From 8cf9b726c8def395d3ce1047c44d922f353f8ae6 Mon Sep 17 00:00:00 2001 From: Divi Date: Fri, 20 Oct 2023 14:58:19 +0530 Subject: [PATCH] ci: update release pipeline to use argocd (#90) Co-authored-by: Samir Talwar Co-authored-by: nizar-m <19857260+nizar-m@users.noreply.github.com> --- .buildkite/release-config-server.yaml | 74 +++++++------------ ...cker.yaml => build-images-and-deploy.yaml} | 27 +++++++ ci/deploy.sh | 4 +- 3 files changed, 57 insertions(+), 48 deletions(-) rename .github/workflows/{nix-docker.yaml => build-images-and-deploy.yaml} (70%) diff --git a/.buildkite/release-config-server.yaml b/.buildkite/release-config-server.yaml index 33fac9716..1508b27a7 100644 --- a/.buildkite/release-config-server.yaml +++ b/.buildkite/release-config-server.yaml @@ -1,53 +1,9 @@ +# prettier-ignore agents: queue: "aws-v3-build-node-common" steps: - - label: ":docker: Build and push docker image" - key: build-and-push-docker-image - command: | - set -eu -o pipefail - - TAG=$(git log -1 '--format=format:%h' --abbrev=9) - DOCKER_TAG=$$DOCKER_REGISTRY/$$DOCKER_REPO:$$TAG - - echo "~~~ :buildkite: Storing release version in metadata" - buildkite-agent meta-data set "release-version" "$$TAG" - - echo "~~~ :docker: Configuring docker gcr helper" - docker-credential-gcr configure-docker --registries=$$DOCKER_REGISTRY - - echo "~~~ :docker: Building ndc-postgres-config-server image" - docker build --ssh default -t $$DOCKER_TAG -f ConfigServer.Dockerfile . - - echo "~~~ :docker: Pushing ndc-postgres-config-server image" - docker push $$DOCKER_TAG - - echo "~~~ :docker: Removing ndc-postgres-config-server image" - docker rmi $$DOCKER_TAG - env: - DOCKER_REGISTRY: us-docker.pkg.dev - DOCKER_REPO: hasura-ddn/ddn/ndc-postgres-config-server - plugins: - - hasura/smooth-secrets#v1.3.2: - secrets: - - strategy: aws-secrets-manager - key: github-user-keys/hasura-ci - type: ssh - region: us-east-2 - - gcp-workload-identity-federation#v1.0.0: - # We can change the aud - audience: "//iam.googleapis.com/projects/1025009031284/locations/global/workloadIdentityPools/hasura-ddn/providers/buildkite" - service-account: "hasura-ci-docker-writer@hasura-ddn.iam.gserviceaccount.com" - - hasura/smooth-checkout#v4.3.2: - repos: - - config: - - url: git@github.com:hasura/ndc-postgres.git - delete_checkout: true - interpolate_checkout_path: "$BUILDKITE_BUILD_CHECKOUT_PATH/$BUILDKITE_BUILD_ID/$BUILDKITE_JOB_ID" - - - label: ":kubernetes: Release to staging" - key: release-to-staging - depends_on: - - step: build-and-push-docker-image + - label: ":git: update tag in ddn-cloud" + key: update-tag command: .buildkite/scripts/release-component.sh "ndc-postgres-config-server" plugins: - hasura/smooth-secrets#v1.3.2: @@ -68,6 +24,30 @@ steps: ref: main delete_checkout: true interpolate_checkout_path: "$BUILDKITE_BUILD_CHECKOUT_PATH/$BUILDKITE_BUILD_ID/$BUILDKITE_JOB_ID" + - label: ":kubernetes: Deploy postgres-ndc-config-server to staging" + key: argocd-sync + agents: + queue: argocd-runner + depends_on: + - step: update-tag + command: | + echo y | argocd login --username admin --password $$ARGOCD_ADMIN_SECRET argocd.hasura-app.io --insecure + argocd app list --selector 'application=postgres-ndc-config-server' + argocd app sync --selector 'application=postgres-ndc-config-server' + plugins: + - hasura/smooth-secrets#v1.3.2: + secrets: + - strategy: aws-secrets-manager + key: ci-secrets/argocd/admin-secret + type: env + region: us-east-2 + name: ARGOCD_ADMIN_SECRET + - hasura/smooth-checkout#v4.3.2: + skip_checkout: true + - docker#v5.9.0: + image: "argoproj/argocd:v2.6.15" + environment: + - "ARGOCD_ADMIN_SECRET" notify: - slack: channels: diff --git a/.github/workflows/nix-docker.yaml b/.github/workflows/build-images-and-deploy.yaml similarity index 70% rename from .github/workflows/nix-docker.yaml rename to .github/workflows/build-images-and-deploy.yaml index bebde3dde..3d0e81aa1 100644 --- a/.github/workflows/nix-docker.yaml +++ b/.github/workflows/build-images-and-deploy.yaml @@ -61,6 +61,33 @@ jobs: - name: Build and deploy Docker images to GitHub Packages 🚀 run: nix run .#publish-docker-image '${{ github.ref }}' '${{ matrix.connector }}' 'ghcr.io/hasura/${{ matrix.connector }}' + - name: Deploy to staging + if: ${{ matrix.connector == 'ndc-postgres' && github.ref == 'refs/heads/main' }} + env: + BUILDKITE_AUTH_TOKEN: ${{ secrets.BUILDKITE_AUTH_TOKEN }} + run: | + long_sha=$(git rev-parse HEAD) + short_sha=$(git rev-parse --short=9 HEAD) + req_data=$(cat <