Skip to content
Snippets Groups Projects
Verified Commit a267e99f authored by David Hoese's avatar David Hoese
Browse files

Make sure GCP deployments only run when tagged

parent 62947d57
No related branches found
No related tags found
No related merge requests found
......@@ -3,7 +3,6 @@ stages:
- build prereqs
- test
- create storage
- test
- deploy rabbit
- deploy GRB
- deploy G2G
......
......@@ -4,10 +4,8 @@
environment:
name: gcp
extends: .helm_based_job
image: gitlab.ssec.wisc.edu:5555/cspp_geo/geosphere/gcloud-kubectl-helm/gcloud-kubectl-helm:6d3e308b
variables:
KUBECONFIG: "/root/.kube/config"
before_script:
- export KUBECONFIG="/root/.kube/config"
- gcloud --verbosity=debug auth activate-service-account "${GEOSPHERE_DEPLOY_GCP_SA_EMAIL}" --key-file="${GEOSPHERE_DEPLOY_GCP_SA_KEY}"
# If this produces a warning about not having permission make sure the SA
# has the project "Viewer" role. If it still produces a warning then try
......@@ -18,6 +16,10 @@
- helm registry login -u ${CI_REGISTRY_USER} -p ${CI_JOB_TOKEN} ${CI_REGISTRY}
- helm repo add stable https://kubernetes-charts.storage.googleapis.com
- helm repo update
rules:
- if: $CI_COMMIT_TAG !~ /$GCP_TAG_REGEX/
when: never
- when: on_success
test gcp connection:
extends: .gcloud_base
......@@ -44,10 +46,6 @@ gstest deploy grb:
- helm upgrade -v 2 --install --namespace $ns -f ../../ci_gcp/values-grb-g16.yaml cspp-geo-grb cspp-geo-grb/
dependencies:
- get_chart_grb
rules:
- if: '$CI_COMMIT_BRANCH != "gcp"'
when: never
- when: on_success
gs create geotiff storage:
extends: .gcloud_base
......@@ -58,12 +56,11 @@ gs create geotiff storage:
# this job doesn't actually need any artifacts from previous jobs
dependencies: []
rules:
- if: '$CI_COMMIT_BRANCH != "gcp"'
- if: $CI_COMMIT_TAG !~ /$GCP_TAG_REGEX/
when: never
- when: on_success
# this will always be true for tags
- changes:
- ci_geosphere/geotiff-pvc.yaml
- ci_gcp/geotiff-pvc.yaml
- if: $CREATE_STORAGE
gs create shapefile storage:
......@@ -75,13 +72,11 @@ gs create shapefile storage:
# this job doesn't actually need any artifacts from previous jobs
dependencies: []
rules:
- if: "$CI_COMMIT_TAG == null"
when: never
- if: '$kubekorner_k3s_config == null'
- if: $CI_COMMIT_TAG !~ /$GCP_TAG_REGEX/
when: never
# this will always be true for tags
- changes:
- ci_geosphere/shapefiles-pvc.yaml
- ci_gcp/shapefiles-pvc.yaml
- if: $CREATE_STORAGE
gs deploy rabbit:
......@@ -92,16 +87,10 @@ gs deploy rabbit:
stage: deploy rabbit
script:
- ./helpers/deploy_rabbitmq.sh ci_geosphere
- cp ${kubekorner_k3s_config} .
- kubeconfig=$(basename ${kubekorner_k3s_config})
- |-
kubectl get secret --kubeconfig "${kubeconfig}" geosphere-rabbit-rabbitmq --namespace=geosphere -oyaml | grep -v '^\s*namespace:\s' | grep -v "[Hh]elm" | grep -v "[tT]ime" | grep -v "selfLink" | grep -v "uid" | grep -v "resourceVersion" | sed 's/ name: .*/ name: geosphere-rabbit-rabbitmq-production/' | kubectl_stdin apply --kubeconfig "${kubeconfig}" --namespace=geosphere-test -f -
# this job doesn't actually need any artifacts from previous jobs
dependencies: []
rules:
- if: "$CI_COMMIT_TAG == null"
when: never
- if: '$kubekorner_k3s_config == null'
- if: $CI_COMMIT_TAG !~ /$GCP_TAG_REGEX/
when: never
# no need to build if another project triggered us
- if: $CI_PIPELINE_SOURCE == "pipeline"
......@@ -122,7 +111,7 @@ gstest deploy client:
dependencies:
- get_chart_client_test
rules:
- if: '$CI_COMMIT_BRANCH != "gcp"'
- if: $CI_COMMIT_TAG !~ /$GCP_TAG_REGEX/
when: never
- when: on_success
#rabbitmq:
# configuration: |-
# ## Clustering
# cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s
# cluster_formation.k8s.host = kubernetes.default.svc.cluster.local
# cluster_formation.node_cleanup.interval = 10
# cluster_formation.node_cleanup.only_log_warning = true
# cluster_partition_handling = autoheal
# # queue master locator
# queue_master_locator=min-masters
# # enable guest user
# loopback_users.guest = false
rbacEnabled: false
......@@ -12,9 +12,20 @@ error() {
>&2 echo "ERROR: $@"
}
test_namespace() {
if [[ $CI_ENVIRONMENT_NAME == "gcp" ]]; then
echo "${GCP_NAMESPACE}"
else
echo "${TESTS_NAMESPACE}"
fi
}
if [[ -n "$CI_COMMIT_TAG" ]]; then
debug "Tag detected: $CI_COMMIT_TAG"
if [[ $CI_COMMIT_TAG =~ $GEOSPHERE_TAG_REGEX ]]; then
if [[ $CI_JOB_STAGE == "test" ]]; then
debug "Ignoring tag because we are in the 'test' stage"
ns=$(test_namespace)
elif [[ $CI_COMMIT_TAG =~ $GEOSPHERE_TAG_REGEX ]]; then
debug "geosphere tag matched"
ns="${GEOSPHERE_NAMESPACE}"
elif [[ $CI_COMMIT_TAG =~ $GEOSPHERE_TEST_TAG_REGEX ]]; then
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment