Newer
Older
- deploy_ocf_staging
- delete_ocf_staging
- deploy_ocf_dev
- delete_ocf_dev
variables:
NAMESPACE_DEV: "ocf-dev-$CI_ENVIRONMENT_SLUG"
NAMESPACE_STAGING: "ocf-staging"
DOMAIN_STAGING: staging.int
DOMAIN_DEV: developer.int
DOMAIN_PROD: prod.int
IMAGE_TAG_DEV: $CI_COMMIT_REF_SLUG
IMAGE_TAG_STAGING: $CI_COMMIT_REF_SLUG
VAULT_HOSTNAME: $VAULT_HOSTNAME
VAULT_PORT: $VAULT_PORT
VAULT_ACCESS_TOKEN: $VAULT_ACCESS_TOKEN
CI_REGISTRY: $CI_REGISTRY
only:
- merge_requests
except:
variables:
- $CI_MERGE_REQUEST_TARGET_BRANCH_NAME != "staging"
rules:
- if: '$CI_COMMIT_REF_NAME == "staging"'
url: https://capif-$CI_ENVIRONMENT_SLUG.$DOMAIN_STAGING
on_stop: delete_ocf_staging
auto_stop_in: 3 day
script:
- |
helm version
kubectl version --output=yaml
echo "### setting kubeconfig###"
whoami
kubectl cluster-info
yq --version
ls -rtt helm/capif
cat helm/capif/Chart.yaml
yq e -i ".appVersion = \"$IMAGE_TAG_STAGING\"" helm/capif/Chart.yaml
cat helm/capif/Chart.yaml
echo "### download dependencies###"
helm dependency build helm/capif
helm upgrade --install -n $NAMESPACE_DEV ocf-staging helm/capif/ --set nginx.nginx.env.capifHostname=capif-$CI_COMMIT_REF_SLUG.$DOMAIN_STAGING \
--set nginx.nginx.env.registerHostname=register-$CI_COMMIT_REF_SLUG.$DOMAIN_STAGING \
--set monitoring.grafana.ingress.hosts[0].host="grafana-$CI_COMMIT_REF_SLUG.$DOMAIN_STAGING" \
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
--set monitoring.grafana.ingress.hosts[0].paths[0].path="/" \
--set monitoring.grafana.ingress.hosts[0].paths[0].pathType="Prefix" \
--set monitoring.grafana.env.prometheusURL=http://prometheus.ocf.pre-production \
--set tempo.tempo.metricsGenerator.remoteWriteUrl=http://prometheus.ocf.pre-production/api/v1/write \
--set parametersVault.env.vaultHostname=$VAULT_HOSTNAME \
--set parametersVault.env.vaultPort=$VAULT_PORT \
--set parametersVault.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
--set ingress.ip=10.43.107.132 \
--set accessControlPolicy.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-access-control-policy-api \
--set accessControlPolicy.image.tag=$CI_COMMIT_REF_SLUG \
--set apiInvocationLogs.apiInvocationLogs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-logging-api-invocation-api \
--set apiInvocationLogs.apiInvocationLogs.image.tag=$CI_COMMIT_REF_SLUG \
--set apiInvokerManagement.apiInvokerManagement.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-invoker-management-api \
--set apiInvokerManagement.apiInvokerManagement.image.tag=$CI_COMMIT_REF_SLUG \
--set apiProviderManagement.apiProviderManagement.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-provider-management-api \
--set apiProviderManagement.apiProviderManagement.image.tag=$CI_COMMIT_REF_SLUG \
--set capifEvents.capifEvents.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-events-api \
--set capifEvents.capifEvents.image.tag=$CI_COMMIT_REF_SLUG \
--set capifRoutingInfo.capifRoutingInfo.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-routing-info-api \
--set capifRoutingInfo.capifRoutingInfo.image.tag=$CI_COMMIT_REF_SLUG \
--set capifSecurity.capifSecurity.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-security-api \
--set capifSecurity.capifSecurity.image.tag=$CI_COMMIT_REF_SLUG \
--set register.register.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/register \
--set register.register.image.tag=$CI_COMMIT_REF_SLUG \
--set logs.logs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-auditing-api \
--set logs.logs.image.tag=$CI_COMMIT_REF_SLUG \
--set nignx.nginx.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/nginx \
--set nignx.nginx.image.tag=$CI_COMMIT_REF_SLUG \
--set publishedApis.publishedApis.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-publish-service-api \
--set publishedApis.publishedApis.image.tag=$CI_COMMIT_REF_SLUG \
--set serviceApis.serviceApis.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-discover-service-api \
--set serviceApis.serviceApis.image.tag=$CI_COMMIT_REF_SLUG \
--set nginx.nginx.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/nginx \
--set nginx.nginx.image.tag=$CI_COMMIT_REF_SLUG --wait --timeout=10m --create-namespace
delete_ocf_staging:
stage: delete_ocf_staging
<<: *staging_common
script:
- echo "### deleting environment $NAMESPACE_STAGING###"
- helm uninstall -n $NAMESPACE_DEV ocf-staging
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
### staging branch merged ###
deploy_ocf_oficial_staging:
stage: deploy_ocf_oficial_staging
needs:
- staging_build_and_push_mr
<<: *staging_common
environment:
name: review/oficial-staging
url: https://capif-staging.$DOMAIN_STAGING
script:
- |
helm version
kubectl version --output=yaml
echo "### setting kubeconfig###"
whoami
kubectl cluster-info
yq --version
ls -rtt helm/capif
cat helm/capif/Chart.yaml
yq e -i ".appVersion = \"$IMAGE_TAG_STAGING\"" helm/capif/Chart.yaml
cat helm/capif/Chart.yaml
echo "### download dependencies###"
helm dependency build helm/capif
echo "### updating capif###"
helm upgrade --install -n $NAMESPACE_STAGING ocf-staging helm/capif/ --set nginx.nginx.env.capifHostname=capif-staging.$DOMAIN_STAGING \
--set nginx.nginx.env.registerHostname=register-staging.$DOMAIN_STAGING \
--set monitoring.grafana.ingress.hosts[0].host="grafana-staging.$DOMAIN_STAGING" \
--set monitoring.grafana.ingress.hosts[0].paths[0].path="/" \
--set monitoring.grafana.ingress.hosts[0].paths[0].pathType="Prefix" \
--set monitoring.grafana.env.prometheusURL=http://prometheus.ocf.pre-production \
--set tempo.tempo.metricsGenerator.remoteWriteUrl=http://prometheus.ocf.pre-production/api/v1/write \
--set parametersVault.env.vaultHostname=$VAULT_HOSTNAME \
--set parametersVault.env.vaultPort=$VAULT_PORT \
--set parametersVault.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
--set ingress.ip=10.43.107.132 \
--set accessControlPolicy.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-access-control-policy-api \
--set accessControlPolicy.image.tag=staging \
--set apiInvocationLogs.apiInvocationLogs.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-logging-api-invocation-api \
--set apiInvocationLogs.apiInvocationLogs.image.tag=staging \
--set apiInvokerManagement.apiInvokerManagement.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-api-invoker-management-api \
--set apiInvokerManagement.apiInvokerManagement.image.tag=staging \
--set apiProviderManagement.apiProviderManagement.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-api-provider-management-api \
--set apiProviderManagement.apiProviderManagement.image.tag=staging \
--set capifEvents.capifEvents.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-events-api \
--set capifEvents.capifEvents.image.tag=staging \
--set capifRoutingInfo.capifRoutingInfo.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-routing-info-api \
--set capifRoutingInfo.capifRoutingInfo.image.tag=staging \
--set capifSecurity.capifSecurity.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-security-api \
--set capifSecurity.capifSecurity.image.tag=staging \
--set register.register.image.repository=$CI_REGISTRY/ocf/capif/staging/register \
--set register.register.image.tag=staging \
--set logs.logs.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-auditing-api \
--set logs.logs.image.tag=staging \
--set nignx.nginx.image.repository=$CI_REGISTRY/ocf/capif/staging/nginx \
--set nignx.nginx.image.tag=staging \
--set publishedApis.publishedApis.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-publish-service-api \
--set publishedApis.publishedApis.image.tag=staging \
--set serviceApis.serviceApis.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-discover-service-api \
--set serviceApis.serviceApis.image.tag=staging \
--set nginx.nginx.image.repository=$CI_REGISTRY/ocf/capif/staging/nginx \
--set nginx.nginx.image.tag=staging --wait --timeout=10m --create-namespace
## dev ###
deploy_ocf_dev:
stage: deploy_ocf_dev
<<: *dev_common
environment:
name: review/$CI_COMMIT_REF_SLUG
url: https://capif-$CI_ENVIRONMENT_SLUG.$DOMAIN_DEV
# rules:
# - if: $CI_COMMIT_BRANCH == "main"
# when: never
# - if: $CI_COMMIT_BRANCH == "staging"
# when: never
# - if: $CI_COMMIT_BRANCH
- |
helm version
kubectl version --output=yaml
echo "### setting kubeconfig###"
kubectl cluster-info
yq --version
cat helm/capif/Chart.yaml
yq e -i ".appVersion = \"$IMAGE_TAG_DEV\"" helm/capif/Chart.yaml
cat helm/capif/Chart.yaml
echo "### download dependencies###"
helm dependency build helm/capif
echo "### updating capif###"
helm upgrade --install -n $NAMESPACE_DEV ocf-developer helm/capif/ --set nginx.nginx.env.capifHostname=capif-$CI_ENVIRONMENT_SLUG.$DOMAIN_DEV \
--set nginx.nginx.env.registerHostname=register-$CI_ENVIRONMENT_SLUG.$DOMAIN_DEV \
--set monitoring.grafana.ingress.hosts[0].host="grafana-$CI_ENVIRONMENT_SLUG.$DOMAIN_DEV" \
--set monitoring.grafana.ingress.hosts[0].paths[0].path="/" \
--set monitoring.grafana.ingress.hosts[0].paths[0].pathType="Prefix" \
--set monitoring.grafana.env.prometheusURL=http://prometheus.ocf.pre-production \
--set tempo.tempo.metricsGenerator.remoteWriteUrl=http://prometheus.ocf.pre-production/api/v1/write \
--set parametersVault.env.vaultHostname=$VAULT_HOSTNAME \
--set parametersVault.env.vaultPort=$VAULT_PORT \
--set parametersVault.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
--set ingress.ip=10.43.107.132 \
--set accessControlPolicy.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-access-control-policy-api \
--set accessControlPolicy.image.tag=$CI_COMMIT_REF_SLUG \
--set apiInvocationLogs.apiInvocationLogs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-logging-api-invocation-api \
--set apiInvocationLogs.apiInvocationLogs.image.tag=$CI_COMMIT_REF_SLUG \
--set apiInvokerManagement.apiInvokerManagement.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-invoker-management-api \
--set apiInvokerManagement.apiInvokerManagement.image.tag=$CI_COMMIT_REF_SLUG \
--set apiProviderManagement.apiProviderManagement.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-provider-management-api \
--set apiProviderManagement.apiProviderManagement.image.tag=$CI_COMMIT_REF_SLUG \
--set capifEvents.capifEvents.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-events-api \
--set capifEvents.capifEvents.image.tag=$CI_COMMIT_REF_SLUG \
--set capifRoutingInfo.capifRoutingInfo.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-routing-info-api \
--set capifRoutingInfo.capifRoutingInfo.image.tag=$CI_COMMIT_REF_SLUG \
--set capifSecurity.capifSecurity.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-security-api \
--set capifSecurity.capifSecurity.image.tag=$CI_COMMIT_REF_SLUG \
--set register.register.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/register \
--set register.register.image.tag=$CI_COMMIT_REF_SLUG \
--set logs.logs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-auditing-api \
--set logs.logs.image.tag=$CI_COMMIT_REF_SLUG \
--set nignx.nginx.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/nginx \
--set nignx.nginx.image.tag=$CI_COMMIT_REF_SLUG \
--set publishedApis.publishedApis.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-publish-service-api \
--set publishedApis.publishedApis.image.tag=$CI_COMMIT_REF_SLUG \
--set serviceApis.serviceApis.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-discover-service-api \
--set serviceApis.serviceApis.image.tag=$CI_COMMIT_REF_SLUG \
--set nginx.nginx.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/nginx \
--set nginx.nginx.image.tag=$CI_COMMIT_REF_SLUG --wait --timeout=10m --create-namespace
delete_ocf_dev:
stage: delete_ocf_dev
<<: *staging_common
script:
- echo "### deleting environment $NAMESPACE_DEV###"
- helm uninstall -n $NAMESPACE_DEV ocf-developer
when: manual
environment:
name: review/$CI_COMMIT_REF_SLUG
action: stop