Skip to content

Commit

Permalink
Merge branch 'hotfix/v2.4.1'
Browse files Browse the repository at this point in the history
  • Loading branch information
ambroisemaupate committed Dec 11, 2024
2 parents 0a66cb0 + 0718e04 commit e2b774b
Show file tree
Hide file tree
Showing 4 changed files with 60 additions and 13 deletions.
50 changes: 49 additions & 1 deletion .gitlab-ci.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
stages:
- test
- build
- deploy
- release

# AutoDevOps templates for security
Expand All @@ -13,6 +14,8 @@ variables:
COMPOSER_MEMORY_LIMIT: '-1'
TIMEZONE: "Europe/Paris"
SENTRY_URL: ""
# List of Docker containers to restart on deploy
DOCKER_CONTAINERS: "varnish nginx app cron worker"

test:
image: roadiz/php83-runner
Expand Down Expand Up @@ -91,14 +94,59 @@ build_tag:
#- "docker buildx bake --set *.args.COMPOSER_DEPLOY_TOKEN=${COMPOSER_DEPLOY_TOKEN} --push"
- "docker buildx bake --push"

# ==========================================
# Deploy to production environment
#
# Need to generate a SSH (ed25519) key pair and add the private key to the Gitlab CI variables (base64 -w 0 encoded) and
# the public key to the server ~/.ssh/authorized_keys file.
# ssh-keygen -C "My project Gitlab CI deploy key" -t ed25519 -b 2048 -f my_project.id_ed25519
# ==========================================
deploy_develop:
stage: deploy
image: alpine:3.21
only:
- develop
needs:
- build_develop
when: on_success
after_script:
- rm -rf ~/.ssh
before_script:
- apk update
- apk add --no-cache openssh-client
- install -m 600 -D /dev/null ~/.ssh/id_ed25519
- echo "${PREPROD_SSH_PRIVATE_KEY}" | base64 -d > ~/.ssh/id_ed25519
- ssh-keyscan -p ${PREPROD_SSH_PORT} -H "${PREPROD_SSH_HOST}" > ~/.ssh/known_hosts
script:
- ssh -p ${PREPROD_SSH_PORT} ${PREPROD_SSH_USER}@${PREPROD_SSH_HOST} "cd ${PREPROD_WORKDIR} && docker compose pull && docker compose up -d ${DOCKER_CONTAINERS} && exit"

deploy_production:
stage: deploy
image: alpine:3.21
rules:
- if: $CI_COMMIT_TAG
needs:
- build_tag
when: on_success
after_script:
- rm -rf ~/.ssh
before_script:
- apk update
- apk add --no-cache openssh-client
- install -m 600 -D /dev/null ~/.ssh/id_ed25519
- echo "${PROD_SSH_PRIVATE_KEY}" | base64 -d > ~/.ssh/id_ed25519
- ssh-keyscan -p ${PROD_SSH_PORT} -H "${PROD_SSH_HOST}" > ~/.ssh/known_hosts
script:
- ssh -p ${PROD_SSH_PORT} ${PROD_SSH_USER}@${PROD_SSH_HOST} "cd ${PROD_WORKDIR} && docker compose pull && docker compose up -d ${DOCKER_CONTAINERS} && exit"

create_gitlab_release:
stage: release
image: registry.gitlab.com/gitlab-org/release-cli:latest
rules:
- if: $CI_COMMIT_TAG
script:
- echo "Running the release job."
needs: [ "build_tag" ]
needs: [ "deploy_production" ]
when: on_success
release:
tag_name: $CI_COMMIT_TAG
Expand Down
11 changes: 10 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,12 @@

All notable changes to project will be documented in this file.

## [2.4.1](https://github.com/roadiz/skeleton/compare/v2.4.0...v2.4.1) - 2024-12-11

### Documentation

- Added Gitlab CI example how to deploy docker compose to distant SSH servers - ([d0ee7b3](https://github.com/roadiz/skeleton/commit/d0ee7b3ffdc65748ae6a74672d45fd0b08946c97)) - Ambroise Maupate

## [2.4.0](https://github.com/roadiz/skeleton/compare/v2.3.9...v2.4.0) - 2024-12-06

### ⚠ Breaking changes
Expand Down Expand Up @@ -31,7 +37,6 @@ All notable changes to project will be documented in this file.

### Features

- Config updates for api-platform 3.3 - ([3baf2d0](https://github.com/roadiz/skeleton/commit/3baf2d0308dd4d6de461267c8a86ec61d3225163)) - Ambroise Maupate
- Prevent cron docker entrypoint to run as non-root user - ([2dc6c62](https://github.com/roadiz/skeleton/commit/2dc6c6248a6ef72f0a557c3727ad8286ce8d0fed)) - Ambroise Maupate
- Replace `squizlabs/php_codesniffer` package with `friendsofphp/php-cs-fixer` - ([a369090](https://github.com/roadiz/skeleton/commit/a36909011b085eb91aa6a0579a14859edbd9d234)) - Ambroise Maupate
- [**breaking**]Migrate Dockerfile to multi-stage build and get rid of `roadiz/php83-fpm-alpine` base image - ([d2f3899](https://github.com/roadiz/skeleton/commit/d2f3899d10e2fc5df5e341354a387e8129f26789)) - Ambroise Maupate
Expand All @@ -51,6 +56,10 @@ All notable changes to project will be documented in this file.

- Removed useless `themes` folder - ([f06198c](https://github.com/roadiz/skeleton/commit/f06198ce0b7584b8b7294cb42662a73b9fe9b7c0)) - Ambroise Maupate

### Features

- Config updates for api-platform 3.3 - ([3baf2d0](https://github.com/roadiz/skeleton/commit/3baf2d0308dd4d6de461267c8a86ec61d3225163)) - Ambroise Maupate

## [2.3.8](https://github.com/roadiz/skeleton/compare/v2.3.7...v2.3.8) - 2024-06-26

### Bug Fixes
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -319,6 +319,6 @@ FROM varnish:${VARNISH_VERSION}-alpine AS varnish

LABEL org.opencontainers.image.authors="ambroise@rezo-zero.com"

ENV VARNISH_SIZE 512G
ENV VARNISH_SIZE 256G

COPY --link docker/varnish/default.vcl /etc/varnish/
10 changes: 0 additions & 10 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -117,16 +117,6 @@ Use built-in command to generate your key pair (following command should have be
docker compose exec app bin/console lexik:jwt:generate-keypair
```

Or manually using `openssl`

```shell script
# Reveal your JWT_PASSPHRASE
docker compose exec app bin/console secrets:list --reveal
# Fill JWT_PASSPHRASE env var.
openssl genpkey -out config/jwt/private.pem -aes256 -algorithm rsa -pkeyopt rsa_keygen_bits:4096;
openssl pkey -in config/jwt/private.pem -out config/jwt/public.pem -pubout;
```

### Install database

Use `make install` command to install your database schema and fixtures.
Expand Down

0 comments on commit e2b774b

Please sign in to comment.