-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.gitlab-ci-auto-deploy-to-prod.yml
192 lines (182 loc) · 5.95 KB
/
.gitlab-ci-auto-deploy-to-prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
image: alpine:latest
stages:
- build
- test
- review
- release
- staging
- production
- cleanup
.extended_build:
image: docker:git
services:
- docker:18.09.7-dind
variables:
DOCKER_DRIVER: overlay2
CI_APPLICATION_REPOSITORY: $CI_REGISTRY/$CI_PROJECT_PATH
CI_APPLICATION_TAG: $CI_COMMIT_REF_SLUG
CI_CONTAINER_NAME: ci_job_build_${CI_JOB_ID}
GITLAB_URL: "https://gitlab.reddit.voytenkov.ru/voitenkov"
before_script:
- >
if ! docker info &>/dev/null; then
if [ -z "$DOCKER_HOST" -a "$KUBERNETES_PORT" ]; then
export DOCKER_HOST='tcp://localhost:2375'
fi
fi
.extended_deploy:
image: dtzar/helm-kubectl:3.13
variables:
GIT_STRATEGY: none
KUBE_NAMESPACE: review
KUBE_CONTEXT: voitenkov/reddit-deploy:yc-k8s
host: $CI_PROJECT_PATH_SLUG-$CI_COMMIT_REF_SLUG
name: $CI_ENVIRONMENT_SLUG
before_script:
# installing dependencies
- apk add -U openssl curl tar gzip bash ca-certificates git
- wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub
- curl https://storage.googleapis.com/pub/gsutil.tar.gz | tar -xz -C $HOME
- export PATH=${PATH}:$HOME/gsutil
- curl -o /usr/bin/sync-repo.sh https://raw.githubusercontent.com/kubernetes/helm/master/scripts/sync-repo.sh
- chmod a+x /usr/bin/sync-repo.sh
# ensuring namespace
- kubectl config use-context $KUBE_CONTEXT
- kubectl describe namespace "$KUBE_NAMESPACE" || kubectl create namespace "$KUBE_NAMESPACE"
build:
stage: build
extends: .extended_build
script:
# Building
- echo "Building and pushing Dockerfile-based application..."
- echo `git show --format="%h" HEAD | head -1` > build_info.txt
- echo `git rev-parse --abbrev-ref HEAD` >> build_info.txt
- docker buildx build -t $CI_REGISTRY_IMAGE:$CI_APPLICATION_TAG --push .
- echo ""
only:
- branches
test:
stage: test
script:
- exit 0
only:
- branches
release:
stage: release
extends: .extended_build
script:
# Releasing
- echo "Updating docker images ..."
- docker pull "$CI_REGISTRY_IMAGE:$CI_COMMIT_SHA"
- docker tag "$CI_REGISTRY_IMAGE:$CI_COMMIT_SHA" "$CI_REGISTRY_IMAGE:$(cat VERSION)"
- docker push "$CI_REGISTRY_IMAGE:$(cat VERSION)"
# latest is needed for feature flags
- docker tag "$CI_REGISTRY_IMAGE:$CI_COMMIT_SHA" "$CI_REGISTRY_IMAGE:latest"
- docker push "$CI_REGISTRY_IMAGE:latest"
only:
- main
review:
stage: review
extends: .extended_deploy
environment:
name: review/$CI_PROJECT_PATH/$CI_COMMIT_REF_NAME
url: http://$CI_PROJECT_PATH_SLUG-$CI_COMMIT_REF_SLUG
on_stop: stop_review
script:
- export track="${1-stable}"
- >
if [[ "$track" != "stable" ]]; then
name="$name-$track"
fi
- echo "Clone deploy repository..."
- git clone https://gitlab.reddit.voytenkov.ru/voitenkov/reddit-deploy.git
- echo "Download helm dependencies..."
- helm dep update reddit-deploy/reddit
- echo "Deploy helm release $name to $KUBE_NAMESPACE"
- echo "Upgrading existing release..."
- >
helm upgrade --install \
--wait \
--atomic \
--set ui.ingress.host="$host" \
--set $CI_PROJECT_NAME.image.repository=$CI_REGISTRY_IMAGE \
--set $CI_PROJECT_NAME.image.tag=$CI_APPLICATION_TAG \
--namespace="$KUBE_NAMESPACE" \
--version="$CI_PIPELINE_ID-$CI_JOB_ID" \
"$name" \
reddit-deploy/reddit/
except:
- main
stop_review:
stage: cleanup
extends: .extended_deploy
environment:
name: review/$CI_PROJECT_PATH/$CI_COMMIT_REF_NAME
action: stop
script:
- export track="${1-stable}"
- helm delete "$name" --namespace="$KUBE_NAMESPACE" || true
when: manual
allow_failure: true
only:
- branches
except:
- main
staging:
stage: staging
extends: .extended_deploy
script:
- export track="${1-stable}"
- mkdir -p reddit/chats
- helm dep build reddit
- echo "Deploy helm release $name to $KUBE_NAMESPACE"
- >
helm upgrade --install --wait --atomic \
--set ui.ingress.host="$host" \
--set ui.image.repository=$CI_APPLICATION_REPOSITORY/ui \
--set ui.image.tag="$(curl https://gitlab.reddit.voytenkov.ru/voitenkov/ui/raw/main/VERSION)" \
--set post.image.repository=$CI_APPLICATION_REPOSITORY/post \
--set post.image.tag="$(curl https://gitlab.reddit.voytenkov.ru/voitenkov/post/raw/main/VERSION)" \
--set comment.image.repository=$CI_APPLICATION_REPOSITORY/comment \
--set comment.image.tag="$(curl https://gitlab.reddit.voytenkov.ru/voitenkov/comment/raw/main/VERSION)" \
--namespace="$KUBE_NAMESPACE" --create-namespace \
--version="$CI_PIPELINE_ID-$CI_JOB_ID" \
"$name" \
reddit/
environment:
name: staging
url: http://staging
only:
refs:
- main
except:
- triggers
production:
stage: production
extends: .extended_deploy
script:
- export track="${1-stable}"
- mkdir -p reddit/chats
- helm dep build reddit
- echo "Deploy helm release $name to $KUBE_NAMESPACE"
- >
helm upgrade --install --wait --atomic \
--set ui.ingress.host="$host" \
--set ui.image.repository=$CI_APPLICATION_REPOSITORY/ui \
--set ui.image.tag="$(curl https://gitlab.reddit.voytenkov.ru/voitenkov/ui/raw/main/VERSION)" \
--set post.image.repository=$CI_APPLICATION_REPOSITORY/post \
--set post.image.tag="$(curl https://gitlab.reddit.voytenkov.ru/voitenkov/post/raw/main/VERSION)" \
--set comment.image.repository=$CI_APPLICATION_REPOSITORY/comment \
--set comment.image.tag="$(curl https://gitlab.reddit.voytenkov.ru/voitenkov/comment/raw/main/VERSION)" \
--namespace="$KUBE_NAMESPACE" --create-namespace \
--version="$CI_PIPELINE_ID-$CI_JOB_ID" \
"$name" \
reddit/
environment:
name: production
url: http://production
only:
refs:
- main
except:
- triggers