From 7b7c027222e6b551a17259aa9737b0f5d5c59040 Mon Sep 17 00:00:00 2001 From: Lars Gebhardt-Kusche Date: Tue, 2 Dec 2025 00:41:12 +0100 Subject: [PATCH] Update .gitlab-ci.yml file --- .gitlab-ci.yml | 254 +++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 225 insertions(+), 29 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 994d98c..e812a15 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,31 +1,227 @@ -# You can override the included template(s) by including variable overrides -# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings -# Secret Detection customization: https://docs.gitlab.com/user/application_security/secret_detection/pipeline/configure -# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings -# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings -# Note that environment variables can be set in several places -# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence stages: -- build -- test -- deploy -- review -- dast -- staging -- canary -- production -- incremental rollout 10% -- incremental rollout 25% -- incremental rollout 50% -- incremental rollout 100% -- performance -- cleanup -- secret-detection -sast: - stage: test -include: -- template: Auto-DevOps.gitlab-ci.yml + - deploy + +# ----------------------------------------- +# Globale Variablen +# ----------------------------------------- variables: - SECRET_DETECTION_ENABLED: 'true' -secret_detection: - stage: secret-detection + BASE_DIRS: "src public api partials tools" + CONFIG_BASE_DIR: "config" + +# Standard-Image fΓΌr alle Jobs +default: + image: usbcheck/ci-usbcheck-deploy:latest + +# ----------------------------------------- +# Deployment auf STAGING +# ----------------------------------------- +deploy:staging: + stage: deploy + + variables: + TARGET_PATH: "${FTP_PATH_STAGING}" + CONFIG_ENV_DIR: "config/staging" + + before_script: + - echo "πŸ“‚ CI Workspace:" + - pwd + - ls -la + - echo "πŸ“ PrΓΌfe & zeige Projektverzeichnisse:" + - | + for d in $BASE_DIRS $CONFIG_BASE_DIR $CONFIG_ENV_DIR; do + echo "----------------------------------------" + if [ -d "$d" ]; then + echo "πŸ“‚ Inhalt von $d/:" + ls -la "$d/" + else + echo "⚠️ Verzeichnis '$d' existiert nicht!" + fi + done + + script: + - | + echo "πŸ“ PrΓΌfe lokale Basisverzeichnisse..." + MISSING=0 + + for d in $BASE_DIRS; do + if [ ! -d "$d" ]; then + echo "❌ Verzeichnis '$d/' fehlt im Repo!" + MISSING=1 + fi + done + + if [ ! -d "$CONFIG_BASE_DIR" ]; then + echo "❌ Basis-Konfig-Verzeichnis '$CONFIG_BASE_DIR/' fehlt!" + MISSING=1 + fi + + if [ ! -d "$CONFIG_ENV_DIR" ]; then + echo "❌ Env-Konfiguration '$CONFIG_ENV_DIR/' fehlt!" + MISSING=1 + fi + + if [ "$MISSING" -ne 0 ]; then + echo "β›” Abbruch wegen fehlender Verzeichnisse." + exit 1 + fi + + echo "πŸš€ Deploy ${CI_ENVIRONMENT_NAME} β†’ ${FTP_HOST}:${TARGET_PATH}" + + for d in $BASE_DIRS; do + echo "πŸ” Sync ${d}/ β†’ ${TARGET_PATH}${d}/" + lftp -u "${FTP_USER}","${FTP_PASSWORD}" "${FTP_HOST}" -e " + set ftp:ssl-force true; + set ftp:passive-mode true; + set ftp:ssl-protect-data true; + set ssl:verify-certificate no; + mirror -R --delete --exclude .gitkeep ${d}/ ${TARGET_PATH}${d}/; + bye + " || { echo "❌ Upload fΓΌr Verzeichnis '${d}' fehlgeschlagen."; exit 1; } + done + + echo "🧩 Baue gemischtes Config-Verzeichnis (config/*.php + ${CONFIG_ENV_DIR})..." + rm -rf .ci_config_deploy + mkdir -p .ci_config_deploy + + if [ -d "${CONFIG_BASE_DIR}" ]; then + for f in ${CONFIG_BASE_DIR}/*.php; do + if [ -f "$f" ]; then + echo "βž• Basis-Config-Datei: $f" + cp "$f" .ci_config_deploy/ + fi + done + fi + + if [ -d "${CONFIG_ENV_DIR}" ]; then + echo "βž• Env-Config aus ${CONFIG_ENV_DIR}/" + cp -R ${CONFIG_ENV_DIR}/. .ci_config_deploy/ + fi + + echo "πŸ” Sync .ci_config_deploy/ β†’ ${TARGET_PATH}${CONFIG_BASE_DIR}/" + lftp -u "${FTP_USER}","${FTP_PASSWORD}" "${FTP_HOST}" -e " + set ftp:ssl-force true; + set ftp:passive-mode true; + set ftp:ssl-protect-data true; + set ssl:verify-certificate no; + lcd .ci_config_deploy; + mirror -R --delete --exclude .gitkeep ./ ${TARGET_PATH}${CONFIG_BASE_DIR}/; + bye + " || { echo "❌ Upload fΓΌr gemischtes Config-Verzeichnis fehlgeschlagen."; exit 1; } + + echo "βœ… Deploy ${CI_ENVIRONMENT_NAME} abgeschlossen." + + environment: + name: staging + url: https://staging.emailtemplate.it + + only: + - develop + - merge_requests + + +# ----------------------------------------- +# Deployment auf PRODUCTION +# ----------------------------------------- +deploy:production: + stage: deploy + + variables: + TARGET_PATH: "${FTP_PATH_PROD}" + CONFIG_ENV_DIR: "config/prod" + + before_script: + - echo "πŸ“‚ CI Workspace:" + - pwd + - ls -la + - echo "πŸ“ PrΓΌfe & zeige Projektverzeichnisse:" + - | + for d in $BASE_DIRS $CONFIG_BASE_DIR $CONFIG_ENV_DIR; do + echo "----------------------------------------" + if [ -d "$d" ]; then + echo "πŸ“‚ Inhalt von $d/:" + ls -la "$d/" + else + echo "⚠️ Verzeichnis '$d' existiert nicht!" + fi + done + + script: + - | + echo "πŸ“ PrΓΌfe lokale Basisverzeichnisse..." + MISSING=0 + + for d in $BASE_DIRS; do + if [ ! -d "$d" ]; then + echo "❌ Verzeichnis '$d/' fehlt im Repo!" + MISSING=1 + fi + done + + if [ ! -d "$CONFIG_BASE_DIR" ]; then + echo "❌ Basis-Konfig-Verzeichnis '$CONFIG_BASE_DIR/' fehlt!" + MISSING=1 + fi + + if [ ! -d "$CONFIG_ENV_DIR" ]; then + echo "❌ Env-Konfiguration '$CONFIG_ENV_DIR/' fehlt!" + MISSING=1 + fi + + if [ "$MISSING" -ne 0 ]; then + echo "β›” Abbruch wegen fehlender Verzeichnisse." + exit 1 + fi + + echo "πŸš€ Deploy ${CI_ENVIRONMENT_NAME} β†’ ${FTP_HOST}:${TARGET_PATH}" + + for d in $BASE_DIRS; do + echo "πŸ” Sync ${d}/ β†’ ${TARGET_PATH}${d}/" + lftp -u "${FTP_USER}","${FTP_PASSWORD}" "${FTP_HOST}" -e " + set ftp:ssl-force true; + set ftp:passive-mode true; + set ftp:ssl-protect-data true; + set ssl:verify-certificate no; + mirror -R --delete --exclude .gitkeep ${d}/ ${TARGET_PATH}${d}/; + bye + " || { echo "❌ Upload fΓΌr Verzeichnis '${d}' fehlgeschlagen."; exit 1; } + done + + echo "🧩 Baue gemischtes Config-Verzeichnis (config/*.php + ${CONFIG_ENV_DIR})..." + rm -rf .ci_config_deploy + mkdir -p .ci_config_deploy + + if [ -d "${CONFIG_BASE_DIR}" ]; then + for f in ${CONFIG_BASE_DIR}/*.php; do + if [ -f "$f" ]; then + echo "βž• Basis-Config-Datei: $f" + cp "$f" .ci_config_deploy/ + fi + done + fi + + if [ -d "${CONFIG_ENV_DIR}" ]; then + echo "βž• Env-Config aus ${CONFIG_ENV_DIR}/" + cp -R ${CONFIG_ENV_DIR}/. .ci_config_deploy/ + fi + + echo "πŸ” Sync .ci_config_deploy/ β†’ ${TARGET_PATH}${CONFIG_BASE_DIR}/" + lftp -u "${FTP_USER}","${FTP_PASSWORD}" "${FTP_HOST}" -e " + set ftp:ssl-force true; + set ftp:passive-mode true; + set ftp:ssl-protect-data true; + set ssl:verify-certificate no; + lcd .ci_config_deploy; + mirror -R --delete --exclude .gitkeep ./ ${TARGET_PATH}${CONFIG_BASE_DIR}/; + bye + " || { echo "❌ Upload fΓΌr gemischtes Config-Verzeichnis fehlgeschlagen."; exit 1; } + + echo "βœ… Deploy ${CI_ENVIRONMENT_NAME} abgeschlossen." + + environment: + name: production + url: https://emailtemplate.it + + only: + - main + # when: manual +