Loading .gitlab-ci.yml +52 −4 Original line number Diff line number Diff line Loading @@ -46,11 +46,13 @@ container-scanning: - mv clair-scanner_linux_amd64 clair-scanner - chmod +x clair-scanner - touch clair-whitelist.yml - ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-container-report.json -l clair.log -w clair-whitelist.yml ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} || true - > ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-container-report.json -l clair.log -w clair-whitelist.yml ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} || true artifacts: paths: [gl-sast-container-report.json] deploy-dev: deploy-supporting-branch-develop: stage: deploy image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest variables: Loading @@ -74,7 +76,53 @@ deploy-dev: - master when: manual deploy-pro: deploy-stable-branch-develop: stage: deploy image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest variables: SSH_REMOTE: ${DEV_SSH_REMOTE} STACK: ${CI_PROJECT_NAME} SERVICES_TO_CHECK: ${CI_PROJECT_NAME}_${CI_PROJECT_NAME} IMAGE_NAME: ${CI_REGISTRY_IMAGE} IMAGE_TAG: ${CI_COMMIT_SHA} COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml PUBLIC_HOSTNAME: ${DEV_PUBLIC_HOSTNAME} script: - > deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME} environment: name: dev url: https://${DEV_PUBLIC_HOSTNAME} only: - master when: manual deploy-supporting-branch-production: stage: deploy image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest variables: SSH_REMOTE: ${PRO_SSH_REMOTE} STACK: ${CI_PROJECT_NAME} SERVICES_TO_CHECK: ${CI_PROJECT_NAME}_${CI_PROJECT_NAME} IMAGE_NAME: ${CI_REGISTRY_IMAGE} IMAGE_TAG: ${CI_COMMIT_SHA} COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml PUBLIC_HOSTNAME: ${PRO_PUBLIC_HOSTNAME} script: - > deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME} environment: name: pro url: https://${PRO_PUBLIC_HOSTNAME} only: - branches except: - master when: manual deploy-stable-branch-production: stage: deploy image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest variables: Loading deploy/docker-compose.prod.yml +0 −7 Original line number Diff line number Diff line version: '3.5' services: nginx-proxy: deploy: placement: constraints: - node.role == manager deploy/docker-compose.tmpl.yml +3 −0 Original line number Diff line number Diff line Loading @@ -34,6 +34,9 @@ services: deploy: mode: replicated replicas: 1 placement: constraints: - node.role == manager restart_policy: delay: 30s window: 2m Loading Loading
.gitlab-ci.yml +52 −4 Original line number Diff line number Diff line Loading @@ -46,11 +46,13 @@ container-scanning: - mv clair-scanner_linux_amd64 clair-scanner - chmod +x clair-scanner - touch clair-whitelist.yml - ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-container-report.json -l clair.log -w clair-whitelist.yml ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} || true - > ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-container-report.json -l clair.log -w clair-whitelist.yml ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} || true artifacts: paths: [gl-sast-container-report.json] deploy-dev: deploy-supporting-branch-develop: stage: deploy image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest variables: Loading @@ -74,7 +76,53 @@ deploy-dev: - master when: manual deploy-pro: deploy-stable-branch-develop: stage: deploy image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest variables: SSH_REMOTE: ${DEV_SSH_REMOTE} STACK: ${CI_PROJECT_NAME} SERVICES_TO_CHECK: ${CI_PROJECT_NAME}_${CI_PROJECT_NAME} IMAGE_NAME: ${CI_REGISTRY_IMAGE} IMAGE_TAG: ${CI_COMMIT_SHA} COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml PUBLIC_HOSTNAME: ${DEV_PUBLIC_HOSTNAME} script: - > deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME} environment: name: dev url: https://${DEV_PUBLIC_HOSTNAME} only: - master when: manual deploy-supporting-branch-production: stage: deploy image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest variables: SSH_REMOTE: ${PRO_SSH_REMOTE} STACK: ${CI_PROJECT_NAME} SERVICES_TO_CHECK: ${CI_PROJECT_NAME}_${CI_PROJECT_NAME} IMAGE_NAME: ${CI_REGISTRY_IMAGE} IMAGE_TAG: ${CI_COMMIT_SHA} COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml PUBLIC_HOSTNAME: ${PRO_PUBLIC_HOSTNAME} script: - > deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME} environment: name: pro url: https://${PRO_PUBLIC_HOSTNAME} only: - branches except: - master when: manual deploy-stable-branch-production: stage: deploy image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest variables: Loading
deploy/docker-compose.prod.yml +0 −7 Original line number Diff line number Diff line version: '3.5' services: nginx-proxy: deploy: placement: constraints: - node.role == manager
deploy/docker-compose.tmpl.yml +3 −0 Original line number Diff line number Diff line Loading @@ -34,6 +34,9 @@ services: deploy: mode: replicated replicas: 1 placement: constraints: - node.role == manager restart_policy: delay: 30s window: 2m Loading
