Add dual helm capability (dcec4931) · Commits · public-projects / Auto Deploy Image

.gitlab-ci.yml

+1 −0

Original line number	Diff line number	Diff line
		@@ -16,4 +16,5 @@ include:
		- local: .gitlab/ci/build.gitlab-ci.yml
		- local: .gitlab/ci/shellcheck.gitlab-ci.yml
		- local: .gitlab/ci/test.gitlab-ci.yml
		- local: .gitlab/ci/test-helm3.gitlab-ci.yml
		- local: .gitlab/ci/release.gitlab-ci.yml

.gitlab/ci/test-helm3.gitlab-ci.yml

0 → 100644

+431 −0

Original line number	Diff line number	Diff line
		.test-job-helm3: &test-job-helm3
		stage: test
		image: "$BUILD_IMAGE_NAME"
		variables:
		AUTO_DEVOPS_HELM_MAJOR_VERSION: 3
		services:
		- name: registry.gitlab.com/gitlab-org/cluster-integration/test-utils/k3s-gitlab-ci/releases/v0.6.1
		alias: k3s
		command: ["server", "--cluster-secret", "some-secret"]
		before_script:
		- kubectl config set-cluster k3s --server https://k3s:6443 --insecure-skip-tls-verify
		- kubectl config set-credentials default --username=node --password=some-secret
		- kubectl config set-context k3s --cluster=k3s --user=default
		- kubectl config use-context k3s
		- kubectl version
		- kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml
		- \|
		kubectl patch storageclass local-path -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
		- \|
		function expected_error() {
		echo "Expected error but exited with $?, failing build!"
		exit 1
		}

		function failed_as_expected() {
		echo "Failed as expected and exited with $?"
		}

		test-dependencies-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		script:
		- helm version --client
		- kubectl version --client

		test-kube-domain-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		KUBE_INGRESS_BASE_DOMAIN: example.com
		script:
		- auto-deploy check_kube_domain

		test-kube-domain-legacy-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		AUTO_DEVOPS_DOMAIN: example.com
		script:
		- auto-deploy check_kube_domain && expected_error \|\| failed_as_expected

		test-kube-domain_error-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		script:
		- auto-deploy check_kube_domain && expected_error \|\| failed_as_expected

		test-download-chart-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		script:
		- auto-deploy download_chart

		test-deploy-name-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		CI_ENVIRONMENT_SLUG: production
		script:
		- name=$(auto-deploy deploy_name "stable")
		- \|
		if [[ $name != "production" ]]; then
		echo "$name should equal 'production'"
		exit 1
		fi
		- name=$(auto-deploy deploy_name "canary")
		- \|
		if [[ $name != "production-canary" ]]; then
		echo "$name should equal 'production-canary'"
		exit 1
		fi

		test-auto_database_url-helm3:
		<<: *test-job-helm3
		variables:
		CI_ENVIRONMENT_SLUG: production
		POSTGRES_USER: user
		POSTGRES_PASSWORD: testing-password
		POSTGRES_DB: $CI_ENVIRONMENT_SLUG
		script:
		# default is channel 2
		- auto_database_url=$(auto-deploy auto_database_url)
		- export expected_url="postgres://user:testing-password@production-postgresql:5432/production"
		- \|
		if [[ $auto_database_url != $expected_url ]]; then
		echo "\$auto_database_url = '${auto_database_url}', want '${expected_url}'"
		exit 1
		fi
		- export AUTO_DEVOPS_POSTGRES_CHANNEL=a
		- auto-deploy auto_database_url && expected_error \|\| failed_as_expected
		# test that channel 1 still works
		- export AUTO_DEVOPS_POSTGRES_CHANNEL=1
		- auto_database_url=$(auto-deploy auto_database_url)
		- export expected_url="postgres://user:testing-password@production-postgres:5432/production"
		- \|
		if [[ $auto_database_url != $expected_url ]]; then
		echo "\$auto_database_url = '${auto_database_url}', want '${expected_url}'"
		exit 1
		fi
		# test explicit channel 2 just in case
		- export AUTO_DEVOPS_POSTGRES_CHANNEL=2
		- auto_database_url=$(auto-deploy auto_database_url)
		- export expected_url="postgres://user:testing-password@production-postgresql:5432/production"
		- \|
		if [[ $auto_database_url != $expected_url ]]; then
		echo "\$auto_database_url = '${auto_database_url}', want '${expected_url}'"
		exit 1
		fi
		- export AUTO_DEVOPS_POSTGRES_CHANNEL=a
		- auto-deploy auto_database_url && expected_error \|\| failed_as_expected

		test-get-replicas-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		CI_ENVIRONMENT_SLUG: production
		script:
		- replicas=$(auto-deploy get_replicas "stable" "100")
		- \|
		if [[ $replicas != 1 ]]; then
		echo "$replicas should equal 1"
		exit 1
		fi

		test-get-replicas-multiple-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		CI_ENVIRONMENT_SLUG: production
		REPLICAS: "2"
		script:
		- replicas=$(auto-deploy get_replicas "stable" "100")
		- \|
		if [[ $replicas != 2 ]]; then
		echo "$replicas should equal 2"
		exit 1
		fi

		test-get-replicas-fraction-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		CI_ENVIRONMENT_SLUG: production
		REPLICAS: "2"
		script:
		- replicas=$(auto-deploy get_replicas "stable" "25")
		- \|
		if [[ $replicas != 1 ]]; then
		echo "$replicas should 1, (25% of 2 is 0.5, so set a floor of 1)"
		exit 1
		fi

		test-get-replicas-zero-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		CI_ENVIRONMENT_SLUG: production
		REPLICAS: "0"
		script:
		- replicas=$(auto-deploy get_replicas "stable" "100")
		- \|
		if [[ $replicas != 0 ]]; then
		echo "$replicas should equal 0, as requested"
		exit 1
		fi

		test-ensure-namespace-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		KUBE_NAMESPACE: project-123456
		script:
		- auto-deploy ensure_namespace

		test-initialize-tiller-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		KUBE_NAMESPACE: default
		script:
		- auto-deploy initialize_tiller \| grep "Helm 3 does not have tiller"

		test-create-secret-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		KUBE_NAMESPACE: default
		CI_REGISTRY: example.com
		CI_DEPLOY_USER: ci-deploy-user
		CI_DEPLOY_PASSWORD: ci-deploy-password
		GITLAB_USER_EMAIL: user@example.com
		CI_PROJECT_VISIBILITY: private
		script:
		- auto-deploy create_secret
		- kubectl get secret "gitlab-registry-${CI_PROJECT_PATH_SLUG}" -n $KUBE_NAMESPACE

		test-create-secret-public-project-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		CI_PROJECT_VISIBILITY: public
		KUBE_NAMESPACE: default
		script:
		- auto-deploy create_secret
		- kubectl get secret "gitlab-registry-${CI_PROJECT_PATH_SLUG}" -n $KUBE_NAMESPACE && expected_error \|\| failed_as_expected

		test-persist-environment-url-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		CI_ENVIRONMENT_URL: review-app.example.com
		script:
		- auto-deploy persist_environment_url
		- grep review-app.example.com environment_url.txt

		test-install-postgres-helm3:
		<<: *test-job-helm3
		variables:
		GIT_STRATEGY: none
		CI_ENVIRONMENT_SLUG: production
		KUBE_NAMESPACE: default
		AUTO_DEVOPS_POSTGRES_CHANNEL: 2
		POSTGRES_USER: user
		POSTGRES_PASSWORD: testing-password
		POSTGRES_DB: $CI_ENVIRONMENT_SLUG
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy install_postgresql
		- kubectl get statefulset production-postgresql -n $KUBE_NAMESPACE

		test-deploy-helm3:
		<<: *test-job-helm3
		variables: &deploy-variables
		CI_APPLICATION_REPOSITORY: "registry.gitlab.com/gitlab-org/cluster-integration/auto-deploy-image/auto-build-image-with-psql"
		CI_APPLICATION_TAG: "5d248f6fa69a"
		CI_ENVIRONMENT_SLUG: production
		CI_ENVIRONMENT_URL: example.com
		CI_PROJECT_PATH_SLUG: "gitlab-org/cluster-integration/auto-build-image"
		CI_PROJECT_VISIBILITY: public
		KUBE_NAMESPACE: default
		KUBE_INGRESS_BASE_DOMAIN: example.com
		ROLLOUT_RESOURCE_TYPE: deployment
		POSTGRES_USER: user
		POSTGRES_PASSWORD: testing-password
		POSTGRES_ENABLED: "true"
		POSTGRES_DB: $CI_ENVIRONMENT_SLUG
		HELM_HOST: "localhost:44134"
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy
		- helm get all production
		- helm get values production --output json \| grep "postgres://user:testing-password@production-postgresql:5432/production"
		- ./test/verify-deployment-database production postgresql

		test-deploy-atomic-helm3:
		extends: test-deploy
		variables:
		POSTGRES_ENABLED: "false"
		KUBE_INGRESS_BASE_DOMAIN: ""
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy && exit 1 \|\| echo "First deployment failed as expected"
		# second deploy should succeed
		- export KUBE_INGRESS_BASE_DOMAIN=example.com
		- auto-deploy deploy

		test-deploy-debug-helm3:
		extends: test-deploy
		variables:
		AUTO_DEVOPS_DEPLOY_DEBUG: "1"
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy

		test-deploy-postgresql-channel-1-helm3:
		extends: test-deploy
		variables:
		<<: *deploy-variables
		AUTO_DEVOPS_POSTGRES_CHANNEL: 1
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy
		- helm get all production
		- helm get values production --output json \| grep "postgres://user:testing-password@production-postgres:5432/production"
		- ./test/verify-deployment-database production production-postgres

		test-deploy-does-not-delete-old-postgres-by-default-helm3:
		extends: test-deploy
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		# make sure old posgres deployment exists
		- export AUTO_DEVOPS_POSTGRES_CHANNEL=1
		- auto-deploy deploy
		- ./test/verify-deployment-database production production-postgres
		# test that the deploy job fails with default channel:2
		- unset AUTO_DEVOPS_POSTGRES_CHANNEL
		- auto-deploy deploy && expected_error \|\| failed_as_expected
		# assert that postgres still exists
		- ./test/verify-deployment-database production production-postgres

		test-deploy-deletes-old-postgres-if-opt-in-helm3:
		extends: test-deploy
		variables:
		AUTO_DEVOPS_DEPLOY_DEBUG: 1
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- export AUTO_DEVOPS_POSTGRES_CHANNEL=1
		# make sure old postgres deployment exists
		- auto-deploy deploy
		- ./test/verify-deployment-database production production-postgres
		# test that the deploy job succeeds
		- export POSTGRES_VERSION='9.6.16'
		- export AUTO_DEVOPS_POSTGRES_CHANNEL=2
		- export AUTO_DEVOPS_POSTGRES_DELETE_V1=1
		- auto-deploy deploy
		# test that the new postgres is up
		- ./test/verify-deployment-database production postgresql

		test-deploy-k8s-1.16-helm3:
		extends: test-deploy
		services:
		- name: registry.gitlab.com/gitlab-org/cluster-integration/test-utils/k3s-gitlab-ci/releases/v1.16.7-k3s1
		alias: k3s
		variables:
		AUTO_DEVOPS_POSTGRES_CHANNEL: 2
		before_script:
		- curl k3s:8081?service=k3s > k3s.yaml
		- export KUBECONFIG=$(pwd)/k3s.yaml
		- kubectl version
		- kubectl cluster-info
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy
		- helm get all production
		- helm get values production --output json \| grep "postgres://user:testing-password@production-postgresql:5432/production"
		- ./test/verify-deployment-database production postgresql

		test-deploy-canary-helm3:
		extends: test-deploy
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy canary
		- helm get all production-canary

		test-deploy-modsecurity-helm3:
		extends: test-deploy
		variables:
		<<: *deploy-variables
		AUTO_DEVOPS_MODSECURITY_SEC_RULE_ENGINE: "On"
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy
		- $([[ $(kubectl get ingress production-auto-deploy -n $KUBE_NAMESPACE --no-headers=true -o custom-columns=:"metadata.annotations.nginx\.ingress\.kubernetes\.io/modsecurity-snippet") != "<none>" ]])

		test-create-application-secret-helm3:
		<<: *test-job-helm3
		variables:
		KUBE_NAMESPACE: default
		CI_ENVIRONMENT_SLUG: production
		K8S_SECRET_CODE: 12345
		K8S_SECRET_CODE_MULTILINE: "12345
		NEW LINE"
		script:
		- auto-deploy create_application_secret "stable"
		- kubectl get secrets -n $KUBE_NAMESPACE
		- kubectl get secrets production-secret -n $KUBE_NAMESPACE
		- ./test/verify-application-secret

		test-delete-helm3:
		extends: test-deploy
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy
		- helm get all production
		- auto-deploy delete
		- helm get all production && expected_error \|\| failed_as_expected

		test-delete-postgresql-helm3:
		extends: test-deploy
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy
		- helm get all production
		- helm get all production-postgresql
		- pvc_before_delete=$(kubectl -n $KUBE_NAMESPACE get pvc -l release=production-postgresql)
		- if [[ -z "$pvc_before_delete" ]]; then "expected to find a postgresql pvc"; exit 1; fi
		- auto-deploy delete
		- helm get all production && expected_error \|\| failed_as_expected
		- helm get all production-postgresql && expected_error \|\| failed_as_expected
		- pvc_after_delete=$(kubectl -n $KUBE_NAMESPACE get pvc -l release=production-postgresql)
		- if [[ -n "$pvc_after_delete" ]]; then echo "no postgresql pvc should be present"; exit 1; fi

		test-delete-canary-postgresql-helm3:
		extends: test-deploy
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy canary
		- helm get all production-canary
		- auto-deploy deploy
		- helm get all production
		- helm get all production-postgresql
		- auto-deploy delete canary
		- helm get all production-canary && expected_error \|\| failed_as_expected
		- helm get all production
		- helm get all production-postgresql

.gitlab/ci/test.gitlab-ci.yml

+33 −19

Original line number	Diff line number	Diff line
		@@ -30,6 +30,7 @@ test-dependencies:
		GIT_STRATEGY: none
		script:
		- helm version --client
		- tiller -version
		- kubectl version --client

		test-kube-domain:
		@@ -191,7 +192,7 @@ test-initialize-tiller:
		script:
		- auto-deploy initialize_tiller
		- ps aufx
		- helm ls
		- helm ls --host "localhost:44134"

		test-create-secret:
		<<: *test-job
		@@ -263,7 +264,7 @@ test-deploy:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy
		- helm get all production
		- helm get production
		- helm get values production --output json \| grep "postgres://user:testing-password@production-postgresql:5432/production"
		- ./test/verify-deployment-database production postgresql

		@@ -280,6 +281,20 @@ test-deploy-atomic:
		- export KUBE_INGRESS_BASE_DOMAIN=example.com
		- auto-deploy deploy

		test-deploy-non-atomic:
		extends: test-deploy
		variables:
		POSTGRES_ENABLED: "false"
		KUBE_INGRESS_BASE_DOMAIN: ""
		AUTO_DEVOPS_ATOMIC_RELEASE: "false"
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy && exit 1 \|\| echo "First deployment failed as expected"
		# second deploy should also fail because the first release wasn't fully rolled back
		- export KUBE_INGRESS_BASE_DOMAIN=example.com
		- auto-deploy deploy && exit 1 \|\| echo "Second release failed as expected"

		test-deploy-debug:
		extends: test-deploy
		variables:
		@@ -288,6 +303,7 @@ test-deploy-debug:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy
		- cat tiller.log

		test-deploy-postgresql-channel-1:
		extends: test-deploy
		@@ -298,7 +314,7 @@ test-deploy-postgresql-channel-1:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy
		- helm get all production
		- helm get production
		- helm get values production --output json \| grep "postgres://user:testing-password@production-postgres:5432/production"
		- ./test/verify-deployment-database production production-postgres

		@@ -319,8 +335,6 @@ test-deploy-does-not-delete-old-postgres-by-default:

		test-deploy-deletes-old-postgres-if-opt-in:
		extends: test-deploy
		variables:
		AUTO_DEVOPS_DEPLOY_DEBUG: 1
		script:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		@@ -352,7 +366,7 @@ test-deploy-k8s-1.16:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy
		- helm get all production
		- helm get production
		- helm get values production --output json \| grep "postgres://user:testing-password@production-postgresql:5432/production"
		- ./test/verify-deployment-database production postgresql

		@@ -362,7 +376,7 @@ test-deploy-canary:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy canary
		- helm get all production-canary
		- helm get production-canary

		test-deploy-modsecurity:
		extends: test-deploy
		@@ -395,9 +409,9 @@ test-delete:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy
		- helm get all production
		- helm get production
		- auto-deploy delete
		- helm get all production && expected_error \|\| failed_as_expected
		- helm get production && expected_error \|\| failed_as_expected

		test-delete-postgresql:
		extends: test-deploy
		@@ -405,13 +419,13 @@ test-delete-postgresql:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy
		- helm get all production
		- helm get all production-postgresql
		- helm get production
		- helm get production-postgresql
		- pvc_before_delete=$(kubectl -n $KUBE_NAMESPACE get pvc -l release=production-postgresql)
		- if [[ -z "$pvc_before_delete" ]]; then "expected to find a postgresql pvc"; exit 1; fi
		- auto-deploy delete
		- helm get all production && expected_error \|\| failed_as_expected
		- helm get all production-postgresql && expected_error \|\| failed_as_expected
		- helm get production && expected_error \|\| failed_as_expected
		- helm get production-postgresql && expected_error \|\| failed_as_expected
		- pvc_after_delete=$(kubectl -n $KUBE_NAMESPACE get pvc -l release=production-postgresql)
		- if [[ -n "$pvc_after_delete" ]]; then echo "no postgresql pvc should be present"; exit 1; fi

		@@ -421,11 +435,11 @@ test-delete-canary-postgresql:
		- auto-deploy initialize_tiller
		- auto-deploy download_chart
		- auto-deploy deploy canary
		- helm get all production-canary
		- helm get production-canary
		- auto-deploy deploy
		- helm get all production
		- helm get all production-postgresql
		- helm get production
		- helm get production-postgresql
		- auto-deploy delete canary
		- helm get all production-canary && expected_error \|\| failed_as_expected
		- helm get all production
		- helm get all production-postgresql
		- helm get production-canary && expected_error \|\| failed_as_expected
		- helm get production
		- helm get production-postgresql

Dockerfile

+1 −1

Original line number	Diff line number	Diff line
		@@ -2,7 +2,7 @@ ARG HELM_VERSION
		ARG KUBERNETES_VERSION

		# FROM "registry.gitlab.com/gitlab-org/cluster-integration/helm-install-image/releases/${HELM_VERSION}-kube-${KUBERNETES_VERSION}"
		FROM registry.gitlab.com/gitlab-org/cluster-integration/helm-install-image/branches/add-builds-for-helm-3:02632444149710b95a4ce0233f4f1f6242713dcc-3.2.4
		FROM registry.gitlab.com/gitlab-org/cluster-integration/helm-install-image/branches/add-builds-for-helm-3:47ca2219be9793f185dc7f5bf9715f55825b34e2-helm2to3

		# https://github.com/sgerrand/alpine-pkg-glibc
		ARG GLIBC_VERSION

src/bin/auto-deploy

100755 → 100644

+4 −508

File changed.File mode changed from 100755 to 100644.

Preview size limit exceeded, changes collapsed.