stages: - lint - build - backup - deploy .configure_ssh: before_script: # Run ssh-agent for keys management - 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )' - eval $(ssh-agent -s) # Add place for ssh related files - mkdir -p ~/.ssh - chmod 700 ~/.ssh # Initialize token - chmod 400 "$SSH_PRIVATE_KEY" - ssh-add "$SSH_PRIVATE_KEY" # Add server fingerprint to known hosts - ssh-keyscan "$SSH_HOST" >> ~/.ssh/known_hosts - chmod 644 ~/.ssh/known_hosts .on_merge_request: rules: - if: $CI_PIPELINE_SOURCE == "merge_request_event" - when: never lint-ruff: stage: lint image: registry.gitlab.com/pipeline-components/ruff:latest rules: - !reference [.on_merge_request, rules] script: - echo "โ˜• Linting with ruff" - ruff check --output-format=gitlab src/ - echo "โœ… Passed" lint-mypy: stage: lint image: python:3.12 rules: - !reference [.on_merge_request, rules] before_script: - pip install mypy - apt install make - make deps script: - echo "๐Ÿ Typechecking with mypy" - mypy src - echo "โœ… Passed" build: stage: build image: docker:latest services: - docker:dind before_script: - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY rules: - if: '$CI_COMMIT_BRANCH == "main"' script: - docker pull $CI_REGISTRY_IMAGE:latest || true - docker build --target prod --build-arg BUILDKIT_INLINE_CACHE=1 --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA --tag $CI_REGISTRY_IMAGE:latest . - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA - docker push $CI_REGISTRY_IMAGE:latest database-backup: stage: backup image: ubuntu:latest rules: - if: '$CI_COMMIT_BRANCH == "main"' before_script: - !reference [.configure_ssh, before_script] script: - echo "๐Ÿ’พ backuping database" - ssh $SSH_USER@$SSH_HOST "docker exec database pg_dump --column-inserts udom >> pre_deploy.sql" - echo "โœ… Passed" deploy-dev: stage: deploy image: ubuntu:latest rules: - if: '$CI_COMMIT_BRANCH == "dev"' before_script: - !reference [.configure_ssh, before_script] script: - echo "๐Ÿš€๐Ÿงจ Deploing dev changes" - ssh $SSH_USER@$SSH_HOST "cd /root/udom_dev/ && git pull && docker compose -f compose-dev.yaml up -d --build --remove-orphans" - echo "โœ… Passed" deploy-main: stage: deploy image: ubuntu:latest rules: - if: '$CI_COMMIT_BRANCH == "main"' before_script: - !reference [.configure_ssh, before_script] script: - echo "๐Ÿš€ Deploing changes" - ssh $SSH_USER@$SSH_HOST "cd /root/udom/ && git pull && echo $SERVER_TOKEN | docker login registry.gitlab.com -u 'Server' --password-stdin && docker compose pull && docker compose up -d --build --remove-orphans" - echo "โœ… Passed"