|
||||
|
||||
RUN npm install --force
|
||||
RUN ng build --configuration=$ANGULAR_CONFIGURATION --stats-json --source-map=false
|
||||
|
||||
FROM nginx:mainline-alpine
|
||||
|
||||
WORKDIR /usr/bin/
|
||||
|
||||
COPY nginx.conf /etc/nginx/nginx.conf
|
||||
COPY --from=build /usr/src/dist/color-recipes-explorer-frontend/ .
|
||||
|
||||
ARG CRE_PORT=80
|
||||
EXPOSE $CRE_PORT
|
||||
|
||||
CMD ["nginx", "-g", "daemon off;"]
|
||||
|
|
|
|||
|
|
@ -1,17 +0,0 @@
|
|||
FROM alpine:latest
|
||||
WORKDIR /usr/src/cre/
|
||||
|
||||
RUN apk update
|
||||
RUN apk add --no-cache nodejs
|
||||
RUN apk add --no-cache npm
|
||||
|
||||
RUN npm install -g typescript@4.0.7
|
||||
RUN npm install -g @angular/cli@11.2.9 || true
|
||||
|
||||
ENV NG_CLI_ANALYTICS=ci
|
||||
|
||||
COPY package.json .
|
||||
|
||||
RUN npm install --force
|
||||
|
||||
COPY . .
|
||||
|
|
@ -5,7 +5,7 @@ events { worker_connections 1024; }
|
|||
http {
|
||||
server {
|
||||
listen 80;
|
||||
root /usr/bin/cre/dist/color-recipes-explorer-frontend;
|
||||
root /usr/bin/;
|
||||
include /etc/nginx/mime.types;
|
||||
|
||||
location / {
|
||||
|
|
|
|||
Loading…
Reference in New Issue