Update .gitlab-ci.yml file

2025-11-12 22:22:54 +01:00
parent 74273a12af
commit c0aac9592a
1 changed files with 58 additions and 30 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,60 +1,85 @@
-stages: [install, build, deploy]
+# -------------------------------
+# USBcheck.it – GitLab CI/CD Setup
+# -------------------------------
+# Features:
+# - Build static site (Astro, Hugo, Next, etc.)
+# - Deploys via SSH to all-inkl (staging + production)
+# - Separate environments for safety
+# -------------------------------
+
+stages:
+  - install
+  - build
+  - deploy

 variables:
  NODE_ENV: production
+  # Directory where the static site is built
+  BUILD_DIR: dist

+# Cache node_modules for faster builds
 cache:
+  key: ${CI_COMMIT_REF_SLUG}
  paths:
    - node_modules/

+# -------------------------------
+# 1. Install dependencies
+# -------------------------------
 install:
  stage: install
-  image: node:20-bullseye   # robuster als alpine für viele Packages
+  image: node:20-bullseye
  script:
-    - node -v
-    - npm -v
+    - echo "🧩 Installing dependencies..."
    - corepack enable
-    - corepack prepare pnpm@9.12.0 --activate
-    - pnpm -v
-    # Debug: Netzwerk & DNS
-    - echo "nameserver 1.1.1.1" | tee /etc/resolv.conf || true
-    - ping -c 1 registry.npmjs.org || true
-    - npm config get registry
-    # Robustere PNPM-Settings gegen Hänger
-    - pnpm config set network-timeout 600000
-    - pnpm config set fetch-retries 5
-    - pnpm config set prefer-offline false
-    # Falls Git-Abhängigkeiten vorkommen:
-    - apt-get update && apt-get install -y git openssh-client
-    # Wenn du ein pnpm-lock.yaml hast: nutze --frozen-lockfile, sonst ohne
-    - if [ -f pnpm-lock.yaml ]; then pnpm install --frozen-lockfile --reporter=append-only; else pnpm install --reporter=append-only; fi
-
-
-build:
-  stage: build
-  image: node:20-alpine
-  script:
-    - pnpm build
+    - corepack prepare pnpm@latest --activate
+    - pnpm install --frozen-lockfile --reporter=append-only
  artifacts:
    paths:
-      - dist/
+      - node_modules/
+    expire_in: 1h

+# -------------------------------
+# 2. Build project
+# -------------------------------
+build:
+  stage: build
+  image: node:20-bullseye
+  script:
+    - echo "🏗️  Building project..."
+    - pnpm build
+    - echo "✅ Build complete."
+  artifacts:
+    paths:
+      - ${BUILD_DIR}/
+    expire_in: 1 week
+
+# -------------------------------
+# 3. Deployment template
+# -------------------------------
 .deploy_template: &deploy
  stage: deploy
  image: alpine:3.20
  before_script:
+    - echo "🚀 Preparing SSH..."
    - apk add --no-cache openssh-client rsync
    - mkdir -p ~/.ssh
    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_ed25519
    - chmod 600 ~/.ssh/id_ed25519
+    - ssh-keyscan -H "$DEPLOY_HOST" >> ~/.ssh/known_hosts
  script:
-    - rsync -az --delete dist/ "$DEPLOY_USER@$DEPLOY_HOST:$DEPLOY_PATH"
+    - echo "🔄 Deploying to $DEPLOY_PATH ..."
+    - rsync -az --delete ${BUILD_DIR}/ $DEPLOY_USER@$DEPLOY_HOST:$DEPLOY_PATH
+    - echo "✅ Deployment complete."
  only: []

+# -------------------------------
+# 3a. Staging deployment
+# -------------------------------
 deploy:staging:
  <<: *deploy
  variables:
-    DEPLOY_PATH: $DEPLOY_PATH_STAGING
+    DEPLOY_PATH: /www/htdocs/w020df28/projects/usbcheck/staging/
  environment:
    name: staging
    url: https://staging.usbcheck.it
@@ -62,13 +87,16 @@ deploy:staging:
    - develop
    - merge_requests

+# -------------------------------
+# 3b. Production deployment
+# -------------------------------
 deploy:production:
  <<: *deploy
  variables:
-    DEPLOY_PATH: $DEPLOY_PATH_PROD
+    DEPLOY_PATH: /www/htdocs/w020df28/projects/usbcheck/web/
  environment:
    name: production
-    url: https://usbcheck.it
+    url: https://www.usbcheck.it
  only:
    - main
  when: manual