aviadlevy/jinja.template

## jinja.template
image: gitlab.****.net:4567/group/project/ci-image:latest
# https://docs.gitlab.com/ee/ci/yaml/index.html#switch-between-branch-pipelines-and-merge-request-pipelines
workflow:
  rules:
    - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS && $CI_PIPELINE_SOURCE == "push"
      when: never
    - when: always

variables:
  PY_COLORS: '1'
  GIT_SUBMODULE_STRATEGY: recursive

stages:
{% for environment in environments.keys() %}
  - "validate:{{ environment }}:{{ stage_params[1:] |join('-') }}"
  - "deploy:{{ environment }}:{{ stage_params[1:] |join('-') }}"
{% endfor %}

{% for stage in ["validate", "deploy"] %}
{% for environment, regions in environments.items() %}
{% for region in regions %}
{{ stage }}:{{ resource }}:{{ environment }}:{{ region }}:{{ stage_params[1:] |join('-') }}:
{% if stage == "deploy" %}
  rules:
    - if: $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
      when: never
{% if ci_project_name == "app-infra" %}
    - when: manual
{% else %}
    - when: on_success
{% endif %}
  environment:
    name: {{ stage_params[1:] |join('-') }}/{{ resource }}/{{ environment }}/{{ region }}
{% endif %}
  variables:
    AWS_ACCESS_KEY_ID: ${{ region | upper | replace("-", "_") }}_{{ environment | upper }}_STS_KEY
    AWS_SECRET_ACCESS_KEY: ${{ region | upper | replace("-", "_") }}_{{ environment | upper }}_STS_SECRET
    CLUSTER_NAME: {{ region }}-{{ "prd" if environment == "prod" else environment }}
    K8S_NAMESPACE: group-{{ "dev" if environment == "stg" else environment }}
    AWS_REGION: {{ region }}
  stage: {{ stage }}:{{ environment }}:{{ stage_params[1:] |join('-') }}
  allow_failure: false
  script:
{% if ci_project_name != "app-infra" %}
    - git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.***.net/group/app-infra.git
    - cd app-infra
{% endif %}
    - aws --region $AWS_REGION eks update-kubeconfig --name $CLUSTER_NAME
    - kubectl config set-context --current --namespace=$K8S_NAMESPACE
    - python3 scripts/apply_k8s.py --file {{ file }} --resource {{ resource }} --environment {{ environment }} --region {{ region }} --stage {{ stage }}
{% endfor %}
{% endfor %}
{% endfor %}
	image: gitlab.****.net:4567/group/project/ci-image:latest
	# https://docs.gitlab.com/ee/ci/yaml/index.html#switch-between-branch-pipelines-and-merge-request-pipelines
	workflow:
	rules:
	- if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS && $CI_PIPELINE_SOURCE == "push"
	when: never
	- when: always

	variables:
	PY_COLORS: '1'
	GIT_SUBMODULE_STRATEGY: recursive

	stages:
	{% for environment in environments.keys() %}
	- "validate:{{ environment }}:{{ stage_params[1:] \|join('-') }}"
	- "deploy:{{ environment }}:{{ stage_params[1:] \|join('-') }}"
	{% endfor %}

	{% for stage in ["validate", "deploy"] %}
	{% for environment, regions in environments.items() %}
	{% for region in regions %}
	{{ stage }}:{{ resource }}:{{ environment }}:{{ region }}:{{ stage_params[1:] \|join('-') }}:
	{% if stage == "deploy" %}
	rules:
	- if: $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
	when: never
	{% if ci_project_name == "app-infra" %}
	- when: manual
	{% else %}
	- when: on_success
	{% endif %}
	environment:
	name: {{ stage_params[1:] \|join('-') }}/{{ resource }}/{{ environment }}/{{ region }}
	{% endif %}
	variables:
	AWS_ACCESS_KEY_ID: ${{ region \| upper \| replace("-", "_") }}_{{ environment \| upper }}_STS_KEY
	AWS_SECRET_ACCESS_KEY: ${{ region \| upper \| replace("-", "_") }}_{{ environment \| upper }}_STS_SECRET
	CLUSTER_NAME: {{ region }}-{{ "prd" if environment == "prod" else environment }}
	K8S_NAMESPACE: group-{{ "dev" if environment == "stg" else environment }}
	AWS_REGION: {{ region }}
	stage: {{ stage }}:{{ environment }}:{{ stage_params[1:] \|join('-') }}
	allow_failure: false
	script:
	{% if ci_project_name != "app-infra" %}
	- git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.***.net/group/app-infra.git
	- cd app-infra
	{% endif %}
	- aws --region $AWS_REGION eks update-kubeconfig --name $CLUSTER_NAME
	- kubectl config set-context --current --namespace=$K8S_NAMESPACE
	- python3 scripts/apply_k8s.py --file {{ file }} --resource {{ resource }} --environment {{ environment }} --region {{ region }} --stage {{ stage }}
	{% endfor %}
	{% endfor %}
	{% endfor %}