forked from webdevelop-pro/migration-service
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloudbuild.yaml
100 lines (92 loc) · 2.89 KB
/
cloudbuild.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
substitutions:
_SERVICE_NAME: migration
steps:
# start db
- name: 'postgres:13.3-alpine'
id: run-db
env:
- POSTGRES_DB=test
- POSTGRES_USER=postgres
- POSTGRES_HOST_AUTH_METHOD=trust
waitFor: ['-']
# compile
- name: 'gcr.io/cloud-builders/go'
id: build
args: ['build', '-o', 'app', './cmd/$_SERVICE_NAME']
waitFor: ['-']
# test
- name: 'gcr.io/cloud-builders/go'
id: run-tests
args: ['test', './...']
waitFor: ['-']
env:
- DB_USER=postgres
- DB_DATABASE=test
- DB_HOST=step_0
- DB_PASSWORD=''
- MIGRATION_DIR=/workspace/gopath/src/github.com/webdevelop-pro/migration/migrations
# security check
- name: 'golang:alpine'
id: run-security-check
entrypoint: 'sh'
args:
- '-c'
- |
export GOPATH=`go env GOPATH`
mkdir -p $$GOPATH/src/$$PROJECT_ROOT
cp -rp /workspace/* $$GOPATH/src/$$PROJECT_ROOT/
cd $$GOPATH/src/$$PROJECT_ROOT
wget -O - -q https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s latest
GO111MODULE=off ./bin/gosec ./...
waitFor: ['-']
- name: 'gcr.io/cloud-builders/docker'
id: stop-db
args: ['container', 'stop', 'step_0']
waitFor:
- run-tests
# build docker image
- name: 'gcr.io/cloud-builders/docker'
id: build-docker
waitFor:
- build
- run-tests
- run-security-check
entrypoint: 'sh'
args:
- '-c'
- |
if [ "$BRANCH_NAME" = "master" -o "$BRANCH_NAME" = "dev" ]; then
docker build -t 'gcr.io/$PROJECT_ID/$_SERVICE_NAME:$COMMIT_SHA' -t 'gcr.io/$PROJECT_ID/$_SERVICE_NAME:latest' .
docker push 'gcr.io/$PROJECT_ID/$_SERVICE_NAME:$COMMIT_SHA'
docker push 'gcr.io/$PROJECT_ID/$_SERVICE_NAME:latest'
elif [ "$BRANCH_NAME" = "stage" ]; then
docker build -t 'gcr.io/$PROJECT_ID/$_SERVICE_NAME-stage:$COMMIT_SHA' -t 'gcr.io/$PROJECT_ID/$_SERVICE_NAME-stage:latest' .
docker push 'gcr.io/$PROJECT_ID/$_SERVICE_NAME-stage:$COMMIT_SHA'
docker push 'gcr.io/$PROJECT_ID/$_SERVICE_NAME-stage:latest'
else
echo "Not building on branch $BRANCH_NAME"
fi
# deploy
- name: 'gcr.io/cloud-builders/gke-deploy'
id: deploy
waitFor:
- build-docker
entrypoint: 'sh'
args:
- '-c'
- |
if [ "$BRANCH_NAME" = "master" ]; then
if [ "$PROJECT_ID" != "acretrader-live" ]; then exit; fi
gcloud --quiet container clusters get-credentials --region us-central1 master
elif [ "$BRANCH_NAME" = "dev" -o "$BRANCH_NAME" = "stage" ]; then
gcloud --quiet container clusters get-credentials --region us-central1 dev2
else
echo "Not deploying on branch $BRANCH_NAME"
exit;
fi
if [ "$BRANCH_NAME" = "stage" ]; then
SVC=$_SERVICE_NAME-stage
else
SVC=$_SERVICE_NAME
fi
kubectl get deployment/$$SVC -o yaml | gke-deploy run -f - -i gcr.io/$PROJECT_ID/$$SVC:$COMMIT_SHA -a $$SVC