190 lines
6.6 KiB
YAML
190 lines
6.6 KiB
YAML
stages:
|
|
- test
|
|
- docker-build
|
|
- oc-tag
|
|
|
|
# Use the acc-py-devtools templates found at
|
|
# https://gitlab.cern.ch/-/ide/project/acc-co/devops/python/acc-py-devtools/blob/master/-/acc_py_devtools/templates/gitlab-ci/python.yml.
|
|
include:
|
|
- project: acc-co/devops/python/acc-py-devtools
|
|
file: acc_py_devtools/templates/gitlab-ci/python.yml
|
|
|
|
variables:
|
|
PY_VERSION: "3.11"
|
|
|
|
# ###################################################################################################
|
|
# Test code - CAiMIRA (model) and CERN CAiMIRA (CERN's UI)
|
|
|
|
.test-base:
|
|
image: registry.cern.ch/docker.io/library/python:${PY_VERSION}
|
|
stage: test
|
|
|
|
.test-run:
|
|
extends:
|
|
- .test-base
|
|
script:
|
|
- cd ./${PROJECT_ROOT}
|
|
- pip install -e .[test]
|
|
- python -m pytest
|
|
|
|
test-caimira-py311:
|
|
variables:
|
|
PROJECT_ROOT: "caimira"
|
|
extends:
|
|
- .test-run
|
|
|
|
test-cern-caimira-py311:
|
|
before_script:
|
|
- cd ./caimira
|
|
- pip install -e .[test]
|
|
- cd ../
|
|
variables:
|
|
PROJECT_ROOT: "cern_caimira"
|
|
extends:
|
|
- .test-run
|
|
|
|
test-caimira-py39:
|
|
variables:
|
|
PY_VERSION: "3.9"
|
|
PROJECT_ROOT: "caimira"
|
|
extends:
|
|
- test-caimira-py311
|
|
|
|
test-cern-caimira-py39:
|
|
variables:
|
|
PY_VERSION: "3.9"
|
|
PROJECT_ROOT: "cern_caimira"
|
|
extends:
|
|
- test-cern-caimira-py311
|
|
|
|
# ###################################################################################################
|
|
# Test OpenShift config
|
|
|
|
.test_openshift_config:
|
|
stage: test
|
|
rules:
|
|
- if: '$OC_TOKEN && $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == $BRANCH'
|
|
allow_failure: true # The branch must represent what is deployed. FIXME: change to true because of a diff between ConfigMaps
|
|
- if: '$OC_TOKEN && $CI_MERGE_REQUEST_EVENT_TYPE != "detached"'
|
|
allow_failure: true # Anything other than the branch may fail without blocking the pipeline.
|
|
image: registry.cern.ch/docker.io/mambaorg/micromamba
|
|
before_script:
|
|
- micromamba create --yes -p $HOME/env python=3.9 ruamel.yaml wget -c conda-forge
|
|
- export PATH=$HOME/env/bin/:$PATH
|
|
- wget https://github.com/openshift/origin/releases/download/v3.11.0/openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit.tar.gz
|
|
- tar xzf ./openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit.tar.gz
|
|
- mv openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit/oc $HOME/env/bin/
|
|
script:
|
|
- cd ./app-config/openshift
|
|
- oc login ${OC_SERVER} --token="${OC_TOKEN}"
|
|
- python ./config-fetch.py ${CAIMIRA_INSTANCE} --output-directory ./${CAIMIRA_INSTANCE}/actual
|
|
- python ./config-generate.py ${CAIMIRA_INSTANCE} --output-directory ./${CAIMIRA_INSTANCE}/expected
|
|
- python ./config-normalise.py ./${CAIMIRA_INSTANCE}/actual ./${CAIMIRA_INSTANCE}/actual-normed
|
|
- python ./config-normalise.py ./${CAIMIRA_INSTANCE}/expected ./${CAIMIRA_INSTANCE}/expected-normed
|
|
- diff -u ./${CAIMIRA_INSTANCE}/actual-normed/ ./${CAIMIRA_INSTANCE}/expected-normed/
|
|
artifacts:
|
|
paths:
|
|
- ./app-config/openshift/${CAIMIRA_INSTANCE}/actual
|
|
- ./app-config/openshift/${CAIMIRA_INSTANCE}/expected
|
|
|
|
check_openshift_config_test:
|
|
extends: .test_openshift_config
|
|
variables:
|
|
CAIMIRA_INSTANCE: 'caimira-test'
|
|
BRANCH: 'live/caimira-test'
|
|
OC_SERVER: https://api.paas.okd.cern.ch
|
|
OC_TOKEN: "${OPENSHIFT_CAIMIRA_TEST_CONFIG_CHECKER_TOKEN}"
|
|
|
|
# TODO: for prod, it should ignore the different tag in the `image` field
|
|
# check_openshift_config_prod:
|
|
# extends: .test_openshift_config
|
|
# variables:
|
|
# CAIMIRA_INSTANCE: 'caimira-prod'
|
|
# BRANCH: 'master'
|
|
# OC_SERVER: https://api.paas.okd.cern.ch
|
|
# OC_TOKEN: "${OPENSHIFT_CAIMIRA_PROD_CONFIG_CHECKER_TOKEN}"
|
|
|
|
|
|
# ###################################################################################################
|
|
# Build docker images
|
|
|
|
.docker-build:
|
|
stage: docker-build
|
|
image:
|
|
# Based on guidance at https://gitlab.cern.ch/gitlabci-examples/build_docker_image.
|
|
# The kaniko debug image is recommended because it has a shell, and a shell is required for an image to be used with GitLab CI/CD.
|
|
name: gcr.io/kaniko-project/executor:debug
|
|
entrypoint: [""]
|
|
script:
|
|
# Prepare Kaniko configuration file
|
|
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
|
|
- echo "Building ${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:latest Docker image..."
|
|
# Build and push the image from the Dockerfile
|
|
- /kaniko/executor --context ${CI_PROJECT_DIR}/${DOCKER_CONTEXT_DIRECTORY} --dockerfile ${CI_PROJECT_DIR}/${DOCKERFILE_DIRECTORY}/Dockerfile --destination ${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:${IMAGE_TAG}
|
|
# Print the full registry path of the pushed image
|
|
- echo "Image pushed successfully to ${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:${IMAGE_TAG}"
|
|
|
|
.docker-build-live-test:
|
|
variables:
|
|
IMAGE_TAG: caimira-test-latest
|
|
extends: .docker-build
|
|
before_script:
|
|
- echo "Branch is $CI_COMMIT_REF_NAME"
|
|
- echo "Building image for live/caimira-test branch with tag ${IMAGE_TAG}"
|
|
only:
|
|
- live/caimira-test
|
|
|
|
.docker-build-release:
|
|
extends: .docker-build
|
|
before_script:
|
|
- echo "Tag is $CI_COMMIT_REF_NAME"
|
|
# Extract version number without 'v' prefix as IMAGE_TAG
|
|
- IMAGE_TAG=$(echo "$CI_COMMIT_REF_NAME" | sed 's/^v//')
|
|
- echo "Version is $IMAGE_TAG"
|
|
only:
|
|
- tags
|
|
|
|
build-auth-service-image:
|
|
extends:
|
|
- .docker-build-live-test
|
|
- .docker-build-release
|
|
variables:
|
|
IMAGE_NAME: auth-service
|
|
DOCKERFILE_DIRECTORY: app-config/auth-service
|
|
DOCKER_CONTEXT_DIRECTORY: app-config/auth-service
|
|
|
|
build-calculator-app-image:
|
|
extends:
|
|
- .docker-build-live-test
|
|
- .docker-build-release
|
|
variables:
|
|
IMAGE_NAME: calculator-app
|
|
DOCKERFILE_DIRECTORY: app-config/calculator-app
|
|
DOCKER_CONTEXT_DIRECTORY: ""
|
|
|
|
# ###################################################################################################
|
|
# Link build Docker images OpenShift <-> GitLab registry
|
|
|
|
.link_docker_images_with_gitlab_registry:
|
|
stage: oc-tag
|
|
image: gitlab-registry.cern.ch/paas-tools/openshift-client:latest
|
|
variables:
|
|
OC_PROJECT: "caimira-test"
|
|
OC_TOKEN: ${OPENSHIFT_CAIMIRA_TEST_DEPLOY_TOKEN}
|
|
IMAGE_TAG: caimira-test-latest
|
|
script:
|
|
- oc tag --source=docker ${CI_REGISTRY_IMAGE}/${IMAGE_NAME}:${IMAGE_TAG} ${IMAGE_NAME}:latest --token ${OC_TOKEN} --server=https://api.paas.okd.cern.ch -n ${OC_PROJECT}
|
|
only:
|
|
- live/caimira-test # for prod, we want to manually deploy the tag that we need
|
|
|
|
link_auth-service_with_gitlab_registry:
|
|
extends:
|
|
- .link_docker_images_with_gitlab_registry
|
|
variables:
|
|
IMAGE_NAME: auth-service
|
|
|
|
link_calculator-app_with_gitlab_registry:
|
|
extends:
|
|
- .link_docker_images_with_gitlab_registry
|
|
variables:
|
|
IMAGE_NAME: calculator-app
|