-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy path.gitlab-ci.yml
More file actions
174 lines (161 loc) · 4.82 KB
/
.gitlab-ci.yml
File metadata and controls
174 lines (161 loc) · 4.82 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
stages:
- build
- test
- deploy
before_script:
- mkdir -p ~/.ssh
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' > /root/.ssh/id_rsa
- chmod -R 600 ~/.ssh
- echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts #make sure remote servers's ssh host keys are verified
- chmod 644 ~/.ssh/known_hosts
- mkdir -p /etc/ansible
- echo -e "xx.xx.xxx.xxx db_master\nxx.xx.xxx.xxx db_slave" >> /etc/hosts # #this let container have access to mysql server
# cache vendor packages between jobs
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
- vendor/
# environment variables set for services
variables:
MYSQL_DATABASE: project_database_name
MYSQL_USER: homestead
MYSQL_PASSWORD: secret
MYSQL_ROOT_PASSWORD: secret
# the 'pages' job will deploy and build your site to the 'public' path
pages:
stage: deploy
script:
- pushd wiki && gitbook build ./ ../public/wiki && popd
- apidoc -i app/Http/Controllers/ -o public/apidoc -t apidoc/template/
- phpcs app --report=source --standard=PSR2 >> public/phpcs_source.html || echo "success"
- phpcs app --standard=PSR2 >> public/phpcs.html || echo "success"
- phpcs app --report=diff --standard=PSR2 >> public/phpcs_diff.diff || echo "success"
- diff2html -i file -d char -s side -F public/phpcs_diff.html -- public/phpcs_diff.diff || echo "success"
- phpmd app html codesize,unusedcode,naming >> public/phpmd_Model.html || echo "success"
artifacts:
paths:
- public
only:
- master
- develop
tags:
- your-runner-tag
build:
stage: build
image: kevinyan001/git-runner:php7.1-node10
script:
- /usr/local/bin/composer install
only:
- develop
- uat
tags:
- your-runner-tag
test-dev:
stage: test
image: kevinyan001/git-runner:php7.1-node10
services:
- mysql:5.7
script:
- php artisan migrate:refresh --seed
- ./vendor/bin/phpunit
only:
- develop
tags:
- your-runner-tag
test-uat:
stage: test
image: kevinyan001/git-runner:php7.1-node10
services:
- mysql:5.7
script:
- cp .env.uat .env
- php artisan migrate:refresh --seed
- ./vendor/bin/phpunit
only:
- uat
tags:
- your-runner-tag
deploy-testing:
stage: deploy
image: kevinyan001/git-runner:php7.1-node10
variables: # set env variables, then job container can connect to the mysql service
DB_HOST: mysql
DB_PORT: '3306'
DB_DATABASE: project_database_name
DB_USERNAME: homestead
DB_PASSWORD: secret
script:
- php artisan migrate --force # sync database structure to dev mysql server
- rsync -az --delete --exclude=.git --exclude=.gitignore --exclude=.gitlab-ci.yml ./ $SERVER_TOKEN_TEST:$WEB_ROOT_TEST
- ssh $SERVER_TOKEN_TEST -t "chown -R www:www ${WEB_ROOT_TEST}"
environment:
name: test
url: http://test.example.com
only:
- develop
tags:
- your-runner-tag
deploy-uat:
stage: deploy
image: kevinyan001/git-runner:php7.1-node10
variables:
DB_HOST: mysql
DB_PORT: '3306'
DB_DATABASE: project_database_name
DB_USERNAME: homestead
DB_PASSWORD: secret
script:
- cp .env.uat .env
- php artisan migrate --force # sync database structure in uat mysql server
- rsync -az --delete --exclude=.git --exclude=.gitignore --exclude=.gitlab-ci.yml ./ $SERVER_TOKEN_UAT:$WEB_ROOT_UAT
- ssh $SERVER_TOKEN_UAT -t "chown -R www:www ${WEB_ROOT_UAT}"
environment:
name: uat
url: http://uat.example.com
when: manual
only:
- uat
tags:
- your-runner-tag
build-prod:
stage: build
image: kevinyan001/git-runner:php7.1-node10
cache:
# make sure every deployment to prod server has a unique cache key , otherwise rollback action may use different building cache
# other than cache this deployment related build job created.
key: ${CI_COMMIT_REF_SLUG}-${CI_COMMIT_SHA}
paths:
- vendor/
script:
- cp .env.master .env
- /usr/local/bin/composer install
- php artisan route:cache; php artisan config:cache; php artisan optimize --force;
only:
- release
tags:
- prod_runner01
deploy-prod:
stage: deploy
image: kevinyan001/git-runner:php7.1-node10
cache:
# cache key must be consistent with the value set in build-prod job.
key: ${CI_COMMIT_REF_SLUG}-${CI_COMMIT_SHA}
paths:
- vendor/
variables:
ANSIBLE_NO_LOG: 'true'
environment:
name: release
url: http://prod.example.com
when: manual
script:
- cp .env.master .env
- php artisan migrate --force
- ansible cube-prod -u www -m synchronize -a "src=${CI_PROJECT_DIR}/ dest=${WEB_ROOT_PROD} delete=yes archive=yes rsync_opts='--exclude=.git*'"
- ansible cube-prod -u www -m command -a "sudo su -c 'chmod -R 744 ${WEB_ROOT_PROD}'"
- ansible cube-prod -u www -m command -a "php-fpm reload"
- ssh $SERVER_TOKEN_PROD -t "sudo su -c 'supervisorctl -c /etc/supervisord.conf reload'"
only:
- release
tags:
- prod_runner01