-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
127 lines (120 loc) · 3.96 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
stages:
- build_gitops_container
- destroy_tst
- deploy_tst
- test_tst
- refresh_acc
- refresh_prd
variables:
KUBECTL_IMAGE: "gitlab.example.com:5050/kubernetes/gitops/gitops"
GITOPS_CLONE_URL: "[email protected]:kubernetes/gitops.git"
GITOPS_COMMIT_EMAIL: "[email protected]"
GITOPS_COMMIT_NAME: "GitLab CI/CD"
GITOPS_KUBECTL_CONTEXT_TST: "kubernetes/gitops:kubernetes-agent"
build_gitops_container:
stage: build_gitops_container
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
script:
- mkdir -p /kaniko/.docker
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
- /kaniko/executor
--context $CI_PROJECT_DIR
--build-arg KUBECTL_VERSION=$KUBECTL_VERSION
--build-arg KUSTOMIZE_VERSION=$KUSTOMIZE_VERSION
--dockerfile $CI_PROJECT_DIR/Containerfile
--destination $CI_REGISTRY_IMAGE/gitops:latest
--snapshotMode=redo
--use-new-run
tags:
- kubernetes
rules:
- if: $CI_COMMIT_BRANCH == "main" && $CI_PIPELINE_SOURCE == "push"
changes:
- Containerfile
destroy_tst:
stage: destroy_tst
image: $KUBECTL_IMAGE
script:
- kubectl config use-context ${GITOPS_KUBECTL_CONTEXT_TST}
- cd apps/${APPLICATION}/overlays/${ENVIRONMENT}
- kubectl delete -k .
tags:
- kubernetes
allow_failure: true
rules:
- if: '$CI_PIPELINE_SOURCE == "pipeline" && $ENVIRONMENT == "tst"'
deploy_tst:
stage: deploy_tst
image: $KUBECTL_IMAGE
script:
- kubectl config use-context ${GITOPS_KUBECTL_CONTEXT_TST}
- cd apps/${APPLICATION}/overlays/${ENVIRONMENT}
- kubectl apply -k .
tags:
- kubernetes
rules:
- if: '$CI_PIPELINE_SOURCE == "pipeline" && $ENVIRONMENT == "tst"'
test_tst:
stage: test_tst
image: $KUBECTL_IMAGE
script:
- echo "test tst"
- echo "Application name is ${APPLICATION}"
- echo "Tag is ${TAG}"
- echo "Testing application ${APPLICATION}"
- kubectl config use-context ${GITOPS_KUBECTL_CONTEXT_TST}
- kubectl get ingress -n testapp-tst
tags:
- kubernetes
rules:
- if: '$CI_PIPELINE_SOURCE == "pipeline" && $ENVIRONMENT == "tst"'
refresh_acc:
stage: refresh_acc
image: $KUBECTL_IMAGE
before_script:
- mkdir -p ~/.ssh
- chmod 0700 ~/.ssh
- echo ${SSH_PRIVATE_KEY_BASE64} | base64 -d > ~/.ssh/id_ed25519
- chmod 0600 ~/.ssh/id_ed25519
- ssh-keyscan gitlab.example.com > ~/.ssh/known_hosts
- git remote set-url origin ${GITOPS_CLONE_URL}
- git config --global user.email "${GITOPS_COMMIT_EMAIL}"
- git config --global user.name "${GITOPS_COMMIT_NAME}"
script:
- git checkout -B main
- git pull origin main
- cd apps/${APPLICATION}/overlays/${ENVIRONMENT}
- kustomize edit set image $IMAGE:$TAG
- cat kustomization.yml
- git commit -am "Automated change by Gitlab CI - Promoted ${APPLICATION} to version ${TAG} in ${ENVIRONMENT}"
- git push origin main
tags:
- kubernetes
rules:
- if: '$CI_PIPELINE_SOURCE == "pipeline" && $ENVIRONMENT == "acc"'
refresh_prd:
stage: refresh_prd
image: $KUBECTL_IMAGE
before_script:
- mkdir -p ~/.ssh
- chmod 0700 ~/.ssh
- echo ${SSH_PRIVATE_KEY_BASE64} | base64 -d > ~/.ssh/id_ed25519
- chmod 0600 ~/.ssh/id_ed25519
- ssh-keyscan gitlab.example.com > ~/.ssh/known_hosts
- git remote set-url origin ${GITOPS_CLONE_URL}
- git config --global user.email "${GITOPS_COMMIT_EMAIL}"
- git config --global user.name "${GITOPS_COMMIT_NAME}"
script:
- git checkout -B main
- git pull origin main
- cd apps/${APPLICATION}/overlays/${ENVIRONMENT}
- kustomize edit set image $IMAGE:$TAG
- cat kustomization.yml
- git commit -am "Automated change by Gitlab CI - Promoted ${APPLICATION} to version ${TAG} in ${ENVIRONMENT}"
- git push origin main
tags:
- kubernetes
rules:
- if: '$CI_PIPELINE_SOURCE == "pipeline" && $ENVIRONMENT == "prd"'