forked from SonarSource/helm-chart-sonarqube
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.cirrus.yaml
150 lines (141 loc) · 4.66 KB
/
.cirrus.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
env:
### Shared variables
NIGHTLY_CRON: 'nightly-cron'
except_nightly_cron: &EXCEPT_ON_NIGHTLY_CRON
only_if: $CIRRUS_CRON != $NIGHTLY_CRON
only_on_non_release_draft_template: &ONLY_ON_NON_RELEASE_DRAFT_TEMPLATE
only_if: $CIRRUS_PRERELEASE != "true"
docker_build_container_template: &CONTAINER_TEMPLATE
dockerfile: .cirrus/Dockerfile
docker_arguments:
CIRRUS_AWS_ACCOUNT: ${CIRRUS_AWS_ACCOUNT}
cluster_name: ${CIRRUS_CLUSTER_NAME}
builder_role: cirrus-builder
builder_image: docker-builder-v*
builder_instance_type: t2.small
builder_subnet_id: ${CIRRUS_AWS_SUBNET}
region: eu-central-1
namespace: default
cpu: 1
memory: 1Gb
container_template: &STD_CONTAINER_TEMPLATE
image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j11-latest
cluster_name: ${CIRRUS_CLUSTER_NAME}
region: eu-central-1
namespace: default
cpu: 1
memory: 1Gb
clone_script_template: &CLONE_SCRIPT_TEMPLATE
clone_script: |
if [ -z "$CIRRUS_PR" ]; then
git clone --recursive --branch=$CIRRUS_BRANCH https://github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR
git reset --hard $CIRRUS_CHANGE_IN_REPO
else
git clone --recursive https://github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR
git fetch origin pull/$CIRRUS_PR/head:pull/$CIRRUS_PR
git reset --hard $CIRRUS_CHANGE_IN_REPO
fi
chart_testing_task:
<<: *ONLY_ON_NON_RELEASE_DRAFT_TEMPLATE
timeout_in: 30m
eks_container:
<<: *CONTAINER_TEMPLATE
cpu: 2
memory: 4Gb
additional_containers:
- name: dockerdaemon
privileged: true
cpu: 4
memory: 16Gb
image: docker:20-dind
port: 2375
env:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ""
<<: *CLONE_SCRIPT_TEMPLATE
start_kind_background_script:
- export DOCKER_HOST=tcp://localhost:2375
- kind create cluster
wait_for_kind_script:
- - ./.cirrus/wait-for-kind.sh
script:
- ct lint --config test.yaml --all
- ct install --config test.yaml --all
artifacthub_lint_script:
- ah lint
chart_packaging_task:
<<: *ONLY_ON_NON_RELEASE_DRAFT_TEMPLATE
timeout_in: 15m
eks_container:
<<: *CONTAINER_TEMPLATE
cpu: 2
memory: 1Gb
<<: *CLONE_SCRIPT_TEMPLATE
environment_cache:
folder: ${CIRRUS_WORKING_DIR}/*.tgz*
fingerprint_script: echo $CIRRUS_BUILD_ID
env:
GITHUB_TOKEN: VAULT[development/github/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-releases token]
SONARSOURCE_SIGN_KEY: VAULT[development/kv/data/sign data.key]
SONARSOURCE_SIGN_KEY_ID: VAULT[development/kv/data/sign data.key_id]
SONARSOURCE_SIGN_KEY_PASSPHRASE: VAULT[development/kv/data/sign data.passphrase]
key_file:
path: /tmp/key
variable_name: SONARSOURCE_SIGN_KEY
script:
- source cirrus-env BUILD
- helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
- helm repo add bitnami https://charts.bitnami.com/bitnami
- helm repo add bitnami-pre2022 https://raw.githubusercontent.com/bitnami/charts/pre-2022/bitnami
- helm repo update
- ./.cirrus/package.sh
- ./.cirrus/sign_chart.sh
depends_on:
- chart_testing
push_to_repox_task:
<<: *ONLY_ON_NON_RELEASE_DRAFT_TEMPLATE
<<: *EXCEPT_ON_NIGHTLY_CRON
timeout_in: 15m
eks_container:
<<: *STD_CONTAINER_TEMPLATE
cpu: 1
memory: 1Gb
<<: *CLONE_SCRIPT_TEMPLATE
environment_cache:
folder: ${CIRRUS_WORKING_DIR}/*.tgz*
fingerprint_script: echo $CIRRUS_BUILD_ID
env:
ARTIFACTORY_URL: VAULT[development/kv/data/repox data.url]
ARTIFACTORY_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer access_token]
script:
- source cirrus-env ""
- ./.cirrus/upload_chart.sh
depends_on:
- chart_testing
- chart_packaging
trigger_release_task:
timeout_in: 15m
eks_container:
<<: *STD_CONTAINER_TEMPLATE
cpu: 1
memory: 1Gb
only_if: $CIRRUS_PRERELEASE != "true" && $CIRRUS_RELEASE != ""
<<: *CLONE_SCRIPT_TEMPLATE
stateful: 'true'
environment_cache:
folder: ${CIRRUS_WORKING_DIR}/*.tgz*
fingerprint_script: echo $CIRRUS_BUILD_ID
env:
GITHUB_TOKEN: VAULT[development/github/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-releases token]
SLACK_TOKEN: VAULT[development/kv/data/slack data.token]
gh_action_script: |
source cirrus-env RELEASE
CHARTS=$(find $CIRRUS_WORKING_DIR -maxdepth 1 -name "*.tgz*" -type f -exec basename "{}" ";")
[[ "x$CHARTS" == "x" ]] && exit 0
gh workflow run release.yml -f version=$CIRRUS_TAG -f buildNumber=$BUILD_NUMBER
depends_on:
- chart_packaging
- push_to_repox
on_failure:
slack_notification_script:
- ./.cirrus/slack-notification.sh