Merge branch 'dev' into 'master' (770fb366) · Commits · REDMIC Project / Service deployment

.gitlab-ci.yml

+21 −47

Original line number	Diff line number	Diff line
		@@ -49,7 +49,6 @@ deploy-gitlab-ce-dev:
		SMTP_DOMAIN: ${OAGDEV_GITLAB_SMTP_DOMAIN}
		script:
		- echo "${AUTHORIZED_KEYS_PROXY}" > "${DEPLOY_DIR_NAME}/authorized_keys_proxy"
		- create-nets.sh gitlab-net
		- >
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} AWS_REGION=${AWS_REGION}
		AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} SMTP_ADDR=${SMTP_ADDR}
		@@ -61,60 +60,37 @@ deploy-gitlab-ce-dev:
		- dev
		when: manual

		deploy-gitlab-runner-local:
		deploy-gitlab-runner-dev:
		stage: deploy
		variables:
		DEPLOY_DIR_NAME: gitlab-runner
		SSH_REMOTE: ${DEV_SSH_REMOTE}
		STACK: gitlab
		SERVICES_TO_CHECK: gitlab_gitlab-runner-local
		SERVICES_TO_CHECK: gitlab_gitlab-runner
		IMAGE_TAG: alpine
		COMPOSE_FILE: docker-compose.gitlab-runner-local.tmpl.yml:docker-compose.gitlab-runner-local.dev.yml
		CI_SERVER_URL: http://gitlab_gitlab-ce
		REGISTRATION_TOKEN: ${OAGDEV_GITLAB_TOKEN}
		RUNNER_NAME: OAGDev local
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml
		CI_SERVER_URL_REMOTE: https://gitlab.com
		REGISTRATION_TOKEN_REMOTE: ${GITLABCOM_GITLAB_TOKEN}
		CI_SERVER_URL_LOCAL: http://gitlab_gitlab-ce
		REGISTRATION_TOKEN_LOCAL: ${OAGDEV_GITLAB_TOKEN}
		RUNNER_NAME: OAG-dev
		RUNNER_TAG_LIST: oagdev
		CACHE_S3_SERVER_ADDRESS: minio.redmic.net
		CACHE_S3_ACCESS_KEY: ${MINIO_ACCESS_KEY}
		CACHE_S3_SECRET_KEY: ${MINIO_SECRET_KEY}
		script:
		- create-nets.sh gitlab-net
		- >
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} CI_SERVER_URL="${CI_SERVER_URL}"
		REGISTRATION_TOKEN="${REGISTRATION_TOKEN}" RUNNER_NAME="${RUNNER_NAME}" RUNNER_TAG_LIST="${RUNNER_TAG_LIST}"
		CACHE_S3_SERVER_ADDRESS="${CACHE_S3_SERVER_ADDRESS}" CACHE_S3_ACCESS_KEY="${MINIO_ACCESS_KEY}"
		CACHE_S3_SECRET_KEY="${MINIO_SECRET_KEY}"
		environment:
		name: dev/gitlab-runner-local
		only:
		- dev
		when: manual

		deploy-gitlab-runner-remote:
		stage: deploy
		variables:
		DEPLOY_DIR_NAME: gitlab-runner
		SSH_REMOTE: ${DEV_SSH_REMOTE}
		STACK: gitlab
		SERVICES_TO_CHECK: gitlab_gitlab-runner-remote
		IMAGE_TAG: alpine
		COMPOSE_FILE: docker-compose.gitlab-runner-remote.tmpl.yml:docker-compose.gitlab-runner-remote.dev.yml
		CI_SERVER_URL: https://gitlab.com
		REGISTRATION_TOKEN: ${GITLABCOM_GITLAB_TOKEN}
		RUNNER_NAME: OAGDev remote
		RUNNER_TAG_LIST: oagdev
		CACHE_S3_SERVER_ADDRESS: minio.redmic.net
		CACHE_S3_ACCESS_KEY: ${MINIO_ACCESS_KEY}
		CACHE_S3_SECRET_KEY: ${MINIO_SECRET_KEY}
		script:
		- create-nets.sh gitlab-net
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} CI_SERVER_URL="${CI_SERVER_URL_REMOTE}"
		REGISTRATION_TOKEN="${REGISTRATION_TOKEN_REMOTE}" RUNNER_NAME="${RUNNER_NAME}"
		RUNNER_TAG_LIST="${RUNNER_TAG_LIST}" CACHE_S3_SERVER_ADDRESS="${CACHE_S3_SERVER_ADDRESS}"
		CACHE_S3_ACCESS_KEY="${MINIO_ACCESS_KEY}" CACHE_S3_SECRET_KEY="${MINIO_SECRET_KEY}"
		- >
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} CI_SERVER_URL="${CI_SERVER_URL}"
		REGISTRATION_TOKEN="${REGISTRATION_TOKEN}" RUNNER_NAME="${RUNNER_NAME}" RUNNER_TAG_LIST="${RUNNER_TAG_LIST}"
		CACHE_S3_SERVER_ADDRESS="${CACHE_S3_SERVER_ADDRESS}" CACHE_S3_ACCESS_KEY="${MINIO_ACCESS_KEY}"
		CACHE_S3_SECRET_KEY="${MINIO_SECRET_KEY}"
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} CI_SERVER_URL="${CI_SERVER_URL_LOCAL}"
		REGISTRATION_TOKEN="${REGISTRATION_TOKEN_LOCAL}" RUNNER_NAME="${RUNNER_NAME}"
		RUNNER_TAG_LIST="${RUNNER_TAG_LIST}" CACHE_S3_SERVER_ADDRESS="${CACHE_S3_SERVER_ADDRESS}"
		CACHE_S3_ACCESS_KEY="${MINIO_ACCESS_KEY}" CACHE_S3_SECRET_KEY="${MINIO_SECRET_KEY}"
		environment:
		name: dev/gitlab-runner-remote
		name: dev/gitlab-runner
		only:
		- dev
		when: manual
		@@ -267,11 +243,11 @@ deploy-traefik-dev:
		SERVICES_TO_CHECK: traefik_traefik
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml
		PUBLIC_HOSTNAME: ${DEV_PUBLIC_HOSTNAME}
		UI_AUTH: ${DEV_UI_AUTH}
		script:
		- create-nets.sh redmic-net traefik-net
		- >
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${DEV_PUBLIC_HOSTNAME}
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME}
		UI_AUTH=${UI_AUTH}
		environment:
		name: dev/traefik
		@@ -289,13 +265,11 @@ deploy-traefik-pro:
		SERVICES_TO_CHECK: traefik_traefik
		IMAGE_TAG: latest
		COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml
		PUBLIC_HOSTNAME: ${PRO_PUBLIC_HOSTNAME}
		UI_AUTH: ${PRO_UI_AUTH}
		script:
		- echo "${CERT_FILE}" > "${DEPLOY_DIR_NAME}/certFile.cert"
		- echo "${KEY_FILE}" > "${DEPLOY_DIR_NAME}/keyFile.key"
		- create-nets.sh redmic-net traefik-net
		- >
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${PRO_PUBLIC_HOSTNAME}
		deploy.sh IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME}
		UI_AUTH=${UI_AUTH}
		environment:
		name: pro/traefik

gitlab-ce/docker-compose.dev.yml

+7 −24

Original line number	Diff line number	Diff line
		@@ -9,35 +9,18 @@ services:
		secrets:
		- source: authorized_keys_proxy
		target: /gitlab-data/ssh/authorized_keys
		deploy:
		mode: replicated
		replicas: 1
		labels:
		traefik.port: "80"
		traefik.docker.network: traefik-net
		traefik.gitlab.frontend.rule: Host:${GITLAB_SUBDOMAIN}.${PUBLIC_HOSTNAME}
		traefik.registry.frontend.rule: Host:${GITLAB_REGISTRY_SUBDOMAIN}.${PUBLIC_HOSTNAME}
		traefik.backend: gitlab
		restart_policy:
		delay: 2m
		window: 5m
		resources:
		limits:
		cpus: '2'
		memory: 4G
		reservations:
		memory: 3G

		volumes:
		gitlab-ce-config-vol:
		name: gitlab-ce-config-vol
		config-vol:
		name: ${CONFIG_VOL_NAME:-gitlab-ce-config-vol}

		gitlab-ce-log-vol:
		name: gitlab-ce-log-vol
		log-vol:
		name: ${LOG_VOL_NAME:-gitlab-ce-log-vol}

		gitlab-ce-data-vol:
		name: gitlab-ce-data-vol
		data-vol:
		name: ${DATA_VOL_NAME:-gitlab-ce-data-vol}

		secrets:
		authorized_keys_proxy:
		name: ${AUTHORIZED_KEYS_PROXY_NAME:-gitlab-authorized-keys-proxy}
		file: ./authorized_keys_proxy

gitlab-ce/docker-compose.tmpl.yml

+21 −7

Original line number	Diff line number	Diff line
		@@ -27,16 +27,30 @@ services:
		gitlab_rails['smtp_enable_starttls_auto'] = true
		gitlab_rails['smtp_tls'] = false
		networks:
		- gitlab-net
		- traefik-net
		volumes:
		- gitlab-ce-config-vol:/etc/gitlab
		- gitlab-ce-log-vol:/var/log/gitlab
		- gitlab-ce-data-vol:/var/opt/gitlab
		- config-vol:/etc/gitlab
		- log-vol:/var/log/gitlab
		- data-vol:/var/opt/gitlab
		deploy:
		mode: replicated
		replicas: 1
		labels:
		traefik.gitlab.frontend.rule: Host:${GITLAB_SUBDOMAIN}.${PUBLIC_HOSTNAME}
		traefik.registry.frontend.rule: Host:${GITLAB_REGISTRY_SUBDOMAIN}.${PUBLIC_HOSTNAME}
		traefik.backend: gitlab-ce
		traefik.port: '80'
		restart_policy:
		delay: 1m
		window: 5m
		resources:
		limits:
		cpus: '2'
		memory: 4G
		reservations:
		memory: 2G

		networks:
		gitlab-net:
		external: true

		traefik-net:
		name: ${TRAEFIK_NET_NAME:-traefik-net}
		external: true

gitlab-runner/.env

+1 −1

Original line number	Diff line number	Diff line
		@@ -2,6 +2,7 @@ CONFIG_FILE=/etc/gitlab-runner/config.toml
		REGISTER_NON_INTERACTIVE=true
		REGISTER_LOCKED=false
		REGISTER_RUN_UNTAGGED=true
		RUNNER_NAME=gitlab-runner
		RUNNER_LIMIT=2
		RUNNER_REQUEST_CONCURRENCY=2
		RUNNER_OUTPUT_LIMIT=40960
		@@ -9,7 +10,6 @@ RUNNER_EXECUTOR=docker
		RUNNER_DOCKER_IMAGE=alpine
		RUNNER_DOCKER_TLS_VERIFY=false
		RUNNER_DOCKER_PRIVILEGED=true
		RUNNER_DOCKER_NETWORK_MODE=gitlab-net
		RUNNER_DOCKER_DISABLE_CACHE=true
		RUNNER_DOCKER_SHM_SIZE=1000000000
		RUNNER_DOCKER_MEMORY=4g

gitlab-runner/docker-compose.dev.yml

0 → 100644

+8 −0

Original line number	Diff line number	Diff line
		version: '3.5'

		volumes:
		etc-vol:
		name: gitlab-runner-etc-vol

		home-vol:
		name: gitlab-runner-home-vol