.gitlab-ci.yml 5.43 KB
Newer Older
1

2
3
variables:

4
5
6
7
8
9
10
  ### Disable cache in Docker builds, as this has occasionally resulted in images not containing what was
  ### expected multiple MRs where being built/retried.
  NO_CACHE: 'true'
  ### Replace RESOURCE with the name of the image you want to build and publish in OpenShift
  ### Important! In order for this template to work, the name of the gitlab repo must match
  ### also the variable name
  RESOURCE: cern-search-rest-api
11
  ### OpenShift namespace and server values
12
13
  NAMESPACE_DEV: cern-search-master
  OPENSHIFT_SERVER_DEV: https://openshift.cern.ch
14
15
  NAMESPACE_PROD: cern-search-master
  OPENSHIFT_SERVER_PROD: https://openshift.cern.ch
16

17

18
19
20
### By default, there are 6 stages that we may use:
### Feel free to adapt this to your specific case.
stages:
21
  - build_base
22
  - build
23
24
25
  - tag_image
  - import_image # This stage is only used when the built image is stored in the GitLab Registry
  - deploy
Carina Antunes's avatar
Carina Antunes committed
26
  - test
27

28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
### 'Build Base' stage
### Builds the base docker image and tags it according to the commit message.
build_base_image:
  stage: build_base
  only:
    changes:
      - Dockerfile-base
      - Pipfile
      - Pipfile.lock
  tags:
    - docker-image-build
  script: 'echo "Building base Docker image..."'
  variables:
    DOCKER_FILE: Dockerfile-base
    TO: gitlab-registry.cern.ch/webservices/cern-search/cern-search-rest-api/cern-search-rest-api-base:${CI_COMMIT_SHA}

44
45
46
### 'Build' stage
### Build the image and store it in the registry. It is important that this step
### doesn't override the image the applications are running, as we haven't tested the image yet
47
########## DEV ##########
48
49
50
build_dev_version:
  stage: build
  except:
51
52
53
54
55
56
57
    refs:
      - tags
      - master
    changes:
      - Dockerfile-base
      - Pipfile
      - Pipfile.lock
58
  environment: staging
59
60
  tags:
    - docker-image-build
Pablo Panero's avatar
Pablo Panero committed
61
  script: 'echo "Building Dev/QA Docker image..."'
62
  variables:
63
    BUILD_ARG: build_env=dev
64

65
66
67
68
69
70
71
72
73
########## PROD ##########
build_prod_version:
  stage: build
  only:
    - master
  environment: master
  tags:
    - docker-image-build
  script: 'echo "Building Prod Docker image..."'
74
75
  variables:
    BUILD_ARG: build_env=prod
76

77
########## ALL ##########
78
79
80
81
82
83
84
### When building tags, use the git tag as the docker tag of the image
build_tagged_version:
  stage: build
  only:
    - tags
  tags:
    - docker-image-build
85
  script: 'echo "Building Docker image..."'
86
87
  variables:
    TO: ${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG}
88

89
########## DEV ##########
Pablo Panero's avatar
Pablo Panero committed
90
### If a new tag is pushed it needs to be referenced into the ImageStream
91
tag_image_dev: &tag_image_openshift
92
93
94
95
96
97
  stage: tag_image
  only:
  - tags
  environment: staging
  image: gitlab-registry.cern.ch/paas-tools/openshift-client:latest
  script:
98
    - oc tag --source=docker ${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG} ${RESOURCE}:${CI_COMMIT_TAG} --token=${TOKEN} --server=${OPENSHIFT_SERVER} -n ${NAMESPACE}
99
  variables:
100
    TOKEN: ${SERVICE_ACCOUNT_TOKEN_PROD}
101
    NAMESPACE: ${NAMESPACE_DEV}
102
103
104
105
106
107
108
109
    OPENSHIFT_SERVER: ${OPENSHIFT_SERVER_DEV}

########## PROD ##########
### If a new tag is pushed it needs to be referenced into the ImageStream
tag_image_prod:
  <<: *tag_image_openshift
  variables:
    TOKEN: ${SERVICE_ACCOUNT_TOKEN_PROD}
110
    NAMESPACE: ${NAMESPACE_PROD}
111
    OPENSHIFT_SERVER: ${OPENSHIFT_SERVER_PROD}
112

113
########## DEV ##########
114
### Import image into OpenShift. Import $CI_COMMIT_TAG if present or 'latest' if not.
115
import_image_dev:
116
  stage: import_image
117
118
119
120
121
  except:
    changes:
      - Dockerfile\-base
      - Pipfile
      - Pipfile.lock
122
  environment: staging
123
124
125
126
  image: gitlab-registry.cern.ch/paas-tools/openshift-client:latest
  script:
    - oc import-image ${RESOURCE}:${CI_COMMIT_TAG:-latest} --token=${TOKEN} --server=${OPENSHIFT_SERVER} -n ${NAMESPACE}
  variables:
127
    TOKEN: ${SERVICE_ACCOUNT_TOKEN_PROD}
128
129
130
131
132
133
    OPENSHIFT_SERVER: ${OPENSHIFT_SERVER_DEV}
    NAMESPACE: ${NAMESPACE_DEV}

########## PROD ##########
### Import image into OpenShift. Import $CI_COMMIT_TAG if present or 'latest' if not.
import_image_prod:
134
135
136
137
138
139
140
  stage: import_image
  environment: master
  only:
  - tags
  image: gitlab-registry.cern.ch/paas-tools/openshift-client:latest
  script:
    - oc import-image ${RESOURCE}:${CI_COMMIT_TAG:-latest} --token=${TOKEN} --server=${OPENSHIFT_SERVER} -n ${NAMESPACE}
141
142
143
  variables:
    TOKEN: ${SERVICE_ACCOUNT_TOKEN_PROD}
    OPENSHIFT_SERVER: ${OPENSHIFT_SERVER_PROD}
144
    NAMESPACE: ${NAMESPACE_PROD}
145
146
147
148
149
150
151
152

########## PROD ##########
deploy_production:
  stage: deploy
  environment: production
  only:
  - tags
  when: manual
153
154
  image: gitlab-registry.cern.ch/paas-tools/openshift-client:latest
  script:
155
    - oc --token=${TOKEN} --server=${OPENSHIFT_SERVER} -n ${NAMESPACE} tag ${RESOURCE}:${CI_COMMIT_TAG} ${RESOURCE}:stable
156
  variables:
157
158
    TOKEN: ${SERVICE_ACCOUNT_TOKEN_PROD}
    OPENSHIFT_SERVER: ${OPENSHIFT_SERVER_PROD}
159
    NAMESPACE: ${NAMESPACE_PROD}
160
    GIT_STRATEGY: none
Carina Antunes's avatar
Carina Antunes committed
161
162

########## MERGE REQUESTS ##########
Carina Antunes's avatar
Carina Antunes committed
163
lint:
Carina Antunes's avatar
Carina Antunes committed
164
165
166
167
  services:
    - docker:dind
  stage: test
  image: tmaier/docker-compose:latest
Carina Antunes's avatar
Carina Antunes committed
168
  script: make build-env lint
Carina Antunes's avatar
Carina Antunes committed
169
170
171
172
173
174
175
176
177
178
  before_script:
    - docker info
    - docker-compose --version
    - apk add make
  only:
  - merge_requests
  - tags
  allow_failure: true
  tags:
    - docker-privileged-xl
Carina Antunes's avatar
Carina Antunes committed
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194

test:
  services:
    - docker:dind
  stage: test
  image: tmaier/docker-compose:latest
  script: make generate-certificates build-env populate-instance load-fixtures test
  before_script:
    - docker info
    - docker-compose --version
    - apk add make
    - apk add openssl
  only:
  - merge_requests
  tags:
    - docker-privileged-xl