From 1d05cfd590bab9ea79a75c8dda1f6bbda79e36ee Mon Sep 17 00:00:00 2001 From: Dimitra Chatzichrysou <dimitra.chatzichrysou@cern.ch> Date: Fri, 6 Nov 2020 09:54:25 +0000 Subject: [PATCH] [#18] Refactor CI to match deployment in notifications-infra --- .gitlab-ci.yml | 253 +++++++++++++++++++++++++++---------------------- 1 file changed, 140 insertions(+), 113 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 11ebcee3..82c3a0fa 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,25 +1,18 @@ variables: NAMESPACE_DEV: test-notifications-service - NAMESPACE_QA: notifications-service-qa - NAMESPACE_PROD: notifications-service - OPENSHIFT_SERVER_PROD: https://openshift.cern.ch OPENSHIFT_SERVER_DEV: https://openshift-dev.cern.ch BUILD_ENV_DEV: dev - BUILD_ENV_PROD: production - BUILD_ENV_QA: qa - QA_TAG: qa DEV_TAG: dev - RESOURCE: ${CI_PROJECT_NAME} - APP_NAME: ${CI_PROJECT_NAME} + RESOURCE: web-portal-image-stream stages: - #- test - - build - - build_docker - - deploy + - Build_App + - Build + - Tag_Image + - Import_Image -.build_template: &build_definition - stage: build +.build_app: + stage: Build_App image: node:12-alpine script: - yarn install @@ -28,130 +21,164 @@ stages: paths: - build -.docker_build_template: &docker_definition - stage: build_docker +.build: + stage: Build tags: - docker-image-build - script: "echo building $CI_REGISTRY_IMAGE for keycloak-rest-adapter" # No empty scripts are allowed + script: + - "echo 'Building docker image'" -.deploy_template: &deploy_definition - stage: deploy +# If a new tag is pushed it needs to be referenced into the ImageStream +.tag_image: + stage: Tag_Image image: gitlab-registry.cern.ch/paas-tools/openshift-client:latest script: - - LOWERCASE_PATH=$(echo ${CI_PROJECT_PATH} | awk '{ print tolower($0) } ') - # Adding || true to disable the error message when the image already exists - - oc import-image ${APP_NAME} --from="gitlab-registry.cern.ch/${LOWERCASE_PATH}:${TAG}" --confirm --token=${TOKEN} --server=${OPENSHIFT_SERVER} -n ${NAMESPACE} || true - - oc tag "gitlab-registry.cern.ch/${LOWERCASE_PATH}:${TAG}" "${APP_NAME}:latest" --token=${TOKEN} --server=${OPENSHIFT_SERVER} -n ${NAMESPACE} - -### Testing + - oc tag --source=docker ${CI_REGISTRY_IMAGE}:${CI_REGISTRY_TAG} ${RESOURCE}:${TAG} --token=${TOKEN} --server=${OPENSHIFT_SERVER} -n ${NAMESPACE} -# test: -# stage: test -# image: "python:3.7-slim" -# before_script: -# - pip install -r requirements.txt -# - pip install -r test-requirements.txt -# script: -# - pytest -# services: -# - name: gitlab-registry.cern.ch/authzsvc/docker-images/keycloak -# alias: keycloak -# variables: -# KEYCLOAK_USER: "admin" -# KEYCLOAK_PASSWORD: "admin" - -### React build definitions +# Import image to OpenShift. +.import_image: + stage: Import_Image + image: gitlab-registry.cern.ch/paas-tools/openshift-client:latest + script: + - oc import-image ${RESOURCE}:${TAG} --token=${TOKEN} --server=${OPENSHIFT_SERVER} -n ${NAMESPACE} -build_dev: - <<: *build_definition +build_app: + extends: .build_app variables: BUILD_ENV: ${BUILD_ENV_DEV} - except: - - master - -build_qa: - <<: *build_definition + rules: + - if: $CI_MERGE_REQUEST_ID + when: manual + - if: $CI_COMMIT_TAG || $CI_COMMIT_BRANCH == 'master' + - when: never + +# Build image and store it in the registry. +build: + extends: .build variables: - BUILD_ENV: ${BUILD_ENV_QA} - only: - - master - -build_prod: - <<: *build_definition + TO: ${CI_REGISTRY_IMAGE}:${CI_COMMIT_SHORT_SHA} + rules: + - if: $CI_COMMIT_BRANCH == 'master' + - when: never + +# Build MR image and store it in the registry. +build_test_image: + extends: .build variables: - BUILD_ENV: ${BUILD_ENV_PROD} - only: - - tags - - - - -### Docker build definitions - -build_docker_dev: - <<: *docker_definition + TO: ${CI_REGISTRY_IMAGE}:${CI_COMMIT_REF_SLUG} + rules: + - if: $CI_MERGE_REQUEST_ID + when: manual + allow_failure: true + - when: never + +# Build dev image and store it in the registry. +build_dev_image: + extends: .build variables: TO: ${CI_REGISTRY_IMAGE}:${DEV_TAG} - except: - - master + rules: + - if: $CI_COMMIT_BRANCH == 'master' + - when: never -build_docker_qa: - <<: *docker_definition - variables: - TO: ${CI_REGISTRY_IMAGE}:${QA_TAG} - only: - - master - -build_docker_prod: - <<: *docker_definition +# Build tagged image and store it in the registry. +build_tagged_image: + extends: .build variables: TO: ${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG} - only: - - tags # the branch you want to publish + rules: + - if: $CI_COMMIT_TAG + - when: never -### Deployment definitions - -deploy_dev: - <<: *deploy_definition +# Create tag for MR image in OpenShift DEV. +tag_test_image_dev: + extends: .tag_image + environment: + name: branch/$CI_COMMIT_REF_SLUG variables: - ENVIRONMENT: dev - OPENSHIFT_SERVER: ${OPENSHIFT_SERVER_DEV} + CI_REGISTRY_TAG: $CI_COMMIT_REF_SLUG + TAG: $CI_COMMIT_REF_SLUG TOKEN: ${OPENSHIFT_DEV_TOKEN} NAMESPACE: ${NAMESPACE_DEV} + OPENSHIFT_SERVER: ${OPENSHIFT_SERVER_DEV} + rules: + - if: $CI_MERGE_REQUEST_ID + when: manual + allow_failure: true + - when: never + +# Create tag for dev image in OpenShift DEV. +tag_dev_image_dev: + extends: .tag_image + environment: + name: dev + variables: + CI_REGISTRY_TAG: ${DEV_TAG} TAG: ${DEV_TAG} - ROUTE_HOSTNAME: https://${NAMESPACE_DEV}.web.cern.ch + TOKEN: ${OPENSHIFT_DEV_TOKEN} + NAMESPACE: ${NAMESPACE_DEV} + OPENSHIFT_SERVER: ${OPENSHIFT_SERVER_DEV} + rules: + - if: $CI_COMMIT_BRANCH == 'master' + - when: never + +# Create tag for tagged image in OpenShift DEV. +tag_tagged_image_dev: + extends: .tag_image environment: name: dev - url: https://${NAMESPACE_DEV}.web.cern.ch - only: - - dev + variables: + CI_REGISTRY_TAG: $CI_COMMIT_TAG + TAG: $CI_COMMIT_TAG + TOKEN: ${OPENSHIFT_DEV_TOKEN} + NAMESPACE: ${NAMESPACE_DEV} + OPENSHIFT_SERVER: ${OPENSHIFT_SERVER_DEV} + rules: + - if: $CI_COMMIT_TAG + - when: never -deploy_qa: - <<: *deploy_definition +# Import MR image into OpenShift DEV. +import_test_image_dev: + extends: .import_image + environment: + name: branch/$CI_COMMIT_REF_SLUG variables: - ENVIRONMENT: qa - TOKEN: ${OPENSHIFT_QA_TOKEN} - OPENSHIFT_SERVER: ${OPENSHIFT_SERVER_PROD} - NAMESPACE: ${NAMESPACE_QA} - TAG: ${QA_TAG} - ROUTE_HOSTNAME: https://${NAMESPACE_QA}.web.cern.ch + TAG: $CI_COMMIT_REF_SLUG + TOKEN: ${OPENSHIFT_DEV_TOKEN} + NAMESPACE: ${NAMESPACE_DEV} + OPENSHIFT_SERVER: ${OPENSHIFT_SERVER_DEV} + rules: + - if: $CI_MERGE_REQUEST_ID + when: manual + allow_failure: true + - when: never + +# Import dev image into OpenShift DEV. +import_dev_image_dev: + extends: .import_image environment: - name: qa - url: https://${NAMESPACE_QA}.web.cern.ch - only: - - master - -deploy_prod: - <<: *deploy_definition + name: dev + url: https://${NAMESPACE_DEV}.web.cern.ch variables: - TOKEN: ${OPENSHIFT_PROD_TOKEN} - OPENSHIFT_SERVER: ${OPENSHIFT_SERVER_PROD} - NAMESPACE: ${NAMESPACE_PROD} - TAG: ${CI_COMMIT_TAG} - ROUTE_HOSTNAME: https://${NAMESPACE_PROD}.web.cern.ch + TAG: ${DEV_TAG} + TOKEN: ${OPENSHIFT_DEV_TOKEN} + NAMESPACE: ${NAMESPACE_DEV} + OPENSHIFT_SERVER: ${OPENSHIFT_SERVER_DEV} + rules: + - if: $CI_COMMIT_BRANCH == 'master' + - when: never + +# Import tagged image into OpenShift DEV. +import_tagged_image_dev: + extends: .import_image environment: - name: production - url: https://${NAMESPACE_PROD}.web.cern.ch - only: - - tags - + name: dev + url: https://${NAMESPACE_DEV}.web.cern.ch + variables: + TAG: $CI_COMMIT_TAG + TOKEN: ${OPENSHIFT_DEV_TOKEN} + NAMESPACE: ${NAMESPACE_DEV} + OPENSHIFT_SERVER: ${OPENSHIFT_SERVER_DEV} + rules: + - if: $CI_COMMIT_TAG + - when: never -- GitLab