-
Notifications
You must be signed in to change notification settings - Fork 180
/
Copy pathcloudbuild-pr.yaml
102 lines (92 loc) · 3.25 KB
/
cloudbuild-pr.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
steps:
- name: 'gcr.io/cloud-builders/docker'
id: pull-app-image-cache
args: ['pull', 'gcr.io/$PROJECT_ID/learningequality-studio-app:latest']
- name: 'gcr.io/cloud-builders/docker'
id: build-app-image
waitFor: ['pull-app-image-cache'] # don't wait for previous steps
args: [
'build',
'-f', 'docker/Dockerfile.demo',
'--cache-from', 'gcr.io/$PROJECT_ID/learningequality-studio-app:latest',
'-t', 'gcr.io/$PROJECT_ID/learningequality-studio-app:$COMMIT_SHA',
'-t', 'gcr.io/$PROJECT_ID/learningequality-studio-app:latest',
'.'
]
- name: 'gcr.io/cloud-builders/docker'
id: build-nginx-image
waitFor: ['-'] # don't wait for previous steps
args: [
'build',
'-f', 'k8s/images/nginx/Dockerfile',
'--cache-from', 'gcr.io/$PROJECT_ID/learningequality-studio-nginx:latest',
'-t', 'gcr.io/$PROJECT_ID/learningequality-studio-nginx:$COMMIT_SHA',
'-t', 'gcr.io/$PROJECT_ID/learningequality-studio-nginx:latest',
'.'
]
- name: 'gcr.io/cloud-builders/docker'
id: push-app-image
waitFor: ['build-app-image']
args: ['push', 'gcr.io/$PROJECT_ID/learningequality-studio-app:$COMMIT_SHA']
- name: 'gcr.io/cloud-builders/docker'
id: push-nginx-image
waitFor: ['build-nginx-image']
args: ['push', 'gcr.io/$PROJECT_ID/learningequality-studio-nginx:$COMMIT_SHA']
- name: 'gcr.io/cloud-builders/gcloud'
id: decrypt-gcs-service-account
waitFor: ['-']
args: [
'kms', 'decrypt',
'--location=global', '--keyring=builder-secrets', '--key=secret-encrypter',
'--ciphertext-file=k8s/build-secrets/$PROJECT_ID-gcs-service-account.json.enc',
'--plaintext-file=gcs-service-account.json'
]
- name: 'gcr.io/cloud-builders/gcloud'
id: create-new-database
waitFor: ['-']
dir: "k8s"
entrypoint: 'bash'
args: [
'-c',
'./create-cloudsql-database.sh $_RELEASE_NAME $_DATABASE_INSTANCE_NAME'
]
- name: 'gcr.io/$PROJECT_ID/helm'
id: helm-deploy-studio-instance
waitFor: ['decrypt-gcs-service-account', 'push-app-image', 'push-nginx-image']
dir: "k8s"
env:
- 'CLOUDSDK_COMPUTE_ZONE=us-central1-f'
- 'CLOUDSDK_CONTAINER_CLUSTER=dev-qa-cluster'
secretEnv: ['POSTMARK_API_KEY']
entrypoint: 'bash'
args:
- -c
- >
/builder/helm.bash &&
./helm-deploy.sh
$_RELEASE_NAME
$_STORAGE_BUCKET
$COMMIT_SHA
$$POSTMARK_API_KEY
""
""
$_POSTGRES_USERNAME
$_RELEASE_NAME
$_POSTGRES_PASSWORD
$PROJECT_ID-$_DATABASE_INSTANCE_NAME-sql-proxy-gcloud-sqlproxy.sqlproxy
../gcs-service-account.json
$PROJECT_ID
- name: 'gcr.io/cloud-builders/gsutil'
id: remove-tarball-in-gcs
waitFor: ['helm-deploy-studio-instance']
args: ['rm', $_TARBALL_LOCATION]
timeout: 3600s
secrets:
- kmsKeyName: projects/ops-central/locations/global/keyRings/builder-secrets/cryptoKeys/secret-encrypter
secretEnv:
POSTMARK_API_KEY: CiQA7z1GH3QhvCEWNn6KS64t/c8BEQng5I4CdMC6VGNxJkWmZrwSTgB+R8mv/PSrzlDmCYSOZc4bugWA+K+lJ8nIll1BBsZZEV5M9GuOCYVn6sVWg9pCIVujwyb4EvEy1QaKmZCzAnTw9aHEXDH0sruAUHBaTA==
images:
- 'gcr.io/$PROJECT_ID/learningequality-studio-nginx:$COMMIT_SHA'
- 'gcr.io/$PROJECT_ID/learningequality-studio-nginx:latest'
- 'gcr.io/$PROJECT_ID/learningequality-studio-app:$COMMIT_SHA'
- 'gcr.io/$PROJECT_ID/learningequality-studio-app:latest'