This repository has been archived by the owner on Jun 15, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 12
/
.gitlab-ci.yml
241 lines (227 loc) · 7.49 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
#image: python:3.6.3
#before_script:
# - bundle install
#after_script:
# - rm secrets
# Workaround for `$` in GitLab variables
# https://gitlab.com/gitlab-org/gitlab-foss/-/issues/45173#note_291163703
variables:
STAGING_MASTER_NODE_PASSWORD: $K8S_STAGING_MASTER_NODE_PASSWORD
CHANGED_FILES: "git diff --name-only $CI_COMMIT_BEFORE_SHA $CI_COMMIT_SHA"
stages:
# - test
- build
- deploy
#test_job:
# stage: test
# script:
# - echo "####### TODO Running tests"
## - pip install /builds/orc/orc/requirements.txt
# only:
# - dev
# tags:
# - orc
# when: on_success
# allow_failure: false
# dependencies: []
# retry: 1
# https://kubernetes.io/docs/concepts/configuration/overview/#container-images
# Note: You should avoid using :latest tag when deploying containers in production,
# because this makes it hard to track which version of the image is running and hard to roll back.
build_job:
stage: build
script:
- |
echo "####### Running build"
echo "####### Building docker images on master node"
#CI_COMMIT_SHA_8=${CI_COMMIT_SHA:0:8}
CI_COMMIT_SHA_SHORT="$(git rev-parse --short HEAD)"
echo $CI_COMMIT_SHA_SHORT
if $CHANGED_FILES | egrep 'storage/backup/docker/'; then
echo "####### gesiscss/nfs-backup-orc:$CI_COMMIT_SHA_SHORT"
docker login -u=$DOCKER_USERNAME -p=$DOCKER_PASSWORD
docker build -t gesiscss/nfs-backup-orc:$CI_COMMIT_SHA_SHORT storage/backup/docker/.
docker push gesiscss/nfs-backup-orc:$CI_COMMIT_SHA_SHORT
fi;
only:
- master
tags:
- orc
when: on_success
allow_failure: false
dependencies: []
retry: 1
build_job_staging:
stage: build
script:
- |
echo "####### Running build on staging"
echo "####### Building docker images on master node"
#CI_COMMIT_SHA_8=${CI_COMMIT_SHA:0:8}
CI_COMMIT_SHA_SHORT="$(git rev-parse --short HEAD)"
echo $CI_COMMIT_SHA_SHORT
if $CHANGED_FILES | egrep 'storage/backup/docker/'; then
echo "####### gesiscss/nfs-backup-orc:$CI_COMMIT_SHA_SHORT"
docker login -u=$DOCKER_USERNAME -p=$DOCKER_PASSWORD
docker build -t gesiscss/nfs-backup-orc:$CI_COMMIT_SHA_SHORT storage/backup/docker/.
docker push gesiscss/nfs-backup-orc:$CI_COMMIT_SHA_SHORT
fi;
only:
- staging
tags:
- staging
when: on_success
allow_failure: false
dependencies: []
retry: 1
deploy_staging:
stage: deploy
script:
- |
echo "####### First sync github"
URL="https://gesisnotebooks:"
URL+=$GH_TOKEN
URL+="@github.com/gesiscss/orc"
git push $URL $CI_COMMIT_SHA:staging
echo "####### Running staging deploy"
mode="fetch_co"
pip3 install fabric==2.4.0 invoke==1.2.0
if $CHANGED_FILES | egrep 'gallery/_secret_config_test.py'; then
mode+="-gallerytestconf"
fi;
if $CHANGED_FILES | egrep 'gallery/config_test.yaml'; then
mode+="-gallerytestapp"
fi;
if $CHANGED_FILES | egrep 'gesishub/config_test.yaml|gesishub/_secret_test.yaml|gesishub/gesishub/|load_balancer/static/images/|load_balancer/static/styles/|load_balancer/static/scripts/'; then
mode+="-jhubtestns"
fi;
if $CHANGED_FILES | egrep 'gesisbinder/config_test.yaml|gesisbinder/_secret_test.yaml|gesisbinder/gesisbinder/|load_balancer/static/images/|load_balancer/static/styles/|load_balancer/static/scripts/'; then
mode+="-bhubtestns"
fi;
echo "####### mode: $mode"
fab -H $K8S_STAGING_MASTER_NODE_IP deploy -u ladmin -p $STAGING_MASTER_NODE_PASSWORD -r $CI_COMMIT_SHA -m $mode -s
only:
- staging
tags:
- staging
when: on_success
environment:
name: staging
url: https://notebooks-test.gesis.org/
allow_failure: false
dependencies: []
retry: 1
deploy_prod:
stage: deploy
# cache:
# untracked: true
script:
- |
echo "####### First sync github"
URL="https://gesisnotebooks:"
URL+=$GH_TOKEN
URL+="@github.com/gesiscss/orc"
git push $URL $CI_COMMIT_SHA:master
echo "####### Running deploy"
echo $USER
mode="fetch_co"
pip3 install fabric==2.4.0 invoke==1.2.0
if $CHANGED_FILES | egrep 'gallery/_secret_config.py'; then
mode+="-galleryconf"
fi;
if $CHANGED_FILES | egrep 'gallery/config.yaml'; then
mode+="-galleryapp"
fi;
if $CHANGED_FILES | egrep 'gallery/cron_job.yaml|gallery/_secret_config.py'; then
mode+="-galleryarchives"
fi;
if $CHANGED_FILES | egrep 'gesishub/config.yaml|gesishub/_secret.yaml|gesishub/gesishub/|load_balancer/static/images/|load_balancer/static/styles/|load_balancer/static/scripts/'; then
mode+="-jhubns"
fi;
if $CHANGED_FILES | egrep 'gesisbinder/config.yaml|gesisbinder/_secret.yaml|gesisbinder/gesisbinder/|load_balancer/static/images/|load_balancer/static/styles/|load_balancer/static/scripts/'; then
mode+="-bhubns"
fi;
if $CHANGED_FILES | egrep 'gesisbinder/bot/'; then
mode+="-bhubupgrade"
fi;
if $CHANGED_FILES | egrep 'storage/backup/cron_job.yaml|storage/backup/_secret.yaml|storage/backup/rbac.yaml'; then
mode+="-backupjob"
fi;
if $CHANGED_FILES | egrep 'monitoring/prometheus_config.yaml'; then
mode+="-prometheus"
fi;
if $CHANGED_FILES | egrep 'monitoring/_secret_grafana.yaml|monitoring/grafana_config.yaml'; then
mode+="-grafana"
fi;
if $CHANGED_FILES | egrep 'takeout/config.yaml'; then
mode+="-takeout"
fi;
if $CHANGED_FILES | egrep 'load_balancer/static/'; then
mode+="-static"
fi;
echo "####### mode: $mode"
fab -H $K8S_MASTER_NODE_IP deploy -u iuser -p $K8S_MASTER_NODE_PASSWORD -r $CI_COMMIT_SHA -m $mode
only:
- master
# - tags
tags:
- orc
when: on_success
environment:
name: production
url: https://notebooks.gesis.org/
allow_failure: false
dependencies: []
retry: 1
deploy_nginx:
stage: deploy
script:
- |
mode="fetch_co"
# egrep: -v, --invert-match select non-matching lines
if $CHANGED_FILES | egrep -v load_balancer/sites-available/orc_test | egrep 'load_balancer/sites-available|load_balancer/snippets'; then
echo "####### Reloading nginx ($CI_COMMIT_REF_NAME)"
mode+="-config"
mode+="-testnginx"
fi;
if $CHANGED_FILES | egrep 'load_balancer/static'; then
echo "####### Updating static files ($CI_COMMIT_REF_NAME)"
mode+="-static"
fi;
fab -H $K8S_BASE_WORKER_IP nginx -u iuser -p $K8S_BASE_WORKER_PASSWORD -b $CI_COMMIT_REF_NAME -r $CI_COMMIT_SHA -m $mode
only:
- master
tags:
- orc
when: on_success
# when: manual
allow_failure: false
dependencies: []
retry: 1
deploy_nginx_staging:
stage: deploy
script:
- |
mode="fetch_co"
# egrep: -v, --invert-match select non-matching lines
$CHANGED_FILES
if $CHANGED_FILES | egrep load_balancer/sites-available/orc_test; then
echo "####### Reloading nginx ($CI_COMMIT_REF_NAME)"
mode+="-stagingconfig"
mode+="-testnginx"
fi;
if $CHANGED_FILES | egrep 'load_balancer/static'; then
echo "####### Updating static files ($CI_COMMIT_REF_NAME)"
mode+="-static"
fi;
echo $CI_COMMIT_REF_NAME
fab -H $K8S_STAGING_BASE_NODE_IP nginx -u ladmin -p $K8S_STAGING_BASE_NODE_PASSWORD -b $CI_COMMIT_REF_NAME -r $CI_COMMIT_SHA -m $mode
only:
- staging
tags:
- staging
when: on_success
# when: manual
allow_failure: false
dependencies: []
retry: 1