Add authorization and deployment to the ci file

This commit is contained in:
Jeremy Wall 2020-12-01 15:08:33 -05:00
parent 4c5809c8a5
commit 4a72dd531e
3 changed files with 28 additions and 18 deletions

View File

@ -1,16 +1,16 @@
stages:
- test
- build
- staging
build:
stage: build
image: node:14.5.0
variables:
NODE_OPTIONS: '--max_old_space_size=2048'
NODE_OPTIONS: "--max_old_space_size=2048"
script:
- cd ./src
- npm ci
- npm run-script build
- make build
artifacts:
paths:
- ./src/dist/dynamicbible
@ -19,9 +19,19 @@ test:
stage: test
image: walljm/node-chrome-headless:14.8.0
variables:
NODE_OPTIONS: '--max_old_space_size=2048'
NODE_OPTIONS: "--max_old_space_size=2048"
script:
- cd ./src
- npm ci
- npm run-script lint
- npm run-script test-headless
- make test
deploy-staging:
stage: staging
variables:
- gcloud_service_account_email
- gcloud_service_account_key
script:
- make deploy-staging
rules:
- if: '$CI_COMMIT_BRANCH == "master"'
when: on_success
allow_failure: false

View File

@ -1,17 +1,21 @@
output := dist/dynamicbible/
test:
npm ci
npm run-script lint
npm run-script test-headless
# For some reason karma is unable to connect to the browser here.
# I don't want to debug so not using test as a dependency.
build: test
build:
npm ci
npm run-script build
deploy-prod: build
authorize-service-account:
gcloud auth activate-service-account ${gcloud_service_account_email} --key-file=${gcloud_service_account_key} | tee authorize.log
deploy-prod: build authorize-service-account
gsutil -m rsync -d -r ${output} gs://dynamicbible.com
deploy-staging: build
deploy-staging: build authorize-service-account
gsutil -m rsync -d -r ${output} gs://staging.dynamicbible.com
update-bucket-configs: gcloud/buckets.yaml

View File

@ -35,15 +35,11 @@ resources:
role: WRITER
- entity: "project-viewers-dynamicbible-7c6cf"
role: READER
- entity: "user-$(ref.gitlab-service-account.email)"
role: WRITER
defaultObjectAcl:
- entity: allUsers
role: READER
accessControl:
gcpIamPolicy:
bindings:
- role: roles/dynamicbible_publish
members:
- "serviceAccount:$(ref.gitlab-service-account.email)"
- name: gitlab-service-account
type: iam.v1.serviceAccount
properties: