Newer
Older
.helm-test:
extends: .helm-base
stage: acceptance
before_script:
- *helm-scripts
- install_ca_certs "${CUSTOM_CA_CERTS:-$DEFAULT_CA_CERTS}"
- assert_defined "${ENV_KUBE_CONFIG:-${HELM_DEFAULT_KUBE_CONFIG:-${KUBECONFIG}}}" 'Missing required Kubeconfig'
- setup_kubeconfig "${ENV_KUBE_CONFIG:-${HELM_DEFAULT_KUBE_CONFIG}}"
script:
- test "$environment_type" "$environment_name" "${ENV_NAMESPACE:-${KUBE_NAMESPACE}}"
# ==================================================
# Stage: review
# ==================================================
# deploy to review env (only for feature branches)
# disabled by default, enable this job by setting $HELM_REVIEW_ENABLED
helm-review:
extends: .helm-deploy
variables:
ENV_TYPE: review
ENV_APP_NAME: "$HELM_REVIEW_APP_NAME"
ENV_URL: "${HELM_REVIEW_ENVIRONMENT_URL}"
ENV_URL_LEGACY: "${HELM_REVIEW_ENVIRONMENT_SCHEME}://${CI_PROJECT_NAME}-${CI_ENVIRONMENT_SLUG}.${HELM_REVIEW_ENVIRONMENT_DOMAIN}"
ENV_KUBE_CONFIG: "$HELM_REVIEW_KUBE_CONFIG"
ENV_NAMESPACE: "$HELM_REVIEW_NAMESPACE"
ENV_VALUES: "$HELM_REVIEW_VALUES"
environment:
name: review/$CI_COMMIT_REF_NAME
on_stop: helm-cleanup-review
resource_group: review/$CI_COMMIT_REF_NAME
rules:
# exclude tags and on $HELM_REVIEW_ENABLED not set
- if: '$HELM_REVIEW_ENABLED != "true" || $CI_COMMIT_TAG'
when: never
# only on non-production, non-integration branches
- if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
# stop review env (automatically triggered once branches are deleted)
helm-cleanup-review:
extends: .helm-cleanup
variables:
ENV_TYPE: review
ENV_APP_NAME: "$HELM_REVIEW_APP_NAME"
ENV_KUBE_CONFIG: "$HELM_REVIEW_KUBE_CONFIG"
ENV_NAMESPACE: "$HELM_REVIEW_NAMESPACE"
environment:
name: review/$CI_COMMIT_REF_NAME
action: stop
resource_group: review/$CI_COMMIT_REF_NAME
rules:
# exclude tags and on $HELM_REVIEW_ENABLED not set
- if: '$HELM_REVIEW_ENABLED != "true" || $CI_COMMIT_TAG'
when: never
# only on non-production, non-integration branches
- if: '$CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
when: manual
allow_failure: true
# test to review env (only for feature branches)
# disabled by default, enable this job by setting $HELM_REVIEW_ENABLED
helm-test-review:
extends: .helm-test
variables:
ENV_TYPE: review
ENV_KUBE_CONFIG: "$HELM_REVIEW_KUBE_CONFIG"
ENV_NAMESPACE: "$HELM_REVIEW_NAMESPACE"
rules:
- if: '$HELM_TEST_ENABLED != "true"'
when: never
- if: '$HELM_REVIEW_ENABLED != "true"'
when: never
# exclude on production or integration branch(es)
- if: '$CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF'
when: never
# then use common test jobs policy
- !reference [.test-policy, rules]
# ==================================================
# Stage: integration
# ==================================================
# deploy to integration env (only for integration branches)
# disabled by default, enable this job by setting $HELM_INTEG_ENABLED
helm-integration:
extends: .helm-deploy
variables:
ENV_TYPE: integration
ENV_APP_NAME: "$HELM_INTEG_APP_NAME"
ENV_URL: "${HELM_INTEG_ENVIRONMENT_URL}"
ENV_KUBE_CONFIG: "$HELM_INTEG_KUBE_CONFIG"
ENV_NAMESPACE: "$HELM_INTEG_NAMESPACE"
ENV_VALUES: "$HELM_INTEG_VALUES"
environment:
name: integration
on_stop: helm-cleanup-integration
resource_group: integration
rules:
# exclude on $HELM_INTEG_ENABLED not set
- if: '$HELM_INTEG_ENABLED != "true"'
when: never
# only on integration branch(es)
- if: '$CI_COMMIT_REF_NAME =~ $INTEG_REF'
# stop integration env (automatically triggered once branches are deleted)
helm-cleanup-integration:
extends: .helm-cleanup
variables:
ENV_TYPE: integration
ENV_APP_NAME: "$HELM_INTEG_APP_NAME"
ENV_KUBE_CONFIG: "$HELM_INTEG_KUBE_CONFIG"
ENV_NAMESPACE: "$HELM_INTEG_NAMESPACE"
environment:
name: integration
action: stop
resource_group: integration
rules:
# exclude on $HELM_INTEG_ENABLED not set
- if: '$HELM_INTEG_ENABLED != "true"'
when: never
# only on integration branch(es)
- if: '$CI_COMMIT_REF_NAME =~ $INTEG_REF'
when: manual
allow_failure: true
# test to integration env (only for integration branches)
# disabled by default, enable this job by setting $HELM_INTEG_ENABLED
helm-test-integration:
extends: .helm-test
variables:
ENV_TYPE: integration
ENV_KUBE_CONFIG: "$HELM_INTEG_KUBE_CONFIG"
ENV_NAMESPACE: "$HELM_INTEG_NAMESPACE"
ENV_VALUES: "$HELM_INTEG_VALUES"
rules:
- if: $CI_COMMIT_TAG
when: never
- if: '$HELM_TEST_ENABLED != "true"'
when: never
- if: '$HELM_INTEG_ENABLED != "true"'
# exclude on non-integration branch
- if: '$CI_COMMIT_REF_NAME !~ $INTEG_REF'
when: never
# then use common test jobs policy
- !reference [.test-policy, rules]
# ==================================================
# Stage: staging
# ==================================================
helm-staging:
extends: .helm-deploy
variables:
ENV_TYPE: staging
ENV_APP_NAME: "$HELM_STAGING_APP_NAME"
ENV_URL: "${HELM_STAGING_ENVIRONMENT_URL}"
ENV_KUBE_CONFIG: "$HELM_STAGING_KUBE_CONFIG"
ENV_NAMESPACE: "$HELM_STAGING_NAMESPACE"
ENV_VALUES: "$HELM_STAGING_VALUES"
environment:
name: staging
on_stop: helm-cleanup-staging
resource_group: staging
rules:
# exclude on $HELM_STAGING_ENABLED not set
- if: '$HELM_STAGING_ENABLED != "true"'
when: never
# only on production branch(es)
- if: '$CI_COMMIT_REF_NAME =~ $PROD_REF'
# stop staging env (automatically triggered once branches are deleted)
helm-cleanup-staging:
extends: .helm-cleanup
variables:
ENV_TYPE: staging
ENV_APP_NAME: "$HELM_STAGING_APP_NAME"
ENV_KUBE_CONFIG: "$HELM_STAGING_KUBE_CONFIG"
ENV_NAMESPACE: "$HELM_STAGING_NAMESPACE"
environment:
name: staging
action: stop
resource_group: staging
rules:
# exclude on $HELM_STAGING_ENABLED not set
- if: '$HELM_STAGING_ENABLED != "true"'
when: never
# only on production branch(es)
- if: '$CI_COMMIT_REF_NAME =~ $PROD_REF'
when: manual
allow_failure: true
helm-test-staging:
extends: .helm-test
variables:
ENV_TYPE: staging
ENV_KUBE_CONFIG: "$HELM_STAGING_KUBE_CONFIG"
ENV_NAMESPACE: "$HELM_STAGING_NAMESPACE"
ENV_VALUES: "$HELM_STAGING_VALUES"
rules:
- if: $CI_COMMIT_TAG
when: never
- if: '$HELM_TEST_ENABLED != "true"'
when: never
- if: '$HELM_STAGING_ENABLED != "true"'
# exclude on non-production branch
- if: '$CI_COMMIT_REF_NAME !~ $PROD_REF'
when: never
# then use common test jobs policy
- !reference [.test-policy, rules]
# ==================================================
# Stage: production
# ==================================================
helm-production:
extends: .helm-deploy
stage: production
variables:
ENV_TYPE: production
ENV_APP_NAME: "$HELM_PROD_APP_NAME"
ENV_APP_SUFFIX: ""
ENV_KUBE_CONFIG: "$HELM_PROD_KUBE_CONFIG"
ENV_NAMESPACE: "$HELM_PROD_NAMESPACE"
ENV_VALUES: "$HELM_PROD_VALUES"
environment:
name: production
resource_group: production
rules:
# exclude non-production branches
- if: '$CI_COMMIT_REF_NAME !~ $PROD_REF'
when: never
# exclude if $HELM_PROD_ENABLED not set
- if: '$HELM_PROD_ENABLED != "true"'
- if: '$AUTODEPLOY_TO_PROD == "true"'
# else if PUBLISH_ON_PROD enabled: auto (because the publish job was blocking)
- if: '$PUBLISH_ON_PROD == "true"'
# else: manual, blocking
- if: $CI_COMMIT_REF_NAME # useless test, just to prevent GitLab warning
