Update .gitlab-ci.yml file

2025-11-13 00:53:11 +01:00
parent 5af5a28387
commit 3bf2ee4be4
1 changed files with 26 additions and 36 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,4 +1,7 @@
-stages: [install, build, deploy]
+stages:
+  - install
+  - build
+  - deploy

 variables:
  NODE_ENV: production
@@ -13,23 +16,25 @@ variables:
    - corepack prepare pnpm@9.12.0 --activate
    - pnpm -v

+# Cache node_modules für schnellere Builds
 cache:
  key: ${CI_COMMIT_REF_SLUG}
  paths:
    - node_modules/

+# 1) Dependencies installieren
 install:
  stage: install
  <<: *node_pnpm
  script:
    - echo "📦 Installing deps..."
-    # Nutze --frozen-lockfile nur, wenn pnpm-lock.yaml im Repo committed ist
    - if [ -f pnpm-lock.yaml ]; then pnpm install --frozen-lockfile --reporter=append-only; else pnpm install --reporter=append-only; fi
  artifacts:
    paths:
      - node_modules/
    expire_in: 1h

+# 2) Build erzeugen
 build:
  stage: build
  <<: *node_pnpm
@@ -42,22 +47,29 @@ build:
      - ${BUILD_DIR}/
    expire_in: 1 week

-.deploy_template: &deploy
+# 3) Template für FTPS-Deploy (lftp)
+.deploy_ftps_template: &deploy_ftps
  stage: deploy
  image: alpine:3.20
  before_script:
-    - apk add --no-cache openssh-client rsync
-    - mkdir -p ~/.ssh
-    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_ed25519
-    - chmod 600 ~/.ssh/id_ed25519
-    - ssh-keyscan -H "$DEPLOY_HOST" >> ~/.ssh/known_hosts
+    - echo "📡 Installing lftp..."
+    - apk add --no-cache lftp
  script:
-    - rsync -az --delete ${BUILD_DIR}/ $DEPLOY_USER@$DEPLOY_HOST:$DEPLOY_PATH
+    - echo "🚀 Deploy via FTPS to $FTP_HOST:$FTP_PATH ..."
+    - lftp -e "
+        set ftp:passive-mode true;
+        set ssl:verify-certificate no;
+        open -u $FTP_USER,$FTP_PASSWORD $FTP_HOST;
+        mirror -R --delete --parallel=4 ${BUILD_DIR}/ $FTP_PATH;
+        bye
+      "
+    - echo "✅ Deploy finished."

+# 3a) Staging-Deployment
 deploy:staging:
-  <<: *deploy
+  <<: *deploy_ftps
  variables:
-    DEPLOY_PATH: /www/htdocs/w020df28/projects/usbcheck/staging/
+    FTP_PATH: $FTP_PATH_STAGING
  environment:
    name: staging
    url: https://staging.usbcheck.it
@@ -65,36 +77,14 @@ deploy:staging:
    - develop
    - merge_requests

+# 3b) Production-Deployment
 deploy:production:
-  <<: *deploy
+  <<: *deploy_ftps
  variables:
-    DEPLOY_PATH: /www/htdocs/w020df28/projects/usbcheck/web/
+    FTP_PATH: $FTP_PATH_PROD
  environment:
    name: production
    url: https://www.usbcheck.it
  only:
    - main
  when: manual
-
-
-ssh:diagnose:
-  stage: deploy
-  image: alpine:3.20
-  script:
-    - apk add --no-cache openssh-client
-    - mkdir -p ~/.ssh && chmod 700 ~/.ssh
-    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_ed25519
-    - chmod 600 ~/.ssh/id_ed25519
-
-    # zeige Fingerprint & public key (sollte zum KAS-Eintrag passen)
-    - echo "Public key derived from private key:"
-    - ssh-keygen -y -f ~/.ssh/id_ed25519 | tee /tmp/ci_pubkey.pub
-    - echo "Fingerprint:"; ssh-keygen -lf ~/.ssh/id_ed25519
-
-    # Hostkey anlernen
-    - ssh-keyscan -H "$DEPLOY_HOST" >> ~/.ssh/known_hosts
-
-    # Sehr ausführlicher Login-Test (ohne Befehl)
-    - echo "Trying SSH with -vvv..."
-    - ssh -vvv -o IdentitiesOnly=yes -o PreferredAuthentications=publickey $DEPLOY_USER@$DEPLOY_HOST 'echo OK'
-  when: manual