Make docker compose .ymls consistent with ci workflow
Some checks are pending
CI/CD Pipeline (Fully Isolated DinD) / Run Tests (DinD) (push) Waiting to run
CI/CD Pipeline (Fully Isolated DinD) / Build and Push Docker Images (DinD) (push) Blocked by required conditions
CI/CD Pipeline (Fully Isolated DinD) / Deploy to Production (push) Blocked by required conditions
Some checks are pending
CI/CD Pipeline (Fully Isolated DinD) / Run Tests (DinD) (push) Waiting to run
CI/CD Pipeline (Fully Isolated DinD) / Build and Push Docker Images (DinD) (push) Blocked by required conditions
CI/CD Pipeline (Fully Isolated DinD) / Deploy to Production (push) Blocked by required conditions
This commit is contained in:
parent
f37825f845
commit
bbfd03e9fd
3 changed files with 19 additions and 35 deletions
|
|
@ -7,7 +7,7 @@ on:
|
|||
branches: [ main ]
|
||||
|
||||
env:
|
||||
REGISTRY: ${{ secrets.CI_HOST }}:80
|
||||
REGISTRY: ${{ secrets.CI_HOST }}:443
|
||||
IMAGE_NAME: ${{ secrets.APP_NAME || 'sharenet' }}
|
||||
|
||||
jobs:
|
||||
|
|
@ -23,7 +23,7 @@ jobs:
|
|||
|
||||
- name: Setup DinD Environment
|
||||
run: |
|
||||
# Check if DinD container already exists and is running
|
||||
# Check if DinD container already exists and is running
|
||||
if ! docker ps --format "table {{.Names}}" | grep -q "^ci-dind$"; then
|
||||
echo "Starting new DinD container..."
|
||||
# Start DinD container for isolated CI operations
|
||||
|
|
@ -40,10 +40,11 @@ jobs:
|
|||
|
||||
# Copy Harbor certificate to DinD container
|
||||
docker cp /etc/ssl/registry/registry.crt ci-dind:/usr/local/share/ca-certificates/
|
||||
docker exec ci-dind chown root:root /usr/local/share/ca-certificates/registry.crt
|
||||
docker exec ci-dind update-ca-certificates
|
||||
|
||||
# Login to Harbor registry
|
||||
echo "${{ secrets.HARBOR_CI_PASSWORD }}" | docker exec -i ci-dind docker login ${{ secrets.CI_HOST }}:80 -u ${{ secrets.HARBOR_CI_USER }} --password-stdin
|
||||
# Login to Harbor registry (using HTTPS port 443)
|
||||
echo "${{ secrets.HARBOR_CI_PASSWORD }}" | docker exec -i ci-dind docker login ${{ secrets.CI_HOST }}:443 -u ${{ secrets.HARBOR_CI_USER }} --password-stdin
|
||||
|
||||
echo "DinD container setup complete"
|
||||
else
|
||||
|
|
@ -54,6 +55,12 @@ jobs:
|
|||
|
||||
- name: Setup Containerized Testing Environment
|
||||
run: |
|
||||
# Copy docker-compose.test.yml to DinD container
|
||||
docker cp docker-compose.test.yml ci-dind:/workspace/
|
||||
docker cp backend ci-dind:/workspace/
|
||||
docker cp frontend ci-dind:/workspace/
|
||||
docker cp scripts ci-dind:/workspace/
|
||||
|
||||
# Start testing environment using dedicated compose file inside DinD
|
||||
docker exec ci-dind docker compose -f /workspace/docker-compose.test.yml up -d
|
||||
|
||||
|
|
@ -186,7 +193,7 @@ jobs:
|
|||
run: |
|
||||
# Create environment file for this deployment
|
||||
echo "IMAGE_TAG=${{ github.sha }}" > .env
|
||||
echo "REGISTRY=${{ secrets.CI_HOST }}:5000" >> .env
|
||||
echo "REGISTRY=${{ secrets.CI_HOST }}:443" >> .env
|
||||
echo "IMAGE_NAME=${{ secrets.APP_NAME || 'sharenet' }}" >> .env
|
||||
echo "POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD || 'your_secure_password_here' }}" >> .env
|
||||
echo "POSTGRES_USER=${{ secrets.POSTGRES_USER || 'sharenet' }}" >> .env
|
||||
|
|
@ -200,9 +207,9 @@ jobs:
|
|||
|
||||
- name: Configure Docker for Harbor access
|
||||
run: |
|
||||
# Configure Docker to access Harbor registry on CI Linode
|
||||
echo '{"insecure-registries": ["${{ secrets.CI_HOST }}:80"]}' | sudo tee /etc/docker/daemon.json
|
||||
sudo systemctl restart docker
|
||||
# Configure Docker to access Harbor registry on CI Linode (using HTTPS)
|
||||
# The Harbor certificate should already be installed on the production server
|
||||
# as described in the CI guide Step 13
|
||||
|
||||
# Wait for Docker to be ready
|
||||
timeout 30 bash -c 'until docker info; do sleep 1; done'
|
||||
|
|
|
|||
|
|
@ -67,6 +67,7 @@ services:
|
|||
- "443:443"
|
||||
volumes:
|
||||
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
|
||||
# SSL certificates directory (optional - create nginx/ssl/ for SSL support)
|
||||
- ./nginx/ssl:/etc/nginx/ssl:ro
|
||||
depends_on:
|
||||
- frontend
|
||||
|
|
|
|||
|
|
@ -1,26 +1,6 @@
|
|||
version: '3.8'
|
||||
|
||||
services:
|
||||
# DinD container for isolated Docker operations
|
||||
dind:
|
||||
image: docker:dind
|
||||
container_name: ci-cd-test-dind
|
||||
privileged: true
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
DOCKER_TLS_CERTDIR: ""
|
||||
ports:
|
||||
- "2375:2375"
|
||||
volumes:
|
||||
- /var/lib/docker
|
||||
healthcheck:
|
||||
test: ["CMD", "docker", "version"]
|
||||
interval: 10s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
networks:
|
||||
- ci-cd-test-network
|
||||
|
||||
# PostgreSQL for testing
|
||||
postgres:
|
||||
image: postgres:15-alpine
|
||||
|
|
@ -46,12 +26,9 @@ services:
|
|||
container_name: ci-cd-test-rust
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ./backend:/workspace/backend
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- /workspace/backend:/workspace/backend
|
||||
working_dir: /workspace/backend
|
||||
depends_on:
|
||||
dind:
|
||||
condition: service_healthy
|
||||
postgres:
|
||||
condition: service_healthy
|
||||
networks:
|
||||
|
|
@ -64,11 +41,10 @@ services:
|
|||
container_name: ci-cd-test-node
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ./frontend:/workspace/frontend
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- /workspace/frontend:/workspace/frontend
|
||||
working_dir: /workspace/frontend
|
||||
depends_on:
|
||||
dind:
|
||||
postgres:
|
||||
condition: service_healthy
|
||||
networks:
|
||||
- ci-cd-test-network
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue