From ace222fe955e1e73787cdcde55ee687866f35ca8 Mon Sep 17 00:00:00 2001
From: dandds <dan-ctr@friends.dds.mil>
Date: Wed, 11 Sep 2019 13:28:50 -0400
Subject: [PATCH] Push multiple Docker tags for image in CD.

This will allow Kubernetes resources that only pull images occasionally
(i.e., k8s jobs) to point to a static tag name, "latest", that is updated
regularly. It also means we can refer to that image in the k8s config
tracked in the repo, instead of out-of-date images.
---
 .circleci/config.yml        | 34 ++++++++++++++++++++++------------
 deploy/aws/aws.yml          |  4 ++--
 deploy/aws/crls-sync.yaml   |  2 +-
 deploy/azure/azure.yml      |  4 ++--
 deploy/azure/crls-sync.yaml |  2 +-
 5 files changed, 28 insertions(+), 18 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 8d19f887..2fc9161c 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -1,9 +1,9 @@
 version: 2.1
 
 orbs:
-    aws-ecr: circleci/aws-ecr@4.0.1
+    aws-ecr: circleci/aws-ecr@6.3.0
     aws-eks: circleci/aws-eks@0.1.0
-    azure-acr: circleci/azure-acr@0.1.1
+    azure-acr: circleci/azure-acr@0.1.2
     azure-aks: circleci/azure-aks@0.2.0
     kubernetes: circleci/kubernetes@0.3.0
 
@@ -120,6 +120,21 @@ jobs:
           resource-group: atat
       - migration_apply
 
+  # the azure-acr orb doesn't allow for multiple tags in the
+  # build-and-push-image step, so instead we wrap our own job around it and run
+  # some additional Docker commands
+  azure-build-and-push-image:
+    executor: azure-acr/default
+    steps:
+      - azure-acr/build-and-push-image:
+          extra-build-args: "--build-arg CSP=azure"
+          login-server-name: "${AZURE_SERVER_NAME}"
+          registry-name: pwatat
+          repo: atat
+          tag: "${CIRCLE_SHA1}"
+      - run: "docker tag ${AZURE_SERVER_NAME}/atat:${CIRCLE_SHA1}  ${AZURE_SERVER_NAME}/atat:latest"
+      - run: "docker push ${AZURE_SERVER_NAME}/atat:latest"
+
 workflows:
   version: 2
   run-tests:
@@ -128,12 +143,7 @@ workflows:
       - test:
           requires:
             - app_setup
-      - azure-acr/build_and_push_image:
-          extra-build-args: "--build-arg CSP=azure"
-          login-server-name: "${AZURE_SERVER_NAME}"
-          registry-name: pwatat
-          repo: atat
-          tag: "${CIRCLE_SHA1}"
+      - azure-build-and-push-image:
           requires:
             - test
           filters:
@@ -142,7 +152,7 @@ workflows:
                 - master
       - azure-migration:
           requires:
-            - azure-acr/build_and_push_image
+            - azure-build-and-push-image
           filters:
             branches:
               only:
@@ -175,10 +185,10 @@ workflows:
             branches:
               only:
                 - master
-      - aws-ecr/build_and_push_image:
+      - aws-ecr/build-and-push-image:
           extra-build-args: "--build-arg CSP=aws"
           repo: atat
-          tag: "${CIRCLE_SHA1}"
+          tag: "${CIRCLE_SHA1},latest"
           requires:
             - test
           filters:
@@ -187,7 +197,7 @@ workflows:
                 - master
       - aws-migration:
           requires:
-            - aws-ecr/build_and_push_image
+            - aws-ecr/build-and-push-image
           filters:
             branches:
               only:
diff --git a/deploy/aws/aws.yml b/deploy/aws/aws.yml
index 9d832f32..b30f7fb4 100644
--- a/deploy/aws/aws.yml
+++ b/deploy/aws/aws.yml
@@ -28,7 +28,7 @@ spec:
         fsGroup: 101
       containers:
         - name: atst
-          image: 904153757533.dkr.ecr.us-east-2.amazonaws.com/atat:4d14326ba77f1b3287b3c436a2d9be064bf4fba3
+          image: 904153757533.dkr.ecr.us-east-2.amazonaws.com/atat:latest
           resources:
             requests:
                memory: "500Mi"
@@ -139,7 +139,7 @@ spec:
         fsGroup: 101
       containers:
         - name: atst-worker
-          image: 904153757533.dkr.ecr.us-east-2.amazonaws.com/atat:4d14326ba77f1b3287b3c436a2d9be064bf4fba3
+          image: 904153757533.dkr.ecr.us-east-2.amazonaws.com/atat:latest
           args: [
             "/opt/atat/atst/.venv/bin/python",
             "/opt/atat/atst/.venv/bin/celery",
diff --git a/deploy/aws/crls-sync.yaml b/deploy/aws/crls-sync.yaml
index 2d7ee55e..85990da7 100644
--- a/deploy/aws/crls-sync.yaml
+++ b/deploy/aws/crls-sync.yaml
@@ -12,7 +12,7 @@ spec:
           restartPolicy: OnFailure
           containers:
           - name: crls
-            image: 904153757533.dkr.ecr.us-east-2.amazonaws.com/atat:8f1c8b5633ca70168837c885010e7d66d93562dc
+            image: 904153757533.dkr.ecr.us-east-2.amazonaws.com/atat:latest
             command: [
               "/bin/sh", "-c"
             ]
diff --git a/deploy/azure/azure.yml b/deploy/azure/azure.yml
index 42143b56..e599b9f5 100644
--- a/deploy/azure/azure.yml
+++ b/deploy/azure/azure.yml
@@ -28,7 +28,7 @@ spec:
         fsGroup: 101
       containers:
         - name: atst
-          image: pwatat.azurecr.io/atat:4d14326ba77f1b3287b3c436a2d9be064bf4fba3
+          image: pwatat.azurecr.io/atat:latest
           resources:
             requests:
                memory: "500Mi"
@@ -140,7 +140,7 @@ spec:
         fsGroup: 101
       containers:
         - name: atst-worker
-          image: pwatat.azurecr.io/atat:4d14326ba77f1b3287b3c436a2d9be064bf4fba3
+          image: pwatat.azurecr.io/atat:latest
           args: [
             "/opt/atat/atst/.venv/bin/python",
             "/opt/atat/atst/.venv/bin/celery",
diff --git a/deploy/azure/crls-sync.yaml b/deploy/azure/crls-sync.yaml
index a86272d4..deb72634 100644
--- a/deploy/azure/crls-sync.yaml
+++ b/deploy/azure/crls-sync.yaml
@@ -12,7 +12,7 @@ spec:
           restartPolicy: OnFailure
           containers:
           - name: crls
-            image: pwatat.azurecr.io/atat:8f1c8b5633ca70168837c885010e7d66d93562dc
+            image: pwatat.azurecr.io/atat:latest
             command: [
               "/bin/sh", "-c"
             ]