112 lines
5.5 KiB
YAML
112 lines
5.5 KiB
YAML
when:
|
|
- event: push
|
|
branch: master
|
|
|
|
skip_clone: true
|
|
|
|
steps:
|
|
- name: clone
|
|
image: alpine
|
|
environment:
|
|
GITHUB_TOKEN:
|
|
from_secret: github-token
|
|
commands:
|
|
- "apk update && apk add git"
|
|
- 'for i in 1 2 3 4 5; do git clone https://x-access-token:${GITHUB_TOKEN}@github.com/${CI_REPO} . && break || echo "Clone attempt $i failed, retrying in 10s..." && rm -rf .git && sleep 10; done'
|
|
- "git checkout $CI_COMMIT_SHA"
|
|
|
|
- name: install-api-deps
|
|
image: python:3.13-slim
|
|
commands:
|
|
- apt-get update && apt-get install -y --no-install-recommends libglib2.0-0
|
|
- python -m venv .venv
|
|
- .venv/bin/pip install --quiet --upgrade pip
|
|
- >-
|
|
.venv/bin/pip install --quiet
|
|
pytest pytest-asyncio pytest-cov httpx fakeredis aioresponses
|
|
fastapi uvicorn sqlmodel sqlalchemy alembic pyjwt cryptography
|
|
celery redis click aiohttp aiohttp-socks pillow numpy pytesseract
|
|
opentelemetry-api opentelemetry-sdk opentelemetry-exporter-prometheus
|
|
opentelemetry-instrumentation-fastapi opentelemetry-instrumentation-sqlalchemy
|
|
python-dotenv webauthn apprise tenacity prometheus-client
|
|
email-validator opencv-python-headless tqdm pandas cachetools watchdog
|
|
|
|
- name: test-unit
|
|
image: python:3.13-slim
|
|
depends_on: [install-api-deps]
|
|
commands:
|
|
- apt-get update && apt-get install -y --no-install-recommends libglib2.0-0
|
|
- .venv/bin/pytest tests/unit/ -v --tb=short
|
|
|
|
- name: test-integration
|
|
image: python:3.13-slim
|
|
depends_on: [install-api-deps]
|
|
commands:
|
|
- apt-get update && apt-get install -y --no-install-recommends libglib2.0-0
|
|
- .venv/bin/pytest tests/integration/ tests/regression/ tests/e2e/ tests/test_listing_geojson.py -v --tb=short
|
|
|
|
- name: build-api-image
|
|
image: woodpeckerci/plugin-docker-buildx
|
|
settings:
|
|
username: viktorbarzin
|
|
password:
|
|
from_secret: dockerhub-token
|
|
repo: viktorbarzin/realestatecrawler
|
|
dockerfile: Dockerfile
|
|
context: .
|
|
target: production
|
|
tags:
|
|
- "build-${CI_PIPELINE_NUMBER}"
|
|
|
|
- name: publish-api-image
|
|
image: alpine
|
|
depends_on: [test-unit, test-integration, build-api-image]
|
|
environment:
|
|
DOCKERHUB_TOKEN:
|
|
from_secret: dockerhub-token
|
|
commands:
|
|
- apk add --no-cache skopeo
|
|
- 'skopeo copy --src-creds "viktorbarzin:$DOCKERHUB_TOKEN" --dest-creds "viktorbarzin:$DOCKERHUB_TOKEN" "docker://docker.io/viktorbarzin/realestatecrawler:build-${CI_PIPELINE_NUMBER}" "docker://docker.io/viktorbarzin/realestatecrawler:${CI_PIPELINE_NUMBER}"'
|
|
- 'skopeo copy --src-creds "viktorbarzin:$DOCKERHUB_TOKEN" --dest-creds "viktorbarzin:$DOCKERHUB_TOKEN" "docker://docker.io/viktorbarzin/realestatecrawler:build-${CI_PIPELINE_NUMBER}" "docker://docker.io/viktorbarzin/realestatecrawler:latest"'
|
|
- 'skopeo copy --src-creds "viktorbarzin:$DOCKERHUB_TOKEN" --dest-creds "viktorbarzin:$DOCKERHUB_TOKEN" "docker://docker.io/viktorbarzin/realestatecrawler:build-${CI_PIPELINE_NUMBER}" "docker://docker.io/viktorbarzin/realestatecrawler:builder"'
|
|
|
|
- name: update-deployment
|
|
image: alpine
|
|
depends_on: [publish-api-image]
|
|
commands:
|
|
- apk add --no-cache curl jq
|
|
- |
|
|
TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
|
|
IMAGE="viktorbarzin/realestatecrawler:${CI_PIPELINE_NUMBER}"
|
|
RESTART_AT=$(date -u +%Y-%m-%dT%H:%M:%SZ)
|
|
API="https://10.0.20.100:6443/apis/apps/v1/namespaces/realestate-crawler/deployments"
|
|
for DEPLOY in realestate-crawler-api realestate-crawler-celery realestate-crawler-celery-beat; do
|
|
CONTAINER=$(curl -sfk "$API/$DEPLOY" -H "Authorization: Bearer $TOKEN" -H "Accept: application/json" | jq -r '.spec.template.spec.containers[0].name')
|
|
echo "Patching $DEPLOY (container=$CONTAINER) to image $IMAGE..."
|
|
curl -sf -X PATCH "$API/$DEPLOY" -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/strategic-merge-patch+json" -k \
|
|
-d "{\"spec\":{\"paused\":null,\"template\":{\"metadata\":{\"annotations\":{\"kubectl.kubernetes.io/restartedAt\":\"$RESTART_AT\"}},\"spec\":{\"containers\":[{\"name\":\"$CONTAINER\",\"image\":\"$IMAGE\"}]}}}}" \
|
|
| jq '{name: .metadata.name, generation: .metadata.generation, image: .spec.template.spec.containers[0].image}'
|
|
done
|
|
|
|
- name: verify-deploy
|
|
image: alpine
|
|
depends_on: [update-deployment]
|
|
commands:
|
|
- apk add --no-cache curl jq
|
|
- |
|
|
TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
|
|
EXPECTED_IMAGE="viktorbarzin/realestatecrawler:${CI_PIPELINE_NUMBER}"
|
|
BASE_API="https://10.0.20.100:6443/api/v1/namespaces/realestate-crawler/pods"
|
|
for DEPLOY in realestate-crawler-api realestate-crawler-celery realestate-crawler-celery-beat; do
|
|
echo "Verifying $DEPLOY..."
|
|
PODS_API="$BASE_API?labelSelector=app%3D$DEPLOY"
|
|
FOUND=0
|
|
for i in $(seq 1 60); do
|
|
COUNT=$(curl -sfk "$PODS_API" -H "Authorization: Bearer $TOKEN" -H "Accept: application/json" | \
|
|
jq --arg img "$EXPECTED_IMAGE" '[.items[] | select((.status.containerStatuses[]? | .ready == true) and (.spec.containers[]? | .image | endswith($img)))] | length')
|
|
echo " Attempt $i/60: $COUNT pod(s) ready"
|
|
if [ "$COUNT" -gt 0 ]; then echo "$DEPLOY is live!"; FOUND=1; break; fi
|
|
sleep 5
|
|
done
|
|
if [ "$FOUND" -ne 1 ]; then echo "ERROR: $DEPLOY not ready within 5 minutes"; exit 1; fi
|
|
done
|