Skip to content

Commit b84529d

Browse files
maxim-glotovmaxim-glotov
committed
added ssl certs update
1 parent 144666b commit b84529d

1 file changed

Lines changed: 50 additions & 8 deletions

File tree

.gitlab-ci.yml

Lines changed: 50 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -8,14 +8,13 @@ stages:
88
- test
99
- package
1010
- deploy
11-
11+
- update
1212

1313
variables:
1414
DOCKER_DRIVER: overlay2
1515
IMAGE_NAME: gcr.io/zinc-computer-205115/apiopenfuture
1616
IMAGE_TAG: ${CI_COMMIT_REF_NAME}-${CI_PIPELINE_ID}
1717

18-
1918
###########################
2019
# Building
2120
###########################
@@ -37,6 +36,8 @@ build-jar:
3736
only:
3837
- master
3938
- sprint
39+
except:
40+
- schedules
4041

4142
unit-tests:
4243
stage: test
@@ -67,7 +68,8 @@ unit-tests:
6768
- build/libs/*.jar
6869
- build/reports/tests/test/
6970
expire_in: 1 week
70-
71+
except:
72+
- schedules
7173

7274
.registry-auth-script: &registry_auth
7375
- docker login -u _json_key -p "${GOOGLE_JSON_TOKEN}" https://gcr.io
@@ -81,8 +83,8 @@ package-docker:
8183
only:
8284
- sprint
8385
- master
84-
85-
86+
except:
87+
- schedules
8688

8789
###########################
8890
# Deployment
@@ -96,10 +98,8 @@ package-docker:
9698
- ssh-keyscan $DEPLOY_HOST >> ~/.ssh/known_hosts
9799
- chmod 644 ~/.ssh/known_hosts
98100

99-
100101
.deploy-to-host-script: &deploy_to_host
101-
- |
102-
ssh ${DEPLOY_USER}@${DEPLOY_HOST} "docker login -u _json_key -p '${GOOGLE_JSON_TOKEN}' https://gcr.io"
102+
- ssh ${DEPLOY_USER}@${DEPLOY_HOST} "docker login -u _json_key -p '${GOOGLE_JSON_TOKEN}' https://gcr.io"
103103
- ssh ${DEPLOY_USER}@${DEPLOY_HOST} "docker pull ${IMAGE_NAME}:${IMAGE_TAG}"
104104
- |
105105
ssh ${DEPLOY_USER}@${DEPLOY_HOST} "
@@ -124,6 +124,20 @@ package-docker:
124124
${IMAGE_NAME}:${IMAGE_TAG}
125125
"
126126
127+
.update-certs-script: &update_certs
128+
- |
129+
ssh ${DEPLOY_USER}@${DEPLOY_HOST} "
130+
docker run --rm -it --name certbot \
131+
-v /etc/letsencrypt:/etc/letsencrypt \
132+
-v /var/www/certbot:/var/www/acme-challenge \
133+
-v /var/log/letsencrypt:/var/log/letsencrypt \
134+
certbot/certbot \
135+
certonly --webroot -w /var/www/acme-challenge/ \
136+
-d ${SERVER_NAME} \
137+
--renew-by-default -m devops@zensoft.io --eff-email --agree-tos --manual-public-ip-logging-ok
138+
"
139+
- ssh ${DEPLOY_USER}@${DEPLOY_HOST} "sudo service nginx reload"
140+
127141
deploy-development:
128142
stage: deploy
129143
variables:
@@ -146,6 +160,8 @@ deploy-development:
146160
environment:
147161
name: development
148162
url: http://api.open-platform.zensoft.io
163+
except:
164+
- schedules
149165

150166
deploy-production:
151167
stage: deploy
@@ -169,3 +185,29 @@ deploy-production:
169185
environment:
170186
name: production
171187
url: https://api.openfuture.io
188+
except:
189+
- schedules
190+
191+
update-certs-dev:
192+
stage: update
193+
variables:
194+
DEPLOY_USER: $DEPLOY_USER_DEV
195+
DEPLOY_HOST: $DEPLOY_HOST_DEV
196+
DEPLOY_KEY: $DEPLOY_KEY_DEV
197+
SERVER_NAME: "api.open-platform.zensoft.io"
198+
before_script: *prepare_key
199+
script: *update_certs
200+
only:
201+
- schedules
202+
203+
update-certs-prod:
204+
stage: update
205+
variables:
206+
DEPLOY_USER: $DEPLOY_USER_PROD
207+
DEPLOY_HOST: $DEPLOY_HOST_PROD
208+
DEPLOY_KEY: $DEPLOY_KEY_PROD
209+
SERVER_NAME: "api.openfuture.io"
210+
before_script: *prepare_key
211+
script: *update_certs
212+
only:
213+
- schedules

0 commit comments

Comments
 (0)