Compare commits
25 Commits
fix/jenkin
...
fix/cl9-de
| Author | SHA1 | Date | |
|---|---|---|---|
| 0efe1a5129 | |||
| 18912934f8 | |||
| 4a8e5ae853 | |||
| a2d69f8210 | |||
| 74b1ab02b6 | |||
| 838cb38862 | |||
| 5c6be8a056 | |||
| 2edf19fac3 | |||
| c696869909 | |||
| 0e2dd1bfc7 | |||
| 99f020f560 | |||
| 4d241545d2 | |||
| 2e8849332b | |||
| d30a7d37b5 | |||
| 6a09053ac3 | |||
| ab27e57e66 | |||
| cd4ba09404 | |||
| 13b778a4e4 | |||
| 69c051052d | |||
| d1982f1618 | |||
| d2b57c03b3 | |||
| 5990ad9423 | |||
| 8391ef1004 | |||
| 348e26de14 | |||
| 54d920bc09 |
15
Dockerfile
15
Dockerfile
@@ -1,23 +1,30 @@
|
||||
FROM cgr.dev/chainguard/node:20-dev AS deps
|
||||
FROM node:20-bookworm-slim AS deps
|
||||
WORKDIR /app
|
||||
|
||||
COPY package.json package-lock.json ./
|
||||
RUN npm ci
|
||||
|
||||
FROM cgr.dev/chainguard/node:20-dev AS builder
|
||||
FROM node:20-bookworm-slim AS builder
|
||||
WORKDIR /app
|
||||
|
||||
ARG NEXT_PUBLIC_SUPABASE_URL
|
||||
ARG NEXT_PUBLIC_SUPABASE_ANON_KEY
|
||||
ARG BUILD_CACHE_BUSTER
|
||||
ENV NEXT_PUBLIC_SUPABASE_URL=${NEXT_PUBLIC_SUPABASE_URL}
|
||||
ENV NEXT_PUBLIC_SUPABASE_ANON_KEY=${NEXT_PUBLIC_SUPABASE_ANON_KEY}
|
||||
ENV BUILD_CACHE_BUSTER=${BUILD_CACHE_BUSTER}
|
||||
|
||||
COPY --from=deps /app/node_modules ./node_modules
|
||||
COPY . .
|
||||
RUN npm run build
|
||||
|
||||
FROM cgr.dev/chainguard/node:20-dev AS prod-deps
|
||||
FROM node:20-bookworm-slim AS prod-deps
|
||||
WORKDIR /app
|
||||
|
||||
COPY package.json package-lock.json ./
|
||||
RUN npm ci --omit=dev
|
||||
|
||||
FROM cgr.dev/chainguard/node:20 AS runner
|
||||
FROM node:20-bookworm-slim AS runner
|
||||
WORKDIR /app
|
||||
|
||||
ENV NODE_ENV=production
|
||||
|
||||
128
Jenkinsfile
vendored
128
Jenkinsfile
vendored
@@ -1,33 +1,40 @@
|
||||
pipeline {
|
||||
// Build + deploy stages require Docker CLI/daemon access on the Jenkins node.
|
||||
// Ensure this label maps to an agent with Docker installed and usable.
|
||||
//update
|
||||
agent any
|
||||
|
||||
environment {
|
||||
REGISTRY_IMAGE = "plesk-agency-portal"
|
||||
IMAGE_LATEST = "${REGISTRY_IMAGE}:latest"
|
||||
IMAGE_BUILD = "${REGISTRY_IMAGE}:build-${BUILD_NUMBER}"
|
||||
DEPLOY_SSH_CREDENTIAL_ID = "${env.DEPLOY_SSH_CREDENTIAL_ID ?: 'plesk-agency-deploy-key'}"
|
||||
APP_HOST = "${env.APP_HOST ?: '192.168.68.89'}"
|
||||
APP_USER = "${env.APP_USER ?: 'deploy'}"
|
||||
DEPLOY_PATH = "${env.DEPLOY_PATH ?: '/opt/plesk-agency-portal'}"
|
||||
APP_BASE_URL = "${env.APP_BASE_URL ?: 'http://192.168.68.89:3000'}"
|
||||
|
||||
}
|
||||
|
||||
stages {
|
||||
stage('Preflight') {
|
||||
steps {
|
||||
sh '''
|
||||
set -euo pipefail
|
||||
// stage('Preflight') {
|
||||
// steps {
|
||||
// sh '''
|
||||
// set -euo pipefail
|
||||
|
||||
if ! command -v docker >/dev/null 2>&1; then
|
||||
echo "Docker CLI is not available on this Jenkins agent."
|
||||
echo "Run this pipeline on a Docker-capable node or install Docker on the current agent."
|
||||
exit 1
|
||||
fi
|
||||
// if ! command -v docker >/dev/null 2>&1; then
|
||||
// echo "Docker CLI is not available on this Jenkins agent."
|
||||
// echo "Run this pipeline on a Docker-capable node or install Docker on the current agent."
|
||||
// exit 1
|
||||
// fi
|
||||
|
||||
if ! docker version >/dev/null 2>&1; then
|
||||
echo "Docker is installed but not usable by Jenkins (daemon/socket/permissions issue)."
|
||||
exit 1
|
||||
fi
|
||||
'''
|
||||
}
|
||||
}
|
||||
// if ! docker version >/dev/null 2>&1; then
|
||||
// echo "Docker is installed but not usable by Jenkins (daemon/socket/permissions issue)."
|
||||
// exit 1
|
||||
// fi
|
||||
// '''
|
||||
// }
|
||||
// }
|
||||
|
||||
stage('Checkout') {
|
||||
steps {
|
||||
@@ -56,50 +63,73 @@ pipeline {
|
||||
|
||||
stage('Build application') {
|
||||
steps {
|
||||
sh 'npm run build'
|
||||
withCredentials([
|
||||
string(credentialsId: 'supabase-public-url', variable: 'NEXT_PUBLIC_SUPABASE_URL'),
|
||||
string(credentialsId: 'supabase-public-anon-key', variable: 'NEXT_PUBLIC_SUPABASE_ANON_KEY')
|
||||
]) {
|
||||
sh 'npm run build'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
stage('Build Docker image') {
|
||||
steps {
|
||||
sh 'docker build -t ${IMAGE_LATEST} -t ${IMAGE_BUILD} .'
|
||||
}
|
||||
}
|
||||
|
||||
stage('Deploy') {
|
||||
steps {
|
||||
script {
|
||||
if (!env.DEPLOY_SSH_CREDENTIAL_ID) {
|
||||
error 'DEPLOY_SSH_CREDENTIAL_ID is required'
|
||||
}
|
||||
}
|
||||
sshagent(credentials: ["${env.DEPLOY_SSH_CREDENTIAL_ID}"]) {
|
||||
sh '''
|
||||
set -euo pipefail
|
||||
: "${DEPLOY_SSH_HOST:?Missing DEPLOY_SSH_HOST}"
|
||||
: "${DEPLOY_SSH_USER:?Missing DEPLOY_SSH_USER}"
|
||||
: "${DEPLOY_PATH:?Missing DEPLOY_PATH}"
|
||||
|
||||
rsync -az \
|
||||
docker-compose.prod.yml \
|
||||
scripts/deploy-prod.sh \
|
||||
scripts/smoke-check.sh \
|
||||
scripts/rollback-prod.sh \
|
||||
${DEPLOY_SSH_USER}@${DEPLOY_SSH_HOST}:${DEPLOY_PATH}/
|
||||
|
||||
docker save ${IMAGE_LATEST} ${IMAGE_BUILD} \
|
||||
| ssh ${DEPLOY_SSH_USER}@${DEPLOY_SSH_HOST} 'docker load'
|
||||
|
||||
ssh ${DEPLOY_SSH_USER}@${DEPLOY_SSH_HOST} \
|
||||
"chmod +x ${DEPLOY_PATH}/deploy-prod.sh ${DEPLOY_PATH}/smoke-check.sh ${DEPLOY_PATH}/rollback-prod.sh && APP_IMAGE='${IMAGE_BUILD}' DEPLOY_PATH='${DEPLOY_PATH}' ${DEPLOY_PATH}/deploy-prod.sh"
|
||||
'''
|
||||
withCredentials([
|
||||
string(credentialsId: 'supabase-public-url', variable: 'NEXT_PUBLIC_SUPABASE_URL'),
|
||||
string(credentialsId: 'supabase-public-anon-key', variable: 'NEXT_PUBLIC_SUPABASE_ANON_KEY')
|
||||
]) {
|
||||
sh 'docker build --build-arg NEXT_PUBLIC_SUPABASE_URL="$NEXT_PUBLIC_SUPABASE_URL" --build-arg NEXT_PUBLIC_SUPABASE_ANON_KEY="$NEXT_PUBLIC_SUPABASE_ANON_KEY" --build-arg BUILD_CACHE_BUSTER="${BUILD_NUMBER}" -t ${IMAGE_LATEST} -t ${IMAGE_BUILD} .'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
stage('Deploy') {
|
||||
steps {
|
||||
withCredentials([sshUserPrivateKey(
|
||||
credentialsId: "${env.DEPLOY_SSH_CREDENTIAL_ID}",
|
||||
keyFileVariable: 'SSH_KEY'
|
||||
)]) {
|
||||
sh '''
|
||||
bash -eo pipefail << 'EOF'
|
||||
set -euo pipefail
|
||||
|
||||
ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" "mkdir -p $DEPLOY_PATH/scripts"
|
||||
|
||||
rsync -az \
|
||||
-e "ssh -i $SSH_KEY" \
|
||||
docker-compose.prod.yml \
|
||||
"$APP_USER@$APP_HOST:$DEPLOY_PATH/"
|
||||
|
||||
rsync -az \
|
||||
-e "ssh -i $SSH_KEY" \
|
||||
scripts/ \
|
||||
"$APP_USER@$APP_HOST:$DEPLOY_PATH/scripts/"
|
||||
|
||||
docker save ${IMAGE_LATEST} ${IMAGE_BUILD} \
|
||||
| ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" 'docker load'
|
||||
|
||||
ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" "docker images | grep plesk-agency-portal || true"
|
||||
|
||||
ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" \
|
||||
"cd $DEPLOY_PATH && chmod +x ./scripts/deploy-prod.sh ./scripts/smoke-check.sh ./scripts/rollback-prod.sh"
|
||||
|
||||
ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" \
|
||||
"cd $DEPLOY_PATH && APP_IMAGE='${IMAGE_BUILD}' ./scripts/deploy-prod.sh"
|
||||
EOF
|
||||
'''
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
stage('Smoke check') {
|
||||
steps {
|
||||
sh 'chmod +x scripts/smoke-check.sh && scripts/smoke-check.sh ${APP_BASE_URL}'
|
||||
sh '''
|
||||
bash -eo pipefail << EOF
|
||||
set -euo pipefail
|
||||
chmod +x scripts/smoke-check.sh
|
||||
scripts/smoke-check.sh "${APP_BASE_URL}"
|
||||
EOF
|
||||
'''
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,9 +2,6 @@ services:
|
||||
web:
|
||||
container_name: plesk-agency-portal
|
||||
image: ${APP_IMAGE:-plesk-agency-portal:latest}
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile
|
||||
restart: unless-stopped
|
||||
env_file:
|
||||
- .env
|
||||
|
||||
@@ -4,20 +4,9 @@ set -euo pipefail
|
||||
|
||||
DEPLOY_PATH="${DEPLOY_PATH:-/opt/plesk-agency-portal}"
|
||||
APP_IMAGE="${APP_IMAGE:-plesk-agency-portal:latest}"
|
||||
SOURCE_PATH="${SOURCE_PATH:-${DEPLOY_PATH}}"
|
||||
|
||||
mkdir -p "${DEPLOY_PATH}"
|
||||
|
||||
for file in docker-compose.prod.yml deploy-prod.sh smoke-check.sh rollback-prod.sh; do
|
||||
if [ -f "${SOURCE_PATH}/${file}" ]; then
|
||||
cp "${SOURCE_PATH}/${file}" "${DEPLOY_PATH}/${file}"
|
||||
fi
|
||||
done
|
||||
|
||||
chmod +x "${DEPLOY_PATH}/deploy-prod.sh" \
|
||||
"${DEPLOY_PATH}/smoke-check.sh" \
|
||||
"${DEPLOY_PATH}/rollback-prod.sh" 2>/dev/null || true
|
||||
|
||||
if [ ! -f "${DEPLOY_PATH}/docker-compose.prod.yml" ]; then
|
||||
echo "Missing docker-compose.prod.yml in ${DEPLOY_PATH}" >&2
|
||||
exit 1
|
||||
@@ -25,6 +14,6 @@ fi
|
||||
|
||||
cd "${DEPLOY_PATH}"
|
||||
|
||||
APP_IMAGE="${APP_IMAGE}" docker compose -f docker-compose.prod.yml up -d --no-build
|
||||
APP_IMAGE="${APP_IMAGE}" docker compose -f docker-compose.prod.yml up -d --no-build --force-recreate
|
||||
|
||||
docker compose -f docker-compose.prod.yml ps
|
||||
|
||||
@@ -11,17 +11,26 @@ fi
|
||||
|
||||
URL="${BASE_URL%/}/api/health"
|
||||
TMP_FILE="$(mktemp)"
|
||||
MAX_ATTEMPTS=20
|
||||
SLEEP_SECONDS=3
|
||||
|
||||
trap 'rm -f "${TMP_FILE}"' EXIT
|
||||
|
||||
HTTP_CODE=$(curl -sS -o "${TMP_FILE}" -w "%{http_code}" "${URL}")
|
||||
for attempt in $(seq 1 "${MAX_ATTEMPTS}"); do
|
||||
HTTP_CODE=$(curl -sS -o "${TMP_FILE}" -w "%{http_code}" "${URL}" || echo "000")
|
||||
|
||||
if [ "${HTTP_CODE}" != "200" ]; then
|
||||
echo "Smoke check failed: ${URL} returned ${HTTP_CODE}" >&2
|
||||
cat "${TMP_FILE}" >&2 || true
|
||||
exit 1
|
||||
fi
|
||||
if [ "${HTTP_CODE}" = "200" ]; then
|
||||
if node -e "const fs=require('fs');const d=JSON.parse(fs.readFileSync(process.argv[1],'utf8'));if(d?.ok!==true||typeof d?.service!=='string'){process.exit(1)}" "${TMP_FILE}"; then
|
||||
echo "Smoke check passed: ${URL} (attempt ${attempt}/${MAX_ATTEMPTS})"
|
||||
exit 0
|
||||
fi
|
||||
fi
|
||||
|
||||
node -e "const fs=require('fs');const d=JSON.parse(fs.readFileSync(process.argv[1],'utf8'));if(d?.ok!==true||typeof d?.service!=='string'){process.exit(1)}" "${TMP_FILE}"
|
||||
if [ "${attempt}" -lt "${MAX_ATTEMPTS}" ]; then
|
||||
sleep "${SLEEP_SECONDS}"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Smoke check passed: ${URL}"
|
||||
echo "Smoke check failed after ${MAX_ATTEMPTS} attempts: ${URL}" >&2
|
||||
cat "${TMP_FILE}" >&2 || true
|
||||
exit 1
|
||||
|
||||
Reference in New Issue
Block a user