Theaninova/openstapps
1
0
Fork 0
mirror of https://gitlab.com/openstapps/openstapps.git synced 2026-01-10 11:42:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ci: refinie web deploy job

Browse Source
This commit is contained in:
Rainer Killinger
2022-03-14 14:50:49 +01:00
parent 3eeab34bc1
commit 58ce196507
5 changed files with 66 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.gitlab-ci.yml
View File

@@ -25,11 +25,17 @@ web:
script: script:
- > - >
if [ "$RELEASE_TYPE" == "staging" ]; then if [ "$RELEASE_TYPE" == "staging" ]; then
echo "Handle staging artifact here"; # USE GITLAB PROTECTED & MASKED CI VARIABLES TO PROVIDE THE FOLLOWING DATA!
# USE AN UNPRIVILIGED USER WITH ACCESS ONLY TO THIS DIRECTORY
# example: $STAGING_SCP_TARGET = deployuser@staging.environment.com:/path/for/web/data
sh static/scripts/ssh_deploy.sh $STAGING_SCP_TARGET $STAGING_TARGET_SSH_PRIVATE_KEY
fi fi
if [ "$RELEASE_TYPE" == "production" ]; then if [ "$RELEASE_TYPE" == "production" ]; then
echo "Handle production artifact here"; # USE GITLAB PROTECTED & MASKED CI VARIABLES TO PROVIDE THE FOLLOWING DATA!
# USE AN UNPRIVILIGED USER WITH ACCESS ONLY TO THIS DIRECTORY
# example: $PRODUCTION_SCP_TARGET = deployuser@production.environment.com:/path/for/web/data
sh static/scripts/ssh_deploy.sh $PRODUCTION_SCP_TARGET $PRODUCTION_TARGET_SSH_PRIVATE_KEY
fi fi
artifacts: artifacts:
untracked: false untracked: false

3
Dockerfile
View File

@@ -10,7 +10,8 @@ RUN apt-get update && \
apt-get install -y --no-install-recommends \ apt-get install -y --no-install-recommends \
xmlstarlet \ xmlstarlet \
ruby-full \ ruby-full \
zip zip \
openssh-client
RUN gem install bundler RUN gem install bundler

2
Makefile
View File

@@ -27,7 +27,7 @@ web-build: configuration-web
cd app && ionic build --prod cd app && ionic build --prod
web: web-build web: web-build
cd app && zip -r ../www.zip www cd app/www && zip -r ../../www.zip .
echo "Web application artifact for version ${VERSION} is archived in www.zip" echo "Web application artifact for version ${VERSION} is archived in www.zip"
prepare-android: configuration-android prepare-android: configuration-android

2
app.conf.sample
View File

@@ -20,6 +20,7 @@ APPLE_API_KEY_ID="123ACAB456" # Your API key i
APPLE_API_KEY_ISSUER_ID="1234578-1234-1234-1234-12345678901" # Your API key issuer id APPLE_API_KEY_ISSUER_ID="1234578-1234-1234-1234-12345678901" # Your API key issuer id
# Provide the following environment variable in a secure fashion. # Provide the following environment variable in a secure fashion.
# When used in CI protect and mask the variable.
# Don't change the following line! # Don't change the following line!
APPLE_API_KEY_CONTENT="${APPLE_API_KEY_CONTENT:-'unset'}" # Base64 encoded contents of Apple API key file (.p8 file) APPLE_API_KEY_CONTENT="${APPLE_API_KEY_CONTENT:-'unset'}" # Base64 encoded contents of Apple API key file (.p8 file)
@@ -29,6 +30,7 @@ APPLE_API_KEY_CONTENT="${APPLE_API_KEY_CONTENT:-'unset'}" # Base64 encoded
ANDROID_PACKAGE_NAME="de.anyschool.app.android" # Your Google Playconsole app package name ANDROID_PACKAGE_NAME="de.anyschool.app.android" # Your Google Playconsole app package name
# Provide the following environment variables in a secure fashion. # Provide the following environment variables in a secure fashion.
# When used in CI protect and mask the variables.
# Don't change the following lines! # Don't change the following lines!
ANDROID_API_KEY_CONTENT="${ANDROID_API_KEY_CONTENT:-'unset'}" # Base64 encoded contents of your API key file (.json file) ANDROID_API_KEY_CONTENT="${ANDROID_API_KEY_CONTENT:-'unset'}" # Base64 encoded contents of your API key file (.json file)
ANDROID_KEYSTORE_PASSWORD="${ANDROID_KEYSTORE_PASSWORD:-'unset'}" # Passwort to your keyfile ANDROID_KEYSTORE_PASSWORD="${ANDROID_KEYSTORE_PASSWORD:-'unset'}" # Passwort to your keyfile

53
static/scripts/ssh_deploy.sh Normal file
View File

@@ -0,0 +1,53 @@
#!/usr/bin/env bash
set -e
SSH_DEPLOY_TARGET=$1
SSH_DEPLOY_TARGET="${SSH_DEPLOY_TARGET:-"missingtarget"}"
SSH_PRIVATE_KEY=$2
SSH_PRIVATE_KEY="${SSH_PRIVATE_KEY:-"missingkey"}"
GOTO_FAIL=false
if [ "$SSH_DEPLOY_TARGET" = "missingtarget" ]; then
echo "SSH target for web deployment job is unset!"
GOTO_FAIL=true
fi
if [ "$SSH_PRIVATE_KEY" = "missingkey" ]; then
echo "SSH key for web deployment job is unset!"
GOTO_FAIL=true
fi
if [ "$GOTO_FAIL" = true ]; then
return 1
fi
IFS='@' read -ra TARGET_COMPONENTS <<< "$SSH_DEPLOY_TARGET"
SSH_DEPLOY_TARGET_USER="${TARGET_COMPONENTS[0]:-"missinguser"}"
IFS=':' read -ra TARGET_COMPONENTS <<< "$TARGET_COMPONENTS"
SSH_DEPLOY_TARGET_HOST="${TARGET_COMPONENTS[0]:-"missinghost"}"
SSH_DEPLOY_TARGET_PATH="${TARGET_COMPONENTS[1]:-"missingpath"}"
## Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
## We're using tr to fix line endings which makes ed25519 keys work
## without extra base64 encoding.
## https://gitlab.com/gitlab-examples/ssh-private-key/issues/1#note_48526556
##
echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
##
## Use ssh-keyscan to scan the keys of your private server. Replace gitlab.com
## with your own domain name. You can copy and repeat that command if you have
## more than one server to connect to.
mkdir -p ~/.ssh
chmod 700 ~/.ssh
ssh-keyscan $SSH_DEPLOY_TARGET_HOST >> ~/.ssh/known_hosts
chmod 644 ~/.ssh/known_hosts
scp www.zip "$SSH_DEPLOY_TARGET"
ssh "$SSH_DEPLOY_TARGET_USER@$SSH_DEPLOY_TARGET_HOST" "cd $SSH_DEPLOY_TARGET_PATH && unzip -o www.zip && rm -f www.zip"