222 lines
7 KiB
YAML
222 lines
7 KiB
YAML
stages:
|
|
- test
|
|
- docker-build
|
|
- deploy
|
|
|
|
# Use the acc-py-devtools templates found at
|
|
# https://gitlab.cern.ch/-/ide/project/acc-co/devops/python/acc-py-devtools/blob/master/-/acc_py_devtools/templates/gitlab-ci/python.yml.
|
|
include:
|
|
- project: acc-co/devops/python/acc-py-devtools
|
|
file: acc_py_devtools/templates/gitlab-ci/python.yml
|
|
|
|
variables:
|
|
PY_VERSION: "3.11"
|
|
|
|
# ###################################################################################################
|
|
# Test code - CAiMIRA (model) and CERN CAiMIRA (CERN's UI)
|
|
|
|
.test-base:
|
|
image: registry.cern.ch/docker.io/library/python:${PY_VERSION}
|
|
stage: test
|
|
except:
|
|
- live/caimira-test # do not run tests on live/caimira-test branch
|
|
- tags
|
|
|
|
.test-run:
|
|
extends:
|
|
- .test-base
|
|
script:
|
|
- cd ./${PROJECT_ROOT}
|
|
- pip install -e .[test]
|
|
- python -m pytest
|
|
|
|
test-caimira-py311:
|
|
variables:
|
|
PROJECT_ROOT: "caimira"
|
|
extends:
|
|
- .test-run
|
|
|
|
test-cern-caimira-py311:
|
|
before_script:
|
|
- cd ./caimira
|
|
- pip install -e .[test]
|
|
- cd ../
|
|
variables:
|
|
PROJECT_ROOT: "cern_caimira"
|
|
extends:
|
|
- .test-run
|
|
|
|
test-caimira-py39:
|
|
variables:
|
|
PY_VERSION: "3.9"
|
|
PROJECT_ROOT: "caimira"
|
|
extends:
|
|
- test-caimira-py311
|
|
|
|
test-cern-caimira-py39:
|
|
variables:
|
|
PY_VERSION: "3.9"
|
|
PROJECT_ROOT: "cern_caimira"
|
|
extends:
|
|
- test-cern-caimira-py311
|
|
|
|
# ###################################################################################################
|
|
# Test OpenShift config
|
|
|
|
.test_openshift_config:
|
|
stage: test
|
|
allow_failure: true
|
|
image: registry.cern.ch/docker.io/mambaorg/micromamba
|
|
before_script:
|
|
- micromamba create --yes -p $HOME/env python=3.9 ruamel.yaml wget -c conda-forge
|
|
- export PATH=$HOME/env/bin/:$PATH
|
|
- wget https://github.com/openshift/origin/releases/download/v3.11.0/openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit.tar.gz
|
|
- tar xzf ./openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit.tar.gz
|
|
- mv openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit/oc $HOME/env/bin/
|
|
script:
|
|
- cd ./app-config/openshift
|
|
- oc login ${OC_SERVER} --token="${OC_TOKEN}"
|
|
- python ./config-fetch.py ${CAIMIRA_INSTANCE} --output-directory ./${CAIMIRA_INSTANCE}/actual
|
|
- python ./config-generate.py ${CAIMIRA_INSTANCE} --output-directory ./${CAIMIRA_INSTANCE}/expected
|
|
- python ./config-normalise.py ./${CAIMIRA_INSTANCE}/actual ./${CAIMIRA_INSTANCE}/actual-normed
|
|
- python ./config-normalise.py ./${CAIMIRA_INSTANCE}/expected ./${CAIMIRA_INSTANCE}/expected-normed
|
|
- diff -u ./${CAIMIRA_INSTANCE}/actual-normed/ ./${CAIMIRA_INSTANCE}/expected-normed/
|
|
artifacts:
|
|
paths:
|
|
- ./app-config/openshift/${CAIMIRA_INSTANCE}/actual
|
|
- ./app-config/openshift/${CAIMIRA_INSTANCE}/expected
|
|
only:
|
|
- master
|
|
- live/caimira-test
|
|
|
|
check_openshift_config_test:
|
|
extends: .test_openshift_config
|
|
variables:
|
|
CAIMIRA_INSTANCE: 'caimira-test'
|
|
BRANCH: 'live/caimira-test'
|
|
OC_SERVER: https://api.paas.okd.cern.ch
|
|
OC_TOKEN: "${OPENSHIFT_CAIMIRA_TEST_CONFIG_CHECKER_TOKEN}"
|
|
|
|
# TODO: for prod, it should ignore the different tag in the `image` field
|
|
# check_openshift_config_prod:
|
|
# extends: .test_openshift_config
|
|
# variables:
|
|
# CAIMIRA_INSTANCE: 'caimira-prod'
|
|
# BRANCH: 'master'
|
|
# OC_SERVER: https://api.paas.okd.cern.ch
|
|
# OC_TOKEN: "${OPENSHIFT_CAIMIRA_PROD_CONFIG_CHECKER_TOKEN}"
|
|
|
|
|
|
# ###################################################################################################
|
|
# Build docker images
|
|
|
|
# base
|
|
.docker-build:
|
|
stage: docker-build
|
|
image:
|
|
# Based on guidance at https://gitlab.cern.ch/gitlabci-examples/build_docker_image.
|
|
# The kaniko debug image is recommended because it has a shell, and a shell is required for an image to be used with GitLab CI/CD.
|
|
name: gcr.io/kaniko-project/executor:debug
|
|
entrypoint: [""]
|
|
script:
|
|
- echo "Building image for ${CI_COMMIT_REF_NAME} branch with tag ${IMAGE_TAG}"
|
|
# Prepare Kaniko configuration file
|
|
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
|
|
- echo "Building ${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:latest Docker image..."
|
|
# Build and push the image from the Dockerfile
|
|
- /kaniko/executor --context ${CI_PROJECT_DIR}/${DOCKER_CONTEXT_DIRECTORY} --dockerfile ${CI_PROJECT_DIR}/${DOCKERFILE_DIRECTORY}/Dockerfile --destination ${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:${IMAGE_TAG}
|
|
# Print the full registry path of the pushed image
|
|
- echo "Image pushed successfully to ${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:${IMAGE_TAG}"
|
|
|
|
.docker-build-auth-service:
|
|
variables:
|
|
IMAGE_NAME: auth-service
|
|
DOCKERFILE_DIRECTORY: app-config/auth-service
|
|
DOCKER_CONTEXT_DIRECTORY: app-config/auth-service
|
|
extends: .docker-build
|
|
|
|
.docker-build-calculator-app:
|
|
variables:
|
|
IMAGE_NAME: calculator-app
|
|
DOCKERFILE_DIRECTORY: app-config/calculator-app
|
|
DOCKER_CONTEXT_DIRECTORY: ""
|
|
extends: .docker-build
|
|
|
|
# on push to live/caimira-test
|
|
.docker-build-test:
|
|
variables:
|
|
IMAGE_TAG: caimira-test-latest
|
|
|
|
docker-build-auth-service-test:
|
|
extends:
|
|
- .docker-build-test
|
|
- .docker-build-auth-service
|
|
only:
|
|
- live/caimira-test
|
|
|
|
docker-build-calculator-app-test:
|
|
extends:
|
|
- .docker-build-test
|
|
- .docker-build-calculator-app
|
|
only:
|
|
- live/caimira-test
|
|
|
|
# on release
|
|
.docker-build-release:
|
|
before_script:
|
|
# Extract version number without 'v' prefix as IMAGE_TAG
|
|
- IMAGE_TAG=$(echo "$CI_COMMIT_REF_NAME" | sed 's/^v//')
|
|
- echo "Version is $IMAGE_TAG"
|
|
|
|
docker-build-auth-service-release:
|
|
extends:
|
|
- .docker-build-release
|
|
- .docker-build-auth-service
|
|
only:
|
|
- tags
|
|
|
|
docker-build-calculator-app-release:
|
|
extends:
|
|
- .docker-build-release
|
|
- .docker-build-calculator-app
|
|
only:
|
|
- tags
|
|
|
|
# ###################################################################################################
|
|
# Deploy to OpenShift
|
|
.deploy:
|
|
stage: deploy
|
|
image: gitlab-registry.cern.ch/paas-tools/openshift-client
|
|
variables:
|
|
IMAGE_TAG: caimira-test-latest
|
|
OPENSHIFT_SERVER: https://api.paas.okd.cern.ch
|
|
OPENSHIFT_PROJECT: caimira-test
|
|
script:
|
|
- echo "Deploying ${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:${IMAGE_TAG} to OpenShift"
|
|
- oc login $OPENSHIFT_SERVER --token=$OPENSHIFT_CAIMIRA_TEST_DEPLOY_TOKEN
|
|
- oc project $OPENSHIFT_PROJECT
|
|
- oc set image dc/$OPENSHIFT_DEPLOYMENT $OPENSHIFT_CONTAINER_NAME=${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:${IMAGE_TAG}
|
|
- oc rollout status dc/$OPENSHIFT_DEPLOYMENT
|
|
only:
|
|
- live/caimira-test
|
|
|
|
deploy-auth-service-test:
|
|
extends: .deploy
|
|
variables:
|
|
IMAGE_NAME: auth-service
|
|
OPENSHIFT_DEPLOYMENT: auth-service
|
|
OPENSHIFT_CONTAINER_NAME: auth-service
|
|
|
|
deploy-calculator-app-test:
|
|
extends: .deploy
|
|
variables:
|
|
IMAGE_NAME: calculator-app
|
|
OPENSHIFT_DEPLOYMENT: calculator-app
|
|
OPENSHIFT_CONTAINER_NAME: calculator-app
|
|
|
|
deploy-calculator-open-app-test:
|
|
extends: .deploy
|
|
variables:
|
|
IMAGE_NAME: calculator-app
|
|
OPENSHIFT_DEPLOYMENT: calculator-open-app
|
|
OPENSHIFT_CONTAINER_NAME: calculator-open-app
|