From 10e1ff8e5e6aa9206e3f4d6e5b4fbffbd26a96b3 Mon Sep 17 00:00:00 2001 From: colin Date: Wed, 13 Dec 2023 20:30:38 +0000 Subject: [PATCH] Update .woodpecker.yml --- docker-compose.production.yml | 6 -- .woodpecker.yml | 156 +++++++++++++++++++++++++++++++++ README.md | 1 + docker-compose.production.yml | 10 +++ docker-compose.staging.yml | 10 +++ docker-compose.test.yml | 18 ++++ docker/haste/Dockerfile | 13 +++ docker/redis/Dockerfile | 1 + stack.production.yml | 47 ++++++++++ stack.staging.yml | 64 ++++++++++++++ 10 files changed, 320 insertions(+), 6 deletions(-) delete mode 100644 docker-compose.production.yml create mode 100644 .woodpecker.yml create mode 100644 README.md create mode 100644 docker-compose.production.yml create mode 100644 docker-compose.staging.yml create mode 100644 docker-compose.test.yml create mode 100644 docker/haste/Dockerfile create mode 100644 docker/redis/Dockerfile create mode 100644 stack.production.yml create mode 100644 stack.staging.yml diff --git a/ docker-compose.production.yml b/ docker-compose.production.yml deleted file mode 100644 index 6e0da79..0000000 --- a/ docker-compose.production.yml +++ /dev/null @@ -1,6 +0,0 @@ -version: "3.9" -services: - well-known: - build: - context: docker/vault - image: git.nixc.us/colin/vault:production \ No newline at end of file diff --git a/.woodpecker.yml b/.woodpecker.yml new file mode 100644 index 0000000..cb23715 --- /dev/null +++ b/.woodpecker.yml @@ -0,0 +1,156 @@ +labels: + hostname: "macmini7" +clone: + git: + image: woodpeckerci/plugin-git + settings: + partial: false + depth: 1 +steps: + # Build Step for staging Branch + build-staging: + name: build-staging + image: woodpeckerci/plugin-docker-buildx + secrets: [REGISTRY_USER, REGISTRY_PASSWORD] + volumes: + - /var/run/docker.sock:/var/run/docker.sock + commands: + - echo "Building application for staging branch" + - echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us + - echo compose build + - docker compose -f docker-compose.staging.yml build + when: + - branch: main + - event: push + - path: + include: [ 'stack.production.yml', 'stack.staging.yml', 'docker-compose.staging.yml', 'docker-compose.production.yml', 'Dockerfile', '*.tests.ts' ] + + deploy-new: + name: deploy-new + when: + - branch: main + - path: + include: [ 'stack.production.yml', 'stack.staging.yml', 'docker-compose.staging.yml', 'docker-compose.production.yml', 'Dockerfile', '*.tests.ts' ] + image: woodpeckerci/plugin-docker-buildx + secrets: [REGISTRY_USER, REGISTRY_PASSWORD] + volumes: + - /var/run/docker.sock:/var/run/docker.sock + commands: + - echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us + - echo compose push + - docker compose -f docker-compose.staging.yml push + - docker stack deploy --with-registry-auth -c ./stack.staging.yml $${CI_REPO_NAME}-staging + + # run-tests: + # name: run-tests-in-container + # image: docker + # commands: + # - docker-compose -f docker-compose.test.yml up --abort-on-container-exit + # - docker-compose -f docker-compose.test.yml down + # when: + # branch: main + # event: push + # volumes: + # - /var/run/docker.sock:/var/run/docker.sock + + + # Wait for Deploy to Complete + wait-for-deploy-staging: + name: wait-for-deploy-staging + image: woodpeckerci/plugin-git + commands: + - echo "Waiting for staging deploy step to complete rollout." + - sleep 20 + when: + - branch: main + - event: push + + # # Run Automated Tests on staging Branch + # test-staging: + # name: run-tests-staging + # image: git.nixc.us/colin/playwright:latest + # secrets: [ base_url ] + # when: + # - branch: main + # - event: push + # - path: + # include: [ 'tests/', 'src/','docker-compose.staging.yml', 'docker-compose.production.yml', '*.tests.ts' ] # Specify paths relevant to tests + # volumes: + # - /var/run/docker.sock:/var/run/docker.sock:ro + + cleanup-staging: + name: cleanup-staging + when: + - branch: main + - path: + include: [ 'stack.production.yml', 'stack.staging.yml', 'docker-compose.staging.yml', 'docker-compose.production.yml', 'Dockerfile', '*.tests.ts' ] + image: woodpeckerci/plugin-docker-buildx + secrets: [REGISTRY_USER, REGISTRY_PASSWORD] + volumes: + - /var/run/docker.sock:/var/run/docker.sock + commands: + # - docker stack rm $${CI_REPO_NAME}-staging + ## added fault tolerance for docker stack rm + - for i in {1..5}; do docker stack rm ${CI_REPO_NAME}-staging && break || sleep 10; done + - docker compose -f docker-compose.staging.yml down + - docker compose -f docker-compose.staging.yml rm -f + + # Build Step for staging Branch + build-build-push-production: + name: build-build-push-production + image: woodpeckerci/plugin-docker-buildx + secrets: [REGISTRY_USER, REGISTRY_PASSWORD] + volumes: + - /var/run/docker.sock:/var/run/docker.sock + commands: + - echo "Building application for staging branch" + - echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us + - echo compose build + - docker compose -f docker-compose.production.yml build + - docker compose -f docker-compose.production.yml push + when: + - branch: production + - event: push + - path: + include: [ 'stack.production.yml', 'stack.staging.yml', 'docker-compose.staging.yml', 'docker-compose.production.yml', 'Dockerfile', '*.tests.ts' ] + + # Deploy to Production Branch + deploy-production: + name: deploy-production + image: woodpeckerci/plugin-docker-buildx + secrets: [REGISTRY_USER, REGISTRY_PASSWORD] + volumes: + - /var/run/docker.sock:/var/run/docker.sock + commands: + - echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us + - docker stack deploy --with-registry-auth -c ./stack.production.yml $${CI_REPO_NAME} + when: + - branch: production + - event: push + # - path: + # include: [ 'stack.production.yml', 'stack.staging.yml', 'docker-compose.staging.yml', 'docker-compose.production.yml', 'Dockerfile', '*.tests.ts' ] + + + # # Wait for Deploy to Complete + # wait-for-deploy-production: + # name: wait-for-deploy-production + # image: woodpeckerci/plugin-git + # commands: + # - echo "Waiting for deploy step to complete rollout." + # - sleep 60 + # when: + # - branch: production + # - event: push + + # # Run Post-Deployment Smoke Tests + # post-deploy-smoke-tests-git-nixc-us: + # name: run-post-deploy-smoke-tests-git-nixc-us + # image: git.nixc.us/colin/playwright:latest + # # secrets: [TEST_USER, TEST_PASSWORD] + # environment: + # - BASE_URL=https://git.nixc.us + # when: + # - branch: production + # - event: push + # # - path: + # # include: [ 'stack.production.yml', 'stack.staging.yml', 'docker-compose.staging.yml', 'docker-compose.production.yml', 'Dockerfile', '*.tests.ts' ] \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..329e10d --- /dev/null +++ b/README.md @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/docker-compose.production.yml b/docker-compose.production.yml new file mode 100644 index 0000000..1a3b77c --- /dev/null +++ b/docker-compose.production.yml @@ -0,0 +1,10 @@ +version: "3.9" +services: + redis: + build: + context: docker/redis + image: git.nixc.us/colin/haste:redis-production + haste: + build: + context: docker/haste + image: git.nixc.us/colin/haste:haste-production \ No newline at end of file diff --git a/docker-compose.staging.yml b/docker-compose.staging.yml new file mode 100644 index 0000000..1622e63 --- /dev/null +++ b/docker-compose.staging.yml @@ -0,0 +1,10 @@ +version: "3.9" +services: + redis: + build: + context: docker/redis + image: git.nixc.us/colin/haste:redis-staging + haste: + build: + context: docker/haste + image: git.nixc.us/colin/haste:haste-staging \ No newline at end of file diff --git a/docker-compose.test.yml b/docker-compose.test.yml new file mode 100644 index 0000000..20dbd44 --- /dev/null +++ b/docker-compose.test.yml @@ -0,0 +1,18 @@ +version: '3' +services: + app: + image: git.nixc.us/colin/haste:haste-staging + environment: + TEST_MODE: "true" + STORAGE_TYPE: "redis" + STORAGE_HOST: "redis" + depends_on: + - redis + networks: + - haste-test + redis: + image: redis + networks: + - haste-test +networks: + haste-test: \ No newline at end of file diff --git a/docker/haste/Dockerfile b/docker/haste/Dockerfile new file mode 100644 index 0000000..9a41c21 --- /dev/null +++ b/docker/haste/Dockerfile @@ -0,0 +1,13 @@ +FROM node:6-alpine as builder +RUN apk add --no-cache git +RUN git clone https://git.nixc.us/Nixius/hastebin.git /app +WORKDIR /app +RUN npm install --production +RUN chmod +x app.sh + +FROM node:6-alpine +WORKDIR /app +COPY --from=builder /app . +RUN npm install --production +RUN npm install mocha +CMD ["/app/app.sh"] diff --git a/docker/redis/Dockerfile b/docker/redis/Dockerfile new file mode 100644 index 0000000..9a2852e --- /dev/null +++ b/docker/redis/Dockerfile @@ -0,0 +1 @@ +FROM redis:6-alpine \ No newline at end of file diff --git a/stack.production.yml b/stack.production.yml new file mode 100644 index 0000000..45cf3fe --- /dev/null +++ b/stack.production.yml @@ -0,0 +1,47 @@ +version: '3.8' + +services: + redis: + image: git.nixc.us/colin/haste:redis-production + # volumes: + # - redis_data:/data + networks: + - default + deploy: + # placement: + # constraints: + # - node.hostname == macmini3 + replicas: 1 + restart_policy: + condition: on-failure + + haste: + image: git.nixc.us/colin/haste:haste-production + # volumes: + # - public_system:/haste/public/system + networks: + - traefik + - default + deploy: + # placement: + # constraints: + # - node.hostname == macmini3 + labels: + us.nixc.autodeploy: "true" + traefik.enable: "true" + traefik.http.routers.production-haste_haste.rule: "Host(`haste.nixc.us`)" + traefik.http.routers.production-haste_haste.entrypoints: "websecure" + traefik.http.routers.production-haste_haste.tls: "true" + traefik.http.routers.production-haste_haste.tls.certresolver: "letsencryptresolver" + traefik.http.routers.production-haste_haste.service: "production-haste_haste" + traefik.http.services.production-haste_haste.loadbalancer.server.port: "7777" + traefik.docker.network: "traefik" + replicas: 1 + restart_policy: + condition: on-failure + +networks: + traefik: + external: true + default: + driver: overlay \ No newline at end of file diff --git a/stack.staging.yml b/stack.staging.yml new file mode 100644 index 0000000..06d1b62 --- /dev/null +++ b/stack.staging.yml @@ -0,0 +1,64 @@ +version: '3.8' + +services: + redis: + image: git.nixc.us/colin/haste:redis-staging + # volumes: + # - redis_data:/data + networks: + - default + deploy: + # placement: + # constraints: + # - node.hostname == macmini3 + replicas: 1 + restart_policy: + condition: on-failure + + haste: + image: git.nixc.us/colin/haste:haste-staging + # volumes: + # - public_system:/haste/public/system + networks: + - traefik + - default + environment: + HOST: "0.0.0.0" + PORT: "7777" + KEY_LENGTH: "10" + MAX_LENGTH: "400000" + STATIC_MAX_AGE: "7776000" + RECOMPRESS_STATIC_ASSETS: "true" + LOGGING_LEVEL: "verbose" + LOGGING_TYPE: "Console" + LOGGING_COLORIZE: "false" + KEY_GENERATOR_TYPE: "phonetic" + STORAGE_TYPE: "redis" + STORAGE_PATH: "./data" + STORAGE_HOST: "haste-staging_redis" + STORAGE_PORT: "6379" + STORAGE_DB: "2" + STORAGE_EXPIRE: "2592000" + deploy: + # placement: + # constraints: + # - node.hostname == macmini3 + labels: + us.nixc.autodeploy: "true" + traefik.enable: "true" + traefik.http.routers.staging-haste_haste.rule: "Host(`staging.haste.nixc.us`)" + traefik.http.routers.staging-haste_haste.entrypoints: "websecure" + traefik.http.routers.staging-haste_haste.tls: "true" + traefik.http.routers.staging-haste_haste.tls.certresolver: "letsencryptresolver" + traefik.http.routers.staging-haste_haste.service: "staging-haste_haste" + traefik.http.services.staging-haste_haste.loadbalancer.server.port: "7777" + traefik.docker.network: "traefik" + replicas: 1 + restart_policy: + condition: on-failure + +networks: + traefik: + external: true + default: + driver: overlay \ No newline at end of file