Update .gitlab-ci.yml file

.gitlab-ci.yml

@@ -1,31 +1,227 @@
-# You can override the included template(s) by including variable overrides
-# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
-# Secret Detection customization: https://docs.gitlab.com/user/application_security/secret_detection/pipeline/configure
-# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
-# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
-# Note that environment variables can be set in several places
-# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
 stages:
-- build
-- test
   - deploy
-- review
+
-- dast
+# -----------------------------------------
-- staging
+# Globale Variablen
-- canary
+# -----------------------------------------
-- production
-- incremental rollout 10%
-- incremental rollout 25%
-- incremental rollout 50%
-- incremental rollout 100%
-- performance
-- cleanup
-- secret-detection
-sast:
-  stage: test
-include:
-- template: Auto-DevOps.gitlab-ci.yml
 variables:
-  SECRET_DETECTION_ENABLED: 'true'
+  BASE_DIRS: "src public api partials tools"
-secret_detection:
+  CONFIG_BASE_DIR: "config"
-  stage: secret-detection
+
+# Standard-Image für alle Jobs
+default:
+  image: usbcheck/ci-usbcheck-deploy:latest
+
+# -----------------------------------------
+# Deployment auf STAGING
+# -----------------------------------------
+deploy:staging:
+  stage: deploy
+
+  variables:
+    TARGET_PATH: "${FTP_PATH_STAGING}"
+    CONFIG_ENV_DIR: "config/staging"
+
+  before_script:
+    - echo "📂 CI Workspace:"
+    - pwd
+    - ls -la
+    - echo "📁 Prüfe & zeige Projektverzeichnisse:"
+    - |
+      for d in $BASE_DIRS $CONFIG_BASE_DIR $CONFIG_ENV_DIR; do
+        echo "----------------------------------------"
+        if [ -d "$d" ]; then
+          echo "📂 Inhalt von $d/:"
+          ls -la "$d/"
+        else
+          echo "⚠️ Verzeichnis '$d' existiert nicht!"
+        fi
+      done
+
+  script:
+    - |
+      echo "📁 Prüfe lokale Basisverzeichnisse..."
+      MISSING=0
+
+      for d in $BASE_DIRS; do
+        if [ ! -d "$d" ]; then
+          echo "❌ Verzeichnis '$d/' fehlt im Repo!"
+          MISSING=1
+        fi
+      done
+
+      if [ ! -d "$CONFIG_BASE_DIR" ]; then
+        echo "❌ Basis-Konfig-Verzeichnis '$CONFIG_BASE_DIR/' fehlt!"
+        MISSING=1
+      fi
+
+      if [ ! -d "$CONFIG_ENV_DIR" ]; then
+        echo "❌ Env-Konfiguration '$CONFIG_ENV_DIR/' fehlt!"
+        MISSING=1
+      fi
+
+      if [ "$MISSING" -ne 0 ]; then
+        echo "⛔ Abbruch wegen fehlender Verzeichnisse."
+        exit 1
+      fi
+
+      echo "🚀 Deploy ${CI_ENVIRONMENT_NAME} → ${FTP_HOST}:${TARGET_PATH}"
+
+      for d in $BASE_DIRS; do
+        echo "🔁 Sync ${d}/ → ${TARGET_PATH}${d}/"
+        lftp -u "${FTP_USER}","${FTP_PASSWORD}" "${FTP_HOST}" -e "
+          set ftp:ssl-force true;
+          set ftp:passive-mode true;
+          set ftp:ssl-protect-data true;
+          set ssl:verify-certificate no;
+          mirror -R --delete --exclude .gitkeep ${d}/ ${TARGET_PATH}${d}/;
+          bye
+        " || { echo "❌ Upload für Verzeichnis '${d}' fehlgeschlagen."; exit 1; }
+      done
+
+      echo "🧩 Baue gemischtes Config-Verzeichnis (config/*.php + ${CONFIG_ENV_DIR})..."
+      rm -rf .ci_config_deploy
+      mkdir -p .ci_config_deploy
+
+      if [ -d "${CONFIG_BASE_DIR}" ]; then
+        for f in ${CONFIG_BASE_DIR}/*.php; do
+          if [ -f "$f" ]; then
+            echo "➕ Basis-Config-Datei: $f"
+            cp "$f" .ci_config_deploy/
+          fi
+        done
+      fi
+
+      if [ -d "${CONFIG_ENV_DIR}" ]; then
+        echo "➕ Env-Config aus ${CONFIG_ENV_DIR}/"
+        cp -R ${CONFIG_ENV_DIR}/. .ci_config_deploy/
+      fi
+
+      echo "🔁 Sync .ci_config_deploy/ → ${TARGET_PATH}${CONFIG_BASE_DIR}/"
+      lftp -u "${FTP_USER}","${FTP_PASSWORD}" "${FTP_HOST}" -e "
+        set ftp:ssl-force true;
+        set ftp:passive-mode true;
+        set ftp:ssl-protect-data true;
+        set ssl:verify-certificate no;
+        lcd .ci_config_deploy;
+        mirror -R --delete --exclude .gitkeep ./ ${TARGET_PATH}${CONFIG_BASE_DIR}/;
+        bye
+      " || { echo "❌ Upload für gemischtes Config-Verzeichnis fehlgeschlagen."; exit 1; }
+
+      echo "✅ Deploy ${CI_ENVIRONMENT_NAME} abgeschlossen."
+
+  environment:
+    name: staging
+    url: https://staging.emailtemplate.it
+
+  only:
+    - develop
+    - merge_requests
+
+
+# -----------------------------------------
+# Deployment auf PRODUCTION
+# -----------------------------------------
+deploy:production:
+  stage: deploy
+
+  variables:
+    TARGET_PATH: "${FTP_PATH_PROD}"
+    CONFIG_ENV_DIR: "config/prod"
+
+  before_script:
+    - echo "📂 CI Workspace:"
+    - pwd
+    - ls -la
+    - echo "📁 Prüfe & zeige Projektverzeichnisse:"
+    - |
+      for d in $BASE_DIRS $CONFIG_BASE_DIR $CONFIG_ENV_DIR; do
+        echo "----------------------------------------"
+        if [ -d "$d" ]; then
+          echo "📂 Inhalt von $d/:"
+          ls -la "$d/"
+        else
+          echo "⚠️ Verzeichnis '$d' existiert nicht!"
+        fi
+      done
+
+  script:
+    - |
+      echo "📁 Prüfe lokale Basisverzeichnisse..."
+      MISSING=0
+
+      for d in $BASE_DIRS; do
+        if [ ! -d "$d" ]; then
+          echo "❌ Verzeichnis '$d/' fehlt im Repo!"
+          MISSING=1
+        fi
+      done
+
+      if [ ! -d "$CONFIG_BASE_DIR" ]; then
+        echo "❌ Basis-Konfig-Verzeichnis '$CONFIG_BASE_DIR/' fehlt!"
+        MISSING=1
+      fi
+
+      if [ ! -d "$CONFIG_ENV_DIR" ]; then
+        echo "❌ Env-Konfiguration '$CONFIG_ENV_DIR/' fehlt!"
+        MISSING=1
+      fi
+
+      if [ "$MISSING" -ne 0 ]; then
+        echo "⛔ Abbruch wegen fehlender Verzeichnisse."
+        exit 1
+      fi
+
+      echo "🚀 Deploy ${CI_ENVIRONMENT_NAME} → ${FTP_HOST}:${TARGET_PATH}"
+
+      for d in $BASE_DIRS; do
+        echo "🔁 Sync ${d}/ → ${TARGET_PATH}${d}/"
+        lftp -u "${FTP_USER}","${FTP_PASSWORD}" "${FTP_HOST}" -e "
+          set ftp:ssl-force true;
+          set ftp:passive-mode true;
+          set ftp:ssl-protect-data true;
+          set ssl:verify-certificate no;
+          mirror -R --delete --exclude .gitkeep ${d}/ ${TARGET_PATH}${d}/;
+          bye
+        " || { echo "❌ Upload für Verzeichnis '${d}' fehlgeschlagen."; exit 1; }
+      done
+
+      echo "🧩 Baue gemischtes Config-Verzeichnis (config/*.php + ${CONFIG_ENV_DIR})..."
+      rm -rf .ci_config_deploy
+      mkdir -p .ci_config_deploy
+
+      if [ -d "${CONFIG_BASE_DIR}" ]; then
+        for f in ${CONFIG_BASE_DIR}/*.php; do
+          if [ -f "$f" ]; then
+            echo "➕ Basis-Config-Datei: $f"
+            cp "$f" .ci_config_deploy/
+          fi
+        done
+      fi
+
+      if [ -d "${CONFIG_ENV_DIR}" ]; then
+        echo "➕ Env-Config aus ${CONFIG_ENV_DIR}/"
+        cp -R ${CONFIG_ENV_DIR}/. .ci_config_deploy/
+      fi
+
+      echo "🔁 Sync .ci_config_deploy/ → ${TARGET_PATH}${CONFIG_BASE_DIR}/"
+      lftp -u "${FTP_USER}","${FTP_PASSWORD}" "${FTP_HOST}" -e "
+        set ftp:ssl-force true;
+        set ftp:passive-mode true;
+        set ftp:ssl-protect-data true;
+        set ssl:verify-certificate no;
+        lcd .ci_config_deploy;
+        mirror -R --delete --exclude .gitkeep ./ ${TARGET_PATH}${CONFIG_BASE_DIR}/;
+        bye
+      " || { echo "❌ Upload für gemischtes Config-Verzeichnis fehlgeschlagen."; exit 1; }
+
+      echo "✅ Deploy ${CI_ENVIRONMENT_NAME} abgeschlossen."
+
+  environment:
+    name: production
+    url: https://emailtemplate.it
+
+  only:
+    - main
+  # when: manual
+