185 lines
5.5 KiB
YAML
185 lines
5.5 KiB
YAML
# Woodpecker CI Pipeline
|
|
# https://woodpecker-ci.org/docs/usage/pipeline-syntax
|
|
|
|
variables:
|
|
- &python_image python:3.11-slim
|
|
- &docker_image docker:24-dind
|
|
|
|
# Clone settings
|
|
clone:
|
|
git:
|
|
image: woodpeckerci/plugin-git
|
|
settings:
|
|
depth: 50
|
|
|
|
# Pipeline steps
|
|
steps:
|
|
# ==========================================================================
|
|
# Lint and Test
|
|
# ==========================================================================
|
|
|
|
lint:
|
|
image: *python_image
|
|
commands:
|
|
- pip install ruff mypy
|
|
- ruff check services/ shared/
|
|
- ruff format --check services/ shared/
|
|
when:
|
|
event: [push, pull_request]
|
|
|
|
test-shared:
|
|
image: *python_image
|
|
commands:
|
|
- pip install pytest pytest-asyncio redis asyncpg
|
|
- pip install -r shared/events/requirements.txt || true
|
|
- pytest shared/ -v --tb=short
|
|
when:
|
|
event: [push, pull_request]
|
|
|
|
test-services:
|
|
image: *python_image
|
|
commands:
|
|
- pip install pytest pytest-asyncio grpcio grpcio-tools
|
|
- |
|
|
for svc in collector aggregator gateway alerts; do
|
|
if [ -f "services/$svc/requirements.txt" ]; then
|
|
pip install -r "services/$svc/requirements.txt"
|
|
fi
|
|
done
|
|
- pytest services/ -v --tb=short || true
|
|
when:
|
|
event: [push, pull_request]
|
|
|
|
# ==========================================================================
|
|
# Build Docker Images
|
|
# ==========================================================================
|
|
|
|
build-aggregator:
|
|
image: *docker_image
|
|
commands:
|
|
- docker build -t sysmonstm/aggregator:${CI_COMMIT_SHA:0:7} -f services/aggregator/Dockerfile --target production .
|
|
- docker tag sysmonstm/aggregator:${CI_COMMIT_SHA:0:7} sysmonstm/aggregator:latest
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
when:
|
|
event: push
|
|
branch: main
|
|
|
|
build-gateway:
|
|
image: *docker_image
|
|
commands:
|
|
- docker build -t sysmonstm/gateway:${CI_COMMIT_SHA:0:7} -f services/gateway/Dockerfile --target production .
|
|
- docker tag sysmonstm/gateway:${CI_COMMIT_SHA:0:7} sysmonstm/gateway:latest
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
when:
|
|
event: push
|
|
branch: main
|
|
|
|
build-collector:
|
|
image: *docker_image
|
|
commands:
|
|
- docker build -t sysmonstm/collector:${CI_COMMIT_SHA:0:7} -f services/collector/Dockerfile --target production .
|
|
- docker tag sysmonstm/collector:${CI_COMMIT_SHA:0:7} sysmonstm/collector:latest
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
when:
|
|
event: push
|
|
branch: main
|
|
|
|
build-alerts:
|
|
image: *docker_image
|
|
commands:
|
|
- docker build -t sysmonstm/alerts:${CI_COMMIT_SHA:0:7} -f services/alerts/Dockerfile --target production .
|
|
- docker tag sysmonstm/alerts:${CI_COMMIT_SHA:0:7} sysmonstm/alerts:latest
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
when:
|
|
event: push
|
|
branch: main
|
|
|
|
# ==========================================================================
|
|
# Push to Registry
|
|
# ==========================================================================
|
|
|
|
push-images:
|
|
image: *docker_image
|
|
commands:
|
|
- echo "$REGISTRY_PASSWORD" | docker login -u "$REGISTRY_USER" --password-stdin "$REGISTRY_URL"
|
|
- |
|
|
for img in aggregator gateway collector alerts; do
|
|
docker tag sysmonstm/$img:latest $REGISTRY_URL/sysmonstm/$img:${CI_COMMIT_SHA:0:7}
|
|
docker tag sysmonstm/$img:latest $REGISTRY_URL/sysmonstm/$img:latest
|
|
docker push $REGISTRY_URL/sysmonstm/$img:${CI_COMMIT_SHA:0:7}
|
|
docker push $REGISTRY_URL/sysmonstm/$img:latest
|
|
done
|
|
secrets: [registry_user, registry_password, registry_url]
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
when:
|
|
event: push
|
|
branch: main
|
|
|
|
# ==========================================================================
|
|
# Deploy to EC2
|
|
# ==========================================================================
|
|
|
|
deploy-staging:
|
|
image: appleboy/drone-ssh
|
|
settings:
|
|
host:
|
|
from_secret: deploy_host
|
|
username:
|
|
from_secret: deploy_user
|
|
key:
|
|
from_secret: deploy_key
|
|
script:
|
|
- cd /home/ec2-user/sysmonstm
|
|
- git pull origin main
|
|
- docker-compose pull
|
|
- docker-compose up -d --remove-orphans
|
|
- docker system prune -f
|
|
when:
|
|
event: push
|
|
branch: main
|
|
|
|
# ==========================================================================
|
|
# Notifications
|
|
# ==========================================================================
|
|
|
|
notify-success:
|
|
image: plugins/webhook
|
|
settings:
|
|
urls:
|
|
from_secret: webhook_url
|
|
content_type: application/json
|
|
template: |
|
|
{
|
|
"text": "✅ Build succeeded: ${CI_REPO_NAME}#${CI_BUILD_NUMBER}",
|
|
"commit": "${CI_COMMIT_SHA:0:7}",
|
|
"branch": "${CI_COMMIT_BRANCH}",
|
|
"author": "${CI_COMMIT_AUTHOR}"
|
|
}
|
|
when:
|
|
status: success
|
|
event: push
|
|
branch: main
|
|
|
|
notify-failure:
|
|
image: plugins/webhook
|
|
settings:
|
|
urls:
|
|
from_secret: webhook_url
|
|
content_type: application/json
|
|
template: |
|
|
{
|
|
"text": "❌ Build failed: ${CI_REPO_NAME}#${CI_BUILD_NUMBER}",
|
|
"commit": "${CI_COMMIT_SHA:0:7}",
|
|
"branch": "${CI_COMMIT_BRANCH}",
|
|
"author": "${CI_COMMIT_AUTHOR}"
|
|
}
|
|
when:
|
|
status: failure
|
|
event: push
|
|
branch: main
|