Skip to content

Instantly share code, notes, and snippets.

@sjparkinson sjparkinson/config.yml
Last active Aug 25, 2019

Embed
What would you like to do?
Deploy a Fastly service using Terraform and CircleCI 2.0.
version: 2
jobs:
validate_terraform:
docker:
- image: hashicorp/terraform
steps:
- checkout
- run:
name: Validate Terraform Formatting
command: "[ -z \"$(terraform fmt -write=false)\" ] || { terraform fmt -write=false -diff; exit 1; }"
validate_node:
docker:
- image: circleci/node:8
steps:
- checkout
- restore_cache:
key: npm-dependency-cache-{{ checksum "package-lock.json" }}
- run:
name: Install Dependencies
command: npm install
- save_cache:
key: npm-dependency-cache-{{ checksum "package-lock.json" }}
paths:
- ./node_modules
- run:
name: Validate Node.js Formatting
command: "[ -z \"$(node_modules/.bin/prettier --list-different 'test/**/*.js')\" ] || { node_modules/.bin/prettier --list-different 'test/**/*.js'; exit 1; }"
deploy:
docker:
- image: hashicorp/terraform
steps:
- checkout
- run:
name: Install Alpine dependencies
command: apk add bash jq
- run:
name: Initialize Terraform
command: terraform init
- run:
name: Import State
command: terraform import fastly_service_v1.secure_domain_redirect <your-fastly-service-id>
- run:
name: Deploy
command: .circleci/do-exclusively.sh --branch master terraform apply
test:
docker:
- image: circleci/node:8
steps:
- checkout
- restore_cache:
key: npm-dependency-cache-{{ checksum "package-lock.json" }}
- run:
name: Install Dependencies
command: npm install
- save_cache:
key: npm-dependency-cache-{{ checksum "package-lock.json" }}
paths:
- ./node_modules
- run:
name: Run Smoke Tests
command: npm test
workflows:
version: 2
deploy:
jobs:
- validate_terraform
- validate_node
- deploy:
requires:
- validate_terraform
- validate_node
filters:
branches:
only: master
- test:
requires:
- deploy
filters:
branches:
only: master
#!/bin/bash
# See https://discuss.circleci.com/t/serializing-deployments/153 for more info, source https://github.com/bellkev/circle-lock-test.
# sets $branch, $tag, $rest
parse_args() {
while [[ $# -gt 0 ]]; do
case $1 in
-b|--branch) branch="$2" ;;
-t|--tag) tag="$2" ;;
*) break ;;
esac
shift 2
done
rest=("$@")
}
# reads $branch, $tag, $commit_message
should_skip() {
if [[ "$branch" && "$CIRCLE_BRANCH" != "$branch" ]]; then
echo "Not on branch $branch. Skipping..."
return 0
fi
if [[ "$tag" && "$commit_message" != *\[$tag\]* ]]; then
echo "No [$tag] commit tag found. Skipping..."
return 0
fi
return 1
}
# reads $branch, $tag
# sets $jq_prog
make_jq_prog() {
local jq_filters=""
if [[ $branch ]]; then
jq_filters+=" and .branch == \"$branch\""
fi
if [[ $tag ]]; then
jq_filters+=" and (.subject | contains(\"[$tag]\"))"
fi
jq_prog=".[] | select(.build_num < $CIRCLE_BUILD_NUM and (.status | test(\"running|pending|queued\")) $jq_filters) | .build_num"
}
if [[ "$0" != *bats* ]]; then
set -e
set -u
set -o pipefail
branch=""
tag=""
rest=()
api_url="https://circleci.com/api/v1/project/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME?circle-token=$CIRCLE_TOKEN&limit=100"
parse_args "$@"
commit_message=$(git log -1 --pretty=%B)
if should_skip; then exit 0; fi
make_jq_prog
echo "Checking for running builds..."
while true; do
builds=$(curl -s -H "Accept: application/json" "$api_url" | jq "$jq_prog")
if [[ $builds ]]; then
echo "Waiting on builds:"
echo "$builds"
else
break
fi
echo "Retrying in 5 seconds..."
sleep 5
done
echo "Acquired lock"
if [[ "${#rest[@]}" -ne 0 ]]; then
"${rest[@]}"
fi
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.