Newer
Older
- remote: https://open.greenhost.net/stackspin/stackspin/-/raw/main/.gitlab/ci_templates/helm_package.yml
- remote: https://open.greenhost.net/stackspin/stackspin/-/raw/main/.gitlab/ci_templates/dummy_job.yml
- template: 'Workflows/MergeRequest-Pipelines.gitlab-ci.yml'
.use_kubernetes:
entrypoint: ["/bin/sh", "-c"]
before_script:
- kubectl config get-contexts
- kubectl config use-context stackspin/kubernetes-agent-setup:stackspin-k8s-agent
.chart_changes_rules:
rules:
- changes:
- templates/**/*
- package.json
- package-lock.json
- values-local.yaml.example
- values.yaml
- Chart.yaml
stages:
- lint-helm-chart
- install-helm-chart
- test-helm-chart
- package-helm-chart
- release-helm-chart
variables:
CHART_NAME: nextcloud-onlyoffice
delete_namespace:
stage: lint-helm-chart
# Schedule namespace for removal. `--wait=false` is used here because
# the namespace deletion is repeated in the `install-helmrelease` job.
# Namespace removal fails if the namespace does not exist (yet),
# that's not a problem
- kubectl delete namespace "nc$CI_MERGE_REQUEST_IID" --wait=false || true
extends:
- .use_kubernetes
- .chart_changes_rules
install-helmrelease:
stage: install-helm-chart
needs:
# This job contains the `helm dep` artifacts
- job: lint-helm
script:
- cp values-local.yaml.example values-ci.yaml
# This sets the domains to files-MR_ID.gitlab.stackspin.net and
# office-MR_ID.gitlab.stackspin.net
Maarten de Waard
committed
- sed -i "s/\.your\.domain/-nc$CI_MERGE_REQUEST_IID.gitlab.stackspin.net/" values-ci.yaml
# Make sure TLS certificate secrets for different MRs do not clash
Maarten de Waard
committed
- sed -i "s/files-cert/files-cert-nc$CI_MERGE_REQUEST_IID/" values-ci.yaml
- sed -i "s/office-cert/office-cert-nc$CI_MERGE_REQUEST_IID/" values-ci.yaml
export message="$(echo $CI_COMMIT_TITLE | tr '!#$%^&*()=+{}[]:"|<>?,./;' '-')"
echo -e "tests:\n cypress:\n projectId: \"$CYPRESS_PROJECT_ID\"\n recordKey: \"$CYPRESS_RECORD_KEY\"" >> values-ci.yaml
echo -e " commitInfo:\n branch: \"$CI_COMMIT_REF_SLUG\"\n message: \"$message\"\n author: \"$CI_COMMIT_AUTHOR\"\n sha: \"$CI_COMMIT_SHORT_SHA\"" \
- time kubectl delete --wait=true namespace "nc$CI_MERGE_REQUEST_IID" || true
- passgen() { < /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c20; }
- time helm --debug install --timeout 20m --create-namespace -n nc$CI_MERGE_REQUEST_IID --wait "nc$CI_MERGE_REQUEST_IID" . -f values-ci.yaml --set nextcloud.nextcloud.password=$(passgen),nextcloud.mariadb.auth.password=$(passgen),nextcloud.mariadb.auth.rootPassword=$(passgen),redis.auth.password=$(passgen),onlyoffice.jwtSecret=$(passgen),rabbitmq.auth.password=$(passgen),rabbitmq.auth.erlangCookie=$(passgen),global.onlyofficeDb.password=$(passgen)
Maarten de Waard
committed
name: helmrelease/nc$CI_MERGE_REQUEST_IID
url: https://files-nc$CI_MERGE_REQUEST_IID.gitlab.stackspin.net
auto_stop_in: 1 week
on_stop: post-install-delete-helmrelease
- .use_kubernetes
- .chart_changes_rules
artifacts:
paths:
- ./values-ci.yaml
expire_in: 1 week
when: always
post-install-delete-helmrelease:
stage: install-helm-chart
script:
# namespace removal fails if the namespace does not exist,
# that's not a problem
- kubectl delete namespace "nc$CI_MERGE_REQUEST_IID" || true
extends:
- .use_kubernetes
- .chart_changes_rules
# Gets triggered by on_stop of install-helmrelease, or manually
when: manual
environment:
name: helmrelease/nc$CI_MERGE_REQUEST_IID
action: stop
test-helm-chart:
stage: test-helm-chart
script:
- cd ${CHART_DIR:-"."}
- helm test -n nc$CI_MERGE_REQUEST_IID --logs "nc$CI_MERGE_REQUEST_IID" --timeout 10m
- .use_kubernetes
- .chart_changes_rules
# Change this existing (imported) job so it will run if and only if:
# a. this is a git tag pipeline (will be published on stable channel); or
# b. we're not on the default branch (will be published on unstable channel).
release-helm:
rules:
- if: $CI_COMMIT_TAG || $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
changes:
- Chart.yaml