Created
July 11, 2020 02:54
-
-
Save shinofara/2781a662f25751f9bdb815c1c6a20bb1 to your computer and use it in GitHub Desktop.
k8s_repo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# update_pr_desc.py | |
#!/usr/bin/env python | |
# -*- coding: utf-8 -*- | |
import requests | |
import time | |
import json | |
import sys | |
import os | |
args = sys.argv | |
repo = args[1] | |
pr = args[2] | |
github_token = os.environ["_GITHUB_TOKEN"] | |
pr_url = "https://github.com/hoge-org/" + repo + "/pull/" + pr | |
# prの情報を取得 | |
headers = { | |
'Authorization': 'token ' + github_token, | |
'Content-Type': 'application/json' | |
} | |
r = requests.get("https://api.github.com/repos/hoge-org/" + repo + "/pulls/" + pr, headers=headers) | |
req =r.json() | |
pr_title = req['title'] | |
pr_owner = req['user']['login'] | |
# candidate_xxのpr_idを検索 | |
# タイミング次第ではPRが存在しないので10秒おきに合計5回までリトライを行う | |
get_pr_url = 'https://api.github.com/repos/hoge-org/k8s/pulls?state=open&head=hoge-org:candidate_' + repo | |
candidate_pr_id = 0 | |
r = requests.get(get_pr_url, headers=headers) | |
req =r.json() | |
for p in req: | |
candidate_pr_id = p['number'] | |
# idが取得できない場合は、PRのを新規作成 | |
if candidate_pr_id == 0: | |
url = 'https://api.github.com/repos/hoge-org/k8s/pulls' | |
body = '- [ ] [#' + pr + ' ' + pr_title + '](' + pr_url + ') by ' + pr_owner + '\n' | |
data = json.dumps({ | |
'title': "candidate_%s update" % (repo), | |
'body': body, | |
'head': "candidate_%s" % (repo), | |
'base': "master" | |
}) | |
r = requests.post( | |
url, | |
data, | |
headers=headers) | |
resp = r.json() | |
candidate_pr_id = resp['number'] | |
else: | |
url = 'https://api.github.com/repos/hoge-org/k8s/pulls/%d' % (candidate_pr_id) | |
r = requests.get(url, headers=headers) | |
req = r.json() | |
body = req['body'] | |
if not body: | |
body = '' | |
body += '- [ ] [#' + pr + ' ' + pr_title + '](' + pr_url + ') by ' + pr_owner + '\n' | |
data = json.dumps({ | |
'body':body, | |
}) | |
# candidate_xxを更新 | |
requests.post( | |
url, | |
data, | |
headers=headers) | |
# レビュアーを追加 | |
URL = "https://api.github.com/repos/hoge-org/hopge/pulls/%s/requested_reviewers" % (candidate_pr_id) | |
requests.post( | |
URL, | |
json.dumps({ | |
'reviewers': [pr_owner], | |
}), | |
headers=headers) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# cloudbuild.yaml | |
steps: | |
- name: gcr.io/cloud-builders/gcloud | |
id: 'setup_ssh' | |
entrypoint: 'bash' | |
args: | |
- '-c' | |
- | | |
<ここに秘密鍵をSecret Managerなどから取ってくる処理> | |
git config --global url."git@github.com:".insteadOf "https://github.com/" | |
volumes: | |
- name: 'ssh' | |
path: /root/.ssh | |
- name: 'gcr.io/cloud-builders/kubectl@sha256:c6e2282089393179097749249b70e9423850cfdb7cdc64dbb35ae123f1ee35d1' | |
id: 'kubectl_apply' | |
waitFor: ['-'] | |
dir: manifests/ | |
entrypoint: 'bash' | |
env: | |
- 'PROJECT=$PROJECT_ID' | |
args: | |
- '-c' | |
- | | |
cd ${_TARGET} | |
# hoge-pj-clusterという名前のclusterが存在してるとします | |
cluster_name=${PROJECT_ID}-cluster | |
gcloud container clusters get-credentials ${cluster_name} | |
# k8s secrets用のjsonをsecretmanagerから取得 | |
if [ -f "./secret/kustomization.yml" ]; then | |
gcloud secrets versions access latest --secret=${_TARGET}_secret --project ${PROJECT_ID} > secret/${_TARGET}_secret.yml | |
fi | |
kubectl kustomize ${PROJECT_ID} | kubectl apply -f - | |
kubectl rollout status deploy/${_TARGET}-deployment | |
- name: gcr.io/cloud-builders/curl | |
wait_for: ['kubectl_apply'] | |
entrypoint: 'bash' | |
args: | |
- '-c' | |
- | | |
app=$(echo ${_TARGET} | awk '{print toupper(substr($1,1,1))substr($1,2)}') | |
environment= | |
if [ "${PROJECT_ID}" = "hoge-stg" ]; then | |
environment=Staging | |
fi | |
if [ "${PROJECT_ID}" = "hoge-prod" ]; then | |
environment=Production | |
fi | |
ts=$(date +%s) | |
channel=$_SLACK_CHANNEL | |
# Cloud Build Link | |
build_url="https://console.cloud.google.com/cloud-build/builds/${BUILD_ID}?project=${PROJECT_ID}" | |
curl -X POST \ | |
--data-urlencode \ | |
"payload={ここのslackのペイロード}" \ | |
${_SLACK_WEBHOOK_URL} | |
- name: gcr.io/cloud-builders/git | |
id: 'create_release_tag' | |
entrypoint: /bin/sh | |
args: | |
- '-c' | |
- | | |
if [ "${PROJECT_ID}" != "hoge-prod" ]; then exit 0; fi | |
git clone git@github.com:hoge-org/${_TARGET}.git ./${_TARGET} | |
cd ./${_TARGET} | |
tag=$(TZ=TZ=Asia/Tokyo git log --date=format:'%Y-%m-%d-%H-%M-%S' --format="%ad" -n 1 | head -1) | |
git tag ${tag} | |
git push origin ${tag} | |
volumes: | |
- name: 'ssh' | |
path: /root/.ssh | |
waitFor: ['kubectl_apply', 'setup_ssh'] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bases: | |
- ../secret | |
resources: | |
- service.yml | |
- deployment.yml | |
- ingress.yml | |
imageTags: | |
- name: asia.gcr.io/hoge-dev/hoge | |
newTag: COMMIT_SHA | |
apiVersion: kustomize.config.k8s.io/v1beta1 | |
kind: Kustomization |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bases: | |
- ../secret | |
resources: | |
- service.yml | |
- deployment.yml | |
- ingress.yml | |
imageTags: | |
- name: asia.gcr.io/hoge-dev/hoge | |
newTag: 8gdf277fa28bd6xxxxxxxxxxxxxx | |
apiVersion: kustomize.config.k8s.io/v1beta1 | |
kind: Kustomization |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment