From d15029c0e1a1de2745bdeda281af3d7537d12cb2 Mon Sep 17 00:00:00 2001 From: Ambroise Maupate Date: Mon, 4 Mar 2024 16:52:52 +0100 Subject: [PATCH] ci: Added GitHub Actions to test starter install, and Gitlab CI example file for build and docker deploy --- .github/workflows/test-install.yml | 30 ++++++ .gitlab-ci.yml | 144 +++++++++++++++++++++++++++++ docker/node/Dockerfile | 25 +++++ 3 files changed, 199 insertions(+) create mode 100644 .github/workflows/test-install.yml create mode 100644 .gitlab-ci.yml create mode 100644 docker/node/Dockerfile diff --git a/.github/workflows/test-install.yml b/.github/workflows/test-install.yml new file mode 100644 index 0000000..81488da --- /dev/null +++ b/.github/workflows/test-install.yml @@ -0,0 +1,30 @@ +name: Test install + +on: + push: + branches: + - main + tags: ['**'] + pull_request: + types: + - opened + - reopened + - synchronize + - ready_for_review + +jobs: + test-install: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Install Node.js + uses: actions/setup-node@v3 + with: + node-version: 20 + - uses: pnpm/action-setup@v3 + name: Install pnpm + with: + version: 8 + run_install: false + - name: Install dependencies + run: pnpm install diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..8e241d5 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,144 @@ +image: node:20 + +stages: + - build + - docker + - release + +# AutoDevOps templates for security +include: + - template: Jobs/Secret-Detection.gitlab-ci.yml + - template: Jobs/Dependency-Scanning.gitlab-ci.yml + +.frontend-cache: &frontend-cache + # See https://pnpm.io/continuous-integration#gitlab-ci + cache: + key: + files: + - pnpm-lock.yaml + paths: + - .pnpm-store + +.staging-env: &staging-env + environment: + name: staging + url: "https://my-website.test" + variables: + NUXT_PUBLIC_API_URL: "https://my-website.test" + NUXT_PUBLIC_SITE_URL: "https://my-website.test" + NUXT_PUBLIC_INTERVENTION_REQUEST_BASE_URL: "https://my-website.test/assets" + NUXT_PUBLIC_INTERVENTION_REQUEST_NO_PROCESS_BASE_URL: "https://my-website.test/files" + NUXT_APP_CHANNEL: "$CI_COMMIT_SHORT_SHA $CI_ENVIRONMENT_NAME" + +.production-env: &production-env + environment: + name: production + url: "https://www.my-website.test" + variables: + NUXT_PUBLIC_API_URL: "https://www.my-website.test" + NUXT_PUBLIC_SITE_URL: "https://www.my-website.test" + NUXT_PUBLIC_INTERVENTION_REQUEST_BASE_URL: "https://www.my-website.test/assets" + NUXT_PUBLIC_INTERVENTION_REQUEST_NO_PROCESS_BASE_URL: "https://www.my-website.test/files" + NUXT_APP_CHANNEL: "$CI_COMMIT_SHORT_SHA $CI_ENVIRONMENT_NAME" + + +## Common scripts and artifacts for develop and main jobs +.build-commons: &build-commons + artifacts: + name: "build_${CI_COMMIT_REF_NAME}_${CI_COMMIT_SHORT_SHA}" + expire_in: 1 hour + paths: + - .output/ + # See https://pnpm.io/continuous-integration#gitlab-ci + before_script: + - corepack enable + - corepack prepare pnpm@latest-8 --activate + - pnpm config set store-dir .pnpm-store + script: + - cd frontend + - pnpm install --config.platform=linuxmusl --config.architecture=x64 +# - pnpm lint + - pnpm build + +# =========== +# SSR STAGING +# =========== +ssr_build_develop: + stage: build + interruptible: true + only: + - merge_requests + - develop + except: + - tags + - main + <<: *frontend-cache + <<: *staging-env + <<: *build-commons + +ssr_docker_develop: + stage: docker + only: + - develop + image: docker:git + services: + - docker:dind + when: on_success + <<: *staging-env + needs: [ "ssr_build_develop" ] + dependencies: [ "ssr_build_develop" ] + script: + - "docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}" + # App image build + - "docker build -t ${CI_REGISTRY_IMAGE}/node:develop -f docker/node/Dockerfile ." + - "docker push ${CI_REGISTRY_IMAGE}/node:develop" + +# ======== +# SSR PROD +# ======== +ssr_build_tags: + stage: build + interruptible: true + only: + - tags + <<: *frontend-cache + <<: *production-env + <<: *build-commons + +ssr_docker_tags: + stage: docker + only: + - tags + image: docker:git + <<: *production-env + services: + - docker:dind + when: on_success + needs: [ "ssr_build_tags" ] + dependencies: [ "ssr_build_tags" ] + script: + # Connect to your Gitlab Registry + - "docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}" + # App image build + - "docker build -t ${CI_REGISTRY_IMAGE}/node:latest -t ${CI_REGISTRY_IMAGE}/node:${CI_COMMIT_TAG} -f docker/node/Dockerfile ." + - "docker push ${CI_REGISTRY_IMAGE}/node:latest" + - "docker push ${CI_REGISTRY_IMAGE}/node:${CI_COMMIT_TAG}" + + +# ========================================== +# Create release on Gitlab repository +# ========================================== +create_gitlab_release: + stage: release + image: registry.gitlab.com/gitlab-org/release-cli:latest + rules: + - if: $CI_COMMIT_TAG + script: + - echo "Running the release job." + needs: [ "common_docker_images" ] + <<: *production-env + when: on_success + release: + tag_name: $CI_COMMIT_TAG + name: 'Release $CI_COMMIT_TAG' + description: './CHANGELOG.md' diff --git a/docker/node/Dockerfile b/docker/node/Dockerfile new file mode 100644 index 0000000..d7154eb --- /dev/null +++ b/docker/node/Dockerfile @@ -0,0 +1,25 @@ +FROM node:20-alpine + +# Add libvips for IPX support nuxt/image on Alpine +RUN apk add --upgrade --no-cache vips-dev build-base --repository https://alpine.global.ssl.fastly.net/alpine/v3.10/community/ + +# create destination directory +RUN mkdir -p /usr/src/nuxt-app && \ + apk add curl +WORKDIR /usr/src/nuxt-app + +HEALTHCHECK --start-period=1m30s --interval=1m --timeout=6s CMD curl --fail -I http://localhost:3000 + +# copy the app, note .dockerignore +COPY .output /usr/src/nuxt-app/.output +# set app serving to permissive / assigned +ENV HOST=0.0.0.0 +# set app port +ENV PORT=3000 +ENV NODE_ENV=production +ENV NITRO_PRESET=node_cluster +# expose 5000 on container +EXPOSE 3000 +# start the app +CMD [ "node", ".output/server/index.mjs" ] +