From a274314be32e19e74c3eb95def4e4e29a379e1f1 Mon Sep 17 00:00:00 2001 From: mahboobeh-binary Date: Fri, 3 Jul 2020 13:42:17 +0800 Subject: [PATCH 1/2] update release proc --- .circleci/config.yml | 109 ++++++++++++++++++++++++++----------------- 1 file changed, 65 insertions(+), 44 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 743f3ed..6ca32ca 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,7 +1,7 @@ version: 2.1 orbs: k8s: circleci/kubernetes@0.7.0 - s3: circleci/aws-s3@1.0.13 + slack: circleci/slack@3.4.2 commands: git_checkout_from_cache: description: "Git checkout and save cache" @@ -47,48 +47,37 @@ commands: key: npm-v1-{{ checksum "package.json" }} paths: - "node_modules" - build: description: "Build" steps: - run: name: "yarn build" command: yarn build - - compress: - description: "Compress" + deploy: + description: "Deploy to static branches" + parameters: + target_branch: + type: string steps: + - checkout + - attach_workspace: + at: lib + - run: + name: Tag build + command: echo "<< parameters.target_branch >> $(date -u +'%Y-%m-%dT%H:%M:%SZ')" > lib/version - run: - name: "Compress" + name: Install and configure dependencies command: | - pushd lib/ - tar -cvf artifact.tar * - mv artifact.tar ${OLDPWD}/ + sudo npm install -g gh-pages@2.0.1 + git config user.email "ci-build@binary.com" + git config user.name "ci-build" + - add_ssh_keys: + fingerprints: + - "35:e7:65:b0:73:62:54:bb:33:f4:bf:a9:6d:41:89:62" - run: - name: "Tag commit id as artifact identifer" - command: echo "${CIRCLE_SHA1}" > artifact-info.txt - - upload_artifact: - description: "upload build artifact to s3 bucket" - steps: - - s3/copy: - from: artifact.tar - to: 's3://${CONTEXT_ARTIFACT_S3_BUCKET}/${CIRCLE_PROJECT_REPONAME}/' - aws-access-key-id: env_CONTEXT_ARTIFACT_S3_AWS_ACCESS_KEY_ID - aws-secret-access-key: env_CONTEXT_ARTIFACT_S3_AWS_SECRET_ACCESS_KEY - aws-region: env_CONTEXT_ARTIFACT_S3_AWS_REGION - arguments: '--metadata "{\"x-amz-artifact-id\": \"${CIRCLE_SHA1}\" }"' - - upload_checksum: - description: "upload artifact checksum to s3" - steps: - - s3/copy: - from: artifact-info.txt - to: 's3://${CONTEXT_ARTIFACT_S3_BUCKET}/${CIRCLE_PROJECT_REPONAME}/' - aws-access-key-id: env_CONTEXT_ARTIFACT_S3_AWS_ACCESS_KEY_ID - aws-secret-access-key: env_CONTEXT_ARTIFACT_S3_AWS_SECRET_ACCESS_KEY - aws-region: env_CONTEXT_ARTIFACT_S3_AWS_REGION - docker: + name: Deploy docs to gh-pages branch + command: gh-pages -d lib --branch << parameters.target_branch >> --message '[skip ci]' + docker_build_push: description: "Build and Push image to docker hub" steps: - setup_remote_docker @@ -102,7 +91,6 @@ commands: echo $DOCKERHUB_PASSWORD | docker login -u $DOCKERHUB_USERNAME --password-stdin docker push ${DOCKHUB_ORGANISATION}/binary-static-liveapi:${CIRCLE_SHA1} docker push ${DOCKHUB_ORGANISATION}/binary-static-liveapi:latest - k8s_deploy: description: "Deploy to k8s cluster" steps: @@ -125,26 +113,59 @@ commands: kubectl --server=${KUBE_SERVER} --certificate-authority=ca.crt --token=$SERVICEACCOUNT_TOKEN set image deployment/liveapi-binary-com liveapi-binary-com=${DOCKHUB_ORGANISATION}/binary-static-liveapi:${CIRCLE_SHA1} fi done - + notify_slack: + description: "Notify slack" + steps: + - slack/status: + include_project_field: false + failure_message: "Release failed for liveapi.binary.com with version *$(cat lib/version)*" + success_message: "Release succeeded for liveapi.binary.com with version *$(cat lib/version)*" + webhook: ${SLACK_WEBHOOK} jobs: - release: + build: + docker: + - image: circleci/node:8.10.0-stretch + steps: + - git_checkout_from_cache + - npm_install + - build + release_production: + docker: + - image: circleci/node:8.10.0-stretch + steps: + - git_checkout_from_cache + - npm_install + - build + - deploy: + target_branch: "production" + - notify_slack + release_aws_production: docker: - image: circleci/node:9.9.0-stretch steps: - git_checkout_from_cache - npm_install - build - - compress - - upload_artifact # uploading the built code to s3 to create a backup of key services separate from Kubernetes deployment - - upload_checksum # uploading compressed artifact checksum to cross match artifact fingerprint - - docker - - k8s_deploy + - docker_build_push + - k8s_deploy + - notify_slack workflows: + build: + jobs: + - build release: jobs: - - release: + - release_production: + filters: + branches: + ignore: /.*/ + tags: + only: /^production.*/ + - release_aws_production: filters: branches: - only: /^master$/ - context: binary-frontend-artifact-upload # using context to retrieve shared secret from circle ci + ignore: /.*/ + tags: + only: /^production.*/ + context: binary-frontend-artifact-upload From 9cdb2143e0aa149b5870cb623d09bbae8b461886 Mon Sep 17 00:00:00 2001 From: mahboobeh-binary Date: Fri, 3 Jul 2020 14:31:23 +0800 Subject: [PATCH 2/2] update user key --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 6ca32ca..0382b7e 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -73,7 +73,7 @@ commands: git config user.name "ci-build" - add_ssh_keys: fingerprints: - - "35:e7:65:b0:73:62:54:bb:33:f4:bf:a9:6d:41:89:62" + - "01:67:4a:6d:26:9c:70:c4:1a:60:91:88:d9:dd:f0:83" - run: name: Deploy docs to gh-pages branch command: gh-pages -d lib --branch << parameters.target_branch >> --message '[skip ci]'