-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.gitlab-ci.yml
51 lines (49 loc) · 2.19 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
image: docker:latest
services:
- docker:dind
variables:
DOCKER_DRIVER: overlay
GROUP: midnight-lizard
PROJ: identity
docker-build:
stage: build
only:
- master
script:
- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY;
- docker build -t $CI_REGISTRY/$GROUP/$PROJ:$CI_PIPELINE_ID ./app;
- docker push $CI_REGISTRY/$GROUP/$PROJ:$CI_PIPELINE_ID;
gce-deploy:
image: google/cloud-sdk
stage: deploy
only:
- master
script:
- chmod +x ./shell/gcloud-config.sh
- ./shell/gcloud-config.sh -k "$GCE_KEY" -z "$GCE_CLUSTER_ZONE" -p "$GCE_PROJECT" -c "$GCE_CLUSTER_NAME"
- curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get | bash
- helm init --upgrade
# - helm install --set name=iddb -n iddb-data ./kube/persistence/gce
- >-
helm upgrade --install iddb ./kube/iddb
--set secrets.postgres.password=$IDDB_POSTGRES_PASSWORD
--set secrets.postgres.connection=$IDDB_POSTGRES_CONNECTION
- >-
helm upgrade --install --set image="$CI_REGISTRY/$GROUP/$PROJ:$CI_PIPELINE_ID"
--set secrets.signingCertificate.data=$IDENTITY_SERVER_SIGNING_CERTIFICATE
--set secrets.signingCertificate.password=$IDENTITY_SERVER_SIGNING_CERTIFICATE_PASSWORD
--set secrets.google.clientId=$IDENTITY_GOOGLE_CLIENT_ID
--set secrets.google.clientSecret=$IDENTITY_GOOGLE_CLIENT_SECRET
--set secrets.twitter.consumerKey=$IDENTITY_TWITTER_CONSUMER_KEY
--set secrets.twitter.consumerSecret=$IDENTITY_TWITTER_CONSUMER_SECRET
--set secrets.facebook.appId=$IDENTITY_FACEBOOK_APP_ID
--set secrets.facebook.appSecret=$IDENTITY_FACEBOOK_APP_SECRET
--set secrets.sendGrid.apiSecret=$SENDGRID_API_KEY
--set secrets.identityService.email=$IDENTITY_SERVICE_EMAIL
--set secrets.identityService.displayName=$IDENTITY_SERVICE_DISPLAY_NAME
--set secrets.portal.clientSecret=$IDENTITY_PORTAL_CLIENT_SECRET
--set secrets.impressionsCommander.apiSecret=$IDENTITY_IMPRESSIONS_COMMANDER_API_SECRET
--set secrets.schemesCommander.apiSecret=$IDENTITY_SCHEMES_COMMANDER_API_SECRET
--set secrets.schemesQuerier.apiSecret=$IDENTITY_SCHEMES_QUERIER_API_SECRET
--set secrets.owners.emailsJsonArray=$IDENTITY_OWNER_EMAILS_JSON_ARRAY
$PROJ ./kube/$PROJ