Commit 79bb8eeb authored by Ian Baum's avatar Ian Baum

Add review app to gitlab-ce

* Uses the same supporting code as used in EE
* Includes automated cleanup
* Install external-dns helm chart to review apps cluster if it isn't
already
* Adds variables REVIEW_APPS_AWS_SECRET_KEY and
REVIEW_APPS_AWS_ACCESS_key
* review-apps-ce uses a different cipher
parent 9ad19c53
...@@ -1110,9 +1110,8 @@ no_ee_check: ...@@ -1110,9 +1110,8 @@ no_ee_check:
only: only:
- //@gitlab-org/gitlab-ce - //@gitlab-org/gitlab-ce
# GitLab EE Review apps # GitLab Review apps
review: review:
<<: *dedicated-no-docs-pull-cache-job
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
stage: test stage: test
allow_failure: true allow_failure: true
...@@ -1134,6 +1133,7 @@ review: ...@@ -1134,6 +1133,7 @@ review:
- ensure_namespace - ensure_namespace
- install_tiller - install_tiller
- create_secret - create_secret
- install_external_dns
- deploy - deploy
environment: environment:
name: review/$CI_COMMIT_REF_NAME name: review/$CI_COMMIT_REF_NAME
...@@ -1141,6 +1141,7 @@ review: ...@@ -1141,6 +1141,7 @@ review:
on_stop: stop_review on_stop: stop_review
only: only:
refs: refs:
- branches@gitlab-org/gitlab-ce
- branches@gitlab-org/gitlab-ee - branches@gitlab-org/gitlab-ee
kubernetes: active kubernetes: active
except: except:
...@@ -1151,7 +1152,7 @@ review: ...@@ -1151,7 +1152,7 @@ review:
stop_review: stop_review:
<<: *single-script-job <<: *single-script-job
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
stage: post-cleanup stage: test
allow_failure: true allow_failure: true
cache: {} cache: {}
dependencies: [] dependencies: []
...@@ -1167,6 +1168,7 @@ stop_review: ...@@ -1167,6 +1168,7 @@ stop_review:
action: stop action: stop
only: only:
refs: refs:
- branches@gitlab-org/gitlab-ce
- branches@gitlab-org/gitlab-ee - branches@gitlab-org/gitlab-ee
kubernetes: active kubernetes: active
except: except:
...@@ -1176,7 +1178,7 @@ stop_review: ...@@ -1176,7 +1178,7 @@ stop_review:
automated_review_cleanup: automated_review_cleanup:
<<: *dedicated-no-docs-pull-cache-job <<: *dedicated-no-docs-pull-cache-job
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
stage: build stage: post-cleanup
allow_failure: true allow_failure: true
cache: {} cache: {}
dependencies: [] dependencies: []
...@@ -1188,6 +1190,7 @@ automated_review_cleanup: ...@@ -1188,6 +1190,7 @@ automated_review_cleanup:
- ruby -rrubygems scripts/review_apps/automated_cleanup.rb - ruby -rrubygems scripts/review_apps/automated_cleanup.rb
only: only:
refs: refs:
- schedules@gitlab-org/gitlab-ce
- schedules@gitlab-org/gitlab-ee - schedules@gitlab-org/gitlab-ee
except: except:
- tags - tags
......
...@@ -47,15 +47,23 @@ function create_secret() { ...@@ -47,15 +47,23 @@ function create_secret() {
--dry-run -o json | kubectl apply -f - --dry-run -o json | kubectl apply -f -
} }
function deployExists() {
local namespace="${1}"
local deploy="${2}"
helm status --tiller-namespace "${namespace}" "${deploy}" >/dev/null 2>&1
return $?
}
function previousDeployFailed() { function previousDeployFailed() {
set +e set +e
echo "Checking for previous deployment of $CI_ENVIRONMENT_SLUG" deploy="${1}"
deployment_status=$(helm status $CI_ENVIRONMENT_SLUG >/dev/null 2>&1) echo "Checking for previous deployment of ${deploy}"
deployment_status=$(helm status ${deploy} >/dev/null 2>&1)
status=$? status=$?
# if `status` is `0`, deployment exists, has a status # if `status` is `0`, deployment exists, has a status
if [ $status -eq 0 ]; then if [ $status -eq 0 ]; then
echo "Previous deployment found, checking status" echo "Previous deployment found, checking status"
deployment_status=$(helm status $CI_ENVIRONMENT_SLUG | grep ^STATUS | cut -d' ' -f2) deployment_status=$(helm status ${deploy} | grep ^STATUS | cut -d' ' -f2)
echo "Previous deployment state: $deployment_status" echo "Previous deployment state: $deployment_status"
if [[ "$deployment_status" == "FAILED" || "$deployment_status" == "PENDING_UPGRADE" || "$deployment_status" == "PENDING_INSTALL" ]]; then if [[ "$deployment_status" == "FAILED" || "$deployment_status" == "PENDING_UPGRADE" || "$deployment_status" == "PENDING_INSTALL" ]]; then
status=0; status=0;
...@@ -113,7 +121,7 @@ function deploy() { ...@@ -113,7 +121,7 @@ function deploy() {
fi fi
# Cleanup and previous installs, as FAILED and PENDING_UPGRADE will cause errors with `upgrade` # Cleanup and previous installs, as FAILED and PENDING_UPGRADE will cause errors with `upgrade`
if [ "$CI_ENVIRONMENT_SLUG" != "production" ] && previousDeployFailed ; then if [ "$CI_ENVIRONMENT_SLUG" != "production" ] && previousDeployFailed "$CI_ENVIRONMENT_SLUG" ; then
echo "Deployment in bad state, cleaning up $CI_ENVIRONMENT_SLUG" echo "Deployment in bad state, cleaning up $CI_ENVIRONMENT_SLUG"
delete delete
cleanup cleanup
...@@ -149,6 +157,7 @@ HELM_CMD=$(cat << EOF ...@@ -149,6 +157,7 @@ HELM_CMD=$(cat << EOF
--set gitlab.gitlab-shell.image.tag="v$GITLAB_SHELL_VERSION" \ --set gitlab.gitlab-shell.image.tag="v$GITLAB_SHELL_VERSION" \
--set gitlab.unicorn.workhorse.image="$gitlab_workhorse_image_repository" \ --set gitlab.unicorn.workhorse.image="$gitlab_workhorse_image_repository" \
--set gitlab.unicorn.workhorse.tag="$CI_COMMIT_REF_NAME" \ --set gitlab.unicorn.workhorse.tag="$CI_COMMIT_REF_NAME" \
--set nginx-ingress.controller.config.ssl-ciphers="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4" \
--namespace="$KUBE_NAMESPACE" \ --namespace="$KUBE_NAMESPACE" \
--version="$CI_PIPELINE_ID-$CI_JOB_ID" \ --version="$CI_PIPELINE_ID-$CI_JOB_ID" \
"$name" \ "$name" \
...@@ -182,3 +191,23 @@ function cleanup() { ...@@ -182,3 +191,23 @@ function cleanup() {
| xargs kubectl -n "$KUBE_NAMESPACE" delete \ | xargs kubectl -n "$KUBE_NAMESPACE" delete \
|| true || true
} }
function install_external_dns() {
local release_name="dns-gitlab-review-app"
local domain=$(echo "${REVIEW_APPS_DOMAIN}" | awk -F. '{printf "%s.%s", $(NF-1), $NF}')
if ! deployExists "${KUBE_NAMESPACE}" "${release_name}" || previousDeployFailed "${release_name}" ; then
echo "Installing external-dns helm chart"
helm repo update
helm install stable/external-dns \
-n "${release_name}" \
--namespace "${KUBE_NAMESPACE}" \
--set provider="aws" \
--set aws.secretKey="${REVIEW_APPS_AWS_SECRET_KEY}" \
--set aws.accessKey="${REVIEW_APPS_AWS_ACCESS_KEY}" \
--set aws.zoneType="public" \
--set domainFilters[0]="${domain}" \
--set txtOwnerId="${KUBE_NAMESPACE}" \
--set rbac.create="true"
fi
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment