stages: - build - deploy variables: DOCKER_TLS_CERTDIR: /certs FRONTEND_IMAGE: $CI_REGISTRY_IMAGE/frontend BACKEND_IMAGE: $CI_REGISTRY_IMAGE/backend .build-template: &build-template image: name: gcr.io/kaniko-project/executor:v1.23.2-debug entrypoint: [""] stage: build variables: DOCKER_CONFIG: /kaniko/.docker REGISTRY_USER: $CI_REGISTRY_USER REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD REGISTRY_URL: $CI_REGISTRY script: - mkdir -p /kaniko/.docker - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$REGISTRY_USER\",\"password\":\"$REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json - /kaniko/executor --context "${CONTEXT}" --dockerfile "${DOCKERFILE_PATH}" --destination "${IMAGE_NAME}:${CI_COMMIT_SHA}" --destination "${IMAGE_NAME}:latest" --cache=true build_frontend: <<: *build-template variables: CONTEXT: "${CI_PROJECT_DIR}/services/frontend" DOCKERFILE_PATH: "Dockerfile" IMAGE_NAME: "$CI_REGISTRY_IMAGE/frontend" build_backend: <<: *build-template variables: CONTEXT: "${CI_PROJECT_DIR}/services/backend" DOCKERFILE_PATH: "Dockerfile" IMAGE_NAME: "$CI_REGISTRY_IMAGE/backend" build_backend-staticfiles: <<: *build-template variables: CONTEXT: "${CI_PROJECT_DIR}/services/backend" DOCKERFILE_PATH: "Dockerfile.staticfiles" IMAGE_NAME: "$CI_REGISTRY_IMAGE/backend-staticfiles" deploy: image: alpine:latest stage: deploy rules: - if: '$CI_COMMIT_REF_NAME == "master"' variables: SSH_HOST: "prod-team-15-2pc0i3lc.final.prodcontest.ru" SSH_USER: "ubuntu" SSH_ADDRESS: "$SSH_USER@$SSH_HOST" SSH_PRIVATE_KEY_BASE64: "$ENV_PRIVATE_KEY_BASE64" before_script: - apk add --no-cache openssh-client script: - mkdir -p ~/.ssh && chmod 700 ~/.ssh - printf "%s" "$SSH_PRIVATE_KEY_BASE64" | base64 -d -i > ~/.ssh/id_rsa - chmod 600 ~/.ssh/id_rsa - ssh-keyscan -H "$SSH_HOST" >> ~/.ssh/known_hosts - scp -C -r infrastructure/ compose.yaml "$SSH_ADDRESS":~/deploy/ - ssh "$SSH_ADDRESS" << 'EOF' set -e cd ~/deploy docker compose pull docker compose down docker compose up -d --remove-orphans EOF