afoninsky/circleci.yml

## circleci.yml
general:
  branches:
    ignore: # https://discuss.circleci.com/t/deploy-on-tag-not-running-please-help/5104/8
      - /^(?!noSuchBranch).*$/

machine:
  environment:
    REGISTRY_URL: us.gcr.io
    GOOGLE_PROJECT_NAME: spair-api
    CLUSTER_NAME: edissons-cluster
    CLOUDSDK_COMPUTE_ZONE: us-central1-f
    SERVICE_NAME: helloworld
  services:
    - docker

dependencies:
  pre:
    # spread variables to all commands
    - echo "export IMAGE_TAG=$REGISTRY_URL/$GOOGLE_PROJECT_NAME/$SERVICE_NAME:${CIRCLE_TAG:-`jq -r '"v" + .version' package.json`}" >> ~/.circlerc
  override:
    # build docker image with service
    - docker build -t $IMAGE_TAG .

test:
  override:
    - echo $CIRCLE_TAG
    # run tests and push coverage report to artifacts so circleci can display it
    # secutiry issue: coverage reports can show your code to unauthorized users
    # - mkdir -p $CIRCLE_ARTIFACTS/coverage
    # - docker run -v $CIRCLE_ARTIFACTS/coverage:/usr/src/app/coverage $IMAGE_TAG bash -c "npm test && ./node_modules/.bin/nyc report --reporter html"
    - docker run $IMAGE_TAG npm test

deployment:
  staging:
    tag: /v[0-9]+(\.[0-9]+)*/
    commands:
      # auth docker with google registry, setup access to kubernetes
      - sudo /opt/google-cloud-sdk/bin/gcloud --quiet components update
      - sudo /opt/google-cloud-sdk/bin/gcloud --quiet components update kubectl
      - echo $GCLOUD_SERVICE_KEY | base64 --decode -i > ~/gcloud-service-key.json # GCLOUD_SERVICE_KEY = base64 <your-service-account.json>
      - sudo /opt/google-cloud-sdk/bin/gcloud auth activate-service-account --key-file ~/gcloud-service-key.json
      - sudo /opt/google-cloud-sdk/bin/gcloud config set project $GOOGLE_PROJECT_NAME
      - sudo /opt/google-cloud-sdk/bin/gcloud config set container/cluster $CLUSTER_NAME
      - sudo /opt/google-cloud-sdk/bin/gcloud config set compute/zone $CLOUDSDK_COMPUTE_ZONE
      - sudo /opt/google-cloud-sdk/bin/gcloud container clusters get-credentials $CLUSTER_NAME
      - cp ~/gcloud-service-key.json ~/.config/gcloud/application_default_credentials.json
      # push container into registry, update deployment
      - sudo /opt/google-cloud-sdk/bin/gcloud docker push $IMAGE_TAG
      - sudo chown -R ubuntu:ubuntu /home/ubuntu/.kube
      - kubectl patch --namespace=staging -f deployment.yml -p '{"spec":{"template":{"spec":{"containers":[{"name":"service","image":"'"$IMAGE_TAG"'"}]}}}}'
	general:
	branches:
	ignore: # https://discuss.circleci.com/t/deploy-on-tag-not-running-please-help/5104/8
	- /^(?!noSuchBranch).*$/

	machine:
	environment:
	REGISTRY_URL: us.gcr.io
	GOOGLE_PROJECT_NAME: spair-api
	CLUSTER_NAME: edissons-cluster
	CLOUDSDK_COMPUTE_ZONE: us-central1-f
	SERVICE_NAME: helloworld
	services:
	- docker

	dependencies:
	pre:
	# spread variables to all commands
	- echo "export IMAGE_TAG=$REGISTRY_URL/$GOOGLE_PROJECT_NAME/$SERVICE_NAME:${CIRCLE_TAG:-`jq -r '"v" + .version' package.json`}" >> ~/.circlerc
	override:
	# build docker image with service
	- docker build -t $IMAGE_TAG .

	test:
	override:
	- echo $CIRCLE_TAG
	# run tests and push coverage report to artifacts so circleci can display it
	# secutiry issue: coverage reports can show your code to unauthorized users
	# - mkdir -p $CIRCLE_ARTIFACTS/coverage
	# - docker run -v $CIRCLE_ARTIFACTS/coverage:/usr/src/app/coverage $IMAGE_TAG bash -c "npm test && ./node_modules/.bin/nyc report --reporter html"
	- docker run $IMAGE_TAG npm test

	deployment:
	staging:
	tag: /v[0-9]+(\.[0-9]+)*/
	commands:
	# auth docker with google registry, setup access to kubernetes
	- sudo /opt/google-cloud-sdk/bin/gcloud --quiet components update
	- sudo /opt/google-cloud-sdk/bin/gcloud --quiet components update kubectl
	- echo $GCLOUD_SERVICE_KEY \| base64 --decode -i > ~/gcloud-service-key.json # GCLOUD_SERVICE_KEY = base64 <your-service-account.json>
	- sudo /opt/google-cloud-sdk/bin/gcloud auth activate-service-account --key-file ~/gcloud-service-key.json
	- sudo /opt/google-cloud-sdk/bin/gcloud config set project $GOOGLE_PROJECT_NAME
	- sudo /opt/google-cloud-sdk/bin/gcloud config set container/cluster $CLUSTER_NAME
	- sudo /opt/google-cloud-sdk/bin/gcloud config set compute/zone $CLOUDSDK_COMPUTE_ZONE
	- sudo /opt/google-cloud-sdk/bin/gcloud container clusters get-credentials $CLUSTER_NAME
	- cp ~/gcloud-service-key.json ~/.config/gcloud/application_default_credentials.json
	# push container into registry, update deployment
	- sudo /opt/google-cloud-sdk/bin/gcloud docker push $IMAGE_TAG
	- sudo chown -R ubuntu:ubuntu /home/ubuntu/.kube
	- kubectl patch --namespace=staging -f deployment.yml -p '{"spec":{"template":{"spec":{"containers":[{"name":"service","image":"'"$IMAGE_TAG"'"}]}}}}'