diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index fc5d5b0..83e806c 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,60 +1,85 @@ -stages: [install, build, deploy] +# ------------------------------- +# USBcheck.it – GitLab CI/CD Setup +# ------------------------------- +# Features: +# - Build static site (Astro, Hugo, Next, etc.) +# - Deploys via SSH to all-inkl (staging + production) +# - Separate environments for safety +# ------------------------------- + +stages: + - install + - build + - deploy variables: NODE_ENV: production + # Directory where the static site is built + BUILD_DIR: dist +# Cache node_modules for faster builds cache: + key: ${CI_COMMIT_REF_SLUG} paths: - node_modules/ +# ------------------------------- +# 1. Install dependencies +# ------------------------------- install: stage: install - image: node:20-bullseye # robuster als alpine für viele Packages + image: node:20-bullseye script: - - node -v - - npm -v + - echo "🧩 Installing dependencies..." - corepack enable - - corepack prepare pnpm@9.12.0 --activate - - pnpm -v - # Debug: Netzwerk & DNS - - echo "nameserver 1.1.1.1" | tee /etc/resolv.conf || true - - ping -c 1 registry.npmjs.org || true - - npm config get registry - # Robustere PNPM-Settings gegen Hänger - - pnpm config set network-timeout 600000 - - pnpm config set fetch-retries 5 - - pnpm config set prefer-offline false - # Falls Git-Abhängigkeiten vorkommen: - - apt-get update && apt-get install -y git openssh-client - # Wenn du ein pnpm-lock.yaml hast: nutze --frozen-lockfile, sonst ohne - - if [ -f pnpm-lock.yaml ]; then pnpm install --frozen-lockfile --reporter=append-only; else pnpm install --reporter=append-only; fi - - -build: - stage: build - image: node:20-alpine - script: - - pnpm build + - corepack prepare pnpm@latest --activate + - pnpm install --frozen-lockfile --reporter=append-only artifacts: paths: - - dist/ + - node_modules/ + expire_in: 1h +# ------------------------------- +# 2. Build project +# ------------------------------- +build: + stage: build + image: node:20-bullseye + script: + - echo "🏗️ Building project..." + - pnpm build + - echo "✅ Build complete." + artifacts: + paths: + - ${BUILD_DIR}/ + expire_in: 1 week + +# ------------------------------- +# 3. Deployment template +# ------------------------------- .deploy_template: &deploy stage: deploy image: alpine:3.20 before_script: + - echo "🚀 Preparing SSH..." - apk add --no-cache openssh-client rsync - mkdir -p ~/.ssh - echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_ed25519 - chmod 600 ~/.ssh/id_ed25519 + - ssh-keyscan -H "$DEPLOY_HOST" >> ~/.ssh/known_hosts script: - - rsync -az --delete dist/ "$DEPLOY_USER@$DEPLOY_HOST:$DEPLOY_PATH" + - echo "🔄 Deploying to $DEPLOY_PATH ..." + - rsync -az --delete ${BUILD_DIR}/ $DEPLOY_USER@$DEPLOY_HOST:$DEPLOY_PATH + - echo "✅ Deployment complete." only: [] +# ------------------------------- +# 3a. Staging deployment +# ------------------------------- deploy:staging: <<: *deploy variables: - DEPLOY_PATH: $DEPLOY_PATH_STAGING + DEPLOY_PATH: /www/htdocs/w020df28/projects/usbcheck/staging/ environment: name: staging url: https://staging.usbcheck.it @@ -62,13 +87,16 @@ deploy:staging: - develop - merge_requests +# ------------------------------- +# 3b. Production deployment +# ------------------------------- deploy:production: <<: *deploy variables: - DEPLOY_PATH: $DEPLOY_PATH_PROD + DEPLOY_PATH: /www/htdocs/w020df28/projects/usbcheck/web/ environment: name: production - url: https://usbcheck.it + url: https://www.usbcheck.it only: - main when: manual