-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.gitlab-ci.yml
167 lines (141 loc) · 5.44 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
image: docker:20.10.16
services:
- docker:20.10.16-dind
variables:
AWS_DEFAULT_REGION: us-east-1
DOCKER_TLS_CERTDIR: "/certs"
EC2_IP: "${EC2_PUBLIC_IP}" # Replace with your EC2 IP
stages:
- test
- build
- deploy
- monitor
test:
image: python:3.9-slim
services: []
before_script:
- python -m pip install --upgrade pip
script:
- cd backend/services/auth_service
- pip install -r requirements.txt
- pip install pytest
- python -m pytest tests/ || true
build:
stage: build
before_script:
- docker login -u $DOCKER_USERNAME -p $DOCKER_HUB_PERSONAL_ACESS_TOKEN
script:
- docker-compose build --no-cache
- docker images
- docker tag videostreaming_devops_project_gitlab_frontend:latest ${DOCKER_REPO}:frontend
- docker tag videostreaming_devops_project_gitlab_video_service:latest ${DOCKER_REPO}:video_service
- docker tag videostreaming_devops_project_gitlab_watchlist_service:latest ${DOCKER_REPO}:watchlist_service
- docker tag videostreaming_devops_project_gitlab_auth_service:latest ${DOCKER_REPO}:auth_service
- docker images
- docker push ${DOCKER_REPO}:frontend
- docker push ${DOCKER_REPO}:video_service
- docker push ${DOCKER_REPO}:watchlist_service
- docker push ${DOCKER_REPO}:auth_service
deploy:
stage: deploy
image: alpine:latest
before_script:
- apk add --no-cache openssh-client python3 py3-pip aws-cli
script:
- |
# Configure AWS credentials
echo "============ Checking AWS Credentials ============"
echo "AWS Access Key ID: ${AWS_ACCESS_KEY_ID}"
echo "AWS Secret Access Key: ${AWS_SECRET_ACCESS_KEY}"
echo "AWS Session Token: ${AWS_SESSION_TOKEN}"
echo "AWS Region: ${AWS_DEFAULT_REGION}"
echo "============ Checking other Credentials ============"
echo "SSH private key: $SSH_PRIVATE_KEY"
echo "CI registry: $CI_REGISTRY"
echo "CI registry user: $CI_REGISTRY_USER"
echo "CI registry password: $CI_REGISTRY_PASSWORD"
echo "============ End Credentials Check ============"
- aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID
- aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY
- aws configure set aws_session_token $AWS_SESSION_TOKEN
- aws configure set region $AWS_DEFAULT_REGION
# setups dependicies
- apk update && apk add --no-cache curl openssh-client python3 py3-pip aws-cli
# Verify the installations
- aws --version
- python3 --version
- ssh -V
# Update frontend config with EC2 IP
- sed -i "s|localhost|$EC2_IP|g" frontend/src/config/api.config.ts
# Save the private SSH key to a temporary file and set permissions
- echo "$SSH_PRIVATE_KEY" > private_key.pem
- chmod 600 private_key.pem
- touch .env
# Copy remote.docker-compose.yml to EC2 using the saved private key
- scp -o StrictHostKeyChecking=no -i private_key.pem remote.docker-compose.yml ec2-user@$EC2_IP:~/docker-compose.yml
- |
cat > .env << EOF
MONGODB_URI=${MONGODB_URI}
JWT_SECRET_KEY=${JWT_SECRET_KEY}
JWT_REFRESH_SECRET_KEY=${JWT_REFRESH_SECRET_KEY}
AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN}
AWS_REGION=${AWS_REGION}
S3_BUCKET=${S3_BUCKET}
CI_REGISTRY=${CI_REGISTRY}
CI_REGISTRY_USER=${CI_REGISTRY_USER}
CI_REGISTRY_PASSWORD=${CI_REGISTRY_PASSWORD}
EC2_PUBLIC_IP=${EC2_IP}
DOCKER_REPO=${DOCKER_REPO}
DEPLOYMENT_ENV=${DEPLOYMENT_ENV}
EOF
# Copy .env file to EC2 using the saved private key
- scp -o StrictHostKeyChecking=no -i private_key.pem .env ec2-user@$EC2_IP:~/
# Remove trailing white spaces and new lines from haproxy.cfg
- sed -i 's/[ \t]*$//' haproxy.cfg
- sed -i ':a;N;$!ba;s/\n$//' haproxy.cfg
# Copy haproxy config
- scp -o StrictHostKeyChecking=no -i private_key.pem haproxy.cfg ec2-user@$EC2_IP:~/haproxy.cfg
- |
ssh -o StrictHostKeyChecking=no -i private_key.pem ec2-user@$EC2_IP <<EOF
echo "Starting deployment process..."
echo "Running docker sync script..."
./docker_sync.sh
echo "Current user: $(whoami)"
echo "Stopping all containers..."
docker-compose down
echo "Pruning old containers..."
docker system prune -f
echo "Pulling Docker images..."
docker pull ${DOCKER_REPO}:frontend
docker pull ${DOCKER_REPO}:video_service
docker pull ${DOCKER_REPO}:watchlist_service
docker pull ${DOCKER_REPO}:auth_service
echo "Starting Docker containers..."
docker-compose up -d
echo "Configuring HAProxy..."
# Backup existing config if present
echo "Backing up existing HAProxy config..."
sudo cp -f /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.backup || true
echo "Installing new HAProxy config..."
sudo mv ~/haproxy.cfg /etc/haproxy/haproxy.cfg
echo "Updating haproxy with new config..."
./update_haproxy.sh
echo "verifying HAProxy config..."
sudo haproxy -c -f /etc/haproxy/haproxy.cfg
echo "Restarting HAProxy service..."
sudo systemctl restart haproxy
sudo systemctl enable haproxy
sudo systemctl status haproxy
echo "Deployment complete!"
EOF
# Remove the temporary private key file
- rm -f private_key.pem
monitor:
stage: monitor
image: python:3.11-slim
before_script:
- python -m pip install boto3
script:
- python setup_monitoring.py