Initial commit

[ZITADOPER-1]
2024-04-15 14:44:46 -05:00
parent 95e7d1cb69
commit e4eef2928a
121 changed files with 9053 additions and 0 deletions
--- a/bitbucket-pipelines.yml
+++ b/bitbucket-pipelines.yml
@@ -0,0 +1,137 @@
+definitions:
+  steps:
+    - step: &test
+        name: "Test"
+        runs-on:
+          - "linux"
+          - "self.hosted"
+        script:
+          - echo please create tests
+
+    - step: &build
+        name: "Build"
+        runs-on:
+          - "nixrunner"
+          - "linux.shell"
+          - "self.hosted"
+        script:
+          - mkdir -p images
+          - (umask  077 ; echo -n $SSHKEY | base64 -d  > ./id_rsa)
+          - nix build --print-build-logs ./build/#dockerImage
+          - cp $(readlink ./result) images/
+        artifacts:
+          - images/*
+
+    - step: &package-dev
+        name: "Package Chart for Dev"
+        runs-on:
+          - "nixrunner"
+          - "linux.shell"
+          - "self.hosted"
+        script:
+          - mkdir -p charts
+          - export VERSION="$BITBUCKET_BUILD_NUMBER"
+          - export REPOSITORY="$K8S_ARES_DEV_DOCKERREGISTRY_URL/$BITBUCKET_REPO_SLUG"
+          - nix-shell -p yq-go --run 'yq -i ".controllerManager.manager.image.tag = env(VERSION)" ./ops/chart/values.yaml'
+          - nix-shell -p yq-go --run 'yq -i ".controllerManager.manager.image.repository = env(REPOSITORY)" ./ops/chart/values.yaml'
+          - nix-shell -p kubernetes-helm --run 'helm repo add base "$K8S_ARES_DEV_CHARTMUSEUM_ENDPOINT" --username "$K8S_ARES_DEV_CHARTMUSEUM_USERNAME" --password "$K8S_ARES_DEV_CHARTMUSEUM_PASSWORD" --insecure-skip-tls-verify --force-update && helm dependency build ./ops/chart && helm package ./ops/chart -d result --app-version "$VERSION" --version "$VERSION"'
+          - cp -a ./result/. charts/
+        artifacts:
+          - charts/*
+
+    - step: &package-qa
+        name: "Package Chart for QA"
+        runs-on:
+          - "nixrunner"
+          - "linux.shell"
+          - "self.hosted"
+        script:
+          - mkdir -p charts
+          - export VERSION="$BITBUCKET_BUILD_NUMBER"
+          - export REPOSITORY="$K8S_ARES_QA_DOCKERREGISTRY_URL/$BITBUCKET_REPO_SLUG"
+          - nix-shell -p yq-go --run 'yq -i ".controllerManager.manager.image.tag = env(VERSION)" ./ops/chart/values.yaml'
+          - nix-shell -p yq-go --run 'yq -i ".controllerManager.manager.image.repository = env(REPOSITORY)" ./ops/chart/values.yaml'
+          - nix-shell -p kubernetes-helm --run 'helm repo add base "$K8S_ARES_QA_CHARTMUSEUM_ENDPOINT" --username "$K8S_ARES_QA_CHARTMUSEUM_USERNAME" --password "$K8S_ARES_QA_CHARTMUSEUM_PASSWORD" --insecure-skip-tls-verify --force-update && helm dependency build ./ops/chart && helm package ./ops/chart -d result --app-version "$VERSION" --version "$VERSION"'
+          - cp -a ./result/. charts/
+        artifacts:
+          - charts/*
+
+    - step: &publish-dev
+        name: "Publish Chart to Dev"
+        runs-on:
+          - "nixrunner"
+          - "linux.shell"
+          - "self.hosted"
+        deployment: dev
+        script:
+          - |
+            nix-shell -p cacert curl --run 'curl -k --fail --data-binary "@charts/$(ls charts | tee /dev/stderr | head -n 1)" -u "$K8S_ARES_DEV_CHARTMUSEUM_USERNAME:$K8S_ARES_DEV_CHARTMUSEUM_PASSWORD" "$K8S_ARES_DEV_CHARTMUSEUM_ENDPOINT/api/charts"'
+
+    - step: &push-dev
+        name: "Push image to Dev"
+        image: topmanage/deployment-pipeline-image:28
+        runs-on:
+          - "linux"
+          - "self.hosted"
+        # deployment: dev
+        script:
+          - |
+            set -euo pipefail
+            DOCKERREGISTRY_URL=$K8S_ARES_DEV_DOCKERREGISTRY_URL                \
+            DOCKERREGISTRY_CACERT=$K8S_ARES_DEV_DOCKERREGISTRY_CACERT          \
+            DOCKERREGISTRY_CLIENTCERT=$K8S_ARES_DEV_DOCKERREGISTRY_CLIENTCERT  \
+            DOCKERREGISTRY_CLIENTKEY=$K8S_ARES_DEV_DOCKERREGISTRY_CLIENTKEY    \
+            DOCKERREGISTRY_PASSWORD=$K8S_ARES_DEV_DOCKERREGISTRY_PASSWORD      \
+            ./build/push-image.sh
+
+    - step: &publish-qa
+        name: "Publish Chart to QA"
+        runs-on:
+          - "nixrunner"
+          - "linux.shell"
+          - "self.hosted"
+        deployment: qa
+        script:
+          - |
+            nix-shell -p cacert curl --run 'curl -k --fail --data-binary "@charts/$(ls charts | tee /dev/stderr | head -n 1)" -u "$K8S_ARES_QA_CHARTMUSEUM_USERNAME:$K8S_ARES_QA_CHARTMUSEUM_PASSWORD" "$K8S_ARES_QA_CHARTMUSEUM_ENDPOINT/api/charts"'
+
+    - step: &push-qa
+        name: "Push image to QA"
+        image: topmanage/deployment-pipeline-image:28
+        runs-on:
+          - "linux"
+          - "self.hosted"
+        # deployment: qa
+        script:
+          - |
+            set -euo pipefail
+            DOCKERREGISTRY_URL=$K8S_ARES_QA_DOCKERREGISTRY_URL                \
+            DOCKERREGISTRY_CACERT=$K8S_ARES_QA_DOCKERREGISTRY_CACERT          \
+            DOCKERREGISTRY_CLIENTCERT=$K8S_ARES_QA_DOCKERREGISTRY_CLIENTCERT  \
+            DOCKERREGISTRY_CLIENTKEY=$K8S_ARES_QA_DOCKERREGISTRY_CLIENTKEY    \
+            DOCKERREGISTRY_PASSWORD=$K8S_ARES_QA_DOCKERREGISTRY_PASSWORD      \
+            ./build/push-image.sh
+
+pipelines:
+  default:
+    - parallel:
+        - step: *build
+        - step: *test
+        - step: *package-dev
+    - step: *push-dev
+    - step: *publish-dev
+  branches:
+    master:
+      - parallel:
+          - step: *build
+          - step: *test
+          - step: *package-qa
+      - step: *push-qa
+      - step: *publish-qa
+  tags:
+    release-*:
+      - parallel:
+          - step: *build
+          - step: *test
+          - step: *package-dev
+      - step: *push-dev