Created
October 24, 2019 15:38
-
-
Save austinmcconnell/3fe37de65ca17db72fd92f1bea11c1f2 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: 2.1 | |
orbs: | |
jira: circleci/jira@1.0.5 | |
workflows: | |
build_test_check_deploy: | |
jobs: | |
- test: | |
context: development | |
filters: | |
tags: | |
ignore: /.*/ | |
- pre-commit-checks: | |
context: development | |
filters: | |
tags: | |
ignore: /.*/ | |
- build: | |
context: development | |
filters: | |
tags: | |
ignore: /.*/ | |
- deploy: | |
name: deploy_dev | |
context: development | |
filters: | |
branches: | |
only: | |
- master | |
tags: | |
ignore: /.*/ | |
requires: | |
- test | |
- pre-commit-checks | |
- build | |
post-steps: | |
- jira/notify: | |
job_type: deployment | |
environment_type: development | |
- deploy: | |
name: deploy_qa | |
context: quality | |
filters: | |
branches: | |
ignore: /.*/ | |
tags: | |
only: /^v\d+\.\d+\.\d+rc\d*$/ | |
post-steps: | |
- jira/notify: | |
job_type: deployment | |
environment_type: testing | |
- deploy: | |
name: deploy_prod | |
context: production | |
filters: | |
branches: | |
ignore: /.*/ | |
tags: | |
only: /^v\d+\.\d+\.\d+$/ | |
post-steps: | |
- jira/notify: | |
job_type: deployment | |
environment_type: production | |
executors: | |
python-executor: | |
docker: | |
- image: circleci/python:3.7.2 | |
environment: | |
FLASK_APP: run.py | |
FLASK_ENV: development | |
FLASK_RUN_PORT: 5000 | |
commands: | |
install-python-dependencies: | |
steps: | |
- restore_cache: | |
key: deps1-{{ checksum "Pipfile.lock" }} | |
- run: | |
name: Install Python dependencies | |
command: | | |
python3 -m venv venv | |
. venv/bin/activate | |
pipenv install --dev --deploy | |
- save_cache: | |
key: deps1-{{ checksum "Pipfile.lock" }} | |
paths: | |
- "venv" | |
- "~/.cache/pip" | |
- "~/.cache/pipenv" | |
get-aws-credentials: | |
steps: | |
- run: | |
name: Install AWS CLI | |
command: | | |
python3 -m venv venv | |
. venv/bin/activate | |
pip install awscli | |
- run: | |
name: Get AWS credentials | |
command: | | |
. venv/bin/activate | |
eval $(aws ecr get-login --region $AWS_ECR_REGION --no-include-email) | |
jobs: | |
test: | |
executor: python-executor | |
working_directory: ~/repo | |
steps: | |
- checkout | |
- install-python-dependencies | |
- run: | |
name: Install Code Climate Test Reporter | |
command: | | |
curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter | |
chmod +x ./cc-test-reporter | |
- run: | |
name: Run tests | |
command: | | |
. venv/bin/activate | |
./cc-test-reporter before-build | |
pytest tests --cov app --cov-branch --cov-report=xml | |
./cc-test-reporter after-build --coverage-input-type coverage.py --exit-code $? | |
environment: | |
CC_TEST_REPORTER_ID: the_correct_id | |
- store_artifacts: | |
path: htmlcov/ | |
pre-commit-checks: | |
executor: python-executor | |
working_directory: ~/repo | |
steps: | |
- checkout | |
- install-python-dependencies | |
- restore_cache: | |
key: pre-commit-{{ checksum ".pre-commit-config.yaml" }} | |
- run: | |
name: Run pre-commit checks | |
command: | | |
. venv/bin/activate | |
pre-commit run --all-files --config .pre-commit-config.yaml | |
- save_cache: | |
key: pre-commit-{{ checksum ".pre-commit-config.yaml" }} | |
paths: | |
- "~/.cache/pre-commit" | |
build: | |
executor: python-executor | |
working_directory: ~/repo | |
steps: | |
- checkout | |
- setup_remote_docker | |
- run: | |
name: Setup common environment variables | |
command: | | |
echo 'export ECR_URL="${AWS_ECR_ACCOUNT_ID}.dkr.ecr.${AWS_ECR_REGION}.amazonaws.com/${CIRCLE_PROJECT_REPONAME}"' >> $BASH_ENV | |
- install-python-dependencies | |
- get-aws-credentials | |
- run: | |
name: Pull previous image | |
command: | | |
docker pull $ECR_URL:base || true | |
docker pull $ECR_URL:latest || true | |
- run: | |
name: Build image | |
command: | | |
docker build -t $ECR_URL:base --cache-from $ECR_URL:base --target base . | |
docker build -t $ECR_URL:latest -t $ECR_URL:${CIRCLE_SHA1} --cache-from $ECR_URL:base --cache-from $ECR_URL:latest . | |
- run: | |
name: Test image | |
command: | | |
docker run -d -p 5000:5000 --name built-image $ECR_URL:latest | |
sleep 10 | |
docker run --network container:built-image appropriate/curl --retry 10 --retry-connrefused http://localhost:5000/health | grep "healthy" | |
- run: | |
name: Push Images to ECR | |
command: | | |
docker push $ECR_URL:base | |
docker push $ECR_URL:latest | |
docker push $ECR_URL:${CIRCLE_SHA1} | |
deploy: | |
environment: | |
INFRASTRUCTURE_REPO: git@github.com:user_or_company/repository_name.git | |
SERVICE: service-name | |
TILLER_NAMESPACE: helm | |
docker: | |
- image: image_repository/image_name:image_tag | |
steps: | |
- run: | |
name: Keyscan Github | |
command: mkdir -p ~/.ssh && ssh-keyscan -H github.com >> ~/.ssh/known_hosts | |
- run: | |
name: Pull infrastructure and decrypt | |
command: | | |
cd ~ | |
echo ${GPG_KEY} | base64 -d | gpg --import | |
git clone ${INFRASTRUCTURE_REPO} | |
cd infrastructure | |
git-crypt unlock | |
- run: | |
name: Deploy using helm | |
command: | | |
cd ~/infrastructure | |
export KUBECONFIG=~/infrastructure/terraform/environment-accounts/kubeconfig_company-${DEPLOYMENT_ENVIRONMENT} | |
sed -i 's/eksadmin/deployment/g' ${KUBECONFIG} | |
helm upgrade --install --wait --timeout 900 --kubeconfig=${KUBECONFIG} \ | |
--namespace ${SERVICE} \ | |
-f ./kubernetes/helm/${SERVICE}/${DEPLOYMENT_ENVIRONMENT}.values.yaml \ | |
-f ./kubernetes/helm/${SERVICE}/${DEPLOYMENT_ENVIRONMENT}.secrets.yaml \ | |
--set image.tag=${CIRCLE_SHA1} \ | |
${SERVICE} ./kubernetes/helm/${SERVICE} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment