fix

.gitignore

@@ -1,8 +1,9 @@
 .env
 
+ci/app/go-site
+
 data/gitlab-test/gitlab
 data/gitlab-test/postgresql
 data/gitlab-test/redis
-data/gitlab-test/gitlab-runner*
 
-Addons/gpg*
+Addons/

Addons/cleaner/.env.axample

@@ -1,7 +0,0 @@
-CLEAN_PERIOD=1800
-DELAY_TIME=86400
-KEEP_IMAGES=hub.bildme.ru/*
-KEEP_CONTAINERS=
-KEEP_CONTAINERS_NAMED=traefik*
-LOOP=true
-DEBUG=1

Addons/cleaner/docker-compose.yaml

@@ -1,16 +0,0 @@
-version: '3'
-services:
-  cleanup:
-    image: meltwater/docker-cleanup
-    restart: always
-    volumes:
-      - /var/lib/docker:/var/lib/docker:rw
-      - /var/run/docker.sock:/var/run/docker.sock:rw
-    environment:
-      - CLEAN_PERIOD=${CLEAN_PERIOD}
-      - DELAY_TIME=${DELAY_TIME}
-      - KEEP_IMAGES=${KEEP_IMAGES}
-      - KEEP_CONTAINERS=${KEEP_CONTAINERS}
-      - KEEP_CONTAINERS_NAMED=${KEEP_CONTAINERS_NAMED}
-      - LOOP=${LOOP}
-      - DEBUG=${DEBUG}

Addons/minio-srotage/storage-policy.json

@@ -1,14 +0,0 @@
-{
-	"Version": "2012-10-17",
-	"Statement": [
-		{
-			"Effect": "Allow",
-			"Action": [
-				"s3:*"
-			],
-			"Resource": [
-				"arn:aws:s3:::gitlab-storage/*"
-			]
-		}
-	]
-}

ci/.gitlab-ci.yml

@@ -0,0 +1,150 @@
+# полный реферерс тут
+# https://docs.gitlab.com/ee/ci/yaml/index.html
+# а тут доступные переменные
+# https://docs.gitlab.com/ee/ci/variables/predefined_variables.html
+
+image: docker:20.10.16
+
+variables:
+  REGISTRY: hub.bildme.ru
+  GITLAB: git.bildme.ru
+  IMAGE_NAME: $REGISTRY/$CI_PROJECT_PATH:latest
+  RELEASE_NAME: go-site
+  VERSION: 0.0.7
+  PACKAGE_REGISTRY_URL: https://${GITLAB}/api/v4/projects/${CI_PROJECT_ID}/packages/generic/${RELEASE_NAME}/${VERSION}
+  DOCKER_SERVER: 192.168.9.199
+
+stages:
+- test
+- build
+- push
+- deploy-stage
+- test-stage
+- release
+
+.rules: &rules
+  rules:
+    - if: $CI_COMMIT_TAG
+      when: never
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+
+test_code:
+  stage: test
+  image: golang:latest
+  <<: *rules
+  script:
+    - cd app
+    - CGO_ENABLED=0 GOOS=linux GO111MODULE=auto go test
+  tags:
+   - docker
+
+build_main:
+  stage: build
+  image: golang:latest
+  <<: *rules
+  script:
+    - cd app
+    - CGO_ENABLED=0 GOOS=linux GO111MODULE=auto go build -a -ldflags="-X 'main.Version=v${VERSION}'" -installsuffix cgo -o go-site .
+  artifacts:
+    paths:
+      - app/go-site
+  tags:
+   - docker
+
+push_image:
+  stage: push
+  <<: *rules
+  before_script:
+    - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $REGISTRY
+  script:
+    - docker build -t $IMAGE_NAME .
+    - docker push $IMAGE_NAME
+  tags:
+   - docker
+
+deploy_stage:
+  stage: deploy-stage
+  image: hub.realmanual.ru/pub/openssh-client:latest
+  <<: *rules
+  before_script:
+    - eval $(ssh-agent -s)
+    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
+    - mkdir -p ~/.ssh
+    - chmod 700 ~/.ssh
+    - ssh-keyscan ${DOCKER_SERVER} >> ~/.ssh/known_hosts
+    - chmod 644 ~/.ssh/known_hosts
+  script:
+    - ssh root@${DOCKER_SERVER} "docker rm -f main-go; docker pull hub.bildme.ru/firstgroup/go-site && docker run -d --rm --name main-go -p 3000:3000 hub.bildme.ru/firstgroup/go-site:latest"
+  environment:
+    name: stage
+    url: http://${DOCKER_SERVER}:3000/
+  tags:
+   - docker
+
+test_stage:
+  stage: test-stage
+  image: alpine
+  <<: *rules
+  script:
+    - apk --no-cache add curl
+    - "[ $(curl -sw '%{http_code}' --connect-timeout 2 'http://${DOCKER_SERVER}:3000/health' -o /dev/null) -ne 200 ] && exit 0 || exit 1"
+  tags:
+   - docker
+
+package:
+  stage: release
+  <<: *rules
+  before_script:
+    - apk add curl
+  script:
+    - FILE_NAME=${RELEASE_NAME}
+    - cd app
+    - 'curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file ${FILE_NAME} ${PACKAGE_REGISTRY_URL}/${FILE_NAME}'
+  when:
+    manual
+
+release:
+  stage: release
+  image: registry.gitlab.com/gitlab-org/release-cli:latest
+  <<: *rules
+  script:
+    - echo "Release ${RELEASE_NAME}"
+  release:
+    name: 'Release $VERSION'
+    description: 'Release $VERSION'
+    tag_name: '$VERSION'
+    ref: '$CI_COMMIT_SHA'
+    assets:
+      links:
+        - name: '${RELEASE_NAME}'
+          url: '${PACKAGE_REGISTRY_URL}/${RELEASE_NAME}'
+  when:
+    manual
+
+deploy_prod:
+  stage: release
+  image: hub.realmanual.ru/pub/openssh-client:latest
+  <<: *rules
+  before_script:
+    - eval $(ssh-agent -s)
+    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
+    - mkdir -p ~/.ssh
+    - chmod 700 ~/.ssh
+    - ssh-keyscan ${DOCKER_SERVER} >> ~/.ssh/known_hosts
+    - chmod 644 ~/.ssh/known_hosts
+  script:
+    - ssh root@${DOCKER_SERVER} "docker rm -f main-go; docker pull hub.bildme.ru/firstgroup/go-site && docker run -d --rm --name main-go -p 3000:3000 hub.bildme.ru/firstgroup/go-site:latest"
+  environment:
+    name: production
+    url: http://${DOCKER_SERVER}:3000/
+  tags:
+   - docker
+  when:
+    manual
+
+
+### Что можно добавить ?
+### - версионирование тегов
+### - возможность откатываться назад на версию (на нужную версию через ввод переменной)
+### - тестирование кода линтером перед деплоем
+### - возможность деплоя на два окружения (сценарий, когда сначала на стейдж, потом в ручную по тригеру на прод)

ci/Dockerfile

@@ -0,0 +1,10 @@
+FROM alpine
+ENV LANGUAGE="ru"
+
+COPY app/go-site /app/
+WORKDIR /app
+
+RUN apk add --no-cache ca-certificates &&\
+	chmod +x go-site
+
+CMD [ "./go-site" ]

ci/app/go_test.go

@@ -0,0 +1,26 @@
+package main
+
+import (
+    "net/http"
+    "net/http/httptest"
+    "strings"
+    "testing"
+)
+
+
+func TestHealthMessage(t *testing.T) {
+    wr := httptest.NewRecorder()
+    req := httptest.NewRequest(http.MethodGet, "/health", nil)
+
+    healthMessage(wr, req)
+    if wr.Code != http.StatusOK {
+        t.Errorf("got HTTP status code %d, expected 200", wr.Code)
+    }
+
+    if !strings.Contains(wr.Body.String(), `{"health":"OK"}`) {
+        t.Errorf(
+            `response body "%s" does not contain "health OK"`,
+            wr.Body.String(),
+        )
+    }
+}

ci/app/main.go

@@ -0,0 +1,32 @@
+package main
+
+import (
+    "net/http"
+    "os"
+    "fmt"
+)
+
+var Version = "0.0.1"
+
+func indexHandler(w http.ResponseWriter, r *http.Request) {
+    w.Write([]byte("<h1>Hello World, im ver:"+Version+" !</h1>"))
+}
+
+func healthMessage(w http.ResponseWriter, r *http.Request) {
+    w.Header().Add("Content-Type", "application/json")
+    w.Write([]byte(`{"health":"OK"}`))
+}
+
+func main() {
+    port := os.Getenv("PORT")
+    if port == "" {
+        port = "3000"
+    }
+
+    fmt.Print("\nVersion:", Version, ", Im run in http://127.0.0.1:", port)
+
+    mux := http.NewServeMux()
+    mux.HandleFunc("/", indexHandler)
+    mux.HandleFunc("/health", healthMessage)
+    http.ListenAndServe(":"+port, mux)
+}

ci/docker-run.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+docker pull hub.bildme.ru/firstgroup/go-site:latest
+docker run --rm --name main-go -p 3000:3000 hub.bildme.ru/firstgroup/go-site:latest

docker-compose.yml

@@ -128,14 +128,14 @@ services:
       - REGISTRY_AUTH_TOKEN_ISSUER=gitlab-issuer
       - REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE=/certs/registry.crt
       - REGISTRY_STORAGE_DELETE_ENABLED=true
-      # - REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/registry
+      - REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/registry
-      - REGISTRY_STORAGE=s3
+      # - REGISTRY_STORAGE=s3
-      - REGISTRY_STORAGE_S3_ACCESSKEY
+      # - REGISTRY_STORAGE_S3_ACCESSKEY
-      - REGISTRY_STORAGE_S3_SECRETKEY
+      # - REGISTRY_STORAGE_S3_SECRETKEY
-      - REGISTRY_STORAGE_S3_REGIONENDPOINT
+      # - REGISTRY_STORAGE_S3_REGIONENDPOINT
-      - REGISTRY_STORAGE_S3_REGION
+      # - REGISTRY_STORAGE_S3_REGION
-      - REGISTRY_STORAGE_S3_BUCKET
+      # - REGISTRY_STORAGE_S3_BUCKET
-      - REGISTRY_STORAGE_CACHE_BLOBDESCRIPTOR=inmemory
+      # - REGISTRY_STORAGE_CACHE_BLOBDESCRIPTOR=inmemory
     expose:
       - 5000
     networks:
@@ -172,69 +172,47 @@ services:
     volumes:
       - ${SERVICE_DATA}/${SERVICE_NAME}/redis:/var/lib/redis:Z
 
-  runner_1: &runner
+  # runner_1: &runner
-    image: ${DOCKER_IMAGE_RUNNER}
+  #   image: ${DOCKER_IMAGE_RUNNER}
-    container_name: ${SERVICE_NAME}_${CONTAINER_NAME_RUNNER}_1
+  #   container_name: ${SERVICE_NAME}_${CONTAINER_NAME_RUNNER}_1
-    restart: always
+  #   restart: always
-    depends_on:
+  #   depends_on:
-      - gitlab
+  #     - gitlab
-    command: --debug run --user=gitlab-runner --working-directory=/home/gitlab-runner
+  #   command: --debug run --user=gitlab-runner --working-directory=/home/gitlab-runner
-    environment:
+  #   environment:
-      - CI_SERVER_URL=https://${GITLAB_HOST}
+  #     - CI_SERVER_URL=https://${GITLAB_HOST}
-      - CI_SERVER_LOCAL_IP=${CI_SERVER_LOCAL_IP}
+  #     - CI_SERVER_LOCAL_IP=${CI_SERVER_LOCAL_IP}
-      - CI_SERVER_WITH_RUNNER=${CI_SERVER_WITH_RUNNER}
+  #     - CI_SERVER_WITH_RUNNER=${CI_SERVER_WITH_RUNNER}
-      - RUNNER_TOKEN=${RUNNER_TOKEN}
+  #     - RUNNER_TOKEN=${RUNNER_TOKEN}
-      - RUNNER_DESCRIPTION=gitab-runner_1
+  #     - RUNNER_DESCRIPTION=gitab-runner_1
-      - RUNNER_EXECUTOR=docker
+  #     - RUNNER_EXECUTOR=docker
-      - DOCKER_IMAGE=gitlab/gitlab-runner-helper:x86_64-latest
+  #     - DOCKER_IMAGE=gitlab/gitlab-runner-helper:x86_64-latest
-    networks:
+  #   networks:
-      - ${SERVICE_NETWORK}
+  #     - ${SERVICE_NETWORK}
-    volumes:
+  #   volumes:
-      - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab-runner_1:/etc/gitlab-runner
+  #     - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab-runner_1:/etc/gitlab-runner
-      - /var/run/docker.sock:/var/run/docker.sock
+  #     - /var/run/docker.sock:/var/run/docker.sock
 
-  runner_2:
+  # runner_2:
-    <<: *runner
+  #   <<: *runner
-    container_name: ${SERVICE_NAME}_${CONTAINER_NAME_RUNNER}_2
+  #   container_name: ${SERVICE_NAME}_${CONTAINER_NAME_RUNNER}_2
-    command: --debug run --user=gitlab-runner --working-directory=/home/gitlab-runner
+  #   environment:
-    environment:
+  #     - RUNNER_DESCRIPTION=gitab-runner_2
-      - CI_SERVER_URL=https://${GITLAB_HOST}
+  #   volumes:
-      - CI_SERVER_LOCAL_IP=${CI_SERVER_LOCAL_IP}
+  #     - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab-runner_2:/etc/gitlab-runner
-      - CI_SERVER_WITH_RUNNER=${CI_SERVER_WITH_RUNNER}
-      - RUNNER_TOKEN=${RUNNER_TOKEN}
-      - RUNNER_DESCRIPTION=gitab-runner_2
-      - RUNNER_EXECUTOR=docker
-      - DOCKER_IMAGE=gitlab/gitlab-runner-helper:x86_64-latest
-    volumes:
-      - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab-runner_2:/etc/gitlab-runner
-      - /var/run/docker.sock:/var/run/docker.sock
 
-  runner_3:
+  # runner_3:
-    <<: *runner
+  #   <<: *runner
-    container_name: ${SERVICE_NAME}_${CONTAINER_NAME_RUNNER}_3
+  #   container_name: ${SERVICE_NAME}_${CONTAINER_NAME_RUNNER}_3
-    environment:
+  #   environment:
-      - CI_SERVER_URL=https://${GITLAB_HOST}
+  #     - RUNNER_DESCRIPTION=gitab-runner_3
-      - CI_SERVER_LOCAL_IP=${CI_SERVER_LOCAL_IP}
+  #   volumes:
-      - CI_SERVER_WITH_RUNNER=${CI_SERVER_WITH_RUNNER}
+  #     - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab-runner_3:/etc/gitlab-runner
-      - RUNNER_TOKEN=${RUNNER_TOKEN}
-      - RUNNER_DESCRIPTION=gitab-runner_3
-      - RUNNER_EXECUTOR=docker
-      - DOCKER_IMAGE=gitlab/gitlab-runner-helper:x86_64-latest
-    volumes:
-      - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab-runner_3:/etc/gitlab-runner
-      - /var/run/docker.sock:/var/run/docker.sock
 
-  runner_4:
+  # runner_4:
-    <<: *runner
+  #   <<: *runner
-    container_name: ${SERVICE_NAME}_${CONTAINER_NAME_RUNNER}_4
+  #   container_name: ${SERVICE_NAME}_${CONTAINER_NAME_RUNNER}_4
-    environment:
+  #   environment:
-      - CI_SERVER_URL=https://${GITLAB_HOST}
+  #     - RUNNER_DESCRIPTION=gitab-runner_4
-      - CI_SERVER_LOCAL_IP=${CI_SERVER_LOCAL_IP}
+  #   volumes:
-      - CI_SERVER_WITH_RUNNER=${CI_SERVER_WITH_RUNNER}
+  #     - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab-runner_4:/etc/gitlab-runner
-      - RUNNER_TOKEN=${RUNNER_TOKEN}
-      - RUNNER_DESCRIPTION=gitab-runner_4
-      - RUNNER_EXECUTOR=docker
-      - DOCKER_IMAGE=gitlab/gitlab-runner-helper:x86_64-latest
-    volumes:
-      - ${SERVICE_DATA}/${SERVICE_NAME}/gitlab-runner_4:/etc/gitlab-runner
-      - /var/run/docker.sock:/var/run/docker.sock