Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix/1107 circleci deploy #154

Merged
merged 21 commits into from
Feb 25, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 0 additions & 47 deletions .circleci/_set_up_deploy_envs.sh

This file was deleted.

159 changes: 33 additions & 126 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,14 @@
# CircleCI v2.1 Config
version: 2.1

##
# orbs
#
# Orbs used in this pipeline
###
orbs:
anchore: anchore/anchore-engine@1.6.0
deploy-kube: mojaloop/deployment@0.1.6

##
# defaults
Expand All @@ -28,105 +35,12 @@ defaults_awsCliDependencies: &defaults_awsCliDependencies |
pip install --upgrade awscli==1.14.5 s3cmd==2.0.1 python-magic
apk -v --purge del py-pip

defaults_build_docker_build: &defaults_build_docker_build
name: Build Docker $CIRCLE_TAG image
command: |
echo "Building Docker image: $CIRCLE_TAG"
docker build -t $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG .

defaults_build_docker_login: &defaults_build_docker_login
name: Login to Docker Hub
command: |
docker login -u $DOCKER_USER -p $DOCKER_PASS

defaults_build_docker_publish: &defaults_build_docker_publish
name: Publish Docker image $CIRCLE_TAG & Latest tag to Docker Hub
command: |
echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG"
docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG"
docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG

defaults_deploy_config_kubernetes_cluster: &defaults_deploy_config_kubernetes_cluster
name: Configure Kubernetes cluster
command: |
echo "Configure Kubernetes cluster ${K8_CLUSTER_NAME}"
kubectl config set-cluster $K8_CLUSTER_NAME --server=$K8_CLUSTER_SERVER --insecure-skip-tls-verify=true

defaults_deploy_config_kubernetes_context: &defaults_deploy_config_kubernetes_context
name: Confi gure Kubernetes context
command: |
echo "Configure Kubernetes context ${K8_CLUSTER_NAME}"
kubectl config set-context $K8_CLUSTER_NAME --cluster=$K8_CLUSTER_NAME --user=$K8_USER_NAME --namespace=$K8_NAMESPACE

defaults_deploy_config_kubernetes_credentials: &defaults_deploy_config_kubernetes_credentials
name: Configure Kubernetes credentails
command: |
echo "Configure Kubernetes credentials ${K8_USER_NAME}"
if [ ! -z "$K8_USER_TOKEN" ];
then
echo "Configure Kubernetes credentials ${K8_USER_NAME} using Token"
kubectl config set-credentials $K8_USER_NAME --token=$K8_USER_TOKEN
else
echo "Configure Kubernetes credentials ${K8_USER_NAME} using Certs"
kubectl config set-credentials $K8_USER_NAME --client-certificate=$CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS/$K8_USER_PEM_CERT_FILENAME --client-key=$CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS/$K8_USER_PEM_KEY_FILENAME
fi

defaults_deploy_configure_helm: &defaults_deploy_configure_helm
name: Configure Helm
command: |
helm init --client-only

defaults_deploy_install_or_upgrade_helm_chart: &defaults_deploy_install_or_upgrade_helm_chart
name: Install or Upgrade Helm Chart
command: |
echo "Install or Upgrade Chart ${K8_RELEASE_NAME} for Docker Image ${DOCKER_ORG}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_TAG}"
if [ -z "$(helm list -q | grep -E "^${K8_RELEASE_NAME}$")" ] && [ "$(helm list -q | grep -E "^${K8_RELEASE_NAME}$")" != "Error: Unauthorized" ];
then
echo "Installing ${K8_RELEASE_NAME} new release"
helm install --namespace=$K8_NAMESPACE --name=$K8_RELEASE_NAME --repo=$K8_HELM_REPO --version $K8_HELM_CHART_VERSION $HELM_VALUE_SET_VALUES -f $CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_HELM/$HELM_VALUE_FILENAME $K8_HELM_CHART_NAME
else
echo "Upgrading ${K8_RELEASE_NAME} release"
helm upgrade $K8_RELEASE_NAME --repo=$K8_HELM_REPO --version $K8_HELM_CHART_VERSION --reuse-values $HELM_VALUE_SET_VALUES -f $CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_HELM/$HELM_VALUE_FILENAME $K8_HELM_CHART_NAME
fi

defaults_deploy_prequisites: &defaults_deploy_prequisites
name: Copy deployment pre-requisites from S3 bucket
command: |
if [ -z "$K8_USER_TOKEN" ];
then
echo "Copying K8 keys into $AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS folder"
mkdir $CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS
aws s3 cp $AWS_S3_URI_DEVOPS_DEPLOYMENT_CONFIG/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS/$K8_USER_PEM_KEY_FILENAME $CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS/
aws s3 cp $AWS_S3_URI_DEVOPS_DEPLOYMENT_CONFIG/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS/$K8_USER_PEM_CERT_FILENAME $CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS/
else
echo "Skipping K8 keys into $AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_KEYS folder"
fi
echo "Copying Helm value file into $AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_HELM folder for $K8_RELEASE_NAME release"
mkdir $CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_HELM
aws s3 cp $AWS_S3_URI_DEVOPS_DEPLOYMENT_CONFIG/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_HELM/$HELM_VALUE_FILENAME $CIRCLE_WORKING_DIRECTORY/$AWS_S3_DIR_DEVOPS_DEPLOYMENT_CONFIG_HELM/

defaults_deploy_set_kubernetes_context: &defaults_deploy_set_kubernetes_context
name: Set Kubernetes context
command: |
echo "Configure Kubernetes context ${K8_CLUSTER_NAME}"
kubectl config use-context $K8_CLUSTER_NAME

defaults_license_scanner: &defaults_license_scanner
name: Install and set up license-scanner
command: |
git clone https://github.com/mojaloop/license-scanner /tmp/license-scanner
cd /tmp/license-scanner && make build default-files set-up

defaults_slack_announcement: &defaults_slack_announcement
name: Slack announcement for tag releases
command: |
curl -X POST \
$SLACK_WEBHOOK_ANNOUNCEMENT \
-H 'Content-type: application/json' \
-H 'cache-control: no-cache' \
-d "{\"text\": \"*${CIRCLE_PROJECT_REPONAME}* - Release \`${CIRCLE_TAG}\`: https://github.com/mojaloop/${CIRCLE_PROJECT_REPONAME}/releases/tag/${CIRCLE_TAG}\"}"

##
# Executors
#
Expand All @@ -142,11 +56,6 @@ executors:
machine:
image: ubuntu-1604:201903-01

helm-kube:
working_directory: /home/circleci/project
docker:
- image: hypnoglow/kubernetes-helm

##
# Jobs
#
Expand Down Expand Up @@ -273,7 +182,10 @@ jobs:
steps:
- checkout
- run:
<<: *defaults_build_docker_build
name: Build Docker $CIRCLE_TAG image
command: |
echo "Building Docker image: $CIRCLE_TAG"
docker build -t $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG .
- run:
name: Save docker image to workspace
command: docker save -o /tmp/docker-image.tar $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
Expand Down Expand Up @@ -360,43 +272,37 @@ jobs:
name: Load the pre-built docker image from workspace
command: docker load -i /tmp/docker-image.tar
- run:
<<: *defaults_build_docker_login
- run:
name: setup environment vars for release/snapshot
command: ./.circleci/_set_up_deploy_envs.sh
name: Login to Docker Hub
command: docker login -u $DOCKER_USER -p $DOCKER_PASS
- run:
name: Re-tag pre built image
command: |
docker tag $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
- run:
<<: *defaults_build_docker_publish
name: Publish Docker image $CIRCLE_TAG & Latest tag to Docker Hub
command: |
echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG"
docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG"
docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
- run:
<<: *defaults_slack_announcement
name: Slack announcement for tag releases
command: |
curl -X POST \
$SLACK_WEBHOOK_ANNOUNCEMENT \
-H 'Content-type: application/json' \
-H 'cache-control: no-cache' \
-d "{\"text\": \"*${CIRCLE_PROJECT_REPONAME}* - Release \`${CIRCLE_TAG}\`: https://github.com/mojaloop/${CIRCLE_PROJECT_REPONAME}/releases/tag/${CIRCLE_TAG}\"}"


deploy:
executor: helm-kube
executor: deploy-kube/helm-kube
steps:
- checkout
- run:
name: Install AWS CLI dependencies
command: *defaults_awsCliDependencies
- run:
name: setup environment vars for release/snapshot
command: ./.circleci/_set_up_deploy_envs.sh
- run:
<<: *defaults_deploy_prequisites
- run:
<<: *defaults_deploy_config_kubernetes_cluster
- run:
<<: *defaults_deploy_config_kubernetes_credentials
- run:
<<: *defaults_deploy_config_kubernetes_context
- run:
<<: *defaults_deploy_set_kubernetes_context
- run:
<<: *defaults_deploy_configure_helm
- run:
<<: *defaults_deploy_install_or_upgrade_helm_chart
- deploy-kube/setup_and_run:
helm_set_values: |
--set quoting-service.image.repository=$DOCKER_ORG/$CIRCLE_PROJECT_REPONAME \
--set quoting-service.image.tag=$CIRCLE_TAG

##
# Workflows
Expand Down Expand Up @@ -499,6 +405,7 @@ workflows:
requires:
- license-scan
- image-scan
- build
filters:
tags:
only: /v[0-9]+(\.[0-9]+)*(\-snapshot)?(\-hotfix(\.[0-9]+))?/
Expand Down
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -78,3 +78,4 @@ typings/

# MacOs
.[Dd][Ss]_[Ss]tore
.notes.md
14 changes: 2 additions & 12 deletions audit-resolve.json
Original file line number Diff line number Diff line change
@@ -1,19 +1,9 @@
{
"decisions": {
"1184|npm-check-updates>pacote>make-fetch-happen>https-proxy-agent": {
"decision": "ignore",
"madeAt": 1571739084837,
"expiresAt": 1574331074508
},
"1184|npm-check-updates>pacote>npm-registry-fetch>make-fetch-happen>https-proxy-agent": {
"decision": "ignore",
"madeAt": 1571739084837,
"expiresAt": 1574331074508
},
"1482|@hapi/hapi": {
"decision": "ignore",
"madeAt": 1582204968695,
"expiresAt": 1582809756398
"madeAt": 1582635042880,
"expiresAt": 1583239828928
}
},
"rules": {},
Expand Down
Loading