Update CI and remove AWS config.

This does the following:
- Consolidates the app_setup and test jobs into one. The test job was
  only one additional step, so it's not worth separating.
- Updates the Postgres image used to reflect what we're using for the
  deployed version of the site (i.e., v 10).
- Removes some unnecessary steps from the first job.
- Removes all AWS config so that CD will only push to the Azure
  container registry, run migrations against the Azure-hosted database,
  and rotate the container images in the Azure k8s cluster.
This commit is contained in:
dandds 2019-10-26 16:15:45 -04:00
parent d514305f26
commit 85da084cd7

View File

@ -1,8 +1,6 @@
version: 2.1 version: 2.1
orbs: orbs:
aws-ecr: circleci/aws-ecr@6.3.0
aws-eks: circleci/aws-eks@0.1.0
azure-acr: circleci/azure-acr@0.1.2 azure-acr: circleci/azure-acr@0.1.2
azure-aks: circleci/azure-aks@0.2.0 azure-aks: circleci/azure-aks@0.2.0
kubernetes: circleci/kubernetes@0.3.0 kubernetes: circleci/kubernetes@0.3.0
@ -11,11 +9,10 @@ defaults:
appEnvironment: &appEnvironment appEnvironment: &appEnvironment
KEEP_EXISTING_VENV: true KEEP_EXISTING_VENV: true
PGHOST: localhost PGHOST: localhost
PGUSER: root PGUSER: postgres
PGDATABASE: circle_test PGDATABASE: circle_test
REDIS_URI: redis://localhost:6379 REDIS_URI: redis://localhost:6379
PIP_VERSION: 18.* PIP_VERSION: 18.*
CRL_STORAGE_PROVIDER: CLOUDFILES
commands: commands:
migration_setup: migration_setup:
@ -39,21 +36,21 @@ commands:
name: Apply Migrations and Seed Roles name: Apply Migrations and Seed Roles
jobs: jobs:
app_setup: test:
docker: docker:
- image: circleci/python:3.7.3-stretch-node - image: circleci/python:3.7.3-stretch-node
environment: *appEnvironment environment: *appEnvironment
- image: circleci/postgres:9.6.5-alpine-ram - image: circleci/postgres:10-alpine-ram
- image: circleci/redis:4-alpine3.8 - image: circleci/redis:4-alpine3.8
steps: steps:
- checkout - checkout
- run: sudo apt-get update - run: sudo apt-get update
- run: sudo apt-get install postgresql-client-9.6 - run: sudo apt-get install postgresql-client
- attach_workspace: - attach_workspace:
at: . at: .
- run: ./script/setup - run: ./script/setup
- save_cache: - save_cache:
name: "Save Cache: Pipenv Refrences" name: "Save Cache: Pipenv References"
paths: paths:
- ~/.local/share - ~/.local/share
key: pipenv-v1-{{ .Branch }}-{{ checksum "Pipfile.lock" }} key: pipenv-v1-{{ .Branch }}-{{ checksum "Pipfile.lock" }}
@ -73,90 +70,38 @@ jobs:
- ./node_modules - ./node_modules
key: node-v1-{{ .Branch }}-{{ checksum "yarn.lock" }} key: node-v1-{{ .Branch }}-{{ checksum "yarn.lock" }}
- run: - run:
name: "Update CRLs" name: "Run Tests"
command: ./script/sync-crls command: ./script/cibuild
- run:
name: "Generate build info"
command: ./script/generate_build_info.sh
- persist_to_workspace: - persist_to_workspace:
root: . root: .
paths: paths:
- . - .
test: integration-tests:
docker: docker:
- image: circleci/python:3.7.3-stretch-node - image: docker:18.06.0-ce-git
environment: *appEnvironment - image: circleci/postgres:10-alpine-ram
- image: circleci/postgres:9.6.5-alpine-ram
- image: circleci/redis:4-alpine3.8 - image: circleci/redis:4-alpine3.8
steps: steps:
- attach_workspace: - attach_workspace:
at: . at: .
- run: sudo apt-get update
- run: sudo apt-get install postgresql-client-9.6
- run:
name: "Run Tests"
command: ./script/cibuild
aws-migration:
executor: aws-eks/python3
steps:
- migration_setup:
container_image: "$AWS_ECR_ACCOUNT_URL/atat:atat-$CIRCLE_SHA1"
- aws-eks/update-kubeconfig-with-authenticator:
cluster-name: atat
aws-region: "${AWS_REGION}"
- migration_apply
azure-migration:
executor: azure-aks/default
steps:
- migration_setup:
container_image: "$AZURE_SERVER_NAME/atat:atat-$CIRCLE_SHA1"
- azure-aks/update-kubeconfig-with-credentials:
cluster-name: atat-cluster
install-kubectl: true
perform-login: true
resource-group: atat
- migration_apply
# the azure-acr orb doesn't allow for multiple tags in the
# build-and-push-image step, so instead we wrap our own job around it and run
# some additional Docker commands
azure-build-and-push-image:
executor: azure-acr/default
steps:
- azure-acr/build-and-push-image:
extra-build-args: "--build-arg CSP=azure"
login-server-name: "${AZURE_SERVER_NAME}"
registry-name: pwatat
repo: atat
tag: "atat-${CIRCLE_SHA1}"
- run: "docker tag ${AZURE_SERVER_NAME}/atat:atat-${CIRCLE_SHA1} ${AZURE_SERVER_NAME}/atat:latest"
- run: "docker push ${AZURE_SERVER_NAME}/atat:latest"
integration-tests:
docker:
- image: docker:17.05.0-ce-git
steps:
- setup_remote_docker: - setup_remote_docker:
version: 18.06.0-ce version: 18.06.0-ce
- checkout - run:
name: Remove existing font symlink
command: rm static/fonts
- run: - run:
name: Set up temporary docker network name: Set up temporary docker network
command: docker network create atat command: docker network create atat
- run: - run:
name: Build image name: Build image
command: docker build . -t atat:latest command: docker build . -t atat:latest
- run:
name: Get storage containers
command: docker pull postgres:latest && docker pull redis:latest
- run: - run:
name: Start redis name: Start redis
command: docker run -d --network atat --link redis:redis -p 6379:6379 --name redis redis:latest command: docker run -d --network atat --link redis:redis -p 6379:6379 --name redis circleci/redis:4-alpine3.8
- run: - run:
name: Start postgres name: Start postgres
command: docker run -d --network atat --link postgres:postgres -p 5432:5432 --name postgres postgres:latest command: docker run -d --network atat --link postgres:postgres -p 5432:5432 --name postgres circleci/postgres:10-alpine-ram
- run: - run:
name: Start application container name: Start application container
command: | command: |
@ -199,14 +144,38 @@ jobs:
--network atat \ --network atat \
ghostinspector/test-runner-standalone:latest ghostinspector/test-runner-standalone:latest
azure-migration:
executor: azure-aks/default
steps:
- migration_setup:
container_image: "$AZURE_SERVER_NAME/atat:atat-$CIRCLE_SHA1"
- azure-aks/update-kubeconfig-with-credentials:
cluster-name: atat-cluster
install-kubectl: true
perform-login: true
resource-group: atat
- migration_apply
# the azure-acr orb doesn't allow for multiple tags in the
# build-and-push-image step, so instead we wrap our own job around it and run
# some additional Docker commands
azure-build-and-push-image:
executor: azure-acr/default
steps:
- azure-acr/build-and-push-image:
extra-build-args: "--build-arg CSP=azure"
login-server-name: "${AZURE_SERVER_NAME}"
registry-name: pwatat
repo: atat
tag: "atat-${CIRCLE_SHA1}"
- run: "docker tag ${AZURE_SERVER_NAME}/atat:atat-${CIRCLE_SHA1} ${AZURE_SERVER_NAME}/atat:latest"
- run: "docker push ${AZURE_SERVER_NAME}/atat:latest"
workflows: workflows:
version: 2 version: 2
run-tests: run-tests:
jobs: jobs:
- app_setup - test
- test:
requires:
- app_setup
- integration-tests: - integration-tests:
requires: requires:
- test - test
@ -266,62 +235,3 @@ workflows:
branches: branches:
only: only:
- master - master
- aws-ecr/build-and-push-image:
extra-build-args: "--build-arg CSP=aws"
repo: atat
tag: "atat-${CIRCLE_SHA1},latest"
requires:
- integration-tests
filters:
branches:
only:
- master
- aws-migration:
requires:
- aws-ecr/build-and-push-image
filters:
branches:
only:
- master
- aws-eks/update-container-image:
cluster-name: atat
container-image-updates: "atst=${AWS_ECR_ACCOUNT_URL}/atat:atat-${CIRCLE_SHA1}"
namespace: atat
resource-name: deployment.apps/atst
aws-region: "${AWS_REGION}"
# uncomment below for debugging
# show-kubectl-command: true
requires:
- aws-migration
filters:
branches:
only:
- master
- aws-eks/update-container-image:
cluster-name: atat
container-image-updates: "atst-worker=${AWS_ECR_ACCOUNT_URL}/atat:atat-${CIRCLE_SHA1}"
namespace: atat
resource-name: deployment.apps/atst-worker
aws-region: "${AWS_REGION}"
# uncomment below for debugging
# show-kubectl-command: true
requires:
- aws-migration
filters:
branches:
only:
- master
- aws-eks/update-container-image:
cluster-name: atat
container-image-updates: "atst-beat=${AWS_ECR_ACCOUNT_URL}/atat:atat-${CIRCLE_SHA1}"
namespace: atat
resource-name: deployment.apps/atst-beat
aws-region: "${AWS_REGION}"
# uncomment below for debugging
# show-kubectl-command: true
requires:
- aws-migration
filters:
branches:
only:
- master