diff --git a/README.md b/README.md index 8841a580..0a08d782 100644 --- a/README.md +++ b/README.md @@ -16,9 +16,8 @@ With Kubernetes: With Helm: -`lint -> build -> test -> push -> deploy -> notify` +`lint -> build -> test -> push -> deploy -> verify -> rollback -> notify` -Rollback is not necessary thanks to Helm's atomic operations (if the installing fails, Helm cleans up by itself) Our workflow: - A commit on master goes to quality @@ -181,6 +180,22 @@ See [here](https://github.com/zegl/kube-score/blob/master/README_CHECKS.md) for NB: The test `label_values` needs to be skipped because of the values `${CI_COMMIT_TAG}` (which will be replaced by `envsubst` later in the pipeline) causing validation fail. +### Linting shell files + +```yaml +include: + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates//lint-shell.yml' + +stages: + - lint + +variables: + # optional, used to enable reviewdog + ENABLE_REVIEWDOG: 1 + REVIEWDOG_GITLAB_API_TOKEN: + REVIEWDOG_LEVEL: warning # optional, values: info, warning, error +``` + # Unit test stage ```yaml @@ -215,6 +230,10 @@ variables: SKIP_DOCKER_CACHE: "false" ``` +All stages in Docker file should be named (e.g. `AS buildes`, `AS prod`...). These need to be added to `STAGES` variable. `IMAGES` variable defines the images that will be built, just delete the variable if a single image will be created. In this case the image will be named as `CI_REGISTRY_IMAGE`, othewise `CI_REGISTRY_IMAGE` will be a folder containing `IMAGES`. +`DOCKERFILES_DIR` is used to specify a different folder containing Dockerfiles instead of the default root directory. + + ## Kubernetes quality pipeline ```yaml @@ -458,6 +477,8 @@ stages: - build - push - deploy + - verify + - rollback variables: IMAGES: "app nginx" @@ -780,9 +801,15 @@ include: stages: - notify + +variables: + SENTRY_AUTH_TOKEN: my-sentry-user-token + SENTRY_URL: my-sentry.example.net + SENTRY_PROJECT: my-sentry-project + SENTRY_ORG: my-sentry-org ``` -This stage makes an API call to the project-specific sentry webhook, in order to announce a new release [as per the docs](https://docs.sentry.io/workflow/releases/?platform=javascript#using-the-api). +This stage uses `getsentry/sentry-cli:1.52.3`, in order to announce a new release [as per the docs](https://docs.sentry.io/workflow/releases/?platform=javascript#using-the-cli). # General advices diff --git a/bucket-production.yml b/bucket-production.yml index 31479ce5..8ee3ec31 100644 --- a/bucket-production.yml +++ b/bucket-production.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/bucket-quality.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/bucket-quality.yml' deploy:production: extends: .deploy diff --git a/bucket-quality.yml b/bucket-quality.yml index 194ba8e0..730cbd31 100644 --- a/bucket-quality.yml +++ b/bucket-quality.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/templates/bucket.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/templates/bucket.yml' deploy:quality: extends: .deploy diff --git a/cloudrun-production.yml b/cloudrun-production.yml index dda40525..751989eb 100644 --- a/cloudrun-production.yml +++ b/cloudrun-production.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/cloudrun-quality.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/cloudrun-quality.yml' deploy:production: extends: deploy:quality diff --git a/cloudrun-quality.yml b/cloudrun-quality.yml index 25346264..7ff077bc 100644 --- a/cloudrun-quality.yml +++ b/cloudrun-quality.yml @@ -1,6 +1,6 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/docker.yml' - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/templates/cloudrun.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/docker.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/templates/cloudrun.yml' deploy:quality: extends: .cloudrun:deploy diff --git a/docker.yml b/docker.yml index ae137d94..12803055 100644 --- a/docker.yml +++ b/docker.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/templates/docker.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/templates/docker.yml' build: stage: build diff --git a/helm-multiregion.yml b/helm-multiregion.yml index 59b6f236..ec404af7 100644 --- a/helm-multiregion.yml +++ b/helm-multiregion.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/helm-quality.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/helm-quality.yml' # EUROPE deploy:production:europe:helm: @@ -24,6 +24,51 @@ deploy:production:europe:helm: fi done +verify:production:europe: + extends: .verify + stage: verify + variables: + GOOGLE_KEY: ${GOOGLE_KEY_PRODUCTION_EUROPE} + CLUSTER_NAME: ${CLUSTER_NAME_PRODUCTION_EUROPE} + CLUSTER_ZONE: ${CLUSTER_ZONE_PRODUCTION_EUROPE} + NAMESPACE: ${NAMESPACE_PRODUCTION_EUROPE} + before_script: + - | + # CHECK VARIABLES PHASE + for var in "GOOGLE_KEY_PRODUCTION_EUROPE" "CLUSTER_NAME_PRODUCTION_EUROPE" "CLUSTER_ZONE_PRODUCTION_EUROPE" "NAMESPACE_PRODUCTION_EUROPE"; do + if [ -z "${!var}" ]; then + echo "Missing '${var}' variable!" + exit 1 + fi + done + only: + - /^v.+$/i + except: + - branches + +rollback:production:europe: + extends: .rollback + stage: rollback + variables: + GOOGLE_KEY: ${GOOGLE_KEY_PRODUCTION_EUROPE} + CLUSTER_NAME: ${CLUSTER_NAME_PRODUCTION_EUROPE} + CLUSTER_ZONE: ${CLUSTER_ZONE_PRODUCTION_EUROPE} + NAMESPACE: ${NAMESPACE_PRODUCTION_EUROPE} + before_script: + - | + # CHECK VARIABLES PHASE + for var in "GOOGLE_KEY_PRODUCTION_EUROPE" "CLUSTER_NAME_PRODUCTION_EUROPE" "CLUSTER_ZONE_PRODUCTION_EUROPE" "NAMESPACE_PRODUCTION_EUROPE"; do + if [ -z "${!var}" ]; then + echo "Missing '${var}' variable!" + exit 1 + fi + done + when: on_failure + only: + - /^v.+$/i + except: + - branches + # AMERICA deploy:production:america:helm: extends: .deploy:production:helm @@ -47,6 +92,51 @@ deploy:production:america:helm: fi done +verify:production:america: + extends: .verify + stage: verify + variables: + GOOGLE_KEY: ${GOOGLE_KEY_PRODUCTION_AMERICA} + CLUSTER_NAME: ${CLUSTER_NAME_PRODUCTION_AMERICA} + CLUSTER_ZONE: ${CLUSTER_ZONE_PRODUCTION_AMERICA} + NAMESPACE: ${NAMESPACE_PRODUCTION_AMERICA} + before_script: + - | + # CHECK VARIABLES PHASE + for var in "GOOGLE_KEY_PRODUCTION_AMERICA" "CLUSTER_NAME_PRODUCTION_AMERICA" "CLUSTER_ZONE_PRODUCTION_AMERICA" "NAMESPACE_PRODUCTION_AMERICA"; do + if [ -z "${!var}" ]; then + echo "Missing '${var}' variable!" + exit 1 + fi + done + only: + - /^v.+$/i + except: + - branches + +rollback:production:america: + extends: .rollback + stage: rollback + variables: + GOOGLE_KEY: ${GOOGLE_KEY_PRODUCTION_AMERICA} + CLUSTER_NAME: ${CLUSTER_NAME_PRODUCTION_AMERICA} + CLUSTER_ZONE: ${CLUSTER_ZONE_PRODUCTION_AMERICA} + NAMESPACE: ${NAMESPACE_PRODUCTION_AMERICA} + before_script: + - | + # CHECK VARIABLES PHASE + for var in "GOOGLE_KEY_PRODUCTION_AMERICA" "CLUSTER_NAME_PRODUCTION_AMERICA" "CLUSTER_ZONE_PRODUCTION_AMERICA" "NAMESPACE_PRODUCTION_AMERICA"; do + if [ -z "${!var}" ]; then + echo "Missing '${var}' variable!" + exit 1 + fi + done + when: on_failure + only: + - /^v.+$/i + except: + - branches + # ASIA deploy:production:asia:helm: extends: .deploy:production:helm @@ -69,3 +159,48 @@ deploy:production:asia:helm: exit 1 fi done + +verify:production:asia: + extends: .verify + stage: verify + variables: + GOOGLE_KEY: ${GOOGLE_KEY_PRODUCTION_ASIA} + CLUSTER_NAME: ${CLUSTER_NAME_PRODUCTION_ASIA} + CLUSTER_ZONE: ${CLUSTER_ZONE_PRODUCTION_ASIA} + NAMESPACE: ${NAMESPACE_PRODUCTION_ASIA} + before_script: + - | + # CHECK VARIABLES PHASE + for var in "GOOGLE_KEY_PRODUCTION_ASIA" "CLUSTER_NAME_PRODUCTION_ASIA" "CLUSTER_ZONE_PRODUCTION_ASIA" "NAMESPACE_PRODUCTION_ASIA"; do + if [ -z "${!var}" ]; then + echo "Missing '${var}' variable!" + exit 1 + fi + done + only: + - /^v.+$/i + except: + - branches + +rollback:production:asia: + extends: .rollback + stage: rollback + variables: + GOOGLE_KEY: ${GOOGLE_KEY_PRODUCTION_ASIA} + CLUSTER_NAME: ${CLUSTER_NAME_PRODUCTION_ASIA} + CLUSTER_ZONE: ${CLUSTER_ZONE_PRODUCTION_ASIA} + NAMESPACE: ${NAMESPACE_PRODUCTION_ASIA} + before_script: + - | + # CHECK VARIABLES PHASE + for var in "GOOGLE_KEY_PRODUCTION_ASIA" "CLUSTER_NAME_PRODUCTION_ASIA" "CLUSTER_ZONE_PRODUCTION_ASIA" "NAMESPACE_PRODUCTION_ASIA"; do + if [ -z "${!var}" ]; then + echo "Missing '${var}' variable!" + exit 1 + fi + done + when: on_failure + only: + - /^v.+$/i + except: + - branches diff --git a/helm-quality.yml b/helm-quality.yml index f64a62f8..29a963ae 100644 --- a/helm-quality.yml +++ b/helm-quality.yml @@ -1,6 +1,6 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/docker.yml' - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/templates/helm.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/docker.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/templates/helm.yml' deploy:quality:helm: variables: @@ -16,9 +16,52 @@ deploy:quality:helm: before_script: - | # CHECK VARIABLES PHASE - for var in "GOOGLE_KEY_QUALITY" "CLUSTER_NAME_QUALITY" "CLUSTER_ZONE_QUALITY"; do + for var in "GOOGLE_KEY_QUALITY" "CLUSTER_NAME_QUALITY" "CLUSTER_ZONE_QUALITY" "NAMESPACE_QUALITY" "DOMAIN_QUALITY"; do if [ -z "${!var}" ]; then echo "Missing '${var}' variable!" exit 1 fi done + only: + - master + +verify:quality: + extends: .verify + stage: verify + variables: + GOOGLE_KEY: ${GOOGLE_KEY_QUALITY} + CLUSTER_NAME: ${CLUSTER_NAME_QUALITY} + CLUSTER_ZONE: ${CLUSTER_ZONE_QUALITY} + NAMESPACE: ${NAMESPACE_QUALITY} + before_script: + - | + # CHECK VARIABLES PHASE + for var in "GOOGLE_KEY_QUALITY" "CLUSTER_NAME_QUALITY" "CLUSTER_ZONE_QUALITY" "NAMESPACE_QUALITY"; do + if [ -z "${!var}" ]; then + echo "Missing '${var}' variable!" + exit 1 + fi + done + only: + - master + +rollback:quality: + extends: .rollback + stage: rollback + variables: + GOOGLE_KEY: ${GOOGLE_KEY_QUALITY} + CLUSTER_NAME: ${CLUSTER_NAME_QUALITY} + CLUSTER_ZONE: ${CLUSTER_ZONE_QUALITY} + NAMESPACE: ${NAMESPACE_QUALITY} + before_script: + - | + # CHECK VARIABLES PHASE + for var in "GOOGLE_KEY_QUALITY" "CLUSTER_NAME_QUALITY" "CLUSTER_ZONE_QUALITY" "NAMESPACE_QUALITY"; do + if [ -z "${!var}" ]; then + echo "Missing '${var}' variable!" + exit 1 + fi + done + when: on_failure + only: + - master diff --git a/helm-regional.yml b/helm-regional.yml index 5aadc253..73868d2c 100644 --- a/helm-regional.yml +++ b/helm-regional.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/helm-quality.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/helm-quality.yml' deploy:production:helm: extends: .deploy:production:helm @@ -15,9 +15,54 @@ deploy:production:helm: before_script: - | # CHECK VARIABLES PHASE - for var in "GOOGLE_KEY_PRODUCTION" "CLUSTER_NAME_PRODUCTION" "CLUSTER_ZONE_PRODUCTION"; do + for var in "GOOGLE_KEY_PRODUCTION" "CLUSTER_NAME_PRODUCTION" "CLUSTER_ZONE_PRODUCTION" "NAMESPACE_PRODUCTION" "DOMAIN_PRODUCTION"; do if [ -z "${!var}" ]; then echo "Missing '${var}' variable!" exit 1 fi done + +verify:production: + extends: .verify + stage: verify + variables: + GOOGLE_KEY: ${GOOGLE_KEY_PRODUCTION} + CLUSTER_NAME: ${CLUSTER_NAME_PRODUCTION} + CLUSTER_ZONE: ${CLUSTER_ZONE_PRODUCTION} + NAMESPACE: ${NAMESPACE_PRODUCTION} + before_script: + - | + # CHECK VARIABLES PHASE + for var in "GOOGLE_KEY_PRODUCTION" "CLUSTER_NAME_PRODUCTION" "CLUSTER_ZONE_PRODUCTION" "NAMESPACE_PRODUCTION"; do + if [ -z "${!var}" ]; then + echo "Missing '${var}' variable!" + exit 1 + fi + done + only: + - /^v.+$/i + except: + - branches + +rollback:production: + extends: .rollback + stage: rollback + variables: + GOOGLE_KEY: ${GOOGLE_KEY_PRODUCTION} + CLUSTER_NAME: ${CLUSTER_NAME_PRODUCTION} + CLUSTER_ZONE: ${CLUSTER_ZONE_PRODUCTION} + NAMESPACE: ${NAMESPACE_PRODUCTION} + before_script: + - | + # CHECK VARIABLES PHASE + for var in "GOOGLE_KEY_PRODUCTION" "CLUSTER_NAME_PRODUCTION" "CLUSTER_ZONE_PRODUCTION" "NAMESPACE_PRODUCTION"; do + if [ -z "${!var}" ]; then + echo "Missing '${var}' variable!" + exit 1 + fi + done + when: on_failure + only: + - /^v.+$/i + except: + - branches \ No newline at end of file diff --git a/kubernetes-multiregion.yml b/kubernetes-multiregion.yml index 0a6e1b89..65f4a5ba 100644 --- a/kubernetes-multiregion.yml +++ b/kubernetes-multiregion.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/kubernetes-quality.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/kubernetes-quality.yml' # EUROPE deploy:production:europe:image: diff --git a/kubernetes-quality.yml b/kubernetes-quality.yml index 2e557e60..2d59052a 100644 --- a/kubernetes-quality.yml +++ b/kubernetes-quality.yml @@ -1,6 +1,6 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/docker.yml' - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/templates/kubernetes.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/docker.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/templates/kubernetes.yml' deploy:quality:image: variables: diff --git a/kubernetes-regional.yml b/kubernetes-regional.yml index 8bfc2556..cc1edab2 100644 --- a/kubernetes-regional.yml +++ b/kubernetes-regional.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/kubernetes-quality.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/kubernetes-quality.yml' deploy:production:image: extends: .deploy:production:image diff --git a/kubernetes-task-production.yml b/kubernetes-task-production.yml index c96dd268..da372a9f 100644 --- a/kubernetes-task-production.yml +++ b/kubernetes-task-production.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/kubernetes-task-quality.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/kubernetes-task-quality.yml' task:production: extends: .task diff --git a/kubernetes-task-quality.yml b/kubernetes-task-quality.yml index 4635765b..7b275aa9 100644 --- a/kubernetes-task-quality.yml +++ b/kubernetes-task-quality.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/templates/kubernetes-task.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/templates/kubernetes-task.yml' task:quality: extends: .task diff --git a/lint-docker.yml b/lint-docker.yml index 0a51333c..db7ef6b0 100644 --- a/lint-docker.yml +++ b/lint-docker.yml @@ -1,11 +1,11 @@ lint:docker: stage: lint - image: hadolint/hadolint:v1.17.5-debian + image: linuxbandit/hadolint-reviewdog:v1.0.0 script: - | COMMAND_TO_RUN="hadolint" - COMMAND_TO_RUN+=( --trusted-registry registry.my-company.io ) + COMMAND_TO_RUN+=( --trusted-registry "docker.io" --trusted-registry "${CI_REGISTRY}" ) if [[ -n "${IGNORE_DOCKER_LINT}" ]]; then IGNORE_DOCKER_LINT=( DL3012 ) @@ -14,26 +14,47 @@ lint:docker: COMMAND_TO_RUN+=( --ignore "${ign}" ) done - FINAL_COMMAND=${COMMAND_TO_RUN} + # Find docker files in a way similar to docker.yml - if [[ -f "Dockerfile" ]]; then - FINAL_COMMAND+=( ./Dockerfile ) + if [ -z "${IMAGES}" ]; then + COMMAND_TO_RUN+=( ./Dockerfile ) else - FINAL_COMMAND+=( ./docker/app/Dockerfile ) - EXTRA_COMMAND+=( ${COMMAND_TO_RUN} ./docker/nginx/Dockerfile ) + if [ -z "${DOCKERFILES_DIR}" ]; then + DOCKERFILES_DIR=docker + fi + + for image in ${IMAGES[@]}; do + COMMAND_TO_RUN+=( ./"${DOCKERFILES_DIR}/${image}"/Dockerfile ) + done fi echo echo "-> Linting Dockerfile:" echo - "${FINAL_COMMAND[@]}" - if [[ ! -z "${EXTRA_COMMAND}" ]]; then + if [ "${ENABLE_REVIEWDOG}" = "1" ]; then + echo - echo "-> Linting support Dockerfile:" + echo "-> Enabled Review Dog!" echo - "${EXTRA_COMMAND[@]}" + + if [ -z "${REVIEWDOG_GITLAB_API_TOKEN}" ]; then + echo + echo "-> [WARNING] Missing 'REVIEWDOG_GITLAB_API_TOKEN' variable!" + echo + exit 1 + fi + + if [ -z "${REVIEWDOG_LEVEL}" ]; then + REVIEWDOG_LEVEL="warning" + fi + + "${COMMAND_TO_RUN[@]}" | reviewdog -name="Hadolint linter" \ + -efm="%f:%l: %m" -diff="git diff master" -reporter=gitlab-mr-discussion -level="${INPUT_LEVEL}" + else + "${COMMAND_TO_RUN[@]}" + fi echo echo "-> Dockerfile(s) checked!" diff --git a/lint-shell.yml b/lint-shell.yml new file mode 100644 index 00000000..6980318a --- /dev/null +++ b/lint-shell.yml @@ -0,0 +1,42 @@ +lint:shell: + stage: lint + image: linuxbandit/shellcheck-reviewdog:v1.0.0 + variables: + GITLAB_API: ${CI_API_V4_URL} + script: + - | + + if [[ -z "${LINT_PATH}" ]]; then + LINT_PATH="." + fi + + echo + echo "-> Linting shell files:" + echo + + if [ "${ENABLE_REVIEWDOG}" = "1" ]; then + echo + echo "-> Enabled Review Dog!" + echo + + if [ -z "${REVIEWDOG_GITLAB_API_TOKEN}" ]; then + echo + echo "-> [WARNING] Missing 'REVIEWDOG_GITLAB_API_TOKEN' variable!" + echo + exit 1 + fi + + if [ -z "${REVIEWDOG_LEVEL}" ]; then + REVIEWDOG_LEVEL="warning" + fi + + shellcheck -f json $(find "${LINT_PATH}" -type f -name "*.sh") | reviewdog -name="Shellcheck linter" \ + -efm="%f:%l:%c: %m" -diff="git diff master" -reporter=gitlab-mr-discussion -level="${INPUT_LEVEL}" + + else + shellcheck $(find "${LINT_PATH}" -type f -name "*.sh") + fi + + echo + echo "-> Shell files checked!" + echo diff --git a/sentry.yml b/sentry.yml index 472fe9ed..c8433629 100644 --- a/sentry.yml +++ b/sentry.yml @@ -1,36 +1,68 @@ -notify_sentry: - image: gdiener/ci-image-gcp:v1.0.1 - stage: notify +.sentry: + image: getsentry/sentry-cli:1.52.3 + only: + - /^v.+$/i + - master + allow_failure: true + when: on_success script: - - | - if [ -z "${SENTRY_API_URL}" ]; then - echo - echo "-> [WARNING] Missing 'SENTRY_API_URL' variable!" - echo - exit 1 - fi + - &check-set-variables | + # CHECK VARIABLES PHASE + for var in "SENTRY_AUTH_TOKEN" "SENTRY_URL" "SENTRY_ORG" "SENTRY_PROJECT"; do + if [ -z "${!var}" ]; then + echo "Missing '${var}' variable!" + exit 1 + fi + done + ENVIRONMENT="production" if [ -z "${CI_COMMIT_TAG}" ]; then CI_COMMIT_TAG=${CI_COMMIT_SHA} + ENVIRONMENT="quality" fi - PAYLOAD="{ \"version\": \"${CI_COMMIT_TAG}\" }" + sentry-cli info - STATUS_CODE=$(curl -sS -o /tmp/response.txt --write-out "%{http_code}" -H 'Content-Type: application/json' -X POST -d "${PAYLOAD}" "${SENTRY_API_URL}") +sentry:release:set: + extends: .sentry + stage: build + script: + - *check-set-variables + - | + #SET NEW RELEASE - if [[ "${STATUS_CODE}" -ne 201 ]] ; then - echo "Sentry webhook returned '${STATUS_CODE}' error!" + sentry-cli releases new "${CI_COMMIT_TAG}" + + if [ -n "${FEAT_SENTRY_SETCOMMITS}" ]; then echo - echo "Response:" - cat /tmp/response.txt + echo "-> [INFO] variable 'FEAT_SENTRY_SETCOMMITS' for experimental feature enabled!" echo - echo "Payload: ${PAYLOAD}" - exit 1 + sentry-cli releases set-commits "${CI_COMMIT_TAG}" --auto fi - echo "Sentry was notified of the change!" - when: on_success - allow_failure: true - only: - - /^v.+$/i - - master + echo "Sentry release set to ${CI_COMMIT_TAG}!" + + +sentry:release:finalize: + extends: .sentry + stage: deploy + script: + - *check-set-variables + - | + #FINALISE RELEASE + + sentry-cli releases finalize "${CI_COMMIT_TAG}" + + echo "Sentry release finalized to ${CI_COMMIT_TAG}!" + +sentry:notify: + extends: .sentry + stage: notify + script: + - *check-set-variables + - | + #SET NEW DEPLOY + + sentry-cli releases deploys "${CI_COMMIT_TAG}" new -e "${ENVIRONMENT}" + + echo "Sentry was notified that release ${CI_COMMIT_TAG} was set for ${ENVIRONMENT}!" diff --git a/serverless-multiregion.yml b/serverless-multiregion.yml index a7bde644..a087dc48 100644 --- a/serverless-multiregion.yml +++ b/serverless-multiregion.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/templates/serverless.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/templates/serverless.yml' # EUROPE deploy:production:europe: diff --git a/serverless-quality.yml b/serverless-quality.yml index 20b86665..e227c2c3 100644 --- a/serverless-quality.yml +++ b/serverless-quality.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/templates/serverless.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/templates/serverless.yml' deploy:quality: extends: .serverless:deploy diff --git a/serverless-regional.yml b/serverless-regional.yml index b4a886f2..ad0c0a9d 100644 --- a/serverless-regional.yml +++ b/serverless-regional.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/templates/serverless.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/templates/serverless.yml' deploy:production: extends: .serverless:deploy diff --git a/ssh-production.yml b/ssh-production.yml index 3f95990d..4da02fb3 100644 --- a/ssh-production.yml +++ b/ssh-production.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/ssh-quality.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/ssh-quality.yml' ssh:production: extends: .ssh:exec diff --git a/ssh-quality.yml b/ssh-quality.yml index a3bcf1cd..19b4f3ae 100644 --- a/ssh-quality.yml +++ b/ssh-quality.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/templates/ssh.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/templates/ssh.yml' ssh:quality: extends: .ssh:exec diff --git a/templates/helm.yml b/templates/helm.yml index a1f1241d..d3c9a064 100644 --- a/templates/helm.yml +++ b/templates/helm.yml @@ -5,8 +5,10 @@ .helm:deploy: extends: .helm stage: deploy + variables: + GIT_DEPTH: 1 script: - - | + - &checkvars | #CHECKING VARIABLES PHASE for var in "GOOGLE_KEY" "CLUSTER_ZONE" "CLUSTER_NAME" "NAMESPACE" "APP_NAME" "PART_OF" "GOOGLE_PROJECT" "CHARTS_URL" "CHART_NAME"; do if [ -z "${!var}" ]; then @@ -16,7 +18,7 @@ exit 1 fi done - - | + - &activate | # ACTIVATION PHASE echo "${GOOGLE_KEY}" > /tmp/key.json @@ -28,7 +30,7 @@ echo echo "-> Google project '${GOOGLE_PROJECT}' configured!" echo - - | + - &connect | # CLUSTER CONNECTION PHASE gcloud container clusters get-credentials --zone "${CLUSTER_ZONE}" "${CLUSTER_NAME}" @@ -67,7 +69,7 @@ echo fi fi - - | + # SECRETS APPLICATION if [ -n "${SECRET_YAML}" ]; then @@ -87,7 +89,6 @@ echo fi - - | # HELM APPLICATION helm repo add current-repo "${CHARTS_URL}" helm repo update @@ -106,25 +107,11 @@ helm upgrade --install --atomic "${APP_NAME}" "current-repo/${CHART_NAME}" --wait --timeout "${TIMEOUT}" -f /tmp/values.yaml --namespace "${NAMESPACE}" --version ${CHART_VERSION} sleep 5 - # echo - # echo "-> App ${APP_NAME} up! Chart version is ${CHART_VERSION}" - # echo - - # helm test "${APP_NAME}" echo echo "-> App ${APP_NAME} released! Chart version is ${CHART_VERSION}" echo - - | - # POST-DEPLOY HOOK - - if [ -n "${AFTER_CUSTOM_APPLY_FILE_PATH}" ]; then - kubectl apply -f "${AFTER_CUSTOM_APPLY_FILE_PATH}" \ - && echo "-> Custom post-job deployed!" - echo - fi - deploy:quality:helm: extends: .helm:deploy only: @@ -143,3 +130,43 @@ deploy:quality:helm: environment: name: ${ENVIRONMENT_NAME} url: https://${DOMAIN} + +.verify: + extends: .helm + stage: verify + variables: + GIT_STRATEGY: none + script: + - *checkvars + - *activate + - *connect + - | + # HELM TEST + + echo + echo "-> Testing ${APP_NAME} ! Version of the tests: ${CHART_VERSION}" + echo + + helm test "${APP_NAME}" --logs --timeout "${TIMEOUT}" --namespace "${NAMESPACE}" + + +.rollback: + extends: .helm + variables: + GIT_STRATEGY: none + script: + - *checkvars + - *activate + - *connect + - | + # ROLLBACK PHASE + + echo + echo "-> Rolling back ${APP_NAME} !" + echo + + if [ -z "${TIMEOUT}" ]; then + TIMEOUT=600s + fi + + helm rollback "${APP_NAME}" --wait --timeout "${TIMEOUT}" diff --git a/test-unit.yml b/test-unit.yml index 62c33d63..d0a14059 100644 --- a/test-unit.yml +++ b/test-unit.yml @@ -1,5 +1,5 @@ include: - - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.8.0/templates/docker.yml' + - remote: 'https://raw.githubusercontent.com/jobtome-labs/ci-templates/v2.12.0/templates/docker.yml' test:unit: extends: .docker