Skip to content
Snippets Groups Projects
Unverified Commit 7c98292d authored by Varac's avatar Varac
Browse files

Trigger app installations by CI var or commit msg

parent 8ac89b7d
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 195 additions and 81 deletions
.gitlab-ci.yml
+ 195
81
View file @ 7c98292d
---
# YAML anchors
# ============
# Global templates and YAML anchors
# =================================
#
# Used in various stages/job definitions
# We don't use a `before_script` definition here because `extend` doesn't merge
# `before_script` but rather overwrites it.
# So we rather use [yaml anchors](https://docs.gitlab.com/ce/ci/yaml/README.html#anchors)
# here. Unfortunatly, anchors can't get included from files so we need to
# define them here.
.debug_information: &debug_information
- |
echo "Env vars:"
echo
echo "HOSTNAME: $HOSTNAME"
echo "IP_ADDRESS: $IP_ADDRESS"
echo "Uptime: $(uptime -p)"
echo "Uptime: $(uptime)"
echo "CLUSTER_DIR: $CLUSTER_DIR"
echo "ANSIBLE_HOST_KEY_CHECKING: $ANSIBLE_HOST_KEY_CHECKING"
echo "KANIKO_BUILD_IMAGENAME: $KANIKO_BUILD_IMAGENAME"
......@@ -26,55 +27,87 @@
echo
echo
.image_build_template: &image_build_template
stage: build
before_script:
- *debug_information
extends:
- .kaniko_build
environment:
name: image/$CI_COMMIT_REF_SLUG
url: https://open.greenhost.net:4567/openappstack/openappstack/openappstack-ci:${CI_COMMIT_REF_SLUG}
on_stop: delete-image
auto_stop_in: 3 weeks
# YAML extends
# ============
# app rules
#
# the .app_rules should be used whenever an app-specific job is executed.
# just add the variable app to the job like this:
# Define the rules when/if app specific jobs are run.
# Just add the variable APP to the job like this:
# variables:
# APP: "eventrouter"
# and import the templates with i.e.
# extends: .eventrouter_rules
# .eventrouter_rules will ensure that the job is only executed:
# - when files related to the app changed in the repo
# - A pipeline gets started from the UI and the job name is included in the
# CI variable `TRIGGER_JOBS`
# - A commit is pushed containing the pattern TRIGGER_JOBS=.*<job name>
# (i.e. TRIGGER_JOBS=ci-test-image-build,enable-grafana)
#
# Gitlab CI allows pushing CI vars via `git push` but a bug prevents this when
# using merge request pipelines (see https://gitlab.com/gitlab-org/gitlab/-/issues/326098)
# and import the template with
# extends: .app_rules
# .app_rules will ensure that the job is only executed when files related to the app changed in the repo
.app_rules:
before_script:
- *debug_information
.eventrouter_rules:
rules:
- changes:
- flux/**/$APP*.yaml
- ansible/roles/apps/templates/settings/$APP.yaml
- ansible/roles/apps/tasks/$APP.yaml
- if: '$TRIGGER_JOBS =~ /enable-eventrouter/'
- if: '$CI_COMMIT_MESSAGE =~ /TRIGGER_JOBS=.*enable-eventrouter/'
.grafana_rules:
rules:
- changes:
- flux/**/$APP*.yaml
- ansible/roles/apps/templates/settings/$APP.yaml
- ansible/roles/apps/tasks/$APP.yaml
- if: '$TRIGGER_JOBS =~ /enable-grafana/'
- if: '$CI_COMMIT_MESSAGE =~ /TRIGGER_JOBS=.*enable-grafana/'
.enable_app_template:
extends: .app_rules
stage: enable-apps
script:
- |
[ ! -d ./enabled_apps ] && mkdir enabled_apps || /bin/true
touch ./enabled_apps/$APP
artifacts:
paths:
- ./clusters
- ./enabled_apps/$APP
.nextcloud_rules:
rules:
- changes:
- flux/**/$APP*.yaml
- ansible/roles/apps/templates/settings/$APP.yaml
- ansible/roles/apps/tasks/$APP.yaml
- if: '$TRIGGER_JOBS =~ /enable-nextcloud/'
- if: '$CI_COMMIT_MESSAGE =~ /TRIGGER_JOBS=.*enable-nextcloud/'
.prometheus_rules:
rules:
- changes:
- flux/**/$APP*.yaml
- ansible/roles/apps/templates/settings/$APP.yaml
- ansible/roles/apps/tasks/$APP.yaml
- if: '$TRIGGER_JOBS =~ /enable-prometheus/'
- if: '$CI_COMMIT_MESSAGE =~ /TRIGGER_JOBS=.*enable-prometheus/'
.rocketchat_rules:
rules:
- changes:
- flux/**/$APP*.yaml
- ansible/roles/apps/templates/settings/$APP.yaml
- ansible/roles/apps/tasks/$APP.yaml
- if: '$TRIGGER_JOBS =~ /enable-rocketchat/'
- if: '$CI_COMMIT_MESSAGE =~ /TRIGGER_JOBS=.*enable-rocketchat/'
.single_sign_on_rules:
rules:
- changes:
- flux/**/$APP*.yaml
- ansible/roles/apps/templates/settings/$APP.yaml
- ansible/roles/apps/tasks/$APP.yaml
- if: '$TRIGGER_JOBS =~ /enable-single-sign-on/'
- if: '$CI_COMMIT_MESSAGE =~ /TRIGGER_JOBS=.*enable-single-sign-on/'
.wordpress_rules:
rules:
- changes:
- flux/**/$APP*.yaml
- ansible/roles/apps/templates/settings/$APP.yaml
- ansible/roles/apps/tasks/$APP.yaml
- if: '$TRIGGER_JOBS =~ /enable-wordpress/'
- if: '$CI_COMMIT_MESSAGE =~ /TRIGGER_JOBS=.*enable-wordpress/'
# Global declarations
......@@ -82,8 +115,8 @@
# https://docs.gitlab.com/ee/ci/yaml/README.html#workflowrules-templates
include:
- .gitlab/ci_templates/kaniko.yml
- .gitlab/ci_templates/ssh_setup.yml
- /.gitlab/ci_templates/kaniko.yml
- /.gitlab/ci_templates/ssh_setup.yml
- template: 'Workflows/MergeRequest-Pipelines.gitlab-ci.yml'
stages:
......@@ -120,7 +153,14 @@ default:
# Write "REBUILD_CONTAINER" in your commit message to force rebuilding the container.
ci-test-image-build:
<<: *image_build_template
stage: build
before_script:
- *debug_information
environment:
name: image/$CI_COMMIT_REF_SLUG
url: https://open.greenhost.net:4567/openappstack/openappstack/openappstack-ci:${CI_COMMIT_REF_SLUG}
on_stop: delete-image
auto_stop_in: 3 weeks
rules:
# Automatically rebuild the container image if this file, the Dockerfile,
# the installed requirements or the kaniko template change
......@@ -131,6 +171,8 @@ ci-test-image-build:
# or commit msg contains /TRIGGER_JOBS=.*ci-test-image-build/
- if: '$TRIGGER_JOBS =~ /ci-test-image-build/'
- if: '$CI_COMMIT_MESSAGE =~ /TRIGGER_JOBS=.*ci-test-image-build/'
extends:
- .kaniko_build
# Stage: create-vps
# =================
......@@ -173,40 +215,67 @@ create-vps:
#
# Checks if application needs to get installed
.enable_app_template:
stage: enable-apps
before_script:
- *debug_information
script:
- |
[ ! -d ./enabled_apps ] && mkdir enabled_apps || /bin/true
touch ./enabled_apps/$APP
artifacts:
paths:
- ./clusters
- ./enabled_apps/$APP
enable-eventrouter:
variables:
APP: "eventrouter"
extends: .enable_app_template
extends:
- .enable_app_template
- .eventrouter_rules
enable-grafana:
variables:
APP: "grafana"
extends: .enable_app_template
extends:
- .enable_app_template
- .grafana_rules
enable-nextcloud:
variables:
APP: "nextcloud"
extends: .enable_app_template
extends:
- .enable_app_template
- .nextcloud_rules
enable-prometheus:
variables:
APP: "prometheus"
extends: .enable_app_template
extends:
- .enable_app_template
- .prometheus_rules
enable-rocketchat:
variables:
APP: "rocketchat"
extends: .enable_app_template
extends:
- .enable_app_template
- .rocketchat_rules
enable-single-sign-on:
variables:
APP: "single-sign-on"
extends: .enable_app_template
extends:
- .enable_app_template
- .single_sign_on_rules
enable-wordpress:
variables:
APP: "wordpress"
extends: .enable_app_template
extends:
- .enable_app_template
- .wordpress_rules
# Stage: setup-cluster
......@@ -282,42 +351,56 @@ setup-openappstack:
when: always
extends:
- .ssh_setup
- .app_rules
eventrouter-helm-release:
variables:
APP: "eventrouter"
extends: .helm-release
extends:
- .helm-release
- .eventrouter_rules
grafana-helm-release:
variables:
APP: "grafana"
extends: .helm-release
extends:
- .helm-release
- .grafana_rules
nextcloud-helm-release:
variables:
APP: "nextcloud"
extends: .helm-release
extends:
- .helm-release
- .nextcloud_rules
prometheus-helm-release:
variables:
APP: "prometheus"
extends: .helm-release
extends:
- .helm-release
- .prometheus_rules
rocketchat-helm-release:
variables:
APP: "rocketchat"
extends: .helm-release
extends:
- .helm-release
- .rocketchat_rules
single-sign-on-helm-release:
variables:
APP: "single-sign-on"
extends: .helm-release
extends:
- .helm-release
- .single_sign_on_rules
wordpress-helm-release:
variables:
APP: "wordpress"
extends: .helm-release
extends:
- .helm-release
- .wordpress_rules
# Stage: app-ready
# ================
......@@ -339,56 +422,69 @@ wordpress-helm-release:
when: always
extends:
- .ssh_setup
- .app_rules
eventrouter-ready:
variables:
APP: "eventrouter"
needs:
- job: eventrouter-helm-release
extends: .apps-ready
extends:
- .apps-ready
- .eventrouter_rules
grafana-ready:
variables:
APP: "grafana"
needs:
- job: grafana-helm-release
extends: .apps-ready
extends:
- .apps-ready
- .grafana_rules
nextcloud-ready:
variables:
APP: "nextcloud"
needs:
- job: nextcloud-helm-release
extends: .apps-ready
extends:
- .apps-ready
- .nextcloud_rules
prometheus-ready:
variables:
APP: "prometheus"
needs:
- job: prometheus-helm-release
extends: .apps-ready
extends:
- .apps-ready
- .prometheus_rules
rocketchat-ready:
variables:
APP: "rocketchat"
needs:
- job: rocketchat-helm-release
extends: .apps-ready
extends:
- .apps-ready
- .rocketchat_rules
single-sign-on-ready:
variables:
APP: "single-sign-on"
needs:
- job: single-sign-on-helm-release
extends: .apps-ready
extends:
- .apps-ready
- .single_sign_on_rules
wordpress-ready:
variables:
APP: "wordpress"
needs:
- job: wordpress-helm-release
extends: .apps-ready
extends:
- .apps-ready
- .wordpress_rules
# Stage: certs
# ================
......@@ -408,49 +504,60 @@ wordpress-ready:
when: always
extends:
- .ssh_setup
- .app_rules
grafana-cert:
variables:
APP: "grafana"
needs:
- job: grafana-ready
extends: .apps-cert
extends:
- .apps-cert
- .grafana_rules
nextcloud-cert:
variables:
APP: "nextcloud"
needs:
- job: nextcloud-ready
extends: .apps-cert
extends:
- .apps-cert
- .nextcloud_rules
prometheus-cert:
variables:
APP: "prometheus"
needs:
- job: prometheus-ready
extends: .apps-cert
extends:
- .apps-cert
- .prometheus_rules
rocketchat-cert:
variables:
APP: "rocketchat"
needs:
- job: rocketchat-ready
extends: .apps-cert
extends:
- .apps-cert
- .rocketchat_rules
single-sign-on-cert:
variables:
APP: "single-sign-on"
needs:
- job: single-sign-on-ready
extends: .apps-cert
extends:
- .apps-cert
- .single_sign_on_rules
wordpress-cert:
variables:
APP: "wordpress"
needs:
- job: wordpress-ready
extends: .apps-cert
extends:
- .apps-cert
- .wordpress_rules
# Stage: health-test
......@@ -477,7 +584,7 @@ testinfra:
prometheus-alerts:
stage: health-test
variables:
# Adding the app var hier in combination with .app_rules applies app specific gitlab-ci rules
# APP var is used in job specific rules (i.e. .grafana_rules)
APP: "prometheus"
allow_failure: true
script:
......@@ -486,7 +593,7 @@ prometheus-alerts:
- pytest -s -m 'prometheus' --connection=ansible --ansible-inventory=${CLUSTER_DIR}/inventory.yml --hosts='ansible://*'
extends:
- .ssh_setup
- .app_rules
- .prometheus_rules
needs:
- job: prometheus-ready
......@@ -510,35 +617,43 @@ prometheus-alerts:
when: on_failure
extends:
- .ssh_setup
- .app_rules
grafana-behave:
variables:
APP: "grafana"
needs:
- job: grafana-cert
extends: .behave
extends:
- .behave
- .grafana_rules
nextcloud-behave:
variables:
APP: "nextcloud"
needs:
- job: nextcloud-cert
extends: .behave
extends:
- .behave
- .nextcloud_rules
rocketchat-behave:
variables:
APP: "rocketchat"
needs:
- job: rocketchat-cert
extends: .behave
extends:
- .behave
- .rocketchat_rules
wordpress-behave:
variables:
APP: "wordpress"
needs:
- job: wordpress-cert
extends: .behave
extends:
- .behave
- .wordpress_rules
# Etc
......@@ -584,5 +699,4 @@ gitlab-merge-workaround:
stage: build
image: busybox
script:
- *debug_information
- echo "Not building anything, no changes."
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment