6cd937881f
- Add --wait --timeout 5m to helm upgrade - Add kubectl rollout status check - Poll health endpoint for up to 5 minutes (for cert provisioning)
137 lines
4.6 KiB
YAML
137 lines
4.6 KiB
YAML
include:
|
|
- project: 'esv/bsf/pypi/prosper'
|
|
ref: v0.64.1
|
|
file: '/prosper/templates/projects/docker.yml'
|
|
|
|
variables:
|
|
# renovate: datasource=gitlab-tags depName=esv/bsf/pypi/prosper versioning=semver registryUrl=https://gitlab.global.bsf.tools
|
|
PROSPER_VERSION: v0.64.1
|
|
|
|
kics:
|
|
allow_failure: true
|
|
|
|
hadolint:
|
|
allow_failure: true
|
|
|
|
secrets:
|
|
allow_failure: true
|
|
|
|
# Run Python tests
|
|
python_tests:
|
|
stage: test
|
|
image: deps.global.bsf.tools/docker/python:3.12-slim
|
|
before_script:
|
|
- pip install -r backend/requirements.txt
|
|
- pip install pytest pytest-asyncio httpx
|
|
script:
|
|
- cd backend
|
|
- python -m pytest -v || echo "No tests yet"
|
|
|
|
# Deploy to stage (main branch)
|
|
deploy_stage:
|
|
stage: deploy
|
|
needs: [build_image]
|
|
image: deps.global.bsf.tools/registry-1.docker.io/alpine/k8s:1.29.12
|
|
variables:
|
|
ENV: stage
|
|
NAMESPACE: orch-stage-namespace
|
|
VALUES_FILE: helm/orchard/values-stage.yaml
|
|
before_script:
|
|
- kubectl config use-context esv/bsf/bsf-integration/orchard/orchard-mvp:orchard-stage
|
|
- helm version
|
|
- helm repo add stable https://charts.helm.sh/stable
|
|
- helm repo add bitnami https://charts.bitnami.com/bitnami
|
|
- cd helm/orchard
|
|
- helm dependency update
|
|
- helm repo update
|
|
script:
|
|
- echo "Deploying to stage environment"
|
|
- cd $CI_PROJECT_DIR
|
|
- helm upgrade --install orchard-stage ./helm/orchard --namespace $NAMESPACE -f $VALUES_FILE --set image.tag=git.linux-amd64-$CI_COMMIT_SHA
|
|
environment:
|
|
name: stage
|
|
url: https://orchard-stage.common.global.bsf.tools
|
|
kubernetes:
|
|
agent: esv/bsf/bsf-integration/orchard/orchard-mvp:orchard-stage
|
|
rules:
|
|
- if: '$CI_COMMIT_BRANCH == "main"'
|
|
when: always
|
|
|
|
# Deploy feature branch to dev namespace
|
|
deploy_feature:
|
|
stage: deploy
|
|
needs: [build_image]
|
|
image: deps.global.bsf.tools/registry-1.docker.io/alpine/k8s:1.29.12
|
|
variables:
|
|
NAMESPACE: orch-dev-namespace
|
|
VALUES_FILE: helm/orchard/values-dev.yaml
|
|
before_script:
|
|
- kubectl config use-context esv/bsf/bsf-integration/orchard/orchard-mvp:orchard
|
|
- helm version
|
|
- helm repo add stable https://charts.helm.sh/stable
|
|
- helm repo add bitnami https://charts.bitnami.com/bitnami
|
|
- cd helm/orchard
|
|
- helm dependency update
|
|
- helm repo update
|
|
script:
|
|
- echo "Deploying feature branch $CI_COMMIT_REF_SLUG"
|
|
- cd $CI_PROJECT_DIR
|
|
- |
|
|
helm upgrade --install orchard-$CI_COMMIT_REF_SLUG ./helm/orchard \
|
|
--namespace $NAMESPACE \
|
|
-f $VALUES_FILE \
|
|
--set image.tag=git.linux-amd64-$CI_COMMIT_SHA \
|
|
--set ingress.hosts[0].host=orchard-$CI_COMMIT_REF_SLUG.common.global.bsf.tools \
|
|
--set ingress.tls[0].hosts[0]=orchard-$CI_COMMIT_REF_SLUG.common.global.bsf.tools \
|
|
--set ingress.tls[0].secretName=orchard-$CI_COMMIT_REF_SLUG-tls \
|
|
--set minioIngress.host=minio-$CI_COMMIT_REF_SLUG.common.global.bsf.tools \
|
|
--set minioIngress.tls.secretName=minio-$CI_COMMIT_REF_SLUG-tls \
|
|
--wait \
|
|
--timeout 5m
|
|
- echo "Waiting for deployment to be ready..."
|
|
- kubectl rollout status deployment/orchard-$CI_COMMIT_REF_SLUG -n $NAMESPACE --timeout=5m
|
|
- |
|
|
echo "Waiting for health endpoint (certs may take a few minutes)..."
|
|
HEALTH_URL="https://orchard-$CI_COMMIT_REF_SLUG.common.global.bsf.tools/health"
|
|
for i in $(seq 1 30); do
|
|
if curl -sf --max-time 10 "$HEALTH_URL" > /dev/null 2>&1; then
|
|
echo "Health check passed!"
|
|
curl -s "$HEALTH_URL" | head -c 200
|
|
exit 0
|
|
fi
|
|
echo "Attempt $i/30 - waiting 10s..."
|
|
sleep 10
|
|
done
|
|
echo "Health check failed after 5 minutes"
|
|
exit 1
|
|
environment:
|
|
name: review/$CI_COMMIT_REF_SLUG
|
|
url: https://orchard-$CI_COMMIT_REF_SLUG.common.global.bsf.tools
|
|
on_stop: cleanup_feature
|
|
kubernetes:
|
|
agent: esv/bsf/bsf-integration/orchard/orchard-mvp:orchard
|
|
rules:
|
|
- if: '$CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != "main"'
|
|
when: always
|
|
|
|
# Cleanup feature branch deployment
|
|
cleanup_feature:
|
|
stage: deploy
|
|
image: deps.global.bsf.tools/registry-1.docker.io/alpine/k8s:1.29.12
|
|
variables:
|
|
NAMESPACE: orch-dev-namespace
|
|
before_script:
|
|
- kubectl config use-context esv/bsf/bsf-integration/orchard/orchard-mvp:orchard
|
|
script:
|
|
- echo "Cleaning up feature deployment orchard-$CI_COMMIT_REF_SLUG"
|
|
- helm uninstall orchard-$CI_COMMIT_REF_SLUG --namespace $NAMESPACE || true
|
|
environment:
|
|
name: review/$CI_COMMIT_REF_SLUG
|
|
action: stop
|
|
kubernetes:
|
|
agent: esv/bsf/bsf-integration/orchard/orchard-mvp:orchard
|
|
rules:
|
|
- if: '$CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != "main"'
|
|
when: manual
|
|
allow_failure: true
|