From c09558c0ff397afefe40f369ea1df50d09f4a3bb Mon Sep 17 00:00:00 2001 From: ducoterra Date: Sat, 25 Apr 2020 19:04:21 -0400 Subject: [PATCH] manual approval to prod --- .gitlab-ci.yml | 31 +++++++++++++++++++++++++++---- k8s/configmap.yaml | 2 +- k8s/{ => prod}/ingress.yaml | 8 ++++---- k8s/test/ingress.yaml | 18 ++++++++++++++++++ 4 files changed, 50 insertions(+), 9 deletions(-) rename k8s/{ => prod}/ingress.yaml (85%) create mode 100644 k8s/test/ingress.yaml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index ddf1dc5..d6c7e65 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,7 +1,8 @@ variables: CI_PROJECT_DIR: "." CI_REGISTRY_IMAGE: hub.ducoterra.net/ducoterra/mysite - DEPLOY: test + DEPLOY_TEST: test + DEPLOY_PROD: prod stages: - build @@ -20,21 +21,21 @@ build: - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_TAG test: + stage: test only: variables: - $CI_COMMIT_TAG - stage: test image: name: $CI_REGISTRY_IMAGE:$CI_COMMIT_TAG entrypoint: [""] script: - python manage.py test -deploy: +deploy_to_test: + stage: deploy only: variables: - $CI_COMMIT_TAG - stage: deploy image: name: debian:10 entrypoint: [""] @@ -44,6 +45,28 @@ deploy: - chmod +x ./kubectl - mkdir /deploy - for f in $(find k8s -regex '.*\.ya*ml'); do envsubst < $f > "/deploy/$(basename $f)"; done + - for f in $(find k8s/test -regex '.*\.ya*ml'); do envsubst < $f > "/deploy/$(basename $f)"; done + - ./kubectl apply -f /deploy + - ./kubectl rollout status deploy $DEPLOY + - POD=$(./kubectl get pods --selector=app=$DEPLOY --output=jsonpath='{.items[*].metadata.name}') + - ./kubectl exec $POD -- python manage.py migrate + +deploy_to_prod: + stage: deploy + only: + variables: + - $CI_COMMIT_TAG + when: manual + image: + name: debian:10 + entrypoint: [""] + script: + - apt -qq update >> /dev/null && apt -qq install -y curl gettext >> /dev/null + - curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl + - chmod +x ./kubectl + - mkdir /deploy + - for f in $(find k8s -regex '.*\.ya*ml'); do envsubst < $f > "/deploy/$(basename $f)"; done + - for f in $(find k8s/prod -regex '.*\.ya*ml'); do envsubst < $f > "/deploy/$(basename $f)"; done - ./kubectl apply -f /deploy - ./kubectl rollout status deploy $DEPLOY - POD=$(./kubectl get pods --selector=app=$DEPLOY --output=jsonpath='{.items[*].metadata.name}') diff --git a/k8s/configmap.yaml b/k8s/configmap.yaml index 82f9e0f..1c5e6f1 100644 --- a/k8s/configmap.yaml +++ b/k8s/configmap.yaml @@ -3,4 +3,4 @@ kind: ConfigMap metadata: name: $DEPLOY data: - ALLOWED_HOSTS: localhost,test.ducoterra.net \ No newline at end of file + ALLOWED_HOSTS: localhost,$DEPLOY.ducoterra.net \ No newline at end of file diff --git a/k8s/ingress.yaml b/k8s/prod/ingress.yaml similarity index 85% rename from k8s/ingress.yaml rename to k8s/prod/ingress.yaml index 9f9d935..401565a 100644 --- a/k8s/ingress.yaml +++ b/k8s/prod/ingress.yaml @@ -7,10 +7,10 @@ metadata: spec: tls: - hosts: - - test.ducoterra.net + - $DEPLOY.ducoterra.net secretName: letsencrypt rules: - - host: test.ducoterra.net + - host: $DEPLOY.ducoterra.net http: paths: - backend: @@ -29,7 +29,7 @@ spec: tls: secretName: letsencrypt routes: - - match: Host(`test.ducoterra.net`) + - match: Host(`$DEPLOY.ducoterra.net`) kind: Rule services: - name: $DEPLOY @@ -45,7 +45,7 @@ spec: entryPoints: - web routes: - - match: Host(`test.ducoterra.net`) + - match: Host(`$DEPLOY.ducoterra.net`) kind: Rule services: - name: $DEPLOY diff --git a/k8s/test/ingress.yaml b/k8s/test/ingress.yaml new file mode 100644 index 0000000..5b29257 --- /dev/null +++ b/k8s/test/ingress.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress +metadata: + annotations: + ingress.kubernetes.io/ssl-redirect: "true" + name: $DEPLOY +spec: + tls: + - hosts: + - $DEPLOY.ducoterra.net + secretName: letsencrypt + rules: + - host: $DEPLOY.ducoterra.net + http: + paths: + - backend: + serviceName: $DEPLOY + servicePort: 8000 \ No newline at end of file