From 0c3a1f9cd47aed1fbaffc257d1b09c1bc9968de8 Mon Sep 17 00:00:00 2001 From: Valentyne Stigloher Date: Mon, 28 Oct 2024 16:01:14 +0100 Subject: [PATCH] (ci) statically generate deploy jobs to have everything in one pipeline, and trigger job does not wait for check job --- .deploy.gitlab-ci.yml | 258 ++++++++++++++++++++++++++++++++++++++++++ .gitlab-ci.yml | 48 ++------ 2 files changed, 266 insertions(+), 40 deletions(-) create mode 100644 .deploy.gitlab-ci.yml diff --git a/.deploy.gitlab-ci.yml b/.deploy.gitlab-ci.yml new file mode 100644 index 000000000..de770cce3 --- /dev/null +++ b/.deploy.gitlab-ci.yml @@ -0,0 +1,258 @@ +.deploy: &deploy + tags: ['deploy'] + needs: [] + rules: + - + if: $CI_COMMIT_REF_PROTECTED && $DEPLOY_TARGET =~ $ENVIRONMENT_PATTERN + - + if: $CI_COMMIT_REF_PROTECTED + when: manual + image: node:20.12.2 + before_script: + # see https://docs.gitlab.com/ee/ci/jobs/ssh_keys.html#ssh-keys-when-using-the-docker-executor + - 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )' + - eval $(ssh-agent -s) + - chmod 400 "$SSH_PRIVATE_KEY" + - ssh-add "$SSH_PRIVATE_KEY" + - mkdir -p ~/.ssh + - chmod 700 ~/.ssh + # see https://docs.gitlab.com/ee/ci/jobs/ssh_keys.html#verifying-the-ssh-host-keys + - cp "$SSH_KNOWN_HOSTS" ~/.ssh/known_hosts + - chmod 644 ~/.ssh/known_hosts + script: + - ssh $SSH_USER@$SSH_HOST "cd ~/www/$ENVIRONMENT_DOMAIN; deployer deploy $CI_COMMIT_SHA" + timeout: 10m + +.deploy-staging: &deploy-staging + <<: *deploy + stage: 'deploy staging' + environment: + name: staging/$ENVIRONMENT_INSTANCE + url: https://$ENVIRONMENT_DOMAIN + +.deploy-unpublished: &deploy-unpublished + <<: *deploy + stage: 'deploy unpublished' + variables: + ENVIRONMENT_TIER: 'unpublished' + environment: + name: unpublished/$ENVIRONMENT_INSTANCE + url: https://$ENVIRONMENT_DOMAIN + deployment_tier: 'production' + +.deploy-production: &deploy-production + <<: *deploy + stage: 'deploy production' + rules: + - + if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $DEPLOY_TARGET =~ $ENVIRONMENT_PATTERN + - + if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH + when: manual + environment: + name: production/$ENVIRONMENT_INSTANCE + url: https://$ENVIRONMENT_DOMAIN + +deploy home: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'home' + ENVIRONMENT_DOMAIN: 'pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(_,home|production)(,|$)/' + +deploy ar: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'ar' + ENVIRONMENT_DOMAIN: 'ar.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(ar|production)(,|$)/' + +deploy de: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'de' + ENVIRONMENT_DOMAIN: 'de.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(de|production)(,|$)/' + +deploy en: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'en' + ENVIRONMENT_DOMAIN: 'en.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(en|production)(,|$)/' + +deploy eo: + <<: *deploy-unpublished + variables: + ENVIRONMENT_INSTANCE: 'eo' + ENVIRONMENT_DOMAIN: 'pronomejo.net' + ENVIRONMENT_PATTERN: '/(^|,)(eo|unpublished)(,|$)/' + +deploy es: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'es' + ENVIRONMENT_DOMAIN: 'pronombr.es' + ENVIRONMENT_PATTERN: '/(^|,)(es|production)(,|$)/' + +deploy et: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'et' + ENVIRONMENT_DOMAIN: 'et.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(et|production)(,|$)/' + +deploy fr: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'fr' + ENVIRONMENT_DOMAIN: 'pronoms.fr' + ENVIRONMENT_PATTERN: '/(^|,)(fr|production)(,|$)/' + +deploy he: + <<: *deploy-unpublished + variables: + ENVIRONMENT_INSTANCE: 'he' + ENVIRONMENT_DOMAIN: 'he.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(he|unpublished)(,|$)/' + +deploy it: + <<: *deploy-unpublished + variables: + ENVIRONMENT_INSTANCE: 'it' + ENVIRONMENT_DOMAIN: 'it.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(it|unpublished)(,|$)/' + +deploy ja: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'ja' + ENVIRONMENT_DOMAIN: 'ja.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(ja|production)(,|$)/' + +deploy ko: + <<: *deploy-unpublished + variables: + ENVIRONMENT_INSTANCE: 'ko' + ENVIRONMENT_DOMAIN: 'ko.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(ko|unpublished)(,|$)/' + +deploy lad: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'lad' + ENVIRONMENT_DOMAIN: 'lad.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(lad|production)(,|$)/' + +deploy nl: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'nl' + ENVIRONMENT_DOMAIN: 'nl.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(nl|production)(,|$)/' + +deploy no: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'no' + ENVIRONMENT_DOMAIN: 'no.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(no|production)(,|$)/' + +deploy pl: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'pl' + ENVIRONMENT_DOMAIN: 'zaimki.pl' + ENVIRONMENT_PATTERN: '/(^|,)(pl|production)(,|$)/' + +deploy pt: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'pt' + ENVIRONMENT_DOMAIN: 'pt.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(pt|production)(,|$)/' + +deploy ro: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'ro' + ENVIRONMENT_DOMAIN: 'ro.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(ro|production)(,|$)/' + +deploy ru: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'ru' + ENVIRONMENT_DOMAIN: 'ru.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(ru|production)(,|$)/' + +deploy sv: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'sv' + ENVIRONMENT_DOMAIN: 'sv.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(sv|production)(,|$)/' + +deploy tok: + <<: *deploy-unpublished + variables: + ENVIRONMENT_INSTANCE: 'tok' + ENVIRONMENT_DOMAIN: 'tok.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(tok|unpublished)(,|$)/' + +deploy tr: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'tr' + ENVIRONMENT_DOMAIN: 'tr.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(tr|production)(,|$)/' + +deploy ua: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'ua' + ENVIRONMENT_DOMAIN: 'ua.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(ua|production)(,|$)/' + +deploy vi: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'vi' + ENVIRONMENT_DOMAIN: 'vi.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(vi|production)(,|$)/' + +deploy yi: + <<: *deploy-unpublished + variables: + ENVIRONMENT_INSTANCE: 'yi' + ENVIRONMENT_DOMAIN: 'yi.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(yi|unpublished)(,|$)/' + +deploy zh: + <<: *deploy-production + variables: + ENVIRONMENT_INSTANCE: 'zh' + ENVIRONMENT_DOMAIN: 'zh.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(zh|production)(,|$)/' + +deploy test: + <<: *deploy-staging + variables: + ENVIRONMENT_INSTANCE: 'default' + ENVIRONMENT_DOMAIN: 'test.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(test|staging)(,|$)/' + +deploy test/pink: + <<: *deploy-staging + variables: + ENVIRONMENT_INSTANCE: 'pink' + ENVIRONMENT_DOMAIN: 'test-pink.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(test/pink|staging)(,|$)/' + +deploy test/purple: + <<: *deploy-staging + variables: + ENVIRONMENT_INSTANCE: 'purple' + ENVIRONMENT_DOMAIN: 'test-purple.pronouns.page' + ENVIRONMENT_PATTERN: '/(^|,)(test/purple|staging)(,|$)/' + diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b1c093535..b5ad5dcf1 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,3 +1,11 @@ +include: '.deploy.gitlab-ci.yml' + +stages: + - 'test' + - 'deploy staging' + - 'deploy unpublished' + - 'deploy production' + check: stage: test rules: @@ -90,43 +98,3 @@ check: # - template: Security/Dependency-Scanning.gitlab-ci.yml # # Pending resolution of: https://gitlab.com/PronounsPage/PronounsPage/-/merge_requests/453#note_1911466136 - -generate deploy jobs: - stage: deploy - tags: ['deploy'] - needs: [] - rules: - - - if: $CI_COMMIT_TAG =~ /^deploy-.*/ - variables: - DEPLOY_TARGET: $CI_COMMIT_TAG_MESSAGE - - - if: $CI_COMMIT_REF_PROTECTED == 'true' - image: node:20.12.2 - before_script: - # see https://docs.gitlab.com/ee/ci/jobs/ssh_keys.html#ssh-keys-when-using-the-docker-executor - - 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )' - - eval $(ssh-agent -s) - - chmod 400 "$SSH_PRIVATE_KEY" - - ssh-add "$SSH_PRIVATE_KEY" - - mkdir -p ~/.ssh - - chmod 700 ~/.ssh - # see https://docs.gitlab.com/ee/ci/jobs/ssh_keys.html#verifying-the-ssh-host-keys - - cp "$SSH_KNOWN_HOSTS" ~/.ssh/known_hosts - - chmod 644 ~/.ssh/known_hosts - script: - - > - ssh $SSH_USER@$SSH_HOST "php ~/www/generate-deploy-jobs.php \"$DEPLOY_TARGET\"" - > deploy-jobs.gitlab-ci.yml - artifacts: - paths: - - deploy-jobs.gitlab-ci.yml - timeout: 1m - -deploy jobs: - stage: deploy - trigger: - include: - - - job: generate deploy jobs - artifact: deploy-jobs.gitlab-ci.yml