stages: - build - deploy - utils variables: DOCKER_TLS_CERTDIR: /certs .build-template: &build-template image: name: gcr.io/kaniko-project/executor:v1.23.2-debug entrypoint: [""] stage: build variables: DOCKER_CONFIG: /kaniko/.docker REGISTRY_USER: $CI_REGISTRY_USER REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD REGISTRY_URL: $CI_REGISTRY script: - mkdir -p /kaniko/.docker - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$REGISTRY_USER\",\"password\":\"$REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json - /kaniko/executor --context "${CONTEXT}" --dockerfile "${DOCKERFILE_PATH}" --destination "${IMAGE_NAME}:${CI_COMMIT_SHA}" --destination "${IMAGE_NAME}:latest" --cache=true --registry-mirror=dockerhub.timeweb.cloud retry: 2 build_frontend: <<: *build-template rules: - if: '$CI_COMMIT_REF_NAME == "master"' variables: CONTEXT: "${CI_PROJECT_DIR}/services/frontend" DOCKERFILE_PATH: "Dockerfile" IMAGE_NAME: "$CI_REGISTRY_IMAGE/frontend" build_backend: <<: *build-template rules: - if: '$CI_COMMIT_REF_NAME == "master"' variables: CONTEXT: "${CI_PROJECT_DIR}/services/backend" DOCKERFILE_PATH: "Dockerfile" IMAGE_NAME: "$CI_REGISTRY_IMAGE/backend" build_backend-staticfiles: <<: *build-template rules: - if: '$CI_COMMIT_REF_NAME == "master"' variables: CONTEXT: "${CI_PROJECT_DIR}/services/backend" DOCKERFILE_PATH: "Dockerfile.staticfiles" IMAGE_NAME: "$CI_REGISTRY_IMAGE/backend-staticfiles" build_checker: <<: *build-template rules: - if: '$CI_COMMIT_REF_NAME == "master"' variables: CONTEXT: "${CI_PROJECT_DIR}/services/checker" DOCKERFILE_PATH: "Dockerfile" IMAGE_NAME: "$CI_REGISTRY_IMAGE/checker" build_custom-python: <<: *build-template rules: - if: '$CI_COMMIT_REF_NAME == "master"' variables: CONTEXT: "${CI_PROJECT_DIR}/services/checker" DOCKERFILE_PATH: "Dockerfile.checker" IMAGE_NAME: "$CI_REGISTRY_IMAGE/custom-python" build_docs: <<: *build-template rules: - if: '$CI_COMMIT_REF_NAME == "master"' variables: CONTEXT: "${CI_PROJECT_DIR}/docs" DOCKERFILE_PATH: "Dockerfile" IMAGE_NAME: "$CI_REGISTRY_IMAGE/docs" deploy: image: kroniak/ssh-client:3.19 stage: deploy rules: - if: '$CI_COMMIT_REF_NAME == "master"' variables: SSH_ADDRESS: "$SSH_USER@$SSH_HOST:$SSH_PORT" SSH_PRIVATE_KEY: SSH_PRIVATE_KEY script: - mkdir -p ~/.ssh - chmod 700 ~/.ssh - echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa - chmod 600 ~/.ssh/id_rsa - ssh-keyscan -H "$SSH_HOST" -p "$SSH_PORT" > /dev/null 2>&1 - AUTH_COMMAND="echo "$CI_REGISTRY_PASSWORD" | docker login $CI_REGISTRY --username $CI_REGISTRY_USER --password-stdin"; - ssh $SSH_ADDRESS "$AUTH_COMMAND" - scp -C -r infrastructure/ compose.yaml $SSH_ADDRESS:~/deploy/ - ssh $SSH_ADDRESS "docker -v" - | ssh $SSH_ADDRESS <<'EOF' cd ~/deploy docker system prune -a --force docker compose pull > deploy.log 2>&1 docker compose up -d --remove-orphans --force-recreate >> deploy.log 2>&1 docker compose ps >> deploy.log 2>&1 EOF retry: 2 reset-compose: image: kroniak/ssh-client:3.19 stage: utils when: manual rules: - if: '$CI_COMMIT_REF_NAME == "master"' variables: SSH_HOST: $SSH_HOST SSH_USER: $SSH_USER SSH_ADDRESS: "$SSH_USER@$SSH_HOST" SSH_PRIVATE_KEY: SSH_PRIVATE_KEY script: - mkdir -p ~/.ssh - chmod 700 ~/.ssh - echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa - chmod 600 ~/.ssh/id_rsa - ssh-keyscan -H "$SSH_HOST" > /dev/null 2>&1 - AUTH_COMMAND="echo "$CI_REGISTRY_PASSWORD" | docker login $CI_REGISTRY --username $CI_REGISTRY_USER --password-stdin"; - ssh $SSH_ADDRESS "$AUTH_COMMAND" - scp -C -r infrastructure/ compose.yaml $SSH_ADDRESS:~/deploy/ - ssh $SSH_ADDRESS "docker -v" - | ssh $SSH_ADDRESS <<'EOF' cd ~/deploy docker compose down -v > deploy.log 2>&1 docker compose up -d --remove-orphans --force-recreate >> deploy.log 2>&1 docker compose ps >> deploy.log 2>&1 EOF retry: 2