Newer
Older
- deploy_ocf_staging
- delete_ocf_staging
- deploy_ocf_dev
- delete_ocf_dev
variables:
NAMESPACE_DEV: "ocf-dev-$CI_ENVIRONMENT_SLUG"
NAMESPACE_STAGING: "ocf-staging"
DOMAIN_STAGING: staging.int
DOMAIN_DEV: developer.int
DOMAIN_PROD: prod.int
IMAGE_TAG_DEV: $CI_COMMIT_REF_SLUG
IMAGE_TAG_STAGING: $CI_COMMIT_REF_SLUG
VAULT_HOSTNAME: $VAULT_HOSTNAME
VAULT_PORT: $VAULT_PORT
VAULT_ACCESS_TOKEN: $VAULT_ACCESS_TOKEN
CI_REGISTRY: $CI_REGISTRY
only:
- merge_requests
except:
variables:
- $CI_MERGE_REQUEST_TARGET_BRANCH_NAME != "staging"
url: https://capif-$CI_ENVIRONMENT_SLUG.$DOMAIN_STAGING
on_stop: delete_ocf_staging
auto_stop_in: 3 day
script:
- |
helm version
kubectl version --output=yaml
echo "### setting kubeconfig###"
whoami
kubectl cluster-info
yq --version
ls -rtt helm/capif
cat helm/capif/Chart.yaml
yq e -i ".appVersion = \"$IMAGE_TAG_STAGING\"" helm/capif/Chart.yaml
cat helm/capif/Chart.yaml
### Chart helper###
yq e -i ".appVersion = \"$IMAGE_TAG_DEV\"" helm/capif/charts/helper/Chart.yaml
cat helm/capif/charts/helper/Chart.yaml
echo "### download dependencies###"
helm dependency build helm/capif
helm upgrade --install -n $NAMESPACE_DEV ocf-pre-staging helm/capif/ --set nginx.nginx.env.capifHostname=capif-$CI_COMMIT_REF_SLUG.$DOMAIN_STAGING \
--set nginx.nginx.env.registerHostname=register-$CI_COMMIT_REF_SLUG.$DOMAIN_STAGING \
--set monitoring.grafana.ingress.hosts[0].host="grafana-$CI_COMMIT_REF_SLUG.$DOMAIN_STAGING" \
--set monitoring.grafana.ingress.hosts[0].paths[0].path="/" \
--set monitoring.grafana.ingress.hosts[0].paths[0].pathType="Prefix" \
--set monitoring.grafana.env.prometheusURL=http://prometheus.ocf.pre-production \
--set tempo.tempo.metricsGenerator.remoteWriteUrl=http://prometheus.ocf.pre-production/api/v1/write \
--set parametersVault.env.vaultHostname=$VAULT_HOSTNAME \
--set parametersVault.env.vaultPort=$VAULT_PORT \
--set parametersVault.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
--set ingress.ip=10.43.107.132 \
--set accessControlPolicy.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-access-control-policy-api \
--set accessControlPolicy.image.tag=$CI_COMMIT_REF_SLUG \
--set apiInvocationLogs.apiInvocationLogs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-logging-api-invocation-api \
--set apiInvocationLogs.apiInvocationLogs.image.tag=$CI_COMMIT_REF_SLUG \
--set apiInvokerManagement.apiInvokerManagement.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-invoker-management-api \
--set apiInvokerManagement.apiInvokerManagement.image.tag=$CI_COMMIT_REF_SLUG \
--set apiProviderManagement.apiProviderManagement.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-provider-management-api \
--set apiProviderManagement.apiProviderManagement.image.tag=$CI_COMMIT_REF_SLUG \
--set capifEvents.capifEvents.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-events-api \
--set capifEvents.capifEvents.image.tag=$CI_COMMIT_REF_SLUG \
--set capifRoutingInfo.capifRoutingInfo.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-routing-info-api \
--set capifRoutingInfo.capifRoutingInfo.image.tag=$CI_COMMIT_REF_SLUG \
--set capifSecurity.capifSecurity.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-security-api \
--set capifSecurity.capifSecurity.image.tag=$CI_COMMIT_REF_SLUG \
--set register.register.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/register \
--set register.register.image.tag=$CI_COMMIT_REF_SLUG \
--set logs.logs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-auditing-api \
--set logs.logs.image.tag=$CI_COMMIT_REF_SLUG \
--set nignx.nginx.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/nginx \
--set nignx.nginx.image.tag=$CI_COMMIT_REF_SLUG \
--set publishedApis.publishedApis.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-publish-service-api \
--set publishedApis.publishedApis.image.tag=$CI_COMMIT_REF_SLUG \
--set serviceApis.serviceApis.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-discover-service-api \
--set serviceApis.serviceApis.image.tag=$CI_COMMIT_REF_SLUG \
--set nginx.nginx.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/nginx \
--set nginx.nginx.image.tag=$CI_COMMIT_REF_SLUG \
--set helper.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/helper \
--set helper.env.vaultHostname=$VAULT_HOSTNAME \
--set helper.env.vaultPort=$VAULT_PORT \
--set helper.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
--set helper.env.capifHostname=capif-$CI_COMMIT_REF_SLUG.$DOMAIN_STAGING \
--wait --timeout=10m --create-namespace --atomic
delete_ocf_staging:
stage: delete_ocf_staging
<<: *staging_common
script:
- echo "### deleting environment $NAMESPACE_STAGING###"
- helm uninstall -n $NAMESPACE_DEV ocf-staging-$CI_COMMIT_REF_SLUG
### staging branch merged ###
deploy_ocf_oficial_staging:
stage: deploy_ocf_oficial_staging
# <<: *staging_common
rules:
- if: '$CI_COMMIT_REF_NAME == "staging"'
when: always
needs:
- staging_build_and_push_mr
environment:
name: review/oficial-staging
url: https://capif-staging.$DOMAIN_STAGING
script:
- |
helm version
kubectl version --output=yaml
echo "### setting kubeconfig###"
whoami
kubectl cluster-info
yq --version
ls -rtt helm/capif
cat helm/capif/Chart.yaml
yq e -i ".appVersion = \"staging\"" helm/capif/Chart.yaml
### Chart helper###
yq e -i ".appVersion = \"$IMAGE_TAG_DEV\"" helm/capif/charts/helper/Chart.yaml
cat helm/capif/charts/helper/Chart.yaml
echo "### download dependencies###"
helm dependency build helm/capif
echo "### updating capif###"
helm upgrade --install -n $NAMESPACE_STAGING ocf-staging helm/capif/ --set nginx.nginx.env.capifHostname=capif-staging.$DOMAIN_STAGING \
--set nginx.nginx.env.registerHostname=register-staging.$DOMAIN_STAGING \
--set monitoring.grafana.ingress.hosts[0].host="grafana-staging.$DOMAIN_STAGING" \
--set monitoring.grafana.ingress.hosts[0].paths[0].path="/" \
--set monitoring.grafana.ingress.hosts[0].paths[0].pathType="Prefix" \
--set monitoring.grafana.env.prometheusURL=http://prometheus.ocf.pre-production \
--set tempo.tempo.metricsGenerator.remoteWriteUrl=http://prometheus.ocf.pre-production/api/v1/write \
--set parametersVault.env.vaultHostname=$VAULT_HOSTNAME \
--set parametersVault.env.vaultPort=$VAULT_PORT \
--set parametersVault.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
--set ingress.ip=10.43.107.132 \
--set accessControlPolicy.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-access-control-policy-api \
--set accessControlPolicy.image.tag=staging \
--set apiInvocationLogs.apiInvocationLogs.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-logging-api-invocation-api \
--set apiInvocationLogs.apiInvocationLogs.image.tag=staging \
--set apiInvokerManagement.apiInvokerManagement.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-api-invoker-management-api \
--set apiInvokerManagement.apiInvokerManagement.image.tag=staging \
--set apiProviderManagement.apiProviderManagement.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-api-provider-management-api \
--set apiProviderManagement.apiProviderManagement.image.tag=staging \
--set capifEvents.capifEvents.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-events-api \
--set capifEvents.capifEvents.image.tag=staging \
--set capifRoutingInfo.capifRoutingInfo.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-routing-info-api \
--set capifRoutingInfo.capifRoutingInfo.image.tag=staging \
--set capifSecurity.capifSecurity.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-security-api \
--set capifSecurity.capifSecurity.image.tag=staging \
--set register.register.image.repository=$CI_REGISTRY/ocf/capif/staging/register \
--set register.register.image.tag=staging \
--set logs.logs.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-auditing-api \
--set logs.logs.image.tag=staging \
--set nignx.nginx.image.repository=$CI_REGISTRY/ocf/capif/staging/nginx \
--set nignx.nginx.image.tag=staging \
--set publishedApis.publishedApis.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-publish-service-api \
--set publishedApis.publishedApis.image.tag=staging \
--set serviceApis.serviceApis.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-discover-service-api \
--set serviceApis.serviceApis.image.tag=staging \
--set nginx.nginx.image.repository=$CI_REGISTRY/ocf/capif/staging/nginx \
--set nginx.nginx.image.tag=staging \
--set helper.image.repository=$CI_REGISTRY/ocf/capif/staging/helper \
--set helper.env.vaultHostname=$VAULT_HOSTNAME \
--set helper.env.vaultPort=$VAULT_PORT \
--set helper.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
--set helper.env.capifHostname=capif-staging.$DOMAIN_STAGING \
--wait --timeout=10m --create-namespace
## dev ###
deploy_ocf_dev:
stage: deploy_ocf_dev
<<: *dev_common
environment:
name: review/$CI_COMMIT_REF_SLUG
url: https://capif-$CI_ENVIRONMENT_SLUG.$DOMAIN_DEV
# rules:
# - if: $CI_COMMIT_BRANCH == "main"
# when: never
# - if: $CI_COMMIT_BRANCH == "staging"
# when: never
# - if: $CI_COMMIT_BRANCH
- |
helm version
kubectl version --output=yaml
echo "### setting kubeconfig###"
kubectl cluster-info
yq --version
cat helm/capif/Chart.yaml
yq e -i ".appVersion = \"$IMAGE_TAG_DEV\"" helm/capif/Chart.yaml
cat helm/capif/Chart.yaml
### Chart helper###
yq e -i ".appVersion = \"$IMAGE_TAG_DEV\"" helm/capif/charts/helper/Chart.yaml
cat helm/capif/charts/helper/Chart.yaml
echo "### download dependencies###"
helm dependency build helm/capif
echo "### updating capif###"
helm upgrade --install -n $NAMESPACE_DEV ocf-developer helm/capif/ --set nginx.nginx.env.capifHostname=capif-$CI_ENVIRONMENT_SLUG.$DOMAIN_DEV \
--set nginx.nginx.env.registerHostname=register-$CI_ENVIRONMENT_SLUG.$DOMAIN_DEV \
--set monitoring.grafana.ingress.hosts[0].host="grafana-$CI_ENVIRONMENT_SLUG.$DOMAIN_DEV" \
--set monitoring.grafana.ingress.hosts[0].paths[0].path="/" \
--set monitoring.grafana.ingress.hosts[0].paths[0].pathType="Prefix" \
--set monitoring.grafana.env.prometheusURL=http://prometheus.ocf.pre-production \
--set tempo.tempo.metricsGenerator.remoteWriteUrl=http://prometheus.ocf.pre-production/api/v1/write \
--set parametersVault.env.vaultHostname=$VAULT_HOSTNAME \
--set parametersVault.env.vaultPort=$VAULT_PORT \
--set parametersVault.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
--set ingress.ip=10.43.107.132 \
--set accessControlPolicy.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-access-control-policy-api \
--set accessControlPolicy.image.tag=$CI_COMMIT_REF_SLUG \
--set apiInvocationLogs.apiInvocationLogs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-logging-api-invocation-api \
--set apiInvocationLogs.apiInvocationLogs.image.tag=$CI_COMMIT_REF_SLUG \
--set apiInvokerManagement.apiInvokerManagement.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-invoker-management-api \
--set apiInvokerManagement.apiInvokerManagement.image.tag=$CI_COMMIT_REF_SLUG \
--set apiProviderManagement.apiProviderManagement.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-provider-management-api \
--set apiProviderManagement.apiProviderManagement.image.tag=$CI_COMMIT_REF_SLUG \
--set capifEvents.capifEvents.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-events-api \
--set capifEvents.capifEvents.image.tag=$CI_COMMIT_REF_SLUG \
--set capifRoutingInfo.capifRoutingInfo.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-routing-info-api \
--set capifRoutingInfo.capifRoutingInfo.image.tag=$CI_COMMIT_REF_SLUG \
--set capifSecurity.capifSecurity.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-security-api \
--set capifSecurity.capifSecurity.image.tag=$CI_COMMIT_REF_SLUG \
--set register.register.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/register \
--set register.register.image.tag=$CI_COMMIT_REF_SLUG \
--set logs.logs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-auditing-api \
--set logs.logs.image.tag=$CI_COMMIT_REF_SLUG \
--set nignx.nginx.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/nginx \
--set nignx.nginx.image.tag=$CI_COMMIT_REF_SLUG \
--set publishedApis.publishedApis.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-publish-service-api \
--set publishedApis.publishedApis.image.tag=$CI_COMMIT_REF_SLUG \
--set serviceApis.serviceApis.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-discover-service-api \
--set serviceApis.serviceApis.image.tag=$CI_COMMIT_REF_SLUG \
--set nginx.nginx.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/nginx \
--set nginx.nginx.image.tag=$CI_COMMIT_REF_SLUG \
--set helper.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/helper \
--set helper.image.tag=$CI_COMMIT_REF_SLUG \
--set helper.env.vaultHostname=$VAULT_HOSTNAME \
--set helper.env.vaultPort=$VAULT_PORT \
--set helper.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
--set helper.env.capifHostname=capif-$CI_ENVIRONMENT_SLUG.$DOMAIN_DEV \
--wait --timeout=10m --create-namespace --atomic
delete_ocf_dev:
stage: delete_ocf_dev
<<: *staging_common
script:
- echo "### deleting environment $NAMESPACE_DEV###"
- helm uninstall -n $NAMESPACE_DEV ocf-developer
when: manual
environment:
name: review/$CI_COMMIT_REF_SLUG
action: stop