gitlab-ci.yaml

image: artifactory.gitlab-runner-image
variables: 
    EKS_CLUSTER_NAME: "cluster-name" 
    ACCOUNT ID: "account-id" 
stages: 
    - Terraform-EKS-Cluster-Creation 
    - IAM-Role-Addition-Test-Connectivity 
    - ArgoCD-EKS-Cluster-Addition 
    - Nginx-Controller-setup 
build-eks-create: 
     stage: Terraform-EKS-Cluster-Creation 
     image: artifactory.terraform-image
     tags: 
         - wireless-grouprunner-cicd 
     script: 
          - ls 
          - export AWS_DEFAULT_REGION 
          - AWS_STS_REGIONAL_ENOPOINTS=regional
          - export AWS_STS_REGIONAL_ENDPOINTS
          - aws sts get-caller-identity --endpoint-url $epurl 
          - json_out=$(aws sts assume role --role-arn arn:aws:iam::$ACCOUNT_ID:role/Gitlab-Runner-Role --role session name "$session_name" --endpoint-url $epurl)
          - aws_access_key_id=$(echo "$json_out" | jq -r " .Credentials. .AccessKeyId") 
          - aws_secret_access_key=$(echo "$json_out" | jq -r ".Credentials.SecretAccessKey") 
          - aws_session_token=$(echo "$json_out" | jq -r ".Credentials.5essionToken") 
          - export AWS_ACCESS_KEY_ID="$aws_access_key_id"
          - export AWS_SECRET_ACCESS_KEY="$aws_secret_access_key" 
          - export AWS_SESSION_TOKEN="$aws_session_token" 
          - chmod -R 777 ferraform-provider-aws_v2.54.0_x4 
          - terraform init -plugin-dir .
          - terraform validate
          - export TF_LOG=DEBUG
          - terraform plan -input=false
          - terraform apply -auto-approve -input=false

build-test-eks-connectivity: 
     stage: IAM-Role-Addition-Test-Connectivity 
     image: artifactory.gitlab-runner-image
     tags: 
        - wireless-grouprunner-cicd 
     script: 
         - ls -la 
         - export AWS_DEFAULT_REGION 
         - AWS_STS_REGIONAL_ENDPOINTS=regional 
         - export AWS_STS_REGIONAL_ENDPOINTS 
         - aws sts get-caller-identity --endpoint-url $epurl 
         - json_out=$(aws sts assume-role --role-arn arn:aws:iam::$ACCOUNT_ID:role/Gitlab-Runner-Role role session-name "$session_name" --endpoint-url $epurl)
         - aws access key_id=$(echo "$json_out" | jq -r ".Credentials.AccessKeyId") 
         - aws_secret_access_key=$(echo "$json_out" | jq -r ".Credentials.SecretAccessKey") 
         - aws_session_token=$(echo "$json_out" | jq -r ".Credentials.SessionToken") 
         - export AWS_ACCESS_KEY_ID="$aws_access_key_id" 
         - export AWS_SECRET_ACCESS_KEY="$aws_secret_access_key" 
         - export AWS_SESSION_TOKEN="$aws_session_token" 
         - aws eks --region us-east-1 update-kubeconfig --name $EKS_CLUSTER_NAME 
         - kubectl config get-contexts 
         - ls /root/ 
         - kubectl get cm aws-auth -n kube-system -o yaml 
         - kubectl delete cm aws-auth -n kube-system 
         - kubectl apply -f aws-auth-cm.yaml -n kube-system 
         - kubectl get cm aws-auth -n kube-system -o yaml 
         - kubectl create ns cs 
         - kubectl get ns
         - kubectl run --image $ARTIFACTORY_IMAGE_PATH nginx-test --restart=Always --expose --port=80 -n cs -o yaml
         - kubectl get svc -A
         - kubectl delete svc nginx-test -n cs
         - kubectl delete pod nginx-test -n cs
         - kubectl delete ns cs
         - >
           if [ "$namespace == "your-namespace" ]; then
             kubectl get ns | grep $namespace
           else
             kubectl create ns $namespace
           fi
build-argocd-eks-cluster-add: 
     stage: ArgoCD-EKS-Cluster-Addition 
     tags:
          - wireless-grouprunner-cicd 
     script: 
         - export AWS_DEFAULT_REGION 
         - AWS_STS_REGIONAL_ENDPOINTS=regional 
         - export AWS_STS_REGIONAL_ENDPOINTS 
         - aws sts get-caller-identity --endpoint-url $epurl 
         - json_out=$(aws sts assume-role --role-arn arn:aws:iam,$ACCOUNT_ID:role/Gitlab-Runner-Role role sesion name "$session_name" --endpoint-url $epurl) 
         - aws_access_key_id=$(echo "$json_out" | jq -r ".Credentials.AccessKeyId") 
         - aws_secret_access_key=$(echo "Sjson_out" | jq -r ".Credentials.SecretAccessKey") 
         - aws_session_token.$(echo "$json_out" | jq -r ".Credentials.SessionToken") 
         - export AWS_ACCESS_KEY ID="$aws_access_key_id" 
         - export AWS_SECRET_ACCESS_KEY=$aws_secret_access_key" 
         - export AWS_SESSION_TOKEN="$aws_session_token" 
         - aws eks --region us-east-1 update-kubeconfig --name SEKS_CLUSTER_NAME 
         - argocd login $ARGOCD_URL --insecure --username admin --password $ARGOCD_PASSWORD 
         - argocd cluster add arn:aws:eks:us-east-1:$ACCONNT_ID:cluster/$EKS_CLUSTER_NAME 

build-nginx-controller: 
     stage: Nginx-Controller-setup 
     tags: 
         - wireless-grouprunner-cicd
     script: 
         - export AWS_DEFAULT_REGION 
         - AWS_STS_REGIONAL_ENDPOINTS=regional 
         - export AWS_STS_REGIONAL_ENDPOINTS 
         - aws sts get-caller-identity --endpoint-url $epurl 
         - json_out=$(aws sts assume role role arn arn:aws:iam::$ACCOUNT_ID:role/Gitlab-Runner-Role --role-session-name "$session_name" --endpoint-url $epurl)
         - aws_access_key_id=$(echo "$json_out" | jq -r ".Credentials.AccessKeyId") 
         - aws_secret_access_key=$(echo "$json_out" | jq -r ".Credentials.SecretAccessKey") 
         - aws_session_token=$(echo "$json_out" | jq -r ".Credentials.SessionToken") 
         - export AWS ACCESS_KEY_ID."$aws_access_key_id" 
         - export AWS_SECRET_ACCESS_KEY="$aws_secret_access_key" 
         - export AWS_SESSION_TOKEN="$aws_session_token" 
         - aws eks --region us-east-1 update-kubeconfig --name $EKS_CLUSTER_NAME 
         - git clone https://github.com/nginxinc/kubernetes-ingress.git
         - cd kubernetes-ingress/deployments/
         - kubectl apply -f common/ns-and-sa.yaml
         - kubectl apply -f common/default-server-secret.yaml
         - kubectl apply -f common/nginx-config.yaml
         - kubectl apply -f rbac/rbac.yaml
         - kubectl apply -f common/ingress-class.yaml
         - kubectl apply -f deployment/nginx-ingress.yaml
         - kubectl get pods --namespace=nginx-ingress
         - git clone https://github.com/metrics.git
         - kubectl create -f metric-server/components.yaml 
         - git clone https://github.com/argocd.git 
         - kubectl create ns argocd 
         - kubectl apply -f argocd/argocd-rollout-controller/controller.yaml -n argocd