Skip to content
cd-deploy-ocf.gitlab-ci.yml 29.1 KiB
Newer Older
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
stages:
  - deploy_ocf_oficial_staging
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  - deploy_ocf_staging
  - delete_ocf_staging
  - deploy_ocf_dev
  - delete_ocf_dev

variables:
  NAMESPACE_DEV: "ocf-dev-$CI_ENVIRONMENT_SLUG"
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  NAMESPACE_STAGING: "ocf-staging"
  DOMAIN_STAGING: ocf.validation
  DOMAIN_DEV: ocf.develop
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  DOMAIN_PROD: prod.int
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  CI_JOB_TOKEN: $CI_JOB_TOKEN
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  IMAGE_TAG_DEV: $CI_COMMIT_REF_SLUG
  IMAGE_TAG_STAGING: $CI_COMMIT_REF_SLUG
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  VAULT_HOSTNAME: $VAULT_HOSTNAME
  VAULT_PORT: $VAULT_PORT
  VAULT_ACCESS_TOKEN: $VAULT_ACCESS_TOKEN
  CI_REGISTRY: $CI_REGISTRY
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed

.staging_common: &staging_common
  only:
    - merge_requests
  except:
    variables:
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      - $CI_MERGE_REQUEST_TARGET_BRANCH_NAME != "staging"
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
.dev_common: &dev_common
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  rules:
    - if: '$CI_COMMIT_REF_NAME == "staging"'
      when: never
    - if: '$CI_COMMIT_REF_NAME == "main"'
      when: never
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
    - if: '$CI_COMMIT_TAG =~ /^v\d+\.\d+\.\d+-release$/'
      when: never
    - when: always
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  tags:
    - shell


## staging before mr ###

prep_ocf_cd_staging:
  stage: deploy_ocf_staging
  <<: *staging_common
  script:
    - |
      echo "### filtering name ###"
      echo $CI_COMMIT_REF_SLUG
      CD_ENV_NAME=${CI_COMMIT_REF_SLUG//-/}
      echo $CD_ENV_NAME
      echo $CD_ENV_NAME | rev | cut -c 1-6 | rev
      echo $(echo $CD_ENV_NAME | rev | cut -c 1-6 | rev) > cd_env_endpoint.txt
  artifacts:
    paths:
      - cd_env_endpoint.txt

Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
deploy_ocf_staging:
  stage: deploy_ocf_staging
  needs:
    - staging_build_and_push
    - prep_ocf_cd_staging
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  <<: *staging_common
  environment:
    name: review/dev_to_staging
    url: https://capif-$CI_ENV_ENDPOINT.$DOMAIN_STAGING
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
    on_stop: delete_ocf_staging
    auto_stop_in: 3 day
  script:
    - |
      helm version
      kubectl version --output=yaml
      echo "### setting kubeconfig###"
      whoami
      kubectl cluster-info
      yq --version
      ls -rtt helm/capif
      cat helm/capif/Chart.yaml
      yq e -i ".appVersion = \"$IMAGE_TAG_STAGING\"" helm/capif/Chart.yaml
      cat helm/capif/Chart.yaml
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed

Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      charts=("mock-server" "nginx" "ocf-access-control-policy" 
        "ocf-api-invocation-logs" "ocf-api-invoker-management" 
        "ocf-api-provider-management" "ocf-auditing-api-logs" 
        "ocf-discover-service-api" "ocf-events" "ocf-helper" 
        "ocf-publish-service-api" "ocf-register" "ocf-routing-info" 
        "ocf-security")
      
      for chart in "${charts[@]}"; do
        yq e -i ".appVersion = \"$IMAGE_TAG_STAGING\"" "helm/capif/charts/$chart/Chart.yaml"
      done
      
      export CI_ENV_ENDPOINT=$(cat cd_env_endpoint.txt)
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed

      echo "### download dependencies###"
      helm dependency build helm/capif
      echo "### updating capif###"
      helm upgrade --install -n $NAMESPACE_DEV ocf-pre-staging helm/capif/ \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set grafana.enabled=true \
      --set grafana.ingress.enabled=true \
      --set grafana.ingress.hosts[0].host=ocf-mon-$CI_ENV_ENDPOINT.$DOMAIN_STAGING \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set grafana.ingress.hosts[0].paths[0].path="/" \
      --set grafana.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set grafana.env.prometheusUrl=http://prometheus.ocf.pre-production \
      --set grafana.env.tempoUrl="http://ocf-pre-staging-tempo:3100" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set fluentbit.enabled=true \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set loki.enabled=true \
      --set tempo.tempo.metricsGenerator.remoteWriteUrl=http://prometheus.ocf.pre-production/api/v1/write \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set otelcollector.enabled=true \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set otelcollector.configMap.tempoEndpoint=ocf-pre-staging-tempo:4317 \
      --set ocf-access-control-policy.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-access-control-policy-api \
      --set ocf-access-control-policy.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-access-control-policy.image.env.capifHostname=capif-$CI_ENV_ENDPOINT.$DOMAIN_STAGING \
      --set ocf-access-control-policy.monitoring="true" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-access-control-policy.env.logLevel="INFO" \
      --set ocf-api-invocation-logs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-logging-api-invocation-api \
      --set ocf-api-invocation-logs.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-api-invocation-logs.env.monitoring="true" \
      --set ocf-api-invocation-logs.env.capifHostname=capif-$CI_ENV_ENDPOINT.$DOMAIN_STAGING \
      --set ocf-api-invocation-logs.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-api-invocation-logs.env.vaultPort=$VAULT_PORT \
      --set ocf-api-invocation-logs.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-api-invocation-logs.env.logLevel="INFO" \
      --set ocf-api-invoker-management.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-invoker-management-api \
      --set ocf-api-invoker-management.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-api-invoker-management.env.monitoring="true" \
      --set ocf-api-invoker-management.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-api-invoker-management.env.vaultPort=$VAULT_PORT \
      --set ocf-api-invoker-management.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-api-invoker-management.env.logLevel="INFO" \
      --set ocf-api-provider-management.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-provider-management-api \
      --set ocf-api-provider-management.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-api-provider-management.env.monitoring="true" \
      --set ocf-api-provider-management.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-api-provider-management.env.vaultPort=$VAULT_PORT \
      --set ocf-api-provider-management.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-api-provider-management.env.logLevel="INFO" \
      --set ocf-events.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-events-api \
      --set ocf-events.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-events.env.monitoring="true" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-events.env.logLevel="INFO" \
      --set ocf-routing-info.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-routing-info-api \
      --set ocf-routing-info.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-routing-info.env.monitoring="true" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-routing-info.env.logLevel="INFO" \
      --set ocf-security.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-security-api \
      --set ocf-security.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-security.env.monitoring="true" \
      --set ocf-security.env.capifHostname=capif-$CI_ENV_ENDPOINT.$DOMAIN_STAGING \
      --set ocf-security.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-security.env.vaultPort=$VAULT_PORT \
      --set ocf-security.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-security.env.logLevel="INFO" \
      --set ocf-register.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/register \
      --set ocf-register.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-register.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-register.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set ocf-register.env.vaultPort=$VAULT_PORT \
      --set ocf-register.env.mongoHost=mongo-register \
      --set ocf-register.env.mongoPort=27017 \
      --set ocf-register.env.capifHostname=capif-$CI_ENV_ENDPOINT.$DOMAIN_STAGING \
      --set ocf-register.ingress.enabled=true \
      --set ocf-register.ingress.hosts[0].host=register-$CI_ENV_ENDPOINT.$DOMAIN_STAGING \
      --set ocf-register.ingress.hosts[0].paths[0].path="/" \
      --set ocf-register.ingress.hosts[0].paths[0].pathType="Prefix" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-register.env.logLevel="INFO" \
      --set ocf-auditing-api-logs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-auditing-api \
      --set ocf-auditing-api-logs.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-auditing-api-logs.env.monitoring="true" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-auditing-api-logs.env.logLevel="INFO" \
      --set ocf-publish-service-api.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-publish-service-api \
      --set ocf-publish-service-api.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-publish-service-api.env.monitoring="true" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-publish-service-api.env.logLevel="INFO" \
      --set ocf-discover-service-api.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-discover-service-api \
      --set ocf-discover-service-api.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-discover-service-api.env.monitoring="true" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-discover-service-api.env.logLevel="INFO" \
      --set nginx.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/nginx \
      --set nginx.image.tag=$CI_COMMIT_REF_SLUG \
      --set nginx.env.capifHostname=capif-$CI_ENV_ENDPOINT.$DOMAIN_STAGING \
      --set nginx.env.vaultHostname=$VAULT_HOSTNAME \
      --set nginx.env.vaultPort=$VAULT_PORT \
      --set nginx.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set nginx.ingress.enabled=true \
      --set nginx.ingress.hosts[0].host=capif-$CI_ENV_ENDPOINT.$DOMAIN_STAGING \
      --set nginx.ingress.hosts[0].paths[0].path="/" \
      --set nginx.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set nginx.env.logLevel="info" \
      --set ocf-helper.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/helper \
      --set ocf-helper.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-helper.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-helper.env.vaultPort=$VAULT_PORT \
      --set ocf-helper.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set ocf-helper.env.capifHostname=capif-$CI_ENV_ENDPOINT.$DOMAIN_STAGING \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-helper.env.logLevel="INFO" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set mock-server.enabled=true \
      --set mock-server.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/mock-server \
      --set mock-server.image.tag=$CI_COMMIT_REF_SLUG \
      --set mock-server.ingress.enabled=true \
      --set mock-server.ingress.hosts[0].host=mock-server-$CI_ENV_ENDPOINT.$DOMAIN_STAGING \
      --set mock-server.ingress.hosts[0].paths[0].path="/" \
      --set mock-server.ingress.hosts[0].paths[0].pathType="Prefix" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set mock-server.env.logLevel="INFO" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set mongo-register-express.enabled=true \
      --set mongo-register-express.ingress.enabled=true \
      --set mongo-register-express.ingress.hosts[0].host="mongo-express-register-$CI_ENV_ENDPOINT.$DOMAIN_STAGING" \
      --set mongo-register-express.ingress.hosts[0].paths[0].path="/" \
      --set mongo-register-express.ingress.hosts[0].paths[0].pathType="Prefix" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set mongo-express.enabled=true \
      --set mongo-express.ingress.enabled=true \
      --set mongo-express.ingress.hosts[0].host="mongo-express-$CI_ENV_ENDPOINT.$DOMAIN_STAGING" \
      --set mongo-express.ingress.hosts[0].paths[0].path="/" \
      --set mongo-express.ingress.hosts[0].paths[0].pathType="Prefix" \
      --wait --timeout=10m --create-namespace --atomic
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed

delete_ocf_staging:
  stage: delete_ocf_staging
  <<: *staging_common
  script:
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
    - echo "### deleting environment $NAMESPACE_STAGING###"
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
    - helm uninstall -n $NAMESPACE_DEV ocf-pre-staging
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
    - kubectl delete ns $NAMESPACE_DEV --force
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  when: manual
  environment:
    name: review/dev_to_staging
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
    action: stop

### staging branch merged ###
deploy_ocf_oficial_staging:
  stage: deploy_ocf_oficial_staging
#  <<: *staging_common
  rules:
    - if: '$CI_COMMIT_REF_NAME == "staging"'
      when: always
  needs:
    - staging_build_and_push_mr
  environment:
    name: review/oficial-staging
    url: https://capif-staging.$DOMAIN_STAGING
  script:
    - |
      helm version
      kubectl version --output=yaml
      echo "### setting kubeconfig###"
      whoami
      kubectl cluster-info
      yq --version
      ls -rtt helm/capif
      cat helm/capif/Chart.yaml
      yq e -i ".appVersion = \"staging\"" helm/capif/Chart.yaml
      cat helm/capif/Chart.yaml
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed

Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      charts=("mock-server" "nginx" "ocf-access-control-policy" 
        "ocf-api-invocation-logs" "ocf-api-invoker-management" 
        "ocf-api-provider-management" "ocf-auditing-api-logs" 
        "ocf-discover-service-api" "ocf-events" "ocf-helper" 
        "ocf-publish-service-api" "ocf-register" "ocf-routing-info" 
        "ocf-security")
      
      for chart in "${charts[@]}"; do
        yq e -i ".appVersion = \"staging\"" "helm/capif/charts/$chart/Chart.yaml"
      done

Andres Anaya Amariels's avatar
Andres Anaya Amariels committed

      echo "### download dependencies###"
      helm dependency build helm/capif
      echo "### updating capif###"
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      helm upgrade --install -n $NAMESPACE_STAGING ocf-staging helm/capif/ \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set grafana.enabled=true \
      --set grafana.ingress.enabled=true \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set grafana.ingress.hosts[0].host=ocf-mon-staging.$DOMAIN_STAGING \
      --set grafana.ingress.hosts[0].paths[0].path="/" \
      --set grafana.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set grafana.env.prometheusUrl=http://prometheus.ocf.pre-production \
      --set grafana.env.tempoUrl="http://ocf-staging-tempo:3100" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set fluentbit.enabled=true \
      --set loki.enabled=true \
      --set tempo.tempo.metricsGenerator.remoteWriteUrl=http://prometheus.ocf.pre-production/api/v1/write \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set otelcollector.enabled=true \
      --set otelcollector.configMap.tempoEndpoint=ocf-staging-tempo:4317 \
      --set ocf-access-control-policy.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-access-control-policy-api \
      --set ocf-access-control-policy.image.tag=staging \
      --set ocf-access-control-policy.image.env.capifHostname=capif-staging.$DOMAIN_STAGING \
      --set ocf-access-control-policy.monitoring="true" \
      --set ocf-api-invocation-logs.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-logging-api-invocation-api \
      --set ocf-api-invocation-logs.image.tag=staging \
      --set ocf-api-invocation-logs.env.monitoring="true" \
      --set ocf-api-invocation-logs.env.capifHostname=capif-staging.$DOMAIN_STAGING \
      --set ocf-api-invocation-logs.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-api-invocation-logs.env.vaultPort=$VAULT_PORT \
      --set ocf-api-invocation-logs.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set ocf-api-invoker-management.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-api-invoker-management-api \
      --set ocf-api-invoker-management.image.tag=staging \
      --set ocf-api-invoker-management.env.monitoring="true" \
      --set ocf-api-invoker-management.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-api-invoker-management.env.vaultPort=$VAULT_PORT \
      --set ocf-api-invoker-management.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set ocf-api-provider-management.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-api-provider-management-api \
      --set ocf-api-provider-management.image.tag=staging \
      --set ocf-api-provider-management.env.monitoring="true" \
      --set ocf-api-provider-management.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-api-provider-management.env.vaultPort=$VAULT_PORT \
      --set ocf-api-provider-management.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set ocf-events.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-events-api \
      --set ocf-events.image.tag=staging \
      --set ocf-events.env.monitoring="true" \
      --set ocf-routing-info.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-routing-info-api \
      --set ocf-routing-info.image.tag=staging \
      --set ocf-routing-info.env.monitoring="true" \
      --set ocf-security.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-security-api \
      --set ocf-security.image.tag=staging \
      --set ocf-security.env.monitoring="true" \
      --set ocf-security.env.capifHostname=capif-staging.$DOMAIN_STAGING \
      --set ocf-security.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-security.env.vaultPort=$VAULT_PORT \
      --set ocf-security.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set ocf-register.image.repository=$CI_REGISTRY/ocf/capif/staging/register \
      --set ocf-register.image.tag=staging \
      --set ocf-register.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-register.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set ocf-register.env.vaultPort=$VAULT_PORT \
      --set ocf-register.env.mongoHost=mongo-register \
      --set ocf-register.env.mongoPort=27017 \
      --set ocf-register.env.capifHostname=capif-staging.$DOMAIN_STAGING \
      --set ocf-register.ingress.enabled=true \
      --set ocf-register.ingress.hosts[0].host=register-staging.$DOMAIN_STAGING \
      --set ocf-register.ingress.hosts[0].paths[0].path="/" \
      --set ocf-register.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set ocf-auditing-api-logs.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-auditing-api \
      --set ocf-auditing-api-logs.image.tag=staging \
      --set ocf-auditing-api-logs.env.monitoring="true" \
      --set ocf-publish-service-api.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-publish-service-api \
      --set ocf-publish-service-api.image.tag=staging \
      --set ocf-publish-service-api.env.monitoring="true" \
      --set ocf-discover-service-api.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-discover-service-api \
      --set ocf-discover-service-api.image.tag=staging \
      --set ocf-discover-service-api.env.monitoring="true" \
      --set nginx.image.repository=$CI_REGISTRY/ocf/capif/staging/nginx \
      --set nginx.image.tag=staging \
      --set nginx.env.capifHostname=capif-staging.$DOMAIN_STAGING \
      --set nginx.env.vaultHostname=$VAULT_HOSTNAME \
      --set nginx.env.vaultPort=$VAULT_PORT \
      --set nginx.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set nginx.ingress.enabled=true \
      --set nginx.ingress.hosts[0].host=capif-staging.$DOMAIN_STAGING \
      --set nginx.ingress.hosts[0].paths[0].path="/" \
      --set nginx.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set ocf-helper.image.repository=$CI_REGISTRY/ocf/capif/staging/helper \
      --set ocf-helper.image.tag=staging \
      --set ocf-helper.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-helper.env.vaultPort=$VAULT_PORT \
      --set ocf-helper.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set ocf-helper.env.capifHostname=capif-staging.$DOMAIN_STAGING \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set mock-server.enabled=true \
      --set mock-server.image.repository=$CI_REGISTRY/ocf/capif/staging/mock-server \
      --set mock-server.image.tag=staging \
      --set mock-server.ingress.enabled=true \
      --set mock-server.ingress.hosts[0].host=mock-server-staging.$DOMAIN_STAGING \
      --set mock-server.ingress.hosts[0].paths[0].path="/" \
      --set mock-server.ingress.hosts[0].paths[0].pathType="Prefix" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set mongo-register-express.enabled=true \
      --set mongo-register-express.ingress.enabled=true \
      --set mongo-register-express.ingress.hosts[0].host="mongo-express-register-staging.$DOMAIN_STAGING" \
      --set mongo-register-express.ingress.hosts[0].paths[0].path="/" \
      --set mongo-register-express.ingress.hosts[0].paths[0].pathType="Prefix" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set mongo-express.enabled=true \
      --set mongo-express.ingress.enabled=true \
      --set mongo-express.ingress.hosts[0].host="mongo-express-staging.$DOMAIN_STAGING" \
      --set mongo-express.ingress.hosts[0].paths[0].path="/" \
      --set mongo-express.ingress.hosts[0].paths[0].pathType="Prefix" \
      --wait --timeout=10m --create-namespace --atomic
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
## dev ###

prep_ocf_cd_dev:
  stage: deploy_ocf_dev
  <<: *dev_common
  script:
    - |
      echo "### filtering name ###"
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      echo $CI_COMMIT_REF_SLUG
      CD_ENV_NAME=${CI_COMMIT_REF_SLUG//-/}
      echo $CD_ENV_NAME
      echo $CD_ENV_NAME | rev | cut -c 1-6 | rev
      echo $(echo $CD_ENV_NAME | rev | cut -c 1-6 | rev) > cd_env_endpoint.txt
      
      echo "--- cluster production ---"  
      echo "$KUBECONFIG_PROD" > cluster_ocf_prod.kubeconfig
      kubectl --kubeconfig $(pwd)/cluster_ocf_prod.kubeconfig cluster-info
  artifacts:
    paths:
      - cd_env_endpoint.txt

Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
deploy_ocf_dev:
  stage: deploy_ocf_dev
  needs:
    - dev_build_and_push
    - prep_ocf_cd_dev
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  <<: *dev_common
  environment:
    name: review/$CI_COMMIT_REF_SLUG
    url: https://capif-$CI_ENV_ENDPOINT.$DOMAIN_DEV
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
    on_stop: delete_ocf_dev
    auto_stop_in: 3 day
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
#  rules:
#    - if: $CI_COMMIT_BRANCH == "main"
#      when: never
#    - if: $CI_COMMIT_BRANCH == "staging"
#      when: never      
#    - if: $CI_COMMIT_BRANCH
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  script:
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
    - |
      helm version
      kubectl version --output=yaml
      echo "### setting kubeconfig###"
      kubectl cluster-info
      yq --version
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      ### Chart main ocf###
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      cat helm/capif/Chart.yaml
      yq e -i ".appVersion = \"$IMAGE_TAG_DEV\"" helm/capif/Chart.yaml
      cat helm/capif/Chart.yaml
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed

Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      charts=("mock-server" "nginx" "ocf-access-control-policy" 
        "ocf-api-invocation-logs" "ocf-api-invoker-management" 
        "ocf-api-provider-management" "ocf-auditing-api-logs" 
        "ocf-discover-service-api" "ocf-events" "ocf-helper" 
        "ocf-publish-service-api" "ocf-register" "ocf-routing-info" 
        "ocf-security")
      
      for chart in "${charts[@]}"; do
        yq e -i ".appVersion = \"$IMAGE_TAG_DEV\"" "helm/capif/charts/$chart/Chart.yaml"
      done

      export CI_ENV_ENDPOINT=$(cat cd_env_endpoint.txt)
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed

Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      echo "### download dependencies###"
      helm dependency build helm/capif
      echo "### updating capif###"
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      helm upgrade --install -n $NAMESPACE_DEV ocf-developer helm/capif/ \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set grafana.enabled=true \
      --set grafana.ingress.enabled=true \
      --set grafana.ingress.hosts[0].host=ocf-mon-$CI_ENV_ENDPOINT.$DOMAIN_DEV \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set grafana.ingress.hosts[0].paths[0].path="/" \
      --set grafana.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set grafana.env.prometheusUrl=http://prometheus.ocf.pre-production \
      --set grafana.env.tempoUrl="http://ocf-developer-tempo:3100" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set fluentbit.enabled=true \
      --set loki.enabled=true \
      --set tempo.tempo.metricsGenerator.remoteWriteUrl=http://prometheus.ocf.pre-production/api/v1/write \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set otelcollector.enabled=true \
      --set otelcollector.configMap.tempoEndpoint=ocf-developer-tempo:4317 \
      --set ocf-access-control-policy.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-access-control-policy-api \
      --set ocf-access-control-policy.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-access-control-policy.image.env.capifHostname=capif-$CI_ENV_ENDPOINT.$DOMAIN_DEV \
      --set ocf-access-control-policy.monitoring="true" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-access-control-policy.env.logLevel="DEBUG" \
      --set ocf-api-invocation-logs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-logging-api-invocation-api \
      --set ocf-api-invocation-logs.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-api-invocation-logs.env.monitoring="true" \
      --set ocf-api-invocation-logs.env.capifHostname=capif-$CI_ENV_ENDPOINT.$DOMAIN_DEV \
      --set ocf-api-invocation-logs.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-api-invocation-logs.env.vaultPort=$VAULT_PORT \
      --set ocf-api-invocation-logs.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-api-invocation-logs.env.logLevel="DEBUG" \
      --set ocf-api-invoker-management.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-invoker-management-api \
      --set ocf-api-invoker-management.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-api-invoker-management.env.monitoring="true" \
      --set ocf-api-invoker-management.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-api-invoker-management.env.vaultPort=$VAULT_PORT \
      --set ocf-api-invoker-management.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-api-invoker-management.env.logLevel="DEBUG" \
      --set ocf-api-provider-management.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-provider-management-api \
      --set ocf-api-provider-management.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-api-provider-management.env.monitoring="true" \
      --set ocf-api-provider-management.env.vaultHostname=$VAULT_HOSTNAME \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-api-provider-management.env.logLevel="DEBUG" \
      --set ocf-api-provider-management.env.vaultPort=$VAULT_PORT \
      --set ocf-api-provider-management.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set ocf-events.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-events-api \
      --set ocf-events.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-events.env.monitoring="true" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-events.env.logLevel="DEBUG" \
      --set ocf-routing-info.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-routing-info-api \
      --set ocf-routing-info.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-routing-info.env.monitoring="true" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-routing-info.env.logLevel="DEBUG" \
      --set ocf-security.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-security-api \
      --set ocf-security.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-security.env.monitoring="true" \
      --set ocf-security.env.capifHostname=capif-$CI_ENV_ENDPOINT.$DOMAIN_DEV \
      --set ocf-security.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-security.env.vaultPort=$VAULT_PORT \
      --set ocf-security.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-security.env.logLevel="DEBUG" \
      --set ocf-register.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/register \
      --set ocf-register.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-register.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-register.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set ocf-register.env.vaultPort=$VAULT_PORT \
      --set ocf-register.env.mongoHost=mongo-register \
      --set ocf-register.env.mongoPort=27017 \
      --set ocf-register.env.capifHostname=capif-$CI_ENV_ENDPOINT.$DOMAIN_DEV \
      --set ocf-register.ingress.enabled=true \
      --set ocf-register.ingress.hosts[0].host=register-$CI_ENV_ENDPOINT.$DOMAIN_DEV \
      --set ocf-register.ingress.hosts[0].paths[0].path="/" \
      --set ocf-register.ingress.hosts[0].paths[0].pathType="Prefix" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-register.env.logLevel="DEBUG" \
      --set ocf-auditing-api-logs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-auditing-api \
      --set ocf-auditing-api-logs.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-auditing-api-logs.env.monitoring="true" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-auditing-api-logs.env.logLevel="DEBUG" \
      --set ocf-publish-service-api.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-publish-service-api \
      --set ocf-publish-service-api.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-publish-service-api.env.monitoring="true" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-publish-service-api.env.logLevel="DEBUG" \
      --set ocf-discover-service-api.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-discover-service-api \
      --set ocf-discover-service-api.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-discover-service-api.env.monitoring="true" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-discover-service-api.env.logLevel="DEBUG" \
      --set nginx.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/nginx \
      --set nginx.image.tag=$CI_COMMIT_REF_SLUG \
      --set nginx.env.capifHostname=capif-$CI_ENV_ENDPOINT.$DOMAIN_DEV \
      --set nginx.env.vaultHostname=$VAULT_HOSTNAME \
      --set nginx.env.vaultPort=$VAULT_PORT \
      --set nginx.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set nginx.ingress.enabled=true \
      --set nginx.ingress.hosts[0].host=capif-$CI_ENV_ENDPOINT.$DOMAIN_DEV \
      --set nginx.ingress.hosts[0].paths[0].path="/" \
      --set nginx.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set nginx.env.logLevel="debug" \
      --set ocf-helper.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/helper \
      --set ocf-helper.image.tag=$CI_COMMIT_REF_SLUG \
      --set ocf-helper.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-helper.env.vaultPort=$VAULT_PORT \
      --set ocf-helper.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set ocf-helper.env.capifHostname=capif-$CI_ENV_ENDPOINT.$DOMAIN_DEV \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set ocf-helper.env.logLevel="DEBUG" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set mock-server.enabled=true \
      --set mock-server.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/mock-server \
      --set mock-server.image.tag=$CI_COMMIT_REF_SLUG \
      --set mock-server.ingress.enabled=true \
      --set mock-server.ingress.hosts[0].host=mock-server-$CI_ENV_ENDPOINT.$DOMAIN_DEV \
      --set mock-server.ingress.hosts[0].paths[0].path="/" \
      --set mock-server.ingress.hosts[0].paths[0].pathType="Prefix" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set mock-server.env.logLevel="DEBUG" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set mongo-register-express.enabled=true \
      --set mongo-register-express.ingress.enabled=true \
      --set mongo-register-express.ingress.hosts[0].host="mongo-express-register-$CI_ENV_ENDPOINT.$DOMAIN_DEV" \
      --set mongo-register-express.ingress.hosts[0].paths[0].path="/" \
      --set mongo-register-express.ingress.hosts[0].paths[0].pathType="Prefix" \
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
      --set mongo-express.enabled=true \
      --set mongo-express.ingress.enabled=true \
      --set mongo-express.ingress.hosts[0].host="mongo-express-$CI_ENV_ENDPOINT.$DOMAIN_DEV" \
      --set mongo-express.ingress.hosts[0].paths[0].path="/" \
      --set mongo-express.ingress.hosts[0].paths[0].pathType="Prefix" \
      --wait --timeout=10m --create-namespace --atomic
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed

delete_ocf_dev:
  stage: delete_ocf_dev
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  tags:
    - shell
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  script:
    - echo "### deleting environment $NAMESPACE_DEV###"
    - helm uninstall -n $NAMESPACE_DEV ocf-developer
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
    - kubectl delete ns $NAMESPACE_DEV --force
Andres Anaya Amariels's avatar
Andres Anaya Amariels committed
  when: manual
  environment:
    name: review/$CI_COMMIT_REF_SLUG
    action: stop