Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
image: docker:stable
stages:
- build
- test
- deploy
- rollback
build:
stage: build
script:
# Setup
- export AWS_REGION="eu-west-1"
- export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
- export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
- export REPO=$CI_ECR_URL
- apk update
- apk --no-cache add --update curl python python-dev py-pip
- pip install awscli --upgrade --user
- export PATH=~/.local/bin:/usr/bin/:$PATH
# AUTH
- CERT=`aws ecr get-login --no-include-email --region ${AWS_REGION}`
- ${CERT}
# Build
- docker build -t ${CI_PROJECT_NAME}:$CI_COMMIT_SHA .
- docker tag $CI_PROJECT_NAME:$CI_COMMIT_SHA $REPO:latest
- docker push $REPO:latest
environment:
name: qa
url: $CI_ALB_URL
lint:
image: $CI_ECR_URL:latest
stage: test
variables:
GIT_STRATEGY: none
script:
- cd ${HOME}
- npm run lint
test:
image: $CI_ECR_URL:latest
stage: test
variables:
GIT_STRATEGY: none
script:
- cd ${HOME}
- npm run test
create-rollback:
stage: test
only:
- master
script:
- export AWS_REGION="eu-west-1"
- export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
- export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
- apk --no-cache add --update curl python python-dev py-pip jq
- pip install awscli --upgrade --user
- export PATH=~/.local/bin:/usr/bin/:$PATH
# Discover the ALB name
- ALB=`aws elbv2 describe-load-balancers --region ${AWS_REGION} --names ${CI_ALB_NAME} | jq .LoadBalancers[0].DNSName`
# Test Keepalive
- /usr/bin/curl --fail http://${ALB//'"'}/keepalive
# IF Keepalive return 200...
# Retrieve & Store this revision as 'last known successful revision' in S3 Bucket
- REV=`aws ecs describe-services --region ${AWS_REGION} --cluster ${CI_CLUSTER_NAME} --service ${CI_SERVICE_NAME} |jq -r '.services[0].deployments[0].taskDefinition'`
- echo successful revision is ${REV} Storing it in S3 Bucket
- echo ${REV} > /${CI_SERVICE_NAME}
# sync rev to S3 here
- aws s3 cp /${CI_SERVICE_NAME} s3://${CI_REV_BUCKET}
environment:
name: qa
url: $CI_ALB_URL
deploy:
stage: deploy
only:
- master
script:
- export AWS_REGION="eu-west-1"
- export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
- export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
- apk --no-cache add --update python python-dev py-pip
- pip install ecs-deploy
# Deploy
- ecs deploy ${CI_CLUSTER_NAME} ${CI_SERVICE_NAME} --region ${AWS_REGION} --timeout 600 -e ${CI_CONTAINER_NAME} AWS_S3_ACCESS_KEY $AWS_S3_ACCESS_KEY -e ${CI_CONTAINER_NAME} AWS_S3_SECRET_KEY $AWS_S3_SECRET_KEY -e ${CI_CONTAINER_NAME} AWS_S3_REGION $AWS_S3_REGION -e ${CI_CONTAINER_NAME} AWS_S3_BUCKET $AWS_S3_BUCKET -e ${CI_CONTAINER_NAME} AWS_SES_SECRET_KEY $AWS_SES_SECRET_KEY -e ${CI_CONTAINER_NAME} AWS_SES_ACCESS_KEY $AWS_SES_ACCESS_KEY -e ${CI_CONTAINER_NAME} AWS_SES_REGION $AWS_SES_REGION -e ${CI_CONTAINER_NAME} EMAIL_SENDER $EMAIL_SENDER -e ${CI_CONTAINER_NAME} secret $SECRET -e ${CI_CONTAINER_NAME} DATABASE $DATABASE -e ${CI_CONTAINER_NAME} DB_USER $DB_USER -e ${CI_CONTAINER_NAME} DB_PASS $DB_PASS -e ${CI_CONTAINER_NAME} DB_HOST $DB_HOST -e ${CI_CONTAINER_NAME} ORCID_CLIENT_ID $ORCID_CLIENT_ID -e ${CI_CONTAINER_NAME} ORCID_CLIENT_SECRET $ORCID_CLIENT_SECRET -e ${CI_CONTAINER_NAME} CLIENT_BASE_URL $CLIENT_BASE_URL -e ${CI_CONTAINER_NAME} FTP_USERNAME $FTP_USERNAME -e ${CI_CONTAINER_NAME} FTP_PASSWORD $FTP_PASSWORD -e ${CI_CONTAINER_NAME} FTP_HOST $FTP_HOST
environment:
name: qa
url: $CI_ALB_URL
aws-qa:
stage: deploy
when: manual
only:
- develop
script:
- export AWS_REGION="eu-west-1"
- export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
- export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
- apk --no-cache add --update python python-dev py-pip
- pip install ecs-deploy
# Deploy
- ecs deploy ${CI_CLUSTER_NAME} ${CI_SERVICE_NAME} --region ${AWS_REGION} --timeout 600 -e ${CI_CONTAINER_NAME} AWS_S3_ACCESS_KEY $AWS_S3_ACCESS_KEY -e ${CI_CONTAINER_NAME} AWS_S3_SECRET_KEY $AWS_S3_SECRET_KEY -e ${CI_CONTAINER_NAME} AWS_S3_REGION $AWS_S3_REGION -e ${CI_CONTAINER_NAME} AWS_S3_BUCKET $AWS_S3_BUCKET -e ${CI_CONTAINER_NAME} AWS_SES_SECRET_KEY $AWS_SES_SECRET_KEY -e ${CI_CONTAINER_NAME} AWS_SES_ACCESS_KEY $AWS_SES_ACCESS_KEY -e ${CI_CONTAINER_NAME} AWS_SES_REGION $AWS_SES_REGION -e ${CI_CONTAINER_NAME} EMAIL_SENDER $EMAIL_SENDER -e ${CI_CONTAINER_NAME} secret $SECRET -e ${CI_CONTAINER_NAME} DATABASE $DATABASE -e ${CI_CONTAINER_NAME} DB_USER $DB_USER -e ${CI_CONTAINER_NAME} DB_PASS $DB_PASS -e ${CI_CONTAINER_NAME} DB_HOST $DB_HOST -e ${CI_CONTAINER_NAME} ORCID_CLIENT_ID $ORCID_CLIENT_ID -e ${CI_CONTAINER_NAME} ORCID_CLIENT_SECRET $ORCID_CLIENT_SECRET -e ${CI_CONTAINER_NAME} CLIENT_BASE_URL $CLIENT_BASE_URL -e ${CI_CONTAINER_NAME} FTP_USERNAME $FTP_USERNAME -e ${CI_CONTAINER_NAME} FTP_PASSWORD $FTP_PASSWORD -e ${CI_CONTAINER_NAME} FTP_HOST $FTP_HOST
environment:
name: qa
url: $CI_ALB_URL
rollback:
stage: rollback
when: on_failure
only:
- master
script:
- export AWS_REGION="us-east-1"
- export AWS_ACCESS_KEY_ID=$aws_access_key_id
- export AWS_SECRET_ACCESS_KEY=$aws_secret_access_key
- apk --no-cache add --update curl python python-dev py-pip
- pip install awscli --upgrade --user
- export PATH=~/.local/bin:/usr/bin/:$PATH
- pip install ecs-deploy
- aws s3 cp s3://${CI_REV_BUCKET}/${CI_SERVICE_NAME} ./
- REV=`cat ./${CI_SERVICE_NAME}`
- echo rev is $REV
- ecs deploy --region ${AWS_REGION} ${CLUSTER_NAME} ${CI_SERVICE_NAME} --task ${REV} -e ${CI_CONTAINER_NAME} AWS_S3_ACCESS_KEY $AWS_S3_ACCESS_KEY -e ${CI_CONTAINER_NAME} AWS_S3_SECRET_KEY $AWS_S3_SECRET_KEY -e ${CI_CONTAINER_NAME} AWS_S3_REGION $AWS_S3_REGION -e ${CI_CONTAINER_NAME} AWS_S3_BUCKET $AWS_S3_BUCKET -e ${CI_CONTAINER_NAME} AWS_SES_SECRET_KEY $AWS_SES_SECRET_KEY -e ${CI_CONTAINER_NAME} AWS_SES_ACCESS_KEY $AWS_SES_ACCESS_KEY -e ${CI_CONTAINER_NAME} AWS_SES_REGION $AWS_SES_REGION -e ${CI_CONTAINER_NAME} EMAIL_SENDER $EMAIL_SENDER -e ${CI_CONTAINER_NAME} secret $SECRET -e ${CI_CONTAINER_NAME} DATABASE $DATABASE -e ${CI_CONTAINER_NAME} DB_USER $DB_USER -e ${CI_CONTAINER_NAME} DB_PASS $DB_PASS -e ${CI_CONTAINER_NAME} DB_HOST $DB_HOST -e ${CI_CONTAINER_NAME} ORCID_CLIENT_ID $ORCID_CLIENT_ID -e ${CI_CONTAINER_NAME} ORCID_CLIENT_SECRET $ORCID_CLIENT_SECRET -e ${CI_CONTAINER_NAME} CLIENT_BASE_URL $CLIENT_BASE_URL -e ${CI_CONTAINER_NAME} FTP_USERNAME $FTP_USERNAME -e ${CI_CONTAINER_NAME} FTP_PASSWORD $FTP_PASSWORD -e ${CI_CONTAINER_NAME} FTP_HOST $FTP_HOST
environment:
name: qa
url: $CI_ALB_URL
rollback-qa:
stage: rollback
when: manual
only:
- develop
script:
- export AWS_REGION="us-east-1"
- export AWS_ACCESS_KEY_ID=$aws_access_key_id
- export AWS_SECRET_ACCESS_KEY=$aws_secret_access_key
- apk --no-cache add --update curl python python-dev py-pip
- pip install awscli --upgrade --user
- export PATH=~/.local/bin:/usr/bin/:$PATH
- pip install ecs-deploy
- aws s3 cp s3://${CI_REV_BUCKET}/${CI_SERVICE_NAME} ./
- REV=`cat ./${CI_SERVICE_NAME}`
- echo rev is $REV
- ecs deploy --region ${AWS_REGION} ${CLUSTER_NAME} ${CI_SERVICE_NAME} --task ${REV} -e ${CI_CONTAINER_NAME} AWS_S3_ACCESS_KEY $AWS_S3_ACCESS_KEY -e ${CI_CONTAINER_NAME} AWS_S3_SECRET_KEY $AWS_S3_SECRET_KEY -e ${CI_CONTAINER_NAME} AWS_S3_REGION $AWS_S3_REGION -e ${CI_CONTAINER_NAME} AWS_S3_BUCKET $AWS_S3_BUCKET -e ${CI_CONTAINER_NAME} AWS_SES_SECRET_KEY $AWS_SES_SECRET_KEY -e ${CI_CONTAINER_NAME} AWS_SES_ACCESS_KEY $AWS_SES_ACCESS_KEY -e ${CI_CONTAINER_NAME} AWS_SES_REGION $AWS_SES_REGION -e ${CI_CONTAINER_NAME} EMAIL_SENDER $EMAIL_SENDER -e ${CI_CONTAINER_NAME} secret $SECRET -e ${CI_CONTAINER_NAME} DATABASE $DATABASE -e ${CI_CONTAINER_NAME} DB_USER $DB_USER -e ${CI_CONTAINER_NAME} DB_PASS $DB_PASS -e ${CI_CONTAINER_NAME} DB_HOST $DB_HOST -e ${CI_CONTAINER_NAME} ORCID_CLIENT_ID $ORCID_CLIENT_ID -e ${CI_CONTAINER_NAME} ORCID_CLIENT_SECRET $ORCID_CLIENT_SECRET -e ${CI_CONTAINER_NAME} CLIENT_BASE_URL $CLIENT_BASE_URL -e ${CI_CONTAINER_NAME} FTP_USERNAME $FTP_USERNAME -e ${CI_CONTAINER_NAME} FTP_PASSWORD $FTP_PASSWORD -e ${CI_CONTAINER_NAME} FTP_HOST $FTP_HOST
environment:
name: qa
url: $CI_ALB_URL