Commit b87b4e52 authored by Marcel Amirault's avatar Marcel Amirault

Merge branch 'szandany-master-patch-58616' into 'master'

This is a new template for Liquibase in a CI/CD Pipeline

See merge request gitlab-org/gitlab!81817
parents 595b3d00 9008f546
...@@ -167,6 +167,7 @@ options: ...@@ -167,6 +167,7 @@ options:
- p_ci_templates_implicit_security_cluster_image_scanning - p_ci_templates_implicit_security_cluster_image_scanning
- p_ci_templates_kaniko - p_ci_templates_kaniko
- p_ci_templates_qualys_iac_security - p_ci_templates_qualys_iac_security
- p_ci_templates_database_liquibase
distribution: distribution:
- ce - ce
- ee - ee
......
---
key_path: redis_hll_counters.ci_templates.p_ci_templates_database_liquibase_monthly
description: ""
product_section: ""
product_stage: ""
product_group: ""
product_category:
value_type: number
status: active
milestone: "14.9"
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/81817
time_frame: 28d
data_source: redis_hll
data_category: optional
instrumentation_class: RedisHLLMetric
distribution:
- ce
- ee
tier:
- free
- premium
- ultimate
options:
events:
- p_ci_templates_database_liquibase
...@@ -167,6 +167,7 @@ options: ...@@ -167,6 +167,7 @@ options:
- p_ci_templates_implicit_security_cluster_image_scanning - p_ci_templates_implicit_security_cluster_image_scanning
- p_ci_templates_kaniko - p_ci_templates_kaniko
- p_ci_templates_qualys_iac_security - p_ci_templates_qualys_iac_security
- p_ci_templates_database_liquibase
distribution: distribution:
- ce - ce
- ee - ee
......
---
key_path: redis_hll_counters.ci_templates.p_ci_templates_database_liquibase_weekly
description: ""
product_section: ""
product_stage: ""
product_group: ""
product_category: ""
value_type: number
status: active
milestone: "14.9"
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/81817
time_frame: 7d
data_source: redis_hll
data_category: optional
instrumentation_class: RedisHLLMetric
distribution:
- ce
- ee
tier:
- free
- premium
- ultimate
options:
events:
- p_ci_templates_database_liquibase
# This file is a template, and might need editing before it works on your project.
# Here is a live project example that is using this template:
# https://gitlab.com/szandany/h2
# To contribute improvements to CI/CD templates, please follow the Development guide at:
# https://docs.gitlab.com/ee/development/cicd/templates.html
# This specific template is located at:
# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Database/liquibase.gitlab-ci.yml
# This template must be configured with CI/CD variables before it will work.
# See https://www.liquibase.com/blog/secure-database-developer-flow-using-gitlab-pipelines
# to learn how to configure the Liquibase template by using variables.
# Be sure to add the variables before running pipelines with this template.
# You may not want to run all the jobs in this template. You can comment out or delete the jobs you don't wish to use.
# List of stages for jobs and their order of execution.
stages:
- build
- test
- deploy
- compare
# Helper functions to determine if the database is ready for deployments (function isUpToDate) or rollbacks (function isRollback) when tag is applied.
.functions: &functions |
function isUpToDate(){
status=$(liquibase status --verbose)
if [[ $status == *'is up to date'* ]]; then
echo "database is already up to date" & exit 0
fi;
}
function isRollback(){
if [ -z "$TAG" ]; then
echo "No TAG provided, running any pending changes"
elif [[ "$(liquibase rollbackSQL $TAG)" ]]; then
liquibase --logLevel=info --logFile=${CI_JOB_NAME}_${CI_PIPELINE_ID}.log rollback $TAG && exit 0
else exit 0
fi;
}
# This is a series of Liquibase commands that can be run while doing database migrations from Liquibase docs at https://docs.liquibase.com/commands/home.html
.liquibase_job:
image: liquibase/liquibase:latest # Using the Liquibase Docker Image at - https://hub.docker.com/r/liquibase/liquibase
before_script:
- liquibase --version
- *functions
- isRollback
- isUpToDate
- liquibase checks run
- liquibase update
- liquibase rollbackOneUpdate --force # This is a Pro command. Try Pro free trial here - https://liquibase.org/try-liquibase-pro-free
- liquibase tag $CI_PIPELINE_ID
- liquibase --logFile=${CI_JOB_NAME}_${CI_PIPELINE_ID}.log --logLevel=info update
- liquibase history
artifacts:
paths:
- ${CI_JOB_NAME}_${CI_PIPELINE_ID}.log
expire_in: 1 week
# This job runs in the build stage, which runs first.
build-job:
extends: .liquibase_job
stage: build
environment:
name: DEV
script:
- echo "This job tested successfully with liquibase in DEV environment"
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
# This job runs in the test stage. It only starts when the job in the build stage completes successfully.
test-job:
extends: .liquibase_job
stage: test
environment:
name: TEST
script:
- echo "This job testsed successfully with liquibase in TEST environment"
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
# This job runs in the deploy stage. It only starts when the jobs in the test stage completes successfully.
deploy-prod:
extends: .liquibase_job
stage: deploy
environment:
name: PROD
script:
- echo "This job deployed successfully Liquibase in a production environment from the $CI_COMMIT_BRANCH branch."
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
# This job compares dev database with test database to detect any drifts in the pipeline. Learn more about comparing database with Liquibase here https://docs.liquibase.com/commands/diff.html
DEV->TEST:
image: liquibase/liquibase:latest # Using the Liquibase Docker Image
stage: compare
environment:
name: TEST
script:
- echo "Comparing databases DEV --> TEST"
- liquibase diff
- liquibase --outputFile=diff_between_DEV_TEST.json diff --format=json
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
artifacts:
paths:
- diff_between_DEV_TEST.json
expire_in: 1 week
# This job compares test database with prod database to detect any drifts in the pipeline.
TEST->PROD:
image: liquibase/liquibase:latest # Using the Liquibase Docker Image
stage: compare
environment:
name: PROD
script:
- echo "Comparing databases TEST --> PROD"
- liquibase diff
- liquibase --outputFile=diff_between_TEST_PROD.json diff --format=json
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
artifacts:
paths:
- diff_between_TEST_PROD.json
expire_in: 1 week
# This job creates a snapshot of prod database. You can use the snapshot file to run comparisons with the production database to investigate for any potential issues. https://www.liquibase.com/devsecops
snapshot PROD:
image: liquibase/liquibase:latest # Using the Liquibase Docker Image
stage: .post
environment:
name: PROD
script:
- echo "Snapshotting database PROD"
- liquibase --outputFile=snapshot_PROD_${CI_PIPELINE_ID}.json snapshot --snapshotFormat=json --log-level debug
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
artifacts:
paths:
- snapshot_PROD_${CI_PIPELINE_ID}.json
expire_in: 1 week
...@@ -615,3 +615,7 @@ ...@@ -615,3 +615,7 @@
category: ci_templates category: ci_templates
redis_slot: ci_templates redis_slot: ci_templates
aggregation: weekly aggregation: weekly
- name: p_ci_templates_database_liquibase
category: ci_templates
redis_slot: ci_templates
aggregation: weekly
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment