-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path.gitlab-ci.yml
137 lines (121 loc) Β· 4.37 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
variables:
AZURE_LOCATION: westeurope
AZURE_STORAGE_RESOURCE_GROUP: "storage-resource-group"
AZURE_STORAGE_CONTAINER_NAME: tfstate
AZURE_STORAGE_TF_STATEFILE: terraformstate
TERRAFORM_DIR: iac
AZURE_CONTAINER_REGISTRY_NAME: yuyatinnefeldContainerRegistryDev
AZURE_CONTAINER_REGISTRY_REPO_NAME: yuyatinnefeldcontainerregistrydev.azurecr.io
IMAGE_NAME: hello-world
stages:
- initial-setup
- terraform-plan
- terraform-apply
- docker-push
############################ Create Terraform Statefile Bucket ############################
.create-statefile-bucket:
image: mcr.microsoft.com/azure-cli
stage: initial-setup
script:
- echo "ποΈ Checking if $AZURE_STORAGE_TF_STATEFILE$ENV$ENV_NUM exists"
- |
if az storage account show --name $AZURE_STORAGE_TF_STATEFILE$ENV$ENV_NUM --resource-group $AZURE_STORAGE_RESOURCE_GROUP-$ENV &> /dev/null; then
echo "β¨ $AZURE_STORAGE_TF_STATEFILE$ENV$ENV_NUM already exists"
else
echo "π§ The statefile bucket does not exist. Creating"
echo "Create resource group..."
az group create --location westeurope --resource-group "$AZURE_STORAGE_RESOURCE_GROUP-$ENV" --tags $ENV
echo "β
DONE - resource group β
"
echo "Create storage account..."
az storage account create --name $AZURE_STORAGE_TF_STATEFILE$ENV$ENV_NUM --resource-group $AZURE_STORAGE_RESOURCE_GROUP-$ENV --location $AZURE_LOCATION --sku Standard_RAGRS --kind StorageV2 --allow-blob-public-access false --tags $ENV
echo "β
DONE - storage account β
"
echo "Create blob container..."
az storage container create --name $AZURE_STORAGE_CONTAINER_NAME --account-name $AZURE_STORAGE_TF_STATEFILE$ENV$ENV_NUM
echo "β
DONE - blob container β
"
fi
create-statefile-bucket-dev:
extends:
- .create-statefile-bucket
before_script:
- az login --service-principal -u $AZURE_SERVICE_PRINCIPAL_APP_ID_DEV -p $AZURE_SERVICE_PRINCIPAL_PASSWORD_DEV --tenant $AZURE_TENANT_DEV
variables:
ENV_NUM: 79432
ENV: dev
rules:
- if: $CI_COMMIT_BRANCH == "initial"
############################ Create Infrastructure Resources ############################
image:
name: hashicorp/terraform:latest
entrypoint:
- '' # DON'T FORGET SET ENTRYPOINT -> Reason Dockerfile has ENTRYPOINT ["terraform"]
before_script:
- export TF_VAR_ARM_TENANT_ID=$AZURE_TENANT_DEV
- export TF_VAR_ARM_SUBSCRIPTION_ID=$AZURE_SUBSCRIPTION_ID_DEV
- export TF_VAR_ARM_CLIENT_ID=$AZURE_CLIENT_ID_DEV
- export TF_VAR_ARM_CLIENT_SECRET=$AZURE_CLIENT_SECRET
- cd $TERRAFORM_DIR
- terraform init -backend-config="env/dev.tfbackend"
.terraform-plan:
stage: terraform-plan
script:
- terraform plan -var-file=env/dev.tfvars -out=tfplan
artifacts:
paths:
- $TERRAFORM_DIR
expire_in: 1 hrs
terraform-plan-dev:
extends:
- .terraform-plan
rules:
- if: $CI_COMMIT_BRANCH == "develop"
- changes:
- /iac/*
.terraform-apply:
stage: terraform-apply
script:
- terraform apply tfplan
when: manual
terraform-apply-dev:
extends:
- .terraform-apply
rules:
- if: $CI_COMMIT_BRANCH == "develop"
- changes:
- /iac/*
needs: ['terraform-plan-dev']
.terraform-destroy:
stage: terraform-apply
script:
- terraform destroy -var-file=env/dev.tfvars --auto-approve
when: manual
terraform-destroy-dev:
extends:
- .terraform-destroy
rules:
- if: $CI_COMMIT_BRANCH == "develop"
############################ Push Docker Images ############################
.push-docker-image:
stage: docker-push
image:
name: docker:stable
services:
- name: docker:dind
alias: dockerdaemon
variables:
# Tell docker CLI how to talk to Docker daemon.
DOCKER_HOST: tcp://dockerdaemon:2375/
# Use the overlayfs driver for improved performance.
DOCKER_DRIVER: overlay2
# Disable TLS since we're running inside local network.
DOCKER_TLS_CERTDIR: ""
script:
- docker build -t $IMAGE_NAME ./microservices/apps/hello-world-app
- docker tag $IMAGE_NAME $AZURE_CONTAINER_REGISTRY_REPO_NAME/$IMAGE_NAME
- docker push $AZURE_CONTAINER_REGISTRY_REPO_NAME/$IMAGE_NAME
push-docker-image-dev:
extends:
- .push-docker-image
before_script:
- docker login $AZURE_CONTAINER_REGISTRY_REPO_NAME -u $AZURE_CONTAINER_REGISTRY_NAME -p $AZURE_CONTAINER_REGISTRY_USER_PWD
rules:
- if: $CI_COMMIT_BRANCH == "develop"