Newer
Older
DOCKER_HOST: "tcp://docker-dind.gitlab-suma:2375"
DOCKER_BUILD_IMAGE: docker:20.10.15
DOCKER_IMAGE_NAME: keymanager
KUBERNETES_DEPLOY_IMAGE: alpine/k8s:1.24.4
stages:
- build
npm_deps:
stage: build
image: ${NODE_IMAGE}
variables:
build:
stage: build
image: ${DOCKER_BUILD_IMAGE}
before_script:
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
script:
- docker build --network=host -t ${CI_REGISTRY_IMAGE}/${DOCKER_IMAGE_NAME}:${DOCKER_TAG_NAME} -f ./build/pass/Dockerfile .
- docker push ${CI_REGISTRY_IMAGE}/${DOCKER_IMAGE_NAME}:${DOCKER_TAG_NAME}
after_script:
- docker logout $CI_REGISTRY
update_secret:
stage: build
image: ${KUBERNETES_DEPLOY_IMAGE}
before_script:
- kubectl config use-context open-source/metager-keymanager:gitlab-agent
script: |
kubectl -n ${KUBERNETES_NAMESPACE} create secret generic ${HELM_RELEASE_NAME} \
--from-file=production.json=${PRODUCTION_CONFIG} \
--dry-run=client \
--save-config \
-o yaml | \
kubectl apply -f -
kubectl -n ${KUBERNETES_NAMESPACE} create secret generic ${HELM_RELEASE_NAME}-backuprsa \
--from-file=id_rsa=${BACKUP_ID_RSA} \
--from-file=known_hosts=${BACKUP_KNOWN_HOSTS} \
--dry-run=client \
--save-config \
-o yaml | \
kubectl apply -f -
kubectl -n ${KUBERNETES_NAMESPACE} create secret generic ${HELM_RELEASE_NAME}-backupenv \
--from-env-file=${BACKUP_ENV} \
--dry-run=client \
--save-config \
-o yaml | \
kubectl apply -f -
deploy:
stage: deploy
image: ${KUBERNETES_DEPLOY_IMAGE}
before_script:
- kubectl config use-context open-source/metager-keymanager:gitlab-agent
script: |
kubectl -n ${KUBERNETES_NAMESPACE} delete --ignore-not-found job keymanager-migration-job
helm -n ${KUBERNETES_NAMESPACE} upgrade --install ${HELM_RELEASE_NAME} chart/ \
--set application.secretName=${HELM_RELEASE_NAME} \
--set image.repository=${CI_REGISTRY_IMAGE}/${DOCKER_IMAGE_NAME} \