362 lines
12 KiB
YAML
362 lines
12 KiB
YAML
---
|
|
#
|
|
# ci/pipeline.yml
|
|
#
|
|
# Pipeline structure file for a Helm Chart & Docker Image pipeline
|
|
#
|
|
# DO NOT MAKE CHANGES TO THIS FILE. Instead, modify
|
|
# ci/settings.yml and override what needs overridden.
|
|
# This uses spruce, so you have some options there.
|
|
#
|
|
# author: Dr Nic Williams <drnicwilliams@gmail.com>
|
|
# created: 2018-11-09
|
|
|
|
meta:
|
|
name: (( param "Please name your pipeline" ))
|
|
release: (( grab meta.name ))
|
|
target: (( param "Please identify the name of the target Concourse CI" ))
|
|
url: (( param "Please specify the full url of the target Concourse CI" ))
|
|
pipeline: (( grab meta.name ))
|
|
image:
|
|
name: starkandwayne/concourse-kubernetes
|
|
tag: latest
|
|
|
|
helm:
|
|
chart_path: .
|
|
|
|
git:
|
|
email: (( param "Please provide the git email for automated commits" ))
|
|
name: (( param "Please provide the git name for automated commits" ))
|
|
|
|
google:
|
|
serviceaccount: (( param "Please provide GCP Service Account JSON" ))
|
|
gcloud_project: (( param "Please provide GKE gcloud_project" ))
|
|
gcloud_cluster: (( param "Please provide GKE gcloud_cluster" ))
|
|
gcloud_zone: (( param "Please provide GKE gcloud_zone" ))
|
|
ca_cert: (( param "Please provide GKE ca_cert" ))
|
|
client_cert: (( param "Please provide GKE client_cert" ))
|
|
client_key: (( param "Please provide GKE client_key" ))
|
|
|
|
aws:
|
|
bucket: (( concat meta.name "-pipeline" ))
|
|
region_name: us-east-1
|
|
access_key: (( param "Please set your AWS Access Key ID" ))
|
|
secret_key: (( param "Please set your AWS Secret Key ID" ))
|
|
charts_uri: (( param "Please set your s3://bucket-name/charts URI" ))
|
|
|
|
github:
|
|
uri: (( concat "git@github.com:" meta.github.owner "/" meta.github.repo ))
|
|
owner: (( param "Please specify the name of the user / organization that owns the Github repository" ))
|
|
repo: (( param "Please specify the name of the Github repository" ))
|
|
branch: master
|
|
private_key: (( param "Please generate an SSH Deployment Key for this repo and specify it here" ))
|
|
access_token: (( param "Please generate a Personal Access Token and specify it here" ))
|
|
|
|
dockerhub:
|
|
username: (( param "Please specify the username for your Dockerhub account" ))
|
|
password: (( param "Please specify the password for your Dockerhub account" ))
|
|
repository: (( param "Please specify the name of the image (repo/name) that you are building" ))
|
|
|
|
slack:
|
|
webhook: (( param "Please specify your Slack Incoming Webhook Integration URL" ))
|
|
success_moji: ":airplane_departure:"
|
|
fail_moji: ":airplane_arriving:"
|
|
upset_moji: ":sad_panda:"
|
|
channel: (( param "Please specify the channel (#name) or user (@user) to send messages to" ))
|
|
username: concourse
|
|
icon: https://cl.ly/2F421Y300u07/concourse-logo-blue-transparent.png
|
|
fail_url: '(( concat "<" meta.url "/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME| Concourse Failure! " meta.slack.upset_moji ">" ))'
|
|
|
|
groups:
|
|
- name: (( grab meta.name ))
|
|
jobs:
|
|
- testflight
|
|
- rc
|
|
- shipit
|
|
- install-published
|
|
- name: versioning
|
|
jobs:
|
|
- major
|
|
- minor
|
|
- patch
|
|
jobs:
|
|
- name: testflight
|
|
public: true
|
|
plan:
|
|
- get: git
|
|
trigger: true
|
|
- put: image-latest
|
|
params:
|
|
build: git
|
|
on_failure:
|
|
put: notify
|
|
params:
|
|
channel: (( grab meta.slack.channel ))
|
|
username: (( grab meta.slack.username ))
|
|
icon_url: (( grab meta.slack.icon ))
|
|
text: '(( concat meta.slack.fail_url " " meta.pipeline ": patch job failed" ))'
|
|
- name: build-chart
|
|
task: build-chart
|
|
config:
|
|
platform: linux
|
|
image_resource:
|
|
type: docker-image
|
|
source:
|
|
repository: (( grab meta.image.name ))
|
|
tag: (( grab meta.image.tag ))
|
|
inputs:
|
|
- name: git
|
|
- name: image-latest
|
|
outputs:
|
|
- name: chart
|
|
run:
|
|
path: ./git/ci/scripts/build-chart
|
|
args: []
|
|
params:
|
|
CHART_ROOT: (( grab meta.helm.chart_path ))
|
|
REPO_ROOT: git
|
|
CHART_OUT: chart
|
|
- put: helm-install-test
|
|
params:
|
|
chart: chart/*.tgz
|
|
devel: true
|
|
wait_until_ready: 60
|
|
|
|
- name: shipit
|
|
public: true
|
|
serial: true
|
|
plan:
|
|
- do:
|
|
- name: inputs
|
|
aggregate:
|
|
- { get: version, passed: [rc], params: {bump: final} }
|
|
- { get: git, passed: [rc] }
|
|
- { get: image-latest, passed: [testflight], params: { save: true } }
|
|
- name: docker-push-tag
|
|
put: image-latest # as 'vX.Y.Z'
|
|
params:
|
|
tag: version/number
|
|
load: image-latest
|
|
- name: package-chart
|
|
task: package-chart
|
|
config:
|
|
platform: linux
|
|
image_resource:
|
|
type: docker-image
|
|
source:
|
|
repository: (( grab meta.image.name ))
|
|
tag: (( grab meta.image.tag ))
|
|
inputs:
|
|
- name: version
|
|
- name: git
|
|
outputs:
|
|
- name: gh
|
|
- name: (( grab meta.name ))
|
|
- name: notifications
|
|
run:
|
|
path: ./git/ci/scripts/shipit
|
|
args: []
|
|
params:
|
|
CHART_NAME: (( grab meta.name ))
|
|
CHART_ROOT: (( grab meta.helm.chart_path ))
|
|
REPO_ROOT: git
|
|
VERSION_FROM: version/number
|
|
RELEASE_ROOT: gh
|
|
REPO_OUT: (( grab meta.name ))
|
|
BRANCH: (( grab meta.github.branch ))
|
|
GITHUB_OWNER: (( grab meta.github.owner ))
|
|
GIT_EMAIL: (( grab meta.git.email ))
|
|
GIT_NAME: (( grab meta.git.name ))
|
|
NOTIFICATION_OUT: notifications
|
|
AWS_ACCESS_KEY_ID: (( grab meta.aws.access_key ))
|
|
AWS_SECRET_ACCESS_KEY: (( grab meta.aws.secret_key ))
|
|
AWS_DEFAULT_REGION: (( grab meta.aws.region_name ))
|
|
HELM_S3_BUCKET_URI: (( grab meta.aws.charts_uri ))
|
|
|
|
- name: upload-git
|
|
put: git
|
|
params:
|
|
rebase: true
|
|
repository: (( grab meta.name ))
|
|
- name: github-release
|
|
put: github
|
|
params:
|
|
name: gh/name
|
|
tag: gh/tag
|
|
body: gh/notes.md
|
|
globs: [gh/artifacts/*]
|
|
- name: version-bump
|
|
put: version
|
|
params:
|
|
bump: patch
|
|
# - name: notify
|
|
# aggregate:
|
|
# - put: notify
|
|
# params:
|
|
# channel: (( grab meta.slack.channel ))
|
|
# username: (( grab meta.slack.username ))
|
|
# icon_url: (( grab meta.slack.icon ))
|
|
# text_file: notifications/message
|
|
on_failure:
|
|
put: notify
|
|
params:
|
|
channel: (( grab meta.slack.channel ))
|
|
username: (( grab meta.slack.username ))
|
|
icon_url: (( grab meta.slack.icon ))
|
|
text: '(( concat meta.slack.fail_url " " meta.pipeline ": shipit job failed" ))'
|
|
|
|
- name: install-published
|
|
plan:
|
|
- get: github
|
|
passed: [shipit]
|
|
- put: helm-install-latest
|
|
params:
|
|
chart: github/*.tgz
|
|
wait_until_ready: 60
|
|
|
|
- name: rc
|
|
public: true
|
|
serial: true
|
|
plan:
|
|
- do:
|
|
- aggregate:
|
|
- { get: git, trigger: true, passed: [testflight] }
|
|
- { get: version, trigger: true, params: {pre: rc} }
|
|
- task: release-notes
|
|
config:
|
|
platform: linux
|
|
image_resource:
|
|
type: docker-image
|
|
source:
|
|
repository: (( grab meta.image.name ))
|
|
tag: (( grab meta.image.tag ))
|
|
inputs:
|
|
- { name: git }
|
|
run:
|
|
path: sh
|
|
args:
|
|
- -ce
|
|
- |
|
|
cd git
|
|
if [ -f ci/release_notes.md ]; then
|
|
echo "###### RELEASE NOTES ###############"
|
|
echo
|
|
cat ci/release_notes.md
|
|
echo
|
|
echo "########################################"
|
|
echo
|
|
else
|
|
echo "NO RELEASE NOTES HAVE BEEN WRITTEN"
|
|
echo "You *might* want to do that before"
|
|
echo "hitting (+) on that shipit job..."
|
|
echo
|
|
fi
|
|
- put: version
|
|
params: {file: version/number}
|
|
on_failure:
|
|
put: notify
|
|
params:
|
|
channel: (( grab meta.slack.channel ))
|
|
username: (( grab meta.slack.username ))
|
|
icon_url: (( grab meta.slack.icon ))
|
|
text: '(( concat meta.slack.fail_url " " meta.pipeline ": rc job failed" ))'
|
|
|
|
- name: minor
|
|
public: true
|
|
plan:
|
|
- { get: version, trigger: false, params: {bump: minor} }
|
|
- { put: version, params: {file: version/number} }
|
|
|
|
- name: major
|
|
public: true
|
|
plan:
|
|
- { get: version, trigger: false, params: {bump: major} }
|
|
- { put: version, params: {file: version/number} }
|
|
|
|
- name: patch
|
|
public: true
|
|
plan:
|
|
- do:
|
|
- { get: version, trigger: false, params: {bump: patch} }
|
|
- { put: version, params: {file: version/number} }
|
|
on_failure:
|
|
put: notify
|
|
params:
|
|
channel: (( grab meta.slack.channel ))
|
|
username: (( grab meta.slack.username ))
|
|
icon_url: (( grab meta.slack.icon ))
|
|
text: '(( concat meta.slack.fail_url " " meta.pipeline ": patch job failed" ))'
|
|
|
|
resource_types:
|
|
- name: slack-notification
|
|
type: docker-image
|
|
source:
|
|
repository: cfcommunity/slack-notification-resource
|
|
|
|
- name: helm
|
|
type: docker-image
|
|
source:
|
|
repository: ilyasotkov/concourse-helm-resource
|
|
tag: 1.1.1
|
|
|
|
resources:
|
|
- name: git
|
|
type: git
|
|
source:
|
|
uri: (( grab meta.github.uri ))
|
|
branch: (( grab meta.github.branch ))
|
|
private_key: (( grab meta.github.private_key ))
|
|
|
|
- name: image-latest
|
|
type: docker-image
|
|
source:
|
|
.: (( inject meta.dockerhub ))
|
|
tag: latest
|
|
|
|
- name: version
|
|
type: semver
|
|
source :
|
|
driver: s3
|
|
bucket: (( grab meta.aws.bucket ))
|
|
region_name: (( grab meta.aws.region_name ))
|
|
key: version
|
|
access_key_id: (( grab meta.aws.access_key ))
|
|
secret_access_key: (( grab meta.aws.secret_key ))
|
|
initial_version: (( grab meta.initial_version || "0.0.1" ))
|
|
|
|
- name: notify
|
|
type: slack-notification
|
|
source:
|
|
url: (( grab meta.slack.webhook ))
|
|
|
|
- name: github
|
|
type: github-release
|
|
source:
|
|
user: (( grab meta.github.owner ))
|
|
repository: (( grab meta.github.repo ))
|
|
access_token: (( grab meta.github.access_token ))
|
|
|
|
- name: helm-install-test
|
|
type: helm
|
|
source:
|
|
release: (( concat "ci-test-" meta.name ))
|
|
gcloud_auth: (( grab meta.google.serviceaccount ))
|
|
gcloud_project: (( grab meta.google.gcloud_project ))
|
|
gcloud_cluster: (( grab meta.google.gcloud_cluster ))
|
|
gcloud_zone: (( grab meta.google.gcloud_zone ))
|
|
ca_cert: (( grab meta.google.ca_cert ))
|
|
client_cert: (( grab meta.google.client_cert ))
|
|
client_key: (( grab meta.google.client_key ))
|
|
|
|
- name: helm-install-latest
|
|
type: helm
|
|
source:
|
|
release: (( concat "ci-latest-" meta.name ))
|
|
gcloud_auth: (( grab meta.google.serviceaccount ))
|
|
gcloud_project: (( grab meta.google.gcloud_project ))
|
|
gcloud_cluster: (( grab meta.google.gcloud_cluster ))
|
|
gcloud_zone: (( grab meta.google.gcloud_zone ))
|
|
ca_cert: (( grab meta.google.ca_cert ))
|
|
client_cert: (( grab meta.google.client_cert ))
|
|
client_key: (( grab meta.google.client_key ))
|