This repository has been archived by the owner on Feb 3, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.ankra.yaml
213 lines (208 loc) · 6.7 KB
/
.ankra.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
# `Stages` are the order that the pipeline is executing the jobs. The each stage are executed sequentially.
stages:
# `build` is the stage
build:
# each item in this list is a job.
- image
- chart
tag:
- cleanup
- tag
predeploy:
- namespace
- cloudflare-credentials
- cloudflare-issuer
dev:
- dry-run
- deploy
# `Variables` are the environment variables that are used in the pipeline. The variables are available to all jobs. The variables can be overridden in the job level.
# Default Variables are available on top of these key/value.
variables:
# `VERSION` is the name of the global variable
- name: VERSION
# `options` are the options that the variable can be selected.
value: "$COMMIT_ID"
# `description` is the description of the variable. This will be displayed in the deploy page.
description: "Select your version."
- name: GIT_CREDENTIAL
value: "github"
description: "Credential to use for git related actions."
- name: TARGET
default: "dev"
options:
- "dev"
- "test"
- "prod"
description: "Which cluster to deploy to."
- name: BUILD
default: "false"
options:
- "true"
- "false"
- name: TAG
default: "false"
options:
- "true"
- "false"
description: "If application should be tagged."
- name: DEPLOY
default: "false"
options:
- "true"
- "false"
description: "If application and dependencies should be deployed."
- name: NAMESPACE
default: "test"
options:
- "test"
- "dev"
description: "Namespace to deploy in."
- name: SERVICE_URL
default: "myapp.myorg.ankra.app"
options:
- "myapp.myorg.ankra.app"
- "myapp.dev.myorg.ankra.app"
description: "Service URL to deploy in."
# `build` is the name of the stage.
build:
# `conditions` state the conditions that must be met to execute stage.
conditions:
# When handles general condition handling in UNIX format.
- when: "$BUILD"
# `target` is the cluster the stage is executed on.
target:
# `match` clusters on the parameters provided.
match:
# `name` is the name of the target
name: $TARGET
# `image` is the a job in this stage.
image:
# `docker` is the docker module.
docker:
# `actions` are the actions that the docker module will execute.
actions:
- action: build
name: $PROJECT_NAME/$APPLICATION_NAME
tag: $VERSION
chart:
# `helm` is the helm module.
helm:
# `actions` are the actions that the helm module will execute.
actions:
- action: package
path: $WORKSPACE/helm
push: true
# `tag` is the name of the stage.
tag:
# `conditions` state the conditions that must be met to execute stage.
conditions:
- when: "$TAG"
# `target` is the cluster the stage is executed on.
target:
match:
name: $TARGET
# `cleanup` is the a job in this stage. This job is executed to clean up any tag conflicts.
cleanup:
# `allow_failure` is the flag that the job is allowed to fail.
allow_failure: true
# `git` is the git module.
git:
# Keys defined at this level are global keys available to all actions.
provider: $GIT_PROVIDER
credential: $GIT_CREDENTIAL
tag: $VERSION
# `actions` are the actions that the git module is executed.
actions:
- action: delete_tag
- action: push_tag
# `tag` is the a job in this stage. This job is executed to create a tag.
tag:
git:
# Keys defined at this level are global keys available to all actions.
provider: $GIT_PROVIDER
credential: $GIT_CREDENTIAL
tag: $VERSION
actions:
- action: tag
message: "$APPLICATION_NAME $VERSION"
- action: push_tag
# `predeploy` is the name of the stage.
predeploy:
# `conditions` are the conditions that the stage is executed.
conditions:
- when: "$DEPLOY"
# `target` is the target that the stage is executed.
target:
match:
name: $TARGET
# `namespace` is the a job in this stage. This job is executed to create a namespace.
namespace:
# `script` is the script module.
script:
# `commands` are the commands that the script module is executed.
commands:
- if [[ ! $(kubectl get ns $NAMESPACE) ]]; then
kubectl create ns $NAMESPACE;
fi
# `cloudflare-credentials` is the a job in this stage. This job is executed to create a secret for cloudflare.
cloudflare-credentials:
# `secrets` are the secrets available to this job.
secrets:
- ORIGIN_KEY
script:
commands:
- if [[ ! $(kubectl get secret service-key -n $NAMESPACE) ]]; then
kubectl -n $NAMESPACE create secret generic service-key --from-literal key=${ORIGIN_KEY};
fi
# `cloudflare-issuer` is the a job in this stage. This job is executed to create a cloudflare issuer.
cloudflare-issuer:
# `secrets` are the secrets available to this job.
secrets:
- ORIGIN_KEY
script:
commands:
- kubectl -n $NAMESPACE apply -f https://artifact.infra.ankra.cloud/repository/ankra-install-public/manifests/origin-issuer.yaml
# `dev` is the stage.
dev:
# `conditions` are the conditions that the stage is executed.
conditions:
- when: "$DEPLOY"
# `target` is the target that the stage is executed.
target:
match:
name: $TARGET
# `dry-run` is the a job in this stage. This job is executed to deploy the helm chart in dry-run mode.
dry-run:
helm:
actions:
# `add_repository` is the action that adds a helm repository. This is used to add additional depedencies for the general flow.
- action: add_repository
name: common
url: https://charts.bitnami.com/bitnami
- action: upgrade
build_dependencies: true
name: $APPLICATION_NAME
namespace: $NAMESPACE
chart: $WORKSPACE/helm
dry_run: true
extra_args:
- --set image.tag=$VERSION
# `deploy` is the a job in this stage. This job is executed to deploy the helm chart.
deploy:
helm:
actions:
- action: add_repository
name: common
url: https://charts.bitnami.com/bitnami
- action: upgrade
name: $APPLICATION_NAME
namespace: $NAMESPACE
chart: $WORKSPACE/helm
build_dependencies: true
extra_args:
- --set image.tag=$VERSION
- --set fullnameOverride=$APPLICATION_NAME
- --set global.environment=prod
- --set ingress.hostname="$SERVICE_URL"
- --set ingress.external_dns.target="lb-$CLUSTER_ID.ankra.dev"
- --set commonLabels='ankra.app/external-dns: \"true\"'