devteam/sharenet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactor Step 5 and use correct user
Some checks are pending
CI/CD Pipeline / Test Backend (push) Waiting to run
Details
CI/CD Pipeline / Test Frontend (push) Waiting to run
Details
CI/CD Pipeline / Build and Push Docker Images (push) Blocked by required conditions
Details
CI/CD Pipeline / Deploy to Production (push) Blocked by required conditions
Details

Browse source
This commit is contained in:
continuist 2025-06-28 22:31:47 -04:00
parent c373c2890c
commit 7c3bc54b0e
1 changed files with 4 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
CI_CD_PIPELINE_SETUP_GUIDE.md
View file

@ -421,9 +421,6 @@ sudo chown -R SERVICE_USER:SERVICE_USER APP_NAME/
# Verify the registry folder exists # Verify the registry folder exists
ls -la /opt/APP_NAME/registry/ ls -la /opt/APP_NAME/registry/
# Exit DEPLOY_USER shell
exit
``` ```
**Important**: Replace `your-forgejo-instance`, `your-username`, and `APP_NAME` with your actual Forgejo instance URL, username, and application name. **Important**: Replace `your-forgejo-instance`, `your-username`, and `APP_NAME` with your actual Forgejo instance URL, username, and application name.
@ -467,9 +464,6 @@ sudo chown SERVICE_USER:SERVICE_USER /opt/registry
#### 5.2 Generate SSL Certificates #### 5.2 Generate SSL Certificates
```bash ```bash
# Switch to SERVICE_USER (registry directory owner)
sudo su - SERVICE_USER
# Create system SSL directory for registry certificates # Create system SSL directory for registry certificates
sudo mkdir -p /etc/ssl/registry sudo mkdir -p /etc/ssl/registry
@ -483,9 +477,6 @@ sudo openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/registry/registry.key -
# Set proper permissions # Set proper permissions
sudo chmod 600 /etc/ssl/registry/registry.key sudo chmod 600 /etc/ssl/registry/registry.key
sudo chmod 644 /etc/ssl/registry/registry.crt sudo chmod 644 /etc/ssl/registry/registry.crt
# Exit SERVICE_USER shell
exit
``` ```
**Important**: The certificate is now generated in the system SSL directory `/etc/ssl/registry/` with your actual CI/CD Linode IP address automatically. **Important**: The certificate is now generated in the system SSL directory `/etc/ssl/registry/` with your actual CI/CD Linode IP address automatically.
@ -493,18 +484,12 @@ exit
#### 5.3 Create Authentication File #### 5.3 Create Authentication File
```bash ```bash
# Switch to SERVICE_USER (registry directory owner)
sudo su - SERVICE_USER
# Create system auth directory for registry authentication # Create system auth directory for registry authentication
sudo mkdir -p /etc/registry/auth sudo mkdir -p /etc/registry/auth
# Create htpasswd file for authentication (required for push operations only) # Create htpasswd file for authentication (required for push operations only)
sudo htpasswd -Bbn push-user "$(openssl rand -base64 32)" > /tmp/auth.htpasswd sudo htpasswd -Bbn push-user "$(openssl rand -base64 32)" > /tmp/auth.htpasswd
sudo mv /tmp/auth.htpasswd /etc/registry/auth/auth.htpasswd sudo mv /tmp/auth.htpasswd /etc/registry/auth/auth.htpasswd
# Exit SERVICE_USER shell
exit
``` ```
**What this does**: Creates user credentials for registry authentication in the system auth directory. **What this does**: Creates user credentials for registry authentication in the system auth directory.
@ -512,23 +497,7 @@ exit
**Note**: Pull operations are public and don't require authentication, but push operations require these credentials. **Note**: Pull operations are public and don't require authentication, but push operations require these credentials.
#### 5.4 Create Docker Compose for Registry #### 5.4 Update Configuration with Actual IP Address
```bash
# Switch to SERVICE_USER (registry directory owner)
sudo su - SERVICE_USER
# The registry configuration files are already available in the cloned repository
# at /opt/APP_NAME/registry/
# No file copying is needed - we'll use the files directly from the repository
# Exit SERVICE_USER shell
exit
```
**Important**: The repository should be cloned in the previous step (3.1) to `/opt/APP_NAME/`. The registry configuration files are used directly from the repository.
#### 5.5 Update Configuration with Actual IP Address
```bash ```bash
# Switch to SERVICE_USER (registry directory owner) # Switch to SERVICE_USER (registry directory owner)
@ -550,14 +519,14 @@ exit
**Important**: This step replaces all instances of `YOUR_CI_CD_IP` with your actual CI/CD Linode IP address in both the docker-compose.yml and nginx.conf files in the repository. **Important**: This step replaces all instances of `YOUR_CI_CD_IP` with your actual CI/CD Linode IP address in both the docker-compose.yml and nginx.conf files in the repository.
#### 5.6 Install Required Tools #### 5.5 Install Required Tools
```bash ```bash
# Install htpasswd utility # Install htpasswd utility
sudo apt install -y apache2-utils sudo apt install -y apache2-utils
``` ```
#### 5.7 Start Registry #### 5.6 Start Registry
```bash ```bash
# Switch to SERVICE_USER (registry directory owner) # Switch to SERVICE_USER (registry directory owner)
@ -570,7 +539,7 @@ docker compose up -d
exit exit
``` ```
#### 5.8 Test Registry Setup #### 5.7 Test Registry Setup
```bash ```bash
# Check if containers are running # Check if containers are running