From 1ec2f3f4dfebffac9080ef2c37b81304925ae287 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=91=D1=83=D1=80=D0=B4=D0=B5=D0=BD=D0=BA=D0=BE=20=D0=90?=
 =?UTF-8?q?=D0=BB=D0=B5=D0=BA=D1=81=D0=B5=D0=B9?= <aburdenko@beeline.ru>
Date: Tue, 24 Jun 2025 10:41:09 +0300
Subject: [PATCH] up

---
 .gitlab-ci.yml                    |  1 +
 ci/deploy/deploy-cloud.inc.yml    | 11 +++++++
 ci/deploy/deploy-template.inc.yml | 54 +++++++++++++++++++++++++++++++
 ci/deploy/deploy.sh               | 54 +++++++++++++++++++++++++++++++
 4 files changed, 120 insertions(+)
 create mode 100644 ci/deploy/deploy-cloud.inc.yml
 create mode 100644 ci/deploy/deploy-template.inc.yml
 create mode 100644 ci/deploy/deploy.sh

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index dd236cf..2f26250 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -12,3 +12,4 @@ variables:
 include: 
   - ci/develop.yml
   - "ci/rules.yml"
+  - "ci/deploy/*.inc.yml"
diff --git a/ci/deploy/deploy-cloud.inc.yml b/ci/deploy/deploy-cloud.inc.yml
new file mode 100644
index 0000000..eeb44d2
--- /dev/null
+++ b/ci/deploy/deploy-cloud.inc.yml
@@ -0,0 +1,11 @@
+deploy-cloud:
+  stage: deploy
+  rules:
+    - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS
+      when: never
+    - if: $CI_COMMIT_BRANCH && $CI_PIPELINE_SOURCE == "merge_request_event"
+      when: never
+    - if: $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "main"
+      when: manual
+  extends:
+    - .deploy-template
diff --git a/ci/deploy/deploy-template.inc.yml b/ci/deploy/deploy-template.inc.yml
new file mode 100644
index 0000000..fb954c6
--- /dev/null
+++ b/ci/deploy/deploy-template.inc.yml
@@ -0,0 +1,54 @@
+.deploy-template:
+  image: harbor.vimpelcom.ru/dockerhub/library/alpine
+  before_script:
+    - |
+      sed -i s%https://dl-cdn.alpinelinux.org/%http://rhrepo.vimpelcom.ru/ext/ya/mirrors/% /etc/apk/repositories && \
+      apk --no-cache add tzdata ca-certificates curl openssh-client yq jq && \
+      rm -rf /var/cache/apk/*
+    - which ssh-agent || (apt-get update -y && apt-get install openssh-client -y)
+    - eval $(ssh-agent -s)
+    - mkdir -p ~/.ssh
+    - echo -n "$TECH_SSH_KEY" | tr -d '\r' > ~/.ssh/id_rsa
+    - chmod 700 ~/.ssh
+    - chmod 600 ~/.ssh/id_rsa
+    # https://mikefarah.gitbook.io/yq/operators/traverse-read#nested-special-characters
+    - STANDS=$(echo "$STANDS" | yq '."'"${CI_COMMIT_REF_NAME}"'".[]')
+    - RED=$'\033[0;31m'
+    - RESET=$'\033[0m'
+    - >
+      if [[ -z "$STANDS" ]]; then
+        echo -e "${RED}STANDS for ${CI_COMMIT_REF_NAME:=CI_COMMIT_REF_NAME} is null${RESET}"
+        exit 1
+      fi
+    - >
+      for stand in $STANDS; do
+        echo "stand: ${stand}"
+        ssh-keyscan "${stand}" >> ~/.ssh/known_hosts
+      done
+    - chmod 644 ~/.ssh/known_hosts
+    # Если получилось что-то пустое
+    - >
+      if [[ -z "$APPVERSION" ]]; then 
+        APPVERSION="0.0.1"
+      fi
+  script:
+    - mkdir -p ${CI_PROJECT_DIR}/utils/
+    - cd ${CI_PROJECT_DIR}/utils/
+    - wget -q --no-check-certificate --output-document "deploy.sh" --header "PRIVATE-TOKEN:${GITLAB_TOKEN}" "https://git.vimpelcom.ru/api/v4/projects/9556/repository/files/ci%2Fdeploy%2Fdeploy.sh/raw"
+    - >
+      for stand in $STANDS; do
+        echo -e "Connect to ${stand}..." &&
+        scp -o StrictHostKeyChecking=no deploy.sh "dorootless@${stand}:~/deploy.sh" &&
+        ssh "dorootless@${stand}" "export CONTAINER_REGISTRY=$CONTAINER_REGISTRY &&
+        export PRODUCT=$PRODUCT &&
+        export PRODUCT_VERSION=$PRODUCT_VERSION &&
+        export IMAGE_NAME=$IMAGE_NAME &&
+        chmod 700 ~/deploy.sh &&
+        ~/deploy.sh ${IMAGE_NAME} &&
+        rm -f ~/deploy.sh"
+      done
+  needs:
+    - job: build-image-npm
+      optional: true
+    - job: build-image-go
+      optional: true
diff --git a/ci/deploy/deploy.sh b/ci/deploy/deploy.sh
new file mode 100644
index 0000000..9a26b53
--- /dev/null
+++ b/ci/deploy/deploy.sh
@@ -0,0 +1,54 @@
+#!/bin/bash
+
+# CONTAINER_REGISTRY="harbor.vimpelcom.ru"
+# PRODUCT="vega/stage"
+# PRODUCT_VERSION="0.5.3"
+
+if [[ $# -eq 0 ]] ; then
+    echo "No arguments supplied"
+    exit 1
+fi
+
+if [[ -z "$1" ]] ; then
+    echo "No argument CONTAINER_NAME"
+    exit 1
+fi
+
+GREEN=$'\033[0;32m'
+RED=$'\033[0;31m' 
+BLUE=$'\033[0;36m' 
+WHITE=$'\033[0;37m' 
+RESET=$'\033[0m'
+
+CONTAINER_NAME=${1}
+IMAGE_URL="$CONTAINER_REGISTRY/$PRODUCT/$IMAGE_NAME:$PRODUCT_VERSION"
+DOCKER_COMPOSE_EXEC="docker-compose"
+
+if ! [ -x "$(command -v docker-compose)" ]; then
+    DOCKER_COMPOSE_EXEC="docker compose"
+fi
+
+# для -z необходимо указывать параметры в двойных ковычках
+if [ -z "$(docker ps -aq -f name=^${CONTAINER_NAME}$)" ]; then
+  echo -e "${RED}${CONTAINER_NAME:-container} not running.${RESET}"
+  exit 1
+fi
+
+COMPOSE_FILE="$(docker inspect --format '{{index .Config.Labels "com.docker.compose.project.config_files"}}' $CONTAINER_NAME | tr , \\n | xargs grep -wH $IMAGE_NAME | cut -d: -sf1 | uniq)"
+COMPOSE_ALL_FILES="-f $COMPOSE_FILE"
+
+cp $COMPOSE_FILE "$COMPOSE_FILE.orig"
+# sed -i '/image: .*'$IMAGE_NAME'/ s|:.*|: '"$IMAGE_URL"'|' $COMPOSE_FILE
+sed -r -i '/image: .*'$IMAGE_NAME'(:|@|$)/ s|:.*|: '"$IMAGE_URL"'|' $COMPOSE_FILE
+
+if [ -e ~dorootless/docker-compose-svc.yaml ]; then
+COMPOSE_SVC_FILE=~dorootless/docker-compose-svc.yaml
+COMPOSE_ALL_FILES="-f $COMPOSE_SVC_FILE -f $COMPOSE_FILE"
+fi
+
+$DOCKER_COMPOSE_EXEC $COMPOSE_ALL_FILES pull $CONTAINER_NAME
+$DOCKER_COMPOSE_EXEC $COMPOSE_ALL_FILES up -d
+
+if [ "$(docker ps -a -q -f name=ingress)" ]; then
+  $DOCKER_COMPOSE_EXEC $COMPOSE_ALL_FILES exec ingress angie -s reload
+fi