Skip to content

GitLab

Unverified Commit be598e58 authored by Gary van Woerkens's avatar Gary van Woerkens Committed by GitHub
Browse files

fix: Use SocialGouv autodevops actions. (#683) 


Co-authored-by: default avatarsemantic-release-bot <semantic-release-bot@martynus.net>
parent ff939d41
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 925 additions and 401 deletions
.github/dev.env 0 → 100644
View file @ be598e58
SOCIALGOUV_BASE_DOMAIN=dev.fabrique.social.gouv.fr
RANCHER_PROJECT_ID=c-gjtkk:p-5wvx7
.github/preprod.env 0 → 100644
View file @ be598e58
SOCIALGOUV_BASE_DOMAIN=dev.fabrique.social.gouv.fr
RANCHER_PROJECT_ID=c-gjtkk:p-5wvx7
.github/prod.env 0 → 100644
View file @ be598e58
SOCIALGOUV_BASE_DOMAIN=fabrique.social.gouv.fr
RANCHER_PROJECT_ID=c-5rj5b:p-nmmg2
.github/workflows/expo-publish-develop.yml
View file @ be598e58
name: Publish on ExpoGo (Develop)
on:
push:
# branches: [develop, alpha, beta, next]
branches:
- 'develop'
- '**'
tags-ignore:
- v*
paths:
- 'front/**'
- '.github/workflows/expo-publish-develop.yml'
workflow_dispatch:
name:
description: 'Manual workflow'
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
jobs:
Publish:
name: Publish Develop
runs-on: ubuntu-latest
env:
API_URL: https://backoffice-develop-dev-les1000jours.dev.fabrique.social.gouv.fr
CLEAR_STORAGE: false
MATOMO_APPLICATION_ID: 46
MATOMO_ENABLED: true
......@@ -33,9 +40,14 @@ jobs:
expo-version: 4.x
expo-username: ${{ secrets.EXPO_CLI_USERNAME }}
expo-password: ${{ secrets.EXPO_CLI_PASSWORD }}
- uses: socialgouv/actions/k8s-namespace@k8s-namespace
id: namespace
with:
environment: "dev"
- name: Yarn
run: |
cd front
yarn install
yarn publish-develop
env:
API_URL: https://backoffice-${{ steps.namespace.outputs.value }}.dev.fabrique.social.gouv.fr
.github/workflows/expo-publish-preprod.yml
View file @ be598e58
name: Publish on ExpoGo (PreProd)
# on:
# push:
# branches:
# - 'master'
# paths:
# - 'front/**'
# - '.github/workflows/expo-publish-preprod.yml'
on:
push:
branches:
- 'master'
paths:
- 'front/**'
tags:
- v*
workflow_dispatch:
name:
description: 'Manual workflow'
concurrency:
group: expo-preproduction
cancel-in-progress: true
jobs:
Publish:
name: Publish PreProd
......
.github/workflows/socialgouv-deactivate.yml 0 → 100644
View file @ be598e58
name: Deactivate
on:
pull_request:
types: [ closed ]
jobs:
bury_review_env:
name: Deactivate review branch
runs-on: ubuntu-latest
steps:
- uses: SocialGouv/actions/k8s-deactivate@v1
with:
kube-config: ${{ secrets.SOCIALGOUV_KUBE_CONFIG_DEV }}
.github/workflows/socialgouv-production.yml 0 → 100644
View file @ be598e58
name: Production
on:
push:
tags:
- v*
concurrency:
group: production
cancel-in-progress: true
jobs:
##############################################################################
## BUILD AND REGISTER APPLICATION IMAGE
##############################################################################
register:
name: Build & Register application
runs-on: ubuntu-latest
steps:
- name: Get project name
run: |
echo "project=${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV
- name: Use autodevops build and register
uses: SocialGouv/actions/autodevops-build-register@v1
with:
project: ${{ env.project }}
dockercontext: ./back/strapi
imageName: nos1000jours/strapi
token: ${{ secrets.GITHUB_TOKEN }}
dockerfile: ./back/strapi/Dockerfile
##############################################################################
## GENERATE PREPRODUCTION MANIFESTS
##############################################################################
manifests:
name: Preproduction manifests
runs-on: ubuntu-latest
steps:
- name: Use autodevops manifests generation
uses: SocialGouv/actions/k8s-manifests@v1
with:
environment: "preprod"
##############################################################################
## DEPLOY PREPRODUCTION APPLICATION
##############################################################################
deploy-preprod:
name: Deploy application
runs-on: ubuntu-latest
needs: [register, manifests]
environment:
name: preproduction
url: https://backoffice-1000jours-preprod.dev.fabrique.social.gouv.fr
steps:
- name: Use autodevops deployment
uses: SocialGouv/actions/autodevops-deploy@v1
with:
environment: "preprod"
token: ${{ secrets.GITHUB_TOKEN }}
kubeconfig: ${{ secrets.SOCIALGOUV_KUBE_CONFIG_DEV }}
##############################################################################
## GENERATE PRODUCTION MANIFESTS
##############################################################################
manifests-prod:
name: Production manifests
runs-on: ubuntu-latest
steps:
- name: Use autodevops manifests generation
uses: SocialGouv/actions/k8s-manifests@v1
with:
environment: "prod"
##############################################################################
## DEPLOY PRODUCTION APPLICATION
##############################################################################
deploy-prod:
name: Deploy application
runs-on: ubuntu-latest
needs: [deploy-preprod, manifests-prod]
environment:
name: production
url: https://1000jours.fabrique.social.gouv.fr/
steps:
- name: Use autodevops deployment
uses: SocialGouv/actions/autodevops-deploy@v1
with:
environment: "prod"
token: ${{ secrets.GITHUB_TOKEN }}
kubeconfig: ${{ secrets.SOCIALGOUV_KUBE_CONFIG_PROD }}
.github/workflows/socialgouv-release.yml 0 → 100644
View file @ be598e58
name: Release
on:
workflow_dispatch:
push:
branches: [master, alpha, beta, next]
jobs:
release:
name: Release
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
with:
fetch-depth: 0
persist-credentials: false
- name: Semantic Release
uses: cycjimmy/semantic-release-action@v2
with:
semantic_version: 17
extra_plugins: |
@semantic-release/changelog@5.0.1
@semantic-release/git@9.0.0
env:
GITHUB_TOKEN: ${{ secrets.SOCIALGROOVYBOT_BOTO_PAT }}
.github/workflows/socialgouv-review.yml 0 → 100644
View file @ be598e58
name: Review
on:
push:
branches:
- '**'
tags-ignore:
- v*
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
jobs:
##############################################################################
## BUILD AND REGISTER STRAPI IMAGE
##############################################################################
register:
name: Build & Register Strapi
runs-on: ubuntu-latest
steps:
- name: Get project name
run: |
echo "project=${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV
- name: Use autodevops build and register
uses: SocialGouv/actions/autodevops-build-register@v1
with:
project: ${{ env.project }}
dockercontext: ./back/strapi
imageName: nos1000jours/strapi
token: ${{ secrets.GITHUB_TOKEN }}
dockerfile: ./back/strapi/Dockerfile
##############################################################################
## GENERATE KUBERNETES MANIFESTS
##############################################################################
manifests:
name: Generate k8s manifests
runs-on: ubuntu-latest
steps:
- name: Use autodevops manifests generation
uses: SocialGouv/actions/k8s-manifests@v1
with:
environment: "dev"
##############################################################################
## DEPLOY APPLICATION OVER KUBERNETES
##############################################################################
deploy:
name: Deploy review branch
runs-on: ubuntu-latest
needs: [register, manifests]
steps:
- name: Use autodevops deployment
uses: SocialGouv/actions/autodevops-deploy@v1
with:
environment: "dev"
token: ${{ secrets.GITHUB_TOKEN }}
kubeconfig: ${{ secrets.SOCIALGOUV_KUBE_CONFIG_DEV }}
##############################################################################
## RESTORE DATABASE
##############################################################################
restore-db:
name: Restore database
runs-on: ubuntu-latest
needs: deploy
steps:
- uses: SocialGouv/actions/k8s-restore-db@v1
with:
kubeconfig: ${{ secrets.SOCIALGOUV_KUBE_CONFIG_DEV }}
.gitlab-ci.yml deleted 100644 → 0
View file @ ff939d41
include:
- project: SocialGouv/gitlab-ci-yml
file: /autodevops.yml
ref: v23.3.3
variables:
AUTO_DEVOPS_KANIKO: "✔️"
AUTO_DEVOPS_RELEASE_AUTO: "✔️"
# AUTO_DEVOPS_PRODUCTION_AUTO: "✔️"
AUTO_DEVOPS_ENABLE_KAPP: "✔️"
AUTO_DEVOPS_TEST_DISABLED: "🛑"
AUTO_DEVOPS_QUALITY_DISABLED: "🛑"
AUTO_DEVOPS_NOTIFY_DISABLED: "🛑"
Lint:
rules:
- when: never
Build:
rules:
- when: never
Register Kaniko image:
rules:
- when: never
K8S Test:
extends: .autodevops_k8s_test
rules:
- if: "$PRODUCTION || $RELEASE"
when: never
# NOTE(douglasduteil): ensure to run k8s test
# - if: "$AUTO_DEVOPS_TEST_DISABLED"
# when: never
- exists:
- .k8s/package.json
Register strapi:
extends: .autodevops_register_kaniko_image
needs: []
dependencies: []
variables:
CONTEXT: back/strapi
IMAGE_NAME: les1000jours-strapi
# restore develop database on review branches
Restore develop db:
extends: .autodevops_review
stage: .post
allow_failure: True
variables:
KOSKO_APPEND_YAML_FROM: ""
KOSKO_GENERATE_ARGS: "--env dev jobs/restore"
KAPP_DEPLOY_ARGS: "-a ${CI_PROJECT_NAME}-restore-develop-db"
environment:
auto_stop_in: 15 day
name: ${CI_COMMIT_REF_NAME}${AUTO_DEVOPS_DEV_ENVIRONMENT_NAME}
on_stop: Stop review
url: https://${CI_ENVIRONMENT_SLUG}-${CI_PROJECT_NAME}.${KUBE_INGRESS_BASE_DOMAIN}
rules:
- if: "$CI_COMMIT_BRANCH == 'develop'"
when: never
- if: "$CI_COMMIT_TAG"
when: never
- when: always
Review:
extends: .autodevops_review
# add an exception for the develop branch (permanent env)
rules:
- if: "$PRODUCTION || $TRIGGER || $CI_COMMIT_TAG"
when: never
- if: "$CI_COMMIT_BRANCH == 'develop'"
when: never
- when: on_success
# longer env lifetime for develop branch
Review develop:
extends: .autodevops_review
rules:
- if: "$PRODUCTION || $TRIGGER || $CI_COMMIT_TAG"
when: never
- if: "$CI_COMMIT_BRANCH == 'develop'"
when: on_success
- when: never
environment:
auto_stop_in: 15 day
name: ${CI_COMMIT_REF_NAME}${AUTO_DEVOPS_DEV_ENVIRONMENT_NAME}
on_stop: Stop review
url: https://${CI_ENVIRONMENT_SLUG}-${CI_PROJECT_NAME}.${KUBE_INGRESS_BASE_DOMAIN}
.k8s/__tests__/__snapshots__/dev.ts.snap
View file @ be598e58
This diff is collapsed.
.k8s/__tests__/__snapshots__/jobs-restore.ts.snap
View file @ be598e58
......@@ -77,18 +77,18 @@ apiVersion: v1
kind: Secret
stringData:
DATABASE_URL: >-
postgresql://user_develop%401000joursdevserver.postgres.database.azure.com:password_develop@1000joursdevserver.postgres.database.azure.com/autodevops_develop?sslmode=require
postgresql://user_develop%40les1000joursdevserver.postgres.database.azure.com:password_develop@les1000joursdevserver.postgres.database.azure.com/autodevops_develop?sslmode=require
DB_URI: >-
postgresql://user_develop%401000joursdevserver.postgres.database.azure.com:password_develop@1000joursdevserver.postgres.database.azure.com/autodevops_develop?sslmode=require
postgresql://user_develop%40les1000joursdevserver.postgres.database.azure.com:password_develop@les1000joursdevserver.postgres.database.azure.com/autodevops_develop?sslmode=require
HASURA_GRAPHQL_DATABASE_URL: >-
postgresql://user_develop%401000joursdevserver.postgres.database.azure.com:password_develop@1000joursdevserver.postgres.database.azure.com/autodevops_develop?sslmode=require
postgresql://user_develop%40les1000joursdevserver.postgres.database.azure.com:password_develop@les1000joursdevserver.postgres.database.azure.com/autodevops_develop?sslmode=require
PGDATABASE: autodevops_develop
PGHOST: 1000joursdevserver.postgres.database.azure.com
PGHOST: les1000joursdevserver.postgres.database.azure.com
PGPASSWORD: password_develop
PGRST_DB_URI: >-
postgresql://user_develop%401000joursdevserver.postgres.database.azure.com:password_develop@1000joursdevserver.postgres.database.azure.com/autodevops_develop?sslmode=require
postgresql://user_develop%40les1000joursdevserver.postgres.database.azure.com:password_develop@les1000joursdevserver.postgres.database.azure.com/autodevops_develop?sslmode=require
PGSSLMODE: require
PGUSER: user_develop@1000joursdevserver.postgres.database.azure.com
PGUSER: user_develop@les1000joursdevserver.postgres.database.azure.com
metadata:
annotations:
app.gitlab.com/app: socialgouv-1000jours
......
.k8s/__tests__/__snapshots__/preprod.ts.snap
View file @ be598e58
......@@ -9,20 +9,21 @@ metadata:
socialgouv/creator: autodevops
field.cattle.io/creatorId: gitlab
field.cattle.io/projectId: c-bd7z2:p-7ms8p
git/branch: v1.2.3
git/remote: >-
https://gitlab-ci-token:[MASKED]@gitlab.factory.social.gouv.fr/SocialGouv/1000jours.git
app.gitlab.com/app: socialgouv-1000jours
app.gitlab.com/env: preprod-dev42
app.gitlab.com/env.name: preprod-dev42
git/branch: refs/tags/v1.2.3
git/remote: socialgouv/1000jours
app.github.com/job: '5678'
app.github.com/ref: refs/tags/v1.2.3
app.github.com/repo: socialgouv/1000jours
app.github.com/run: '1234'
app.github.com/sha: '0123456'
labels:
azure-pg-admin-user: 1000jours
application: v1-2-3-1000jours
component: v1-2-3-1000jours
application: 1000jours
component: 1000jours
owner: 1000jours
team: 1000jours
cert: wildcard
name: 1000jours-85-preprod-dev42
name: 1000jours-preprod
---
apiVersion: apps/v1
kind: Deployment
......@@ -30,18 +31,20 @@ metadata:
annotations:
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-1000jours
app.gitlab.com/env: preprod-dev42
app.gitlab.com/env.name: preprod-dev42
app.github.com/job: '5678'
app.github.com/ref: refs/tags/v1.2.3
app.github.com/repo: socialgouv/1000jours
app.github.com/run: '1234'
app.github.com/sha: '0123456'
labels:
app: strapi-cache
application: v1-2-3-1000jours
component: v1-2-3-1000jours
application: 1000jours
component: 1000jours
owner: 1000jours
team: 1000jours
cert: wildcard
name: strapi-cache
namespace: 1000jours-85-preprod-dev42
namespace: 1000jours-preprod
spec:
replicas: 1
selector:
......@@ -52,13 +55,15 @@ spec:
annotations:
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-1000jours
app.gitlab.com/env: preprod-dev42
app.gitlab.com/env.name: preprod-dev42
app.github.com/job: '5678'
app.github.com/ref: refs/tags/v1.2.3
app.github.com/repo: socialgouv/1000jours
app.github.com/run: '1234'
app.github.com/sha: '0123456'
labels:
app: strapi-cache
application: v1-2-3-1000jours
component: v1-2-3-1000jours
application: 1000jours
component: 1000jours
owner: 1000jours
team: 1000jours
cert: wildcard
......@@ -124,8 +129,8 @@ kind: Service
metadata:
labels:
app: strapi-cache
application: v1-2-3-1000jours
component: v1-2-3-1000jours
application: 1000jours
component: 1000jours
owner: 1000jours
team: 1000jours
cert: wildcard
......@@ -133,10 +138,12 @@ metadata:
annotations:
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-1000jours
app.gitlab.com/env: preprod-dev42
app.gitlab.com/env.name: preprod-dev42
namespace: 1000jours-85-preprod-dev42
app.github.com/job: '5678'
app.github.com/ref: refs/tags/v1.2.3
app.github.com/repo: socialgouv/1000jours
app.github.com/run: '1234'
app.github.com/sha: '0123456'
namespace: 1000jours-preprod
spec:
ports:
- name: http
......@@ -153,24 +160,26 @@ metadata:
kubernetes.io/ingress.class: nginx
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-1000jours
app.gitlab.com/env: preprod-dev42
app.gitlab.com/env.name: preprod-dev42
app.github.com/job: '5678'
app.github.com/ref: refs/tags/v1.2.3
app.github.com/repo: socialgouv/1000jours
app.github.com/run: '1234'
app.github.com/sha: '0123456'
nginx.ingress.kubernetes.io/proxy-body-size: 1g
nginx.ingress.kubernetes.io/limit-rps: '20'
nginx.ingress.kubernetes.io/limit-rpm: '300'
labels:
app: strapi-cache
application: v1-2-3-1000jours
component: v1-2-3-1000jours
application: 1000jours
component: 1000jours
owner: 1000jours
team: 1000jours
cert: wildcard
name: strapi-cache
namespace: 1000jours-85-preprod-dev42
namespace: 1000jours-preprod
spec:
rules:
- host: backoffice-preprod-1000jours.dev42.fabrique.social.gouv.fr
- host: backoffice-1000jours-preprod.dev2.fabrique.social.gouv.fr
http:
paths:
- backend:
......@@ -182,7 +191,7 @@ spec:
pathType: Prefix
tls:
- hosts:
- backoffice-preprod-1000jours.dev42.fabrique.social.gouv.fr
- backoffice-1000jours-preprod.dev2.fabrique.social.gouv.fr
secretName: wildcard-crt
---
apiVersion: v1
......@@ -190,16 +199,18 @@ kind: ConfigMap
metadata:
name: strapi-cache
labels:
application: v1-2-3-1000jours
component: v1-2-3-1000jours
application: 1000jours
component: 1000jours
owner: 1000jours
team: 1000jours
cert: wildcard
annotations:
app.gitlab.com/app: socialgouv-1000jours
app.gitlab.com/env: preprod-dev42
app.gitlab.com/env.name: preprod-dev42
namespace: 1000jours-85-preprod-dev42
app.github.com/job: '5678'
app.github.com/ref: refs/tags/v1.2.3
app.github.com/repo: socialgouv/1000jours
app.github.com/run: '1234'
app.github.com/sha: '0123456'
namespace: 1000jours-preprod
data:
nginx.conf: |-
......@@ -267,7 +278,7 @@ apiVersion: autoscaling/v2beta2
kind: HorizontalPodAutoscaler
metadata:
name: strapi-cache
namespace: 1000jours-85-preprod-dev42
namespace: 1000jours-preprod
spec:
maxReplicas: 5
metrics:
......@@ -294,14 +305,16 @@ kind: SealedSecret
metadata:
annotations:
sealedsecrets.bitnami.com/cluster-wide: 'true'
app.gitlab.com/app: socialgouv-1000jours
app.gitlab.com/env: preprod-dev42
app.gitlab.com/env.name: preprod-dev42
app.github.com/job: '5678'
app.github.com/ref: refs/tags/v1.2.3
app.github.com/repo: socialgouv/1000jours
app.github.com/run: '1234'
app.github.com/sha: '0123456'
name: azure-pg-user
namespace: 1000jours-85-preprod-dev42
namespace: 1000jours-preprod
labels:
application: v1-2-3-1000jours
component: v1-2-3-1000jours
application: 1000jours
component: 1000jours