67ff70201e
We will run a separate pod for the beat worker. There should only ever be a single beat worker (to avoid redundant work) so the number of replicas needs to be managed independently. This adds both the Kubernetes config for the new pod and additional CircleCI config to swap a new image into the pod during CD.
261 lines
7.8 KiB
YAML
261 lines
7.8 KiB
YAML
version: 2.1
|
|
|
|
orbs:
|
|
aws-ecr: circleci/aws-ecr@6.3.0
|
|
aws-eks: circleci/aws-eks@0.1.0
|
|
azure-acr: circleci/azure-acr@0.1.2
|
|
azure-aks: circleci/azure-aks@0.2.0
|
|
kubernetes: circleci/kubernetes@0.3.0
|
|
|
|
defaults:
|
|
appEnvironment: &appEnvironment
|
|
KEEP_EXISTING_VENV: true
|
|
PGHOST: localhost
|
|
PGUSER: root
|
|
PGDATABASE: circle_test
|
|
REDIS_URI: redis://localhost:6379
|
|
PIP_VERSION: 18.*
|
|
CRL_STORAGE_PROVIDER: CLOUDFILES
|
|
|
|
commands:
|
|
migration_setup:
|
|
parameters:
|
|
container_image:
|
|
type: string
|
|
steps:
|
|
- attach_workspace:
|
|
at: .
|
|
- run:
|
|
name: Setup Environment Variables
|
|
command: |
|
|
echo 'export CONTAINER_IMAGE="<< parameters.container_image >>"' >> $BASH_ENV
|
|
- run: sudo apt-get update
|
|
- run: sudo apt-get install gettext
|
|
- kubernetes/install
|
|
migration_apply:
|
|
steps:
|
|
- run:
|
|
command: ./script/cluster_migration
|
|
name: Apply Migrations and Seed Roles
|
|
|
|
jobs:
|
|
app_setup:
|
|
docker:
|
|
- image: circleci/python:3.7.3-stretch-node
|
|
environment: *appEnvironment
|
|
- image: circleci/postgres:9.6.5-alpine-ram
|
|
- image: circleci/redis:4-alpine3.8
|
|
steps:
|
|
- checkout
|
|
- run: sudo apt-get update
|
|
- run: sudo apt-get install postgresql-client-9.6
|
|
- attach_workspace:
|
|
at: .
|
|
- run: ./script/setup
|
|
- save_cache:
|
|
name: "Save Cache: Pipenv Refrences"
|
|
paths:
|
|
- ~/.local/share
|
|
key: pipenv-v1-{{ .Branch }}-{{ checksum "Pipfile.lock" }}
|
|
- save_cache:
|
|
name: "Save Cache: Python Venv"
|
|
paths:
|
|
- ./.venv
|
|
key: venv-v1-{{ .Branch }}-{{ checksum "Pipfile.lock" }}
|
|
- save_cache:
|
|
name: "Save Cache: Yarn"
|
|
paths:
|
|
- ~/.cache/yarn
|
|
key: yarn-v1-{{ .Branch }}-{{ checksum "yarn.lock" }}
|
|
- save_cache:
|
|
name: "Save Cache: Node Modules"
|
|
paths:
|
|
- ./node_modules
|
|
key: node-v1-{{ .Branch }}-{{ checksum "yarn.lock" }}
|
|
- run:
|
|
name: "Update CRLs"
|
|
command: ./script/sync-crls
|
|
- run:
|
|
name: "Generate build info"
|
|
command: ./script/generate_build_info.sh
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- .
|
|
|
|
test:
|
|
docker:
|
|
- image: circleci/python:3.7.3-stretch-node
|
|
environment: *appEnvironment
|
|
- image: circleci/postgres:9.6.5-alpine-ram
|
|
- image: circleci/redis:4-alpine3.8
|
|
steps:
|
|
- attach_workspace:
|
|
at: .
|
|
- run: sudo apt-get update
|
|
- run: sudo apt-get install postgresql-client-9.6
|
|
- run:
|
|
name: "Run Tests"
|
|
command: ./script/cibuild
|
|
|
|
aws-migration:
|
|
executor: aws-eks/python3
|
|
steps:
|
|
- migration_setup:
|
|
container_image: "$AWS_ECR_ACCOUNT_URL/atat:atat-$CIRCLE_SHA1"
|
|
- aws-eks/update-kubeconfig-with-authenticator:
|
|
cluster-name: atat
|
|
aws-region: "${AWS_REGION}"
|
|
- migration_apply
|
|
|
|
azure-migration:
|
|
executor: azure-aks/default
|
|
steps:
|
|
- migration_setup:
|
|
container_image: "$AZURE_SERVER_NAME/atat:atat-$CIRCLE_SHA1"
|
|
- azure-aks/update-kubeconfig-with-credentials:
|
|
cluster-name: atat-cluster
|
|
install-kubectl: true
|
|
perform-login: true
|
|
resource-group: atat
|
|
- migration_apply
|
|
|
|
# the azure-acr orb doesn't allow for multiple tags in the
|
|
# build-and-push-image step, so instead we wrap our own job around it and run
|
|
# some additional Docker commands
|
|
azure-build-and-push-image:
|
|
executor: azure-acr/default
|
|
steps:
|
|
- azure-acr/build-and-push-image:
|
|
extra-build-args: "--build-arg CSP=azure"
|
|
login-server-name: "${AZURE_SERVER_NAME}"
|
|
registry-name: pwatat
|
|
repo: atat
|
|
tag: "atat-${CIRCLE_SHA1}"
|
|
- run: "docker tag ${AZURE_SERVER_NAME}/atat:atat-${CIRCLE_SHA1} ${AZURE_SERVER_NAME}/atat:latest"
|
|
- run: "docker push ${AZURE_SERVER_NAME}/atat:latest"
|
|
|
|
workflows:
|
|
version: 2
|
|
run-tests:
|
|
jobs:
|
|
- app_setup
|
|
- test:
|
|
requires:
|
|
- app_setup
|
|
- azure-build-and-push-image:
|
|
requires:
|
|
- test
|
|
filters:
|
|
branches:
|
|
only:
|
|
- master
|
|
- azure-migration:
|
|
requires:
|
|
- azure-build-and-push-image
|
|
filters:
|
|
branches:
|
|
only:
|
|
- master
|
|
- azure-aks/update-container-image:
|
|
cluster-name: atat-cluster
|
|
container-image-updates: "atst=${AZURE_SERVER_NAME}/atat:atat-${CIRCLE_SHA1}"
|
|
namespace: atat
|
|
resource-name: deployment.apps/atst
|
|
resource-group: atat
|
|
# uncomment below for debugging
|
|
# show-kubectl-command: true
|
|
requires:
|
|
- azure-migration
|
|
filters:
|
|
branches:
|
|
only:
|
|
- master
|
|
- azure-aks/update-container-image:
|
|
cluster-name: atat-cluster
|
|
container-image-updates: "atst-worker=${AZURE_SERVER_NAME}/atat:atat-${CIRCLE_SHA1}"
|
|
namespace: atat
|
|
resource-name: deployment.apps/atst-worker
|
|
resource-group: atat
|
|
# uncomment below for debugging
|
|
# show-kubectl-command: true
|
|
requires:
|
|
- azure-migration
|
|
filters:
|
|
branches:
|
|
only:
|
|
- master
|
|
- azure-aks/update-container-image:
|
|
cluster-name: atat-cluster
|
|
container-image-updates: "atst-beat=${AZURE_SERVER_NAME}/atat:atat-${CIRCLE_SHA1}"
|
|
namespace: atat
|
|
resource-name: deployment.apps/atst-beat
|
|
resource-group: atat
|
|
# uncomment below for debugging
|
|
# show-kubectl-command: true
|
|
requires:
|
|
- azure-migration
|
|
filters:
|
|
branches:
|
|
only:
|
|
- master
|
|
- aws-ecr/build-and-push-image:
|
|
extra-build-args: "--build-arg CSP=aws"
|
|
repo: atat
|
|
tag: "atat-${CIRCLE_SHA1},latest"
|
|
requires:
|
|
- test
|
|
filters:
|
|
branches:
|
|
only:
|
|
- master
|
|
- aws-migration:
|
|
requires:
|
|
- aws-ecr/build-and-push-image
|
|
filters:
|
|
branches:
|
|
only:
|
|
- master
|
|
- aws-eks/update-container-image:
|
|
cluster-name: atat
|
|
container-image-updates: "atst=${AWS_ECR_ACCOUNT_URL}/atat:atat-${CIRCLE_SHA1}"
|
|
namespace: atat
|
|
resource-name: deployment.apps/atst
|
|
aws-region: "${AWS_REGION}"
|
|
# uncomment below for debugging
|
|
# show-kubectl-command: true
|
|
requires:
|
|
- aws-migration
|
|
filters:
|
|
branches:
|
|
only:
|
|
- master
|
|
- aws-eks/update-container-image:
|
|
cluster-name: atat
|
|
container-image-updates: "atst-worker=${AWS_ECR_ACCOUNT_URL}/atat:atat-${CIRCLE_SHA1}"
|
|
namespace: atat
|
|
resource-name: deployment.apps/atst-worker
|
|
aws-region: "${AWS_REGION}"
|
|
# uncomment below for debugging
|
|
# show-kubectl-command: true
|
|
requires:
|
|
- aws-migration
|
|
filters:
|
|
branches:
|
|
only:
|
|
- master
|
|
- aws-eks/update-container-image:
|
|
cluster-name: atat
|
|
container-image-updates: "atst-beat=${AWS_ECR_ACCOUNT_URL}/atat:atat-${CIRCLE_SHA1}"
|
|
namespace: atat
|
|
resource-name: deployment.apps/atst-beat
|
|
aws-region: "${AWS_REGION}"
|
|
# uncomment below for debugging
|
|
# show-kubectl-command: true
|
|
requires:
|
|
- aws-migration
|
|
filters:
|
|
branches:
|
|
only:
|
|
- master
|