# This file is included as part of the main repository .gitlab-ci.yml file
test gcp connection:
environment:
name: gcp
stage: test
tags:
- docker
- kubernetes
image: google/cloud-sdk:latest
# don't need any artifacts for this to run
dependencies: []
before_script:
- gcloud auth activate-service-account "${GEOSPHERE_DEPLOY_GCP_SA_EMAIL}" --key-file="${GEOSPHERE_DEPLOY_GCP_SA_KEY}"
# If this produces a warning about not having permission make sure the SA
# has the project "Viewer" role. If it still produces a warning then try
# enabling this Cloud Resource Manager API. See admin/GCP_README.md
# for more information.
- gcloud config set project "${GEOSPHERE_DEPLOY_GCP_PROJECT_NAME}"
script:
- gcloud compute instances list
- if [ "${GEOSPHERE_DEPLOY_GCP_CLUSTER_NAME}" != "" ]; then
gcloud container clusters get-credentials "${GEOSPHERE_DEPLOY_GCP_CLUSTER_NAME}" --zone "${GEOSPHERE_DEPLOY_GCP_ZONE_NAME}";
kubectl get all;
fi
gstest deploy grb:
environment:
name: gcp
extends: .helm_based_job
image: gitlab.ssec.wisc.edu:5555/cspp_geo/geosphere/gcloud-kubectl-helm/gcloud-kubectl-helm:6d3e308b
stage: deploy GRB
variables:
KUBECONFIG: "/home/gkh/.kube/config"
before_script:
- gcloud --verbosity=debug auth activate-service-account "${GEOSPHERE_DEPLOY_GCP_SA_EMAIL}" --key-file="${GEOSPHERE_DEPLOY_GCP_SA_KEY}"
# If this produces a warning about not having permission make sure the SA
# has the project "Viewer" role. If it still produces a warning then try
# enabling this Cloud Resource Manager API. See admin/GCP_README.md
# for more information.
- gcloud --verbosity=debug config set project "${GEOSPHERE_DEPLOY_GCP_PROJECT_NAME}"
- gcloud --verbosity=debug container clusters get-credentials "${GEOSPHERE_DEPLOY_GCP_CLUSTER_NAME}" --zone "${GEOSPHERE_DEPLOY_GCP_ZONE_NAME}";
- helm registry login -u ${CI_REGISTRY_USER} -p ${CI_JOB_TOKEN} ${CI_REGISTRY}
- helm repo add stable https://kubernetes-charts.storage.googleapis.com
- helm repo update
script:
- ns="default"
- cd geosphere-grb/chart
- source cspp-geo-grb/cibuild.env
# copy private ssh key to the chart for inclusion in the secret
- cp $GRB_PROXY_SSH_KEY cspp-geo-grb/secrets/grb_ssh_proxy_rsa
- echo "Deploying version $docker_tag to cluster namespace $ns"
- helm upgrade -v 2 --kubeconfig $HOME/.kube/config --install --namespace $ns -f ../../ci_gcp/values-grb-g16.yaml cspp-geo-grb cspp-geo-grb/
# - helm upgrade -v 2 --install --kubeconfig $kubeconfig --namespace $ns --set persistence.enabled=true --set persistence.storageClass=longhorn -f values-grb-g16.yaml cspp-geo-grb cspp-geo-grb/
dependencies:
- get_chart_grb
rules:
- if: '$CI_COMMIT_BRANCH != "gcp"'
when: never
- when: on_success
gstest deploy client:
environment:
name: gcp
extends: .helm_based_job
#image: google/cloud-sdk:latest
image: kiwigrid/gcloud-kubectl-helm
stage: deploy Client
variables:
KUBECONFIG: "/home/gkh/.kube/config"
before_script:
- gcloud --verbosity=debug auth activate-service-account "${GEOSPHERE_DEPLOY_GCP_SA_EMAIL}" --key-file="${GEOSPHERE_DEPLOY_GCP_SA_KEY}"
# If this produces a warning about not having permission make sure the SA
# has the project "Viewer" role. If it still produces a warning then try
# enabling this Cloud Resource Manager API. See admin/GCP_README.md
# for more information.
- gcloud --verbosity=debug config set project "${GEOSPHERE_DEPLOY_GCP_PROJECT_NAME}"
- gcloud --verbosity=debug container clusters get-credentials "${GEOSPHERE_DEPLOY_GCP_CLUSTER_NAME}" --zone "${GEOSPHERE_DEPLOY_GCP_ZONE_NAME}";
- helm registry login -u ${CI_REGISTRY_USER} -p ${CI_JOB_TOKEN} ${CI_REGISTRY}
- helm repo add stable https://kubernetes-charts.storage.googleapis.com
- helm repo update
script:
- ns="default"
- cd geosphere-client/chart
- echo "Deploying version $docker_tag to cluster namespace $ns"
- helm list --kubeconfig $HOME/.kube/config
# namespace names are the same as domain names
- helm upgrade -v 2 --kubeconfig $HOME/.kube/config --install --namespace $ns -f ../../ci_gcp/values-client.yaml geosphere-client geosphere-client/
dependencies:
- get_chart_client_test
rules:
- if: '$CI_COMMIT_BRANCH != "gcp"'
when: never
- when: on_success