mirror of
https://github.com/Blockstream/satellite-api.git
synced 2025-02-22 21:45:19 +01:00
166 lines
5.5 KiB
YAML
166 lines
5.5 KiB
YAML
variables:
|
|
GIT_SUBMODULE_STRATEGY: none
|
|
CI_DISPOSABLE_ENVIRONMENT: "true"
|
|
|
|
image: blockstream/gcloud-docker@sha256:31c1a01d143558f0ba5677d121891a958fa600195679fe325980ec72e5264f2a
|
|
stages:
|
|
- build
|
|
- plan
|
|
- deploy
|
|
|
|
before_script:
|
|
- TMPF=$(mktemp) || exit 1
|
|
- echo $GCLOUD_KEY > $TMPF
|
|
- export GOOGLE_APPLICATION_CREDENTIALS=$TMPF
|
|
- gcloud auth activate-service-account --key-file=$TMPF
|
|
- gcloud auth list
|
|
- gcloud --version
|
|
|
|
# Run tests and build docker images
|
|
build:
|
|
stage: build
|
|
image: blockstream/satapi-builder@sha256:4f96415f1216c5b6bdb266b1db48558328a497f02da38ce2991ab65b25b7590f
|
|
only:
|
|
- master@satellite/ionosphere
|
|
before_script:
|
|
- ""
|
|
script:
|
|
- echo $DOCKERHUB_PW | docker login -u $DOCKERHUB_USER --password-stdin
|
|
- docker build -f Dockerfile -t blockstream/satellite-api:latest -t blockstream/satellite-api:$CI_COMMIT_SHA .
|
|
- docker push blockstream/satellite-api:latest
|
|
- docker push blockstream/satellite-api:$CI_COMMIT_SHA
|
|
- echo "Building Ionosphere SSE image"
|
|
- docker build -f Dockerfile.sse -t blockstream/satellite-api-sse:latest -t blockstream/satellite-api-sse:$CI_COMMIT_SHA sse/
|
|
- docker push blockstream/satellite-api-sse:$CI_COMMIT_SHA
|
|
- docker push blockstream/satellite-api-sse:latest
|
|
|
|
# Any newly-pushed, WIP branch will be ran through plan (keep in mind docker images are using the latest tag, which may be an older one since the current commit doesn't match an available image)
|
|
plan_satapi:
|
|
stage: plan
|
|
only:
|
|
- branches@satellite/ionosphere
|
|
except:
|
|
- cleanup_staging@satellite/ionosphere
|
|
- /^staging_.*/
|
|
- /^prod_.*/
|
|
- /^misc_.*/
|
|
script:
|
|
- (cd terraform
|
|
&& terraform init -input=false
|
|
&& terraform workspace select staging
|
|
&& terraform plan
|
|
-var "ionosphere_docker=blockstream/satellite-api:latest"
|
|
-var "ionosphere_sse_docker=blockstream/satellite-api-sse:latest"
|
|
-var "region=$REGION"
|
|
-var "zone=$ZONE"
|
|
-var "instance_type=$INSTANCE_TYPE"
|
|
-var "host=$HOST_STAGING"
|
|
-var "ssl_cert=$SSL_CERT_STAGING"
|
|
-var "timeout=$TIMEOUT"
|
|
-var "prom_service_acct=$PROM_SA"
|
|
-var "opsgenie_key=$OPSGENIE_KEY"
|
|
-var "rpcuser=$RPCUSER"
|
|
-var "rpcpass=$RPCPASS"
|
|
-input=false)
|
|
|
|
# This plan gets triggered only for miscellaneous branches/tags (i.e. tor and others), so make sure the branch/tag name starts with misc_
|
|
plan_misc:
|
|
stage: plan
|
|
only:
|
|
- /^misc_.*/
|
|
except:
|
|
- /^misc_v.*/
|
|
script:
|
|
- (echo -n "$V3_PK" > terraform/modules/tor/v3.pk)
|
|
- (echo -n "$V3_PUBK" > terraform/modules/tor/v3.pubk)
|
|
- (cd terraform
|
|
&& terraform init -input=false
|
|
&& terraform workspace select misc
|
|
&& terraform plan
|
|
-var "region=$REGION"
|
|
-var "zone=$ZONE"
|
|
-var "tor_instance_type=$TOR_INSTANCE_TYPE"
|
|
-var "onion_host=$ONION_HOST"
|
|
-input=false)
|
|
|
|
# Tag with staging_v.* to deploy staging (e.g. staging_v0.1.1)
|
|
deploy_staging:
|
|
stage: deploy
|
|
only:
|
|
- /^staging_v.*/
|
|
script:
|
|
- (cd terraform
|
|
&& terraform init -input=false
|
|
&& terraform workspace select staging
|
|
&& terraform apply
|
|
-var "ionosphere_docker=blockstream/satellite-api:$CI_COMMIT_SHA"
|
|
-var "ionosphere_sse_docker=blockstream/satellite-api-sse:$CI_COMMIT_SHA"
|
|
-var "region=$REGION"
|
|
-var "zone=$ZONE"
|
|
-var "instance_type=$INSTANCE_TYPE"
|
|
-var "host=$HOST_STAGING"
|
|
-var "ssl_cert=$SSL_CERT_STAGING"
|
|
-var "timeout=$TIMEOUT"
|
|
-var "prom_service_acct=$PROM_SA"
|
|
-var "opsgenie_key=$OPSGENIE_KEY"
|
|
-var "rpcuser=$RPCUSER"
|
|
-var "rpcpass=$RPCPASS"
|
|
-input=false -auto-approve)
|
|
|
|
# Tag with production_v.* to deploy production (e.g. production_v0.1.1)
|
|
deploy_production:
|
|
stage: deploy
|
|
only:
|
|
- /^prod_v.*/
|
|
script:
|
|
- (cd terraform
|
|
&& terraform init -input=false
|
|
&& terraform workspace select prod
|
|
&& terraform apply
|
|
-var "ionosphere_docker=blockstream/satellite-api:$CI_COMMIT_SHA"
|
|
-var "ionosphere_sse_docker=blockstream/satellite-api-sse:$CI_COMMIT_SHA"
|
|
-var "region=$REGION"
|
|
-var "zone=$ZONE"
|
|
-var "instance_type=$INSTANCE_TYPE"
|
|
-var "host=$HOST"
|
|
-var "ssl_cert=$SSL_CERT"
|
|
-var "timeout=$TIMEOUT"
|
|
-var "prom_service_acct=$PROM_SA"
|
|
-var "opsgenie_key=$OPSGENIE_KEY"
|
|
-var "rpcuser=$RPCUSER"
|
|
-var "rpcpass=$RPCPASS"
|
|
-input=false -auto-approve)
|
|
|
|
# This deploys only tags/branches starting with misc_v.* (i.e. tor and others)
|
|
deploy_misc:
|
|
stage: deploy
|
|
only:
|
|
- /^misc_v.*/
|
|
script:
|
|
- (echo -n "$V3_PK" > terraform/modules/tor/v3.pk)
|
|
- (echo -n "$V3_PUBK" > terraform/modules/tor/v3.pubk)
|
|
- (cd terraform
|
|
&& terraform init -input=false
|
|
&& terraform workspace select misc
|
|
&& terraform apply
|
|
-var "region=$REGION"
|
|
-var "zone=$ZONE"
|
|
-var "tor_instance_type=$TOR_INSTANCE_TYPE"
|
|
-var "onion_host=$ONION_HOST"
|
|
-input=false -auto-approve)
|
|
|
|
# Pushing to this branch destroys the staging infrastructure
|
|
cleanup_staging:
|
|
stage: deploy
|
|
image:
|
|
name: hashicorp/terraform:light
|
|
entrypoint: [""]
|
|
only:
|
|
- cleanup_staging@satellite/ionosphere
|
|
script:
|
|
- (cd terraform && terraform init -input=false &&
|
|
terraform workspace select staging &&
|
|
terraform destroy
|
|
-target module.blc.google_compute_instance_group_manager.blc
|
|
-auto-approve)
|
|
|