Commit ff255f44 authored by Pedro Eduardo Trujillo's avatar Pedro Eduardo Trujillo
Browse files

Actualiza CI/CD, añade redirección 

Revisa configuración de despliegue y definición de CI, para adaptarlos a
los últimos cambios disponibles. Usa plantillas y variables de
despliegue con prefijo, controla recursos, etc.

Añade redirección desde ruta antigua de redmic (antes de existir la app)
hacia visor de atlas de la app de redmic.
parent c077c2c2

.gitlab-ci.yml

+10 −137
Original line number Diff line number Diff line 
include:

  - project: 'redmic-project/gitlab-ci-templates'

    ref: master

    file: '/packaging.yml'

  - project: 'redmic-project/gitlab-ci-templates'

    ref: master

    file: '/deployment.yml'



stages:

  - package

  - test-package

  - deploy



image: docker:stable



variables:

  DOCKER_DRIVER: overlay2

  STACK: ${CI_PROJECT_NAME}

  SERVICES_TO_CHECK: ${CI_PROJECT_NAME}_${CI_PROJECT_NAME}

  IMAGE_NAME: ${CI_REGISTRY_IMAGE}

  IMAGE_TAG: ${CI_COMMIT_SHA}

  STATIC_SUBDOMAIN: static



services:

  - docker:dind



docker-build-commit-non-master-branches:

  stage: package

  only:

    - branches

  except:

    - master

  script:

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - docker build -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_REF_NAME}-latest .

    - docker push ${CI_REGISTRY_IMAGE}



docker-build-commit-master-branch:

  stage: package

  variables:

    PARENT_IMAGE_NAME: registry.gitlab.com/redmic-project/docker/redmic-server

    PARENT_IMAGE_TAG: latest

  only:

    - master

  script:

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - docker build -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} -t ${CI_REGISTRY_IMAGE}:latest .

    - docker push ${CI_REGISTRY_IMAGE}



docker-tag-already-built-image:

  stage: package

  only:

    - tags

  script:

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - docker tag ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} ${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG}

    - docker push ${CI_REGISTRY_IMAGE}



container-scanning:

  stage: test-package

  allow_failure: true

  only:

    - branches

  script:

    - docker run -d --name db arminc/clair-db:latest

    - docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1

    - apk add -U wget ca-certificates

    - docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}

    - docker pull ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA}

    - wget https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64

    - mv clair-scanner_linux_amd64 clair-scanner

    - chmod +x clair-scanner

    - touch clair-whitelist.yml

    - >

      ./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-container-report.json -l clair.log

      -w clair-whitelist.yml ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHA} || true

  artifacts:

    paths: [gl-sast-container-report.json]



deploy-supporting-branch-develop:

  stage: deploy

  image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest

  variables:

    SSH_REMOTE: ${DEV_SSH_REMOTE}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml

    PUBLIC_HOSTNAME: ${DEV_PUBLIC_HOSTNAME}

  script:

    - >

      deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

      STATIC_SUBDOMAIN=${STATIC_SUBDOMAIN} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME}

  environment:

    name: dev

    url: https://${STATIC_SUBDOMAIN}.${DEV_PUBLIC_HOSTNAME}

  only:

    - branches

  except:

    - master

  when: manual



deploy-stable-branch-develop:

  stage: deploy

  image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest

  variables:

    SSH_REMOTE: ${DEV_SSH_REMOTE}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml

    PUBLIC_HOSTNAME: ${DEV_PUBLIC_HOSTNAME}

  script:

    - >

      deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

      STATIC_SUBDOMAIN=${STATIC_SUBDOMAIN} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME}

  environment:

    name: dev

    url: https://${STATIC_SUBDOMAIN}.${DEV_PUBLIC_HOSTNAME}

  only:

    - master

  when: manual



deploy-supporting-branch-production:

  stage: deploy

  image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest

  variables:

    SSH_REMOTE: ${PRO_SSH_REMOTE}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml

    PUBLIC_HOSTNAME: ${PRO_PUBLIC_HOSTNAME}

  script:

    - >

      deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

      STATIC_SUBDOMAIN=${STATIC_SUBDOMAIN} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME}

  environment:

    name: pro

    url: https://${STATIC_SUBDOMAIN}.${PRO_PUBLIC_HOSTNAME}

  only:

    - branches

  except:

    - master

  when: manual



deploy-stable-branch-production:

  stage: deploy

  image: registry.gitlab.com/redmic-project/docker/docker-deploy:latest

  variables:

    SSH_REMOTE: ${PRO_SSH_REMOTE}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml

    PUBLIC_HOSTNAME: ${PRO_PUBLIC_HOSTNAME}

  script:

    - >

      deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

      STATIC_SUBDOMAIN=${STATIC_SUBDOMAIN} PUBLIC_HOSTNAME=${PUBLIC_HOSTNAME}

.deploy:

  environment:

    name: pro

    url: https://${STATIC_SUBDOMAIN}.${PRO_PUBLIC_HOSTNAME}

  only:

    - master

  when: manual
 
    url: https://${DD_STATIC_SUBDOMAIN}.${PUBLIC_HOSTNAME}

deploy/.env

+1 −0
Original line number Diff line number Diff line 
INTERNAL_PORT=80

PUBLIC_HOSTNAME=redmic.es

STATIC_SUBDOMAIN=static

BACKEND_NAME=static-pages

deploy/docker-compose.tmpl.yml

+15 −8
Original line number Diff line number Diff line
@@ -4,33 +4,40 @@ services: 
  static-pages:

    image: ${IMAGE_NAME}:${IMAGE_TAG:-latest}

    networks:

      - traefik-net

      traefik-net:

    healthcheck:

      test: wget --spider -q http://localhost

      interval: 30s

      timeout: 10s

      retries: 3

      start_period: 2m

      start_period: 1m

    deploy:

      mode: global

      labels:

        traefik.static.frontend.rule: Host:${STATIC_SUBDOMAIN}.${PUBLIC_HOSTNAME}

        traefik.static.backend: static-pages

        traefik.static.port: "${INTERNAL_PORT}"

        traefik.static.backend: ${BACKEND_NAME}

        traefik.static.port: '${INTERNAL_PORT}'

        traefik.web-error-handle.frontend.rule: Host:${PUBLIC_HOSTNAME};ReplacePathRegex:^.*?(resources/[^/]+\\.\\w+)?$$ /maintenance/$$1

        traefik.web-error-handle.frontend.priority: '1'

        traefik.web-error-handle.backend: static-pages

        traefik.web-error-handle.port: "${INTERNAL_PORT}"

        traefik.web-error-handle.backend: ${BACKEND_NAME}

        traefik.web-error-handle.port: '${INTERNAL_PORT}'

        traefik.old-viewer.frontend.rule: Host:www.redmic.es;PathPrefix:/flexviewers/visor

        traefik.old-viewer.frontend.redirect.regex: ^.*$$

        traefik.old-viewer.frontend.redirect.replacement: https://${PUBLIC_HOSTNAME}/atlas

        traefik.old-viewer.backend: ${BACKEND_NAME}

        traefik.old-viewer.port: '${INTERNAL_PORT}'

      restart_policy:

        delay: 30s

        delay: 5s

        window: 1m

      resources:

        limits:

          cpus: '0.1'

          memory: 64M

        reservations:

          memory: 52M

          cpus: '0.001'

          memory: 8M



networks:

  traefik-net:

    name: ${TRAEFIK_NET_NAME:-traefik-net}

    external: true