onixbyte/delta-force-guide-server
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

chore: simplify GitLab CI to release-only workflow with tag-triggered pipeline

Browse Source 
Replace the full CI pipeline (build → image → push → SSH deploy on every branch)
with a focused release workflow: build JAR on tag push, package Docker image
tagged with the release tag, and push to registry.onixbyte.cn.
This commit is contained in:
Siu Jam Oh
2026-05-25 09:05:13 +08:00
parent b94a09691d
commit 58607c8d0a
1 changed files with 48 additions and 143 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitlab-ci.yml
+45 -140
View File
@@ -1,157 +1,62 @@
variables:
REGISTRY: registry.onixbyte.cn
IMAGE_NAME: delta-force-guide
GRADLE_OPTS: -Dorg.gradle.daemon=false
stages: stages:
- build
- package - package
- build-image
- push
- deploy - deploy
variables: build:
# ---------- Gradle ---------- stage: build
GRADLE_IMAGE: gradle:8.14.4-jdk21 image: amazoncorretto:21-alpine
GRADLE_USER_HOME: ${CI_PROJECT_DIR}/.gradle cache:
key: gradle
# ---------- Docker ----------
DOCKER_IMAGE: docker:27.5.1
DOCKER_SERVICE: docker:27.5.1-dind
DOCKER_HOST: tcp://docker:2375
DOCKER_TLS_CERTDIR: ""
# ---------- Application ----------
APP_NAME: delta-force-guide-server
# ---------- Image tags ----------
IMAGE_TAG: ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHORT_SHA}
LATEST_TAG: ${CI_REGISTRY_IMAGE}:latest
# ---------- CI Dockerfile ----------
CI_DOCKERFILE: Dockerfile.ci
cache:
key: ${CI_COMMIT_REF_SLUG}
paths: paths:
- .gradle/wrapper - .gradle/wrapper
- .gradle/caches - .gradle/caches
policy: pull-push before_script:
- chmod +x gradlew
# ====================================================================
# Reusable template for Docker jobs
# ====================================================================
.docker:
image: ${DOCKER_IMAGE}
services:
- name: ${DOCKER_SERVICE}
command: ["--tls=false"]
variables:
DOCKER_HOST: tcp://docker:2375
DOCKER_TLS_CERTDIR: ""
# Trigger the pipeline for MRs, the default branch, and tags
workflow:
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
- if: '$CI_COMMIT_TAG'
# ====================================================================
# Stage 1 — Package: build the JAR with Gradle
# ====================================================================
package:
stage: package
image: ${GRADLE_IMAGE}
script: script:
- ./gradlew build - ./gradlew bootJar -x test
artifacts: artifacts:
name: "${CI_JOB_NAME}-${CI_COMMIT_SHORT_SHA}"
paths: paths:
- build/libs/*.jar - build/libs/*.jar
expire_in: 1 hour expire_in: 30 min
# ====================================================================
# Stage 2 — Build Docker image using the pre-built JAR artifact
# ====================================================================
build-image:
stage: build-image
extends: .docker
script:
# Resolve the actual JAR path
- JAR_FILE=$(ls build/libs/delta-force-guide-server-*.jar | head -1)
- echo "Packaging JAR: ${JAR_FILE}"
# Build image with the CI-specific single-stage Dockerfile
- |
docker build \
--build-arg JAR_FILE="${JAR_FILE}" \
-f ${CI_DOCKERFILE} \
-t ${IMAGE_TAG} \
-t ${LATEST_TAG} \
.
# Save the image as a CI artefact for the next stage
- docker save ${IMAGE_TAG} ${LATEST_TAG} > image.tar
artifacts:
paths:
- image.tar
expire_in: 1 hour
needs:
- package
# ====================================================================
# Stage 3 — Push image to GitLab Container Registry
# ====================================================================
push:
stage: push
extends: .docker
script:
- docker load < image.tar
- docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY}
- docker push ${IMAGE_TAG}
- docker push ${LATEST_TAG}
needs:
- build-image
rules: rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' - if: $CI_COMMIT_TAG
- if: '$CI_COMMIT_TAG'
package:
stage: package
image: docker:27
services:
- docker:27-dind
needs:
- build
script:
- JAR_FILE=$(find build/libs -name '*.jar' | head -1)
- echo "Building Docker image for tag $CI_COMMIT_TAG with JAR $JAR_FILE"
- docker build
-f Dockerfile.ci
--build-arg JAR_FILE="$JAR_FILE"
-t "$REGISTRY/$IMAGE_NAME:$CI_COMMIT_TAG"
.
- docker tag "$REGISTRY/$IMAGE_NAME:$CI_COMMIT_TAG" "$REGISTRY/$IMAGE_NAME:latest"
rules:
- if: $CI_COMMIT_TAG
# ====================================================================
# Stage 4 — Deploy on the target server via SSH
# ====================================================================
deploy: deploy:
stage: deploy stage: deploy
image: alpine:latest image: docker:27
before_script: services:
- apk add --no-cache openssh-client - docker:27-dind
- eval "$(ssh-agent -s)"
- echo "${DEPLOY_SSH_PRIVATE_KEY}" | tr -d '\r' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
script:
- |
ssh -o StrictHostKeyChecking=no ${DEPLOY_USER}@${DEPLOY_HOST} "
set -e
echo '=== Pulling image ==='
echo ${CI_REGISTRY_PASSWORD} | docker login -u ${CI_REGISTRY_USER} --password-stdin ${CI_REGISTRY}
docker pull ${IMAGE_TAG}
echo '=== Stopping old container ==='
docker stop ${APP_NAME} || true
docker rm ${APP_NAME} || true
echo '=== Starting new container ==='
docker run -d \
--name ${APP_NAME} \
--restart unless-stopped \
-p ${DEPLOY_PORT:-8080}:8080 \
${IMAGE_TAG}
echo '=== Cleaning up old images ==='
docker image prune -f
echo '=== Deployment complete ==='
"
needs: needs:
- push - package
environment: script:
name: production - echo "Pushing image $REGISTRY/$IMAGE_NAME:$CI_COMMIT_TAG"
url: http://${DEPLOY_HOST}:${DEPLOY_PORT:-8080} - docker login "$REGISTRY" -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD"
- docker push "$REGISTRY/$IMAGE_NAME:$CI_COMMIT_TAG"
- docker push "$REGISTRY/$IMAGE_NAME:latest"
rules: rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' - if: $CI_COMMIT_TAG