Commit 830379e8 authored by Dmytro Zaporozhets (DZ)'s avatar Dmytro Zaporozhets (DZ)

Merge branch 'dz-5-minute-prod-app-ci-template' into 'master'

Add 5-minute-production-app CI template

See merge request gitlab-org/gitlab!49487
parents 2866453e 24c1d345
---
title: Add 5-minute-production-app CI template
merge_request: 49487
author:
type: added
# This template is on early stage of development.
# Use it with caution. For usage instruction please read
# https://gitlab.com/gitlab-org/5-minute-production-app/deploy-template/-/blob/v2.3.0/README.md
include:
# workflow rules to prevent duplicate detached pipelines
- template: 'Workflows/Branch-Pipelines.gitlab-ci.yml'
# auto devops build
- template: 'Jobs/Build.gitlab-ci.yml'
stages:
- build
- test
- provision
- deploy
- destroy
variables:
TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/${CI_COMMIT_REF_SLUG}
TF_VAR_ENVIRONMENT_NAME: ${CI_PROJECT_PATH_SLUG}_${CI_PROJECT_ID}_${CI_COMMIT_REF_SLUG}
TF_VAR_SERVICE_DESK_EMAIL: incoming+${CI_PROJECT_PATH_SLUG}-${CI_PROJECT_ID}-issue-@incoming.gitlab.com
TF_VAR_SHORT_ENVIRONMENT_NAME: ${CI_PROJECT_ID}-${CI_COMMIT_REF_SLUG}
TF_VAR_SMTP_FROM: ${SMTP_FROM}
cache:
paths:
- .terraform
.needs_aws_vars:
rules:
- if: '$AWS_ACCESS_KEY_ID && $AWS_SECRET_ACCESS_KEY && $AWS_DEFAULT_REGION'
when: on_success
- when: never
terraform_apply:
stage: provision
image: registry.gitlab.com/gitlab-org/5-minute-production-app/deploy-template/stable
extends: .needs_aws_vars
resource_group: terraform
before_script:
- cp /*.tf .
- cp /deploy.sh .
script:
- gitlab-terraform init
- gitlab-terraform plan
- gitlab-terraform plan-json
- gitlab-terraform apply
deploy:
stage: deploy
image: registry.gitlab.com/gitlab-org/5-minute-production-app/deploy-template/stable
extends: .needs_aws_vars
resource_group: deploy
before_script:
- cp /*.tf .
- cp /deploy.sh .
- cp /conf.nginx .
script:
- ./deploy.sh
artifacts:
reports:
dotenv: deploy.env
environment:
name: $CI_COMMIT_REF_SLUG
url: $DYNAMIC_ENVIRONMENT_URL
on_stop: terraform_destroy
terraform_destroy:
variables:
GIT_STRATEGY: none
stage: destroy
image: registry.gitlab.com/gitlab-org/5-minute-production-app/deploy-template/stable
before_script:
- cp /*.tf .
- cp /deploy.sh .
script:
- gitlab-terraform destroy -auto-approve
environment:
name: $CI_COMMIT_REF_SLUG
action: stop
rules:
- if: '$AWS_ACCESS_KEY_ID && $AWS_SECRET_ACCESS_KEY && $AWS_DEFAULT_REGION && $CI_COMMIT_REF_PROTECTED == "false"'
when: manual
- when: never
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe '5-Minute-Production-App.gitlab-ci.yml' do
subject(:template) { Gitlab::Template::GitlabCiYmlTemplate.find('5-Minute-Production-App') }
describe 'the created pipeline' do
let_it_be(:project) { create(:project, :auto_devops, :custom_repo, files: { 'README.md' => '' }) }
let(:user) { project.owner }
let(:default_branch) { 'master' }
let(:pipeline_branch) { default_branch }
let(:service) { Ci::CreatePipelineService.new(project, user, ref: pipeline_branch ) }
let(:pipeline) { service.execute!(:push) }
let(:build_names) { pipeline.builds.pluck(:name) }
before do
stub_ci_pipeline_yaml_file(template.content)
end
it 'creates only build job' do
expect(build_names).to match_array('build')
end
context 'when AWS variables are set' do
before do
create(:ci_variable, project: project, key: 'AWS_ACCESS_KEY_ID', value: 'AKIAIOSFODNN7EXAMPLE')
create(:ci_variable, project: project, key: 'AWS_SECRET_ACCESS_KEY', value: 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY')
create(:ci_variable, project: project, key: 'AWS_DEFAULT_REGION', value: 'us-west-2')
end
it 'creates all jobs' do
expect(build_names).to match_array(%w(build terraform_apply deploy terraform_destroy))
end
context 'pipeline branch is protected' do
before do
create(:protected_branch, project: project, name: pipeline_branch)
project.reload
end
it 'does not create a destroy job' do
expect(build_names).to match_array(%w(build terraform_apply deploy))
end
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment