-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy path.gitlab-ci.yml
223 lines (202 loc) · 9.53 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
variables:
GIT_SUBMODULE_STRATEGY: recursive
GOOGLE_TAG: eu.gcr.io/papers-kubernetes/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME:$CI_COMMIT_SHA
GOOGLE_TAG_LATEST: eu.gcr.io/papers-kubernetes/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME:latest
GOOGLE_TAG_DEV: eu.gcr.io/papers-dev-kubernetes/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME:$CI_COMMIT_SHA
GOOGLE_TAG_LATEST_DEV: eu.gcr.io/papers-dev-kubernetes/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME:latest
NAMESPACE: beacon-notification-backend
default:
image: docker/compose
services:
- docker:dind
stages:
- build
- test
- publish
- deploy
- provision
build:
stage: build
image: google/cloud-sdk
before_script:
- echo $GCLOUD_GOOGLE_KEY > key.json
- gcloud auth activate-service-account $GCLOUD_ACCOUNT --key-file key.json
- gcloud config set project $GCLOUD_PROJECT
- gcloud config set account $GCLOUD_ACCOUNT
- gcloud config set compute/zone $GCLOUD_ZONE
- gcloud auth configure-docker
script:
- docker build --cache-from $GOOGLE_TAG_LATEST -t $GOOGLE_TAG .
- docker tag $GOOGLE_TAG $GOOGLE_TAG_LATEST
- docker push $GOOGLE_TAG
- docker push $GOOGLE_TAG_LATEST
tags:
- docker
test:
stage: test
variables:
POSTGRES_DB: "postgres"
POSTGRES_USER: "postgres"
POSTGRES_PASSWORD: "postgres"
services:
- postgres:9.6
before_script:
- docker rm -f unit-$CI_COMMIT_SHA || true
script:
- docker run --name unit-$CI_COMMIT_SHA -e POSTGRES_DBNAME=postgres -e POSTGRES_HOST=$POSTGRES_PORT_5432_TCP_ADDR $GOOGLE_TAG /bin/bash -c "npm run test:cov"
- docker run --name e2e-$CI_COMMIT_SHA -e POSTGRES_DBNAME=postgres -e POSTGRES_HOST=$POSTGRES_PORT_5432_TCP_ADDR $GOOGLE_TAG /bin/bash -c "npm run test:e2e"
# - docker run --name lint-$CI_COMMIT_SHA $GOOGLE_TAG npm run lint-ci
# - docker cp unit-$CI_COMMIT_SHA:/app/coverage/lcov.info lcov.info
# - docker cp lint-$CI_COMMIT_SHA:/app/lintReport.json lintReport.json
after_script:
- docker rm -f unit-$CI_COMMIT_SHA || true
- docker rm -f lint-$CI_COMMIT_SHA || true
- docker rm -f postgres-$CI_COMMIT_SHA || true
tags:
- docker
# artifacts:
# paths:
# - lcov.info
# - lintReport.json
publish-dev:
stage: publish
only:
- master
- develop
image: google/cloud-sdk
before_script:
- echo $GCLOUD_GOOGLE_KEY_DEV > key.json
- gcloud auth activate-service-account $GCLOUD_ACCOUNT_DEV --key-file key.json
- gcloud config set account $GCLOUD_ACCOUNT_DEV
- gcloud config set project $GCLOUD_PROJECT_DEV
- gcloud config set compute/zone $GCLOUD_ZONE
- gcloud auth configure-docker
script:
- docker tag $GOOGLE_TAG $GOOGLE_TAG_DEV
- docker tag $GOOGLE_TAG $GOOGLE_TAG_LATEST_DEV
- docker push $GOOGLE_TAG_DEV
- docker push $GOOGLE_TAG_LATEST_DEV
tags:
- docker
publish-prod:
stage: publish
image: google/cloud-sdk
before_script:
- echo $GCLOUD_GOOGLE_KEY > key.json
- gcloud auth activate-service-account $GCLOUD_ACCOUNT --key-file key.json
- gcloud config set account $GCLOUD_ACCOUNT
- gcloud config set project $GCLOUD_PROJECT
- gcloud config set compute/zone $GCLOUD_ZONE
- gcloud auth configure-docker
script:
- docker tag $GOOGLE_TAG $GOOGLE_TAG_LATEST
- docker push $GOOGLE_TAG
- docker push $GOOGLE_TAG_LATEST
only:
- master
tags:
- docker
k8s-deploy-development:
stage: deploy
when: manual
only:
- master
- develop
image: google/cloud-sdk
before_script:
- echo $GCLOUD_GOOGLE_KEY_DEV > key.json
- gcloud auth activate-service-account $GCLOUD_ACCOUNT_DEV --key-file key.json
- gcloud config set account $GCLOUD_ACCOUNT_DEV
- gcloud config set project $GCLOUD_PROJECT_DEV
- gcloud config set compute/zone $GCLOUD_ZONE
- gcloud container clusters get-credentials papers-cluster-development
script:
- find k8s -type f -name \*.yaml -exec sed -i "s|__TO_BE_REPLACED_BY_IMAGE_TAG__|"$GOOGLE_TAG_DEV"|g" {} +
- find k8s -type f -name \*.yaml -exec sed -i "s|__NAMESPACE_NAME__|"$NAMESPACE"|g" {} +
- find k8s -type f -name \*.yaml -exec sed -i "s|__TX_BACKEND_URL__|"$TX_BACKEND_URL_DEV"|g" {} +
- find k8s -type f -name \*.yaml -exec sed -i "s|__TX_BACKEND_TOKEN__|"$TX_BACKEND_TOKEN_DEV"|g" {} +
- find k8s -type f -name \*.yaml -exec sed -i "s|__POSTGRES_PASSWORD__|"$POSTGRES_DEV_PW"|g" {} +
- find k8s -type f -name \*.yaml -exec sed -i "s|__POSTGRES_DB_NAME__|"$POSTGRES_DB_NAME_DEV"|g" {} +
- find k8s -type f -name \*.yaml -exec sed -i "s|__POSTGRES_USERNAME__|"$POSTGRES_USERNAME_DEV"|g" {} +
- kubectl apply -f k8s/beacon/common/namespace.yaml
- kubectl apply -f k8s/beacon/development/ --recursive
- kubectl apply -f k8s/beacon/common/ --recursive
tags:
- docker
environment:
name: beacon-notification-backend-development
url: https://beacon-notification-backend.dev.gke.papers.tech/
k8s-deploy-production:
stage: deploy
when: manual
only:
- master
- develop
image: google/cloud-sdk
before_script:
- echo $GCLOUD_GOOGLE_KEY > key.json
- gcloud auth activate-service-account $GCLOUD_ACCOUNT --key-file key.json
- gcloud config set account $GCLOUD_ACCOUNT
- gcloud config set project $GCLOUD_PROJECT
- gcloud config set compute/zone $GCLOUD_ZONE
- gcloud container clusters get-credentials papers-cluster-production
script:
- find k8s -type f -name \*.yaml -exec sed -i "s|__TO_BE_REPLACED_BY_IMAGE_TAG__|"$GOOGLE_TAG"|g" {} +
- find k8s -type f -name \*.yaml -exec sed -i "s|__NAMESPACE_NAME__|"$NAMESPACE"|g" {} +
- find k8s -type f -name \*.yaml -exec sed -i "s|__TX_BACKEND_URL__|"$TX_BACKEND_URL_PROD"|g" {} +
- find k8s -type f -name \*.yaml -exec sed -i "s|__TX_BACKEND_TOKEN__|"$TX_BACKEND_TOKEN_PROD"|g" {} +
- find k8s -type f -name \*.yaml -exec sed -i "s|__POSTGRES_PASSWORD__|"$POSTGRES_PROD_PW"|g" {} +
- find k8s -type f -name \*.yaml -exec sed -i "s|__POSTGRES_DB_NAME__|"$POSTGRES_DB_NAME_PROD"|g" {} +
- find k8s -type f -name \*.yaml -exec sed -i "s|__POSTGRES_USERNAME__|"$POSTGRES_USERNAME_PROD"|g" {} +
- kubectl apply -f k8s/beacon/common/namespace.yaml
- kubectl apply -f k8s/beacon/production/ --recursive
- kubectl apply -f k8s/beacon/common/ --recursive
tags:
- docker
environment:
name: beacon-notification-backend-production
url: https://beacon-notification-backend.prod.gke.papers.tech/
provision-db-development:
stage: provision
only:
- develop
- master
when: manual
image: google/cloud-sdk
before_script:
- echo $GCLOUD_GOOGLE_KEY_DEV > key.json
- gcloud auth activate-service-account $GCLOUD_ACCOUNT_DEV --key-file key.json
- gcloud config set account $GCLOUD_ACCOUNT_DEV
- gcloud config set project $GCLOUD_PROJECT_DEV
- gcloud config set compute/zone $GCLOUD_ZONE
- gcloud container clusters get-credentials papers-cluster-development
- export STOLON_PROXY=$(kubectl get pods --namespace postgres | grep postgres | awk 'NR==1{print $1}')
script:
- kubectl exec -n postgres $STOLON_PROXY -- bash -c "export PGPASSWORD=$PG_DEV_MASTER_PASSWORD && psql --host=localhost --username=$PG_DEV_MASTER_USERNAME_2 postgres -c \"CREATE DATABASE $POSTGRES_DB_NAME_DEV\"" || true
- kubectl exec -n postgres $STOLON_PROXY -- bash -c "export PGPASSWORD=$PG_DEV_MASTER_PASSWORD && psql --host=localhost --username=$PG_DEV_MASTER_USERNAME_2 postgres -c \"CREATE USER $POSTGRES_USERNAME_DEV WITH ENCRYPTED PASSWORD '$POSTGRES_DEV_PW'\"" || true
- kubectl exec -n postgres $STOLON_PROXY -- bash -c "export PGPASSWORD=$PG_DEV_MASTER_PASSWORD && psql --host=localhost --username=$PG_DEV_MASTER_USERNAME_2 postgres -c \"GRANT ALL PRIVILEGES ON DATABASE $POSTGRES_DB_NAME_DEV to $POSTGRES_USERNAME_DEV\"" || true
# for newer typorm features / because of old postgres version
- kubectl exec -n postgres $STOLON_PROXY -- bash -c "export PGPASSWORD=$PG_DEV_MASTER_PASSWORD && psql --host=localhost --username=$PG_DEV_MASTER_USERNAME_2 postgres -c \"CREATE EXTENSION IF NOT EXISTS \"uuid_ossp\";\"" || true
tags:
- docker
provision-db-production:
stage: provision
only:
- master
when: manual
image: google/cloud-sdk
before_script:
- echo $GCLOUD_GOOGLE_KEY > key.json
- gcloud auth activate-service-account $GCLOUD_ACCOUNT --key-file key.json
- gcloud config set account $GCLOUD_ACCOUNT
- gcloud config set project $GCLOUD_PROJECT
- gcloud config set compute/zone $GCLOUD_ZONE
- gcloud container clusters get-credentials papers-cluster-production
- export STOLON_PROXY=$(kubectl get pods | grep stolon-proxy | awk 'NR==1{print $1}')
script:
- kubectl exec $STOLON_PROXY -- bash -c "export PGPASSWORD=$PG_PROD_MASTER_PASSWORD && psql --host=localhost --username=$PG_PROD_MASTER_USERNAME postgres -c \"CREATE DATABASE $POSTGRES_DB_NAME_PROD\"" || true
- kubectl exec $STOLON_PROXY -- bash -c "export PGPASSWORD=$PG_PROD_MASTER_PASSWORD && psql --host=localhost --username=$PG_PROD_MASTER_USERNAME postgres -c \"CREATE USER $POSTGRES_USERNAME_PROD WITH ENCRYPTED PASSWORD '$POSTGRES_PROD_PW'\"" || true
- kubectl exec $STOLON_PROXY -- bash -c "export PGPASSWORD=$PG_PROD_MASTER_PASSWORD && psql --host=localhost --username=$PG_PROD_MASTER_USERNAME postgres -c \"GRANT ALL PRIVILEGES ON DATABASE $POSTGRES_DB_NAME_PROD to $POSTGRES_USERNAME_PROD\"" || true
- kubectl exec $STOLON_PROXY -- bash -c "export PGPASSWORD=$PG_PROD_MASTER_PASSWORD && psql --host=localhost --username=$PG_PROD_MASTER_USERNAME --dbname=$POSTGRES_DB_NAME_PROD postgres -c 'CREATE EXTENSION IF NOT EXISTS \"uuid-ossp\"'" || true
tags:
- docker