I want to run a CI/CD pipeline from GitLab to my app on the DO App Platform. There is nothing in the docs, and the only post I’ve seen about SSH and the App Platform suggests it’s not possible. Do I need to run the app from a Droplet? Or is there a work-around?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hello,
Indeed SSH access is not available to the App platform.
What I usually do is to use a repository on GitLab and auto-deploy + build directly on the App platform:
- Run any CI checks in GitLab on each merge request
- Only if the checks pass, I would merge the changes to my main branch
- Merging any changes to the main branch, would then trigger an auto-deployment to the App platform.
https://www.digitalocean.com/blog/introducing-gitlab-integration-for-digitalocean-app-platform
If this is not what you have in mind, can you share more information regarding your pipeline and what exactly are you looking to achieve?
Personally, I would use a Droplet for any specific CI checks.
Best,
Bobby
Thanks, @bobbyiliev. I set up the App according to the DO instructions. On running the linter syntax is valid, GitLab CI configuration is valid, and .gitlab-ci.yml passes the pipeline. The CI failure seems to occur before build_and_deploy. I am using rollup, and the app builds and runs properly on my local machine. I’m working on debugging now, but it’s just as likely I botched the App Spec in DO. Here is the .gitlab-ci.yml:
image: node:latest
cache:
paths:
- node_modules/
stages:
- lint
- test
- build_and_deploy
before_script:
# Check for ssh-agent + rsync and install if not present
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
- 'which rsync || ( apt-get update -y && apt-get install rsync -y )'
- eval $(ssh-agent -s)
- npm install
lint:
stage: lint
script:
- npm run lint
test:
stage: test
script:
- npm run test
build_and_deploy:
stage: build_and_deploy
environment: production
script:
# Inject the remote's private key
- echo "$DIGITAL_OCEAN_SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
# Append keyscan output into known hosts
- ssh-keyscan $DIGITAL_OCEAN_SERVER_IP >> ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
- npm run build
- rsync -avuz --exclude=".*" $CI_PROJECT_DIR $DIGITAL_OCEAN_SERVER_USER@$DIGITAL_OCEAN_SERVER_IP:~
# Non interactive ssh gracefully reloads server
# shouldn't need to do this with our django server.
- ssh $DIGITAL_OCEAN_SERVER_USER@$DIGITAL_OCEAN_SERVER_IP '. /etc/profile; service nginx restart'
only:
# Trigger deployments only from master branch
- master
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.