feat: ci/cd deploy #1
33
.drone.yml
Normal file
33
.drone.yml
Normal file
@ -0,0 +1,33 @@
|
||||
---
|
||||
kind: pipeline
|
||||
name: continuous deployment
|
||||
steps:
|
||||
- name: build and push new image
|
||||
image: plugins/docker
|
||||
settings:
|
||||
username:
|
||||
from_secret: docker_reg_username
|
||||
password:
|
||||
from_secret: docker_reg_passwd
|
||||
repo: decentral1se/kios-admin
|
||||
tags: latest
|
||||
|
||||
- name: deploy image
|
||||
image: decentral1se/stack-ssh-deploy:latest
|
||||
environment:
|
||||
STACK_NAME: kios_admin_lumbung_space
|
||||
SECRET_PAYLOAD_SECRET_VERSION: v1
|
||||
settings:
|
||||
stack: kios_admin_lumbung_space
|
||||
host: lumbung.space
|
||||
deploy_key:
|
||||
from_secret: drone_ssh_lumbung.space
|
||||
depends_on:
|
||||
- build and push new image
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
- main
|
||||
event:
|
||||
exclude:
|
||||
- pull_request
|
23
Dockerfile
Normal file
23
Dockerfile
Normal file
@ -0,0 +1,23 @@
|
||||
FROM node:18-alpine as base
|
||||
|
||||
FROM base as builder
|
||||
|
||||
WORKDIR /home/node
|
||||
COPY package*.json ./
|
||||
|
||||
COPY . .
|
||||
RUN yarn install
|
||||
RUN yarn build
|
||||
|
||||
FROM base as runtime
|
||||
|
||||
ENV NODE_ENV=production
|
||||
|
||||
WORKDIR /home/node
|
||||
COPY package*.json ./
|
||||
|
||||
RUN yarn install --production
|
||||
COPY --from=builder /home/node/dist ./dist
|
||||
COPY --from=builder /home/node/build ./build
|
||||
|
||||
EXPOSE 3000
|
61
compose.yml
Normal file
61
compose.yml
Normal file
@ -0,0 +1,61 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
image: decentral1se/kios-admin:latest
|
||||
networks:
|
||||
- proxy
|
||||
volumes:
|
||||
- app:/home/node/app
|
||||
- node_modules:/home/node/app/node_modules
|
||||
environment:
|
||||
MONGODB_URI: mongodb://db:27017/payload
|
||||
PORT: 3000
|
||||
NODE_ENV: production
|
||||
PAYLOAD_SECRET_FILE: /run/secrets/payload_secret
|
||||
configs:
|
||||
- source: app_entrypoint
|
||||
target: /docker-entrypoint.sh
|
||||
mode: 0555
|
||||
secrets:
|
||||
- payload_secret
|
||||
deploy:
|
||||
update_config:
|
||||
failure_action: rollback
|
||||
order: start-first
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.coop-cloud-site.rule=Host(`kios-admin.lumbung.space`, `www.kios-admin.lumbung.space`)"
|
||||
- "traefik.http.routers.coop-cloud-site.entrypoints=web-secure"
|
||||
- "traefik.http.services.coop-cloud-site.loadbalancer.server.port=3000"
|
||||
- "traefik.http.routers.coop-cloud-site.tls.certresolver=production"
|
||||
|
||||
db:
|
||||
image: mongo:6.0.3
|
||||
command:
|
||||
- "--storageEngine=wiredTiger"
|
||||
volumes:
|
||||
- data:/data/db
|
||||
logging:
|
||||
driver: none
|
||||
|
||||
volumes:
|
||||
app:
|
||||
node_modules:
|
||||
data:
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
external: true
|
||||
|
||||
secrets:
|
||||
payload_secret:
|
||||
external: true
|
||||
name: ${STACK_NAME}_payload_secret_${SECRET_PAYLOAD_SECRET_VERSION}
|
||||
|
||||
configs:
|
||||
app_entrypoint:
|
||||
name: ${STACK_NAME}_app_entrypoint_${APP_ENTRYPOINT_VERSION}
|
||||
file: entrypoint.sh.tmpl
|
||||
template_driver: golang
|
@ -1,35 +0,0 @@
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
|
||||
payload:
|
||||
image: node:18-alpine
|
||||
ports:
|
||||
- "3000:3000"
|
||||
volumes:
|
||||
- .:/home/node/app
|
||||
- node_modules:/home/node/app/node_modules
|
||||
working_dir: /home/node/app/
|
||||
command: sh -c "yarn install && yarn dev"
|
||||
depends_on:
|
||||
- mongo
|
||||
environment:
|
||||
MONGODB_URI: mongodb://mongo:27017/payload
|
||||
PORT: 3000
|
||||
NODE_ENV: development
|
||||
PAYLOAD_SECRET: TESTING
|
||||
|
||||
mongo:
|
||||
image: mongo:latest
|
||||
ports:
|
||||
- "27017:27017"
|
||||
command:
|
||||
- --storageEngine=wiredTiger
|
||||
volumes:
|
||||
- data:/data/db
|
||||
logging:
|
||||
driver: none
|
||||
|
||||
volumes:
|
||||
data:
|
||||
node_modules:
|
29
entrypoint.sh.tmpl
Normal file
29
entrypoint.sh.tmpl
Normal file
@ -0,0 +1,29 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
file_env() {
|
||||
local var="$1"
|
||||
local fileVar="${var}_FILE"
|
||||
local def="${2:-}"
|
||||
|
||||
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
|
||||
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
local val="$def"
|
||||
|
||||
if [ "${!var:-}" ]; then
|
||||
val="${!var}"
|
||||
elif [ "${!fileVar:-}" ]; then
|
||||
val="$(< "${!fileVar}")"
|
||||
fi
|
||||
|
||||
export "$var"="$val"
|
||||
unset "$fileVar"
|
||||
}
|
||||
|
||||
file_env "PAYLOAD_SECRET"
|
||||
|
||||
node dist/server.js
|
Loading…
Reference in New Issue
Block a user