/
.gitlab-ci.yml
138 lines (129 loc) · 4.33 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
services:
- postgres:11-alpine
variables:
POSTGRES_PASSWORD: secret
DATABASE_URL: postgres
stages:
- build
- test
- deploy
.base:
image: ruby:2.6.3
dependencies:
- build
cache:
key: gems_and_packages
paths:
- apt-cache/
- ./vendor
policy: pull
before_script:
- gem install bundler --no-document
- bundle install --jobs $(nproc) --path=vendor
build:
stage: build
artifacts:
paths:
- app/
- bin/
- config/
- db/
- lib/
- spec/
- config.ru
- Gemfile
- Gemfile.lock
- Rakefile
- .rubocop.yml
- .rspec
- .ruby-version
name: '$CI_COMMIT_SHA'
expire_in: 1d
when: on_success
script:
- apt update -q && apt install libpq-dev postgresql-client nodejs -yqq
- cp config/database.yml.example config/database.yml
- cp config/ldap.yml.example config/ldap.yml
- gem install bundler --no-document
- bundle install -j $(nproc) --path=vendor # Install dependencies into ./vendor/ruby
- uname -a
- du -h -d1 ./
- cat config/database.yml
# check postgres
#- export PGPASSWORD=$POSTGRES_PASSWORD
# - psql -h postgres -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "SELECT 'OK' AS status;"
- bundle exec rake db:setup RAILS_ENV=test
rspec:
stage: test
extends: .base
allow_failure: true
script:
- apt update -q && apt install nodejs -yqq
- cp config/database.yml.example config/database.yml
- cp config/ldap.yml.example config/ldap.yml
# change ldap-auth to database-auth
- sed -i 's/config.authentication_keys = \[ :username \]/config.authentication_keys = \[ :email \]/' config/initializers/devise.rb
- sed -i 's/devise :ldap_authenticatable/devise :database_authenticatable/g' app/models/user.rb
- sed -i 's/before_save :ldap_email/# before_save :ldap_email/g' app/models/user.rb
#- bundle install -j $(nproc) --path vendor # Install dependencies into ./vendor/ruby
- bundle exec rake db:create db:migrate RAILS_ENV=test
- bundle exec rspec
rubocop:
stage: test
allow_failure: true
script:
- gem install rubocop rubocop-rails rubocop-rspec rubocop-performance rubocop-faker
- rubocop -V
- ls -al .rubocop.yml
- rubocop --config .rubocop.yml --format offenses
bundle_audit:
stage: test
extends: .base
allow_failure: true
script:
- bundle exec bundle audit check --update
- gem install brakeman
- brakeman --ignore-model-output --rails5 --color --except FileAccess
to_staging:
stage: deploy
dependencies:
- build
environment:
name: staging
script:
- 'which ssh-agent || ( apt update -y && apt install openssh-client -yqq )' # install ssh-agent
- eval $(ssh-agent -s) # run ssh-agent
- ssh-add <(echo "$SSH_PRIVATE_KEY_VRDEV1")
- ssh-add -l
- mkdir -p ~/.ssh && chmod 700 ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
- ssh-keyscan bp1step-dev.ad.bankperm.ru >> ~/.ssh/known_hosts
- echo -e "$SSH_PUBLIC_KEY_VRDEV1" > ~/.ssh/id_rsa.pub
- echo -e "$SSH_PRIVATE_KEY_VRDEV1" > ~/.ssh/id_rsa
- ssh $DEPLOY_USER@bp1step-dev.ad.bankperm.ru 'ls -al /home/rubydev/bp1step/'
- bundle install -j $(nproc) --without test production --path=vendor # Install dependencies into ./vendor/ruby
- bundle exec cap staging deploy
only:
- master
to_production:
stage: deploy
dependencies:
- build
environment:
name: production
when: manual
script:
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -yqq )' # install ssh-agent
- eval $(ssh-agent -s) # run ssh-agent
- ssh-add <(echo "$SSH_PRIVATE_KEY_VRDEV")
- ssh-add -l
- mkdir -p ~/.ssh && chmod 700 ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
- ssh-keyscan bp1step.ad.bankperm.ru >> ~/.ssh/known_hosts
#- echo -e "$SSH_PUBLIC_KEY_VRDEV" > ~/.ssh/id_rsa.pub
#- echo -e "$SSH_PRIVATE_KEY_VRDEV" > ~/.ssh/id_rsa
- ssh $DEPLOY_USER@bp1step.ad.bankperm.ru 'ls -al /home/rubydev/bp1step/'
- bundle install -j $(nproc) --without test staging --path=vendor # Install dependencies into ./vendor/ruby
- bundle exec cap production deploy
only:
- master