azure.yml 16.4 KB
Newer Older
Daniel Scholl's avatar
Daniel Scholl committed
1
2
3
4
5
# EXPECTED PIPELINE INHERITED GROUP VARIABLES
# --------------------------------------------------------------------------------
# AZURE                     (Protected Branch)
# AZURE_APP_ID              (Protected Branch)
# AZURE_APP_ID_OTHER        (Protected Branch)
6
# AZURE_APP_OID_OTHER       (Protected Branch)
Daniel Scholl's avatar
Daniel Scholl committed
7
8
9
10
11
12
# AZURE_BASE                (Protected Branch)
# AZURE_BASENAME            (Protected Branch)
# AZURE_BASENAME_21         (Protected Branch)
# AZURE_ELASTIC_HOST        (Protected Branch)
# AZURE_ELASTIC_PASSWORD    (Protected Branch/Masked Variable)
# AZURE_INVALID_JWT         (Protected Branch)
Daniel Scholl's avatar
Daniel Scholl committed
13
# AZURE_NO_ACCESS_ID        (Protected Branch)
Daniel Scholl's avatar
Daniel Scholl committed
14
# AZURE_NO_ACCESS_SECRET    (Protected Branch/Masked Variable)
Daniel Scholl's avatar
Daniel Scholl committed
15
# AZURE_PRINCIPAL_ID        (Protected Branch)
Daniel Scholl's avatar
Daniel Scholl committed
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# AZURE_PRINCIPAL_SECRET    (Protected Branch/Masked Variable)
# AZURE_SERVICEBUS_KEY      (Protected Branch/Masked Variable)
# AZURE_STORAGE_KEY         (Protected Branch/Masked Variable)
# AZURE_SUBSCRIPTION_ID     (Protected Branch)
# AZURE_SUBSCRIPTION_NAME   (Protected Branch)
# AZURE_TENANT_ID           (Protected Branch)


.azure_variables:
  variables:
    # Deploy Section
    AZURE_CLIENT_ID: $AZURE_PRINCIPAL_ID
    AZURE_CLIENT_SECRET: $AZURE_PRINCIPAL_SECRET
    AZURE_RESOURCE_GROUP: ${AZURE_BASENAME}-osdu-r2-app-rg
    AZURE_APPSERVICE_PLAN: ${AZURE_BASENAME}-osdu-r2-sp
    AZURE_APPSERVICE_NAME: ${AZURE_BASENAME_21}-au-${AZURE_SERVICE}
    AZURE_CONTAINER_REGISTRY: ${AZURE_BASE}cr
    AZURE_FUNCTIONAPP_NAME: ${AZURE_BASENAME_21}-enque
    # Common Section
Daniel Scholl's avatar
Daniel Scholl committed
35
36
37
    ENTITLEMENT_URL: https://${AZURE_BASENAME_21}-au-entitlements.azurewebsites.net/entitlements/v1/
    LEGAL_URL: https://${AZURE_BASENAME_21}-au-legal.azurewebsites.net/api/legal/v1/
    STORAGE_URL: https://${AZURE_BASENAME_21}-au-storage.azurewebsites.net/api/storage/v2/
Daniel Scholl's avatar
Daniel Scholl committed
38
    SEARCH_URL: https://${AZURE_BASENAME_21}-au-search.azurewebsites.net/api/search/v2/
Daniel Scholl's avatar
Daniel Scholl committed
39
    INDEXER_URL: https://${AZURE_BASENAME_21}-au-indexer.azurewebsites.net/api/indexer/v2/
Daniel Scholl's avatar
Daniel Scholl committed
40
41
42
43
44
45
46
47
48
49
50
51
52
53
    AZURE_AD_TENANT_ID: $AZURE_TENANT_ID
    INTEGRATION_TESTER: $AZURE_PRINCIPAL_ID
    AZURE_TESTER_SERVICEPRINCIPAL_SECRET: $AZURE_PRINCIPAL_SECRET
    AZURE_AD_APP_RESOURCE_ID: $AZURE_APP_ID
    AZURE_STORAGE_ACCOUNT: ${AZURE_BASE}sa
    MY_TENANT: opendes
    DOMAIN: contoso.com
    ELASTIC_HOST: $AZURE_ELASTIC_HOST
    ELASTIC_PORT: 9243
    ELASTIC_USER_NAME: elastic
    ELASTIC_PASSWORD: $AZURE_ELASTIC_PASSWORD
    # Entitlement Section
    ENTITLEMENT_MEMBER_NAME_VALID: $AZURE_PRINCIPAL_ID
    AZURE_AD_OTHER_APP_RESOURCE_ID: $AZURE_APP_ID_OTHER
54
    AZURE_AD_OTHER_APP_RESOURCE_OID: $AZURE_APP_OID_OTHER
Daniel Scholl's avatar
Daniel Scholl committed
55
56
57
    EXPIRED_TOKEN: $AZURE_INVALID_JWT
    ENTITLEMENT_GROUP_NAME_VALID: integ.test.data.creator
    ENTITLEMENT_MEMBER_NAME_INVALID: InvalidTestAdmin
58
59
60
61
    AZURE_AD_USER_EMAIL: integration.test@azureglobal1.onmicrosoft.com
    AZURE_AD_USER_OID: 469e9c25-ad0b-42e3-b023-03814437b21e
    AZURE_AD_GUEST_EMAIL: integration.test@email.com
    AZURE_AD_GUEST_OID: 4cf85597-116b-4aa5-bf03-7665a5b14ed5
Daniel Scholl's avatar
Daniel Scholl committed
62
    # Legal Section
Daniel Scholl's avatar
Daniel Scholl committed
63
    HOST_URL: https://${AZURE_BASENAME_21}-au-${AZURE_SERVICE}.azurewebsites.net/api/legal/v1/
Daniel Scholl's avatar
Daniel Scholl committed
64
    AZURE_LEGAL_STORAGE_ACCOUNT: ${AZURE_BASE}sa
Daniel Scholl's avatar
Daniel Scholl committed
65
66
67
68
69
70
71
72
73
74
75
76
    AZURE_LEGAL_STORAGE_KEY: $AZURE_STORAGE_KEY
    LEGAL_STORAGE_CONTAINER: legal-service-azure-configuration
    AZURE_LEGAL_SERVICEBUS: Endpoint=sb://${AZURE_BASENAME_21}sb.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=${AZURE_SERVICEBUS_KEY}
    AZURE_LEGAL_TOPICNAME: legaltags
    # Storage Section
    TENANT_NAME: opendes
    TESTER_SERVICEPRINCIPAL_SECRET: $AZURE_PRINCIPAL_SECRET
    NO_DATA_ACCESS_TESTER: $AZURE_NO_ACCESS_ID
    NO_DATA_ACCESS_TESTER_SERVICEPRINCIPAL_SECRET: $AZURE_NO_ACCESS_SECRET
    PUBSUB_TOKEN: az
    DEPLOY_ENV: empty
    # Indexer & Search Section
Daniel Scholl's avatar
Daniel Scholl committed
77
    SEARCH_HOST: https://${AZURE_BASENAME_21}-au-search.azurewebsites.net/api/search/v2/
Daniel Scholl's avatar
Daniel Scholl committed
78
    aad_client_id: $AZURE_APP_ID
Daniel Scholl's avatar
Daniel Scholl committed
79
    STORAGE_HOST: https://${AZURE_BASENAME_21}-au-storage.azurewebsites.net/api/storage/v2/
Daniel Scholl's avatar
Daniel Scholl committed
80
    aad_client_id: $AZURE_APP_ID
Daniel Scholl's avatar
Daniel Scholl committed
81
    DEFAULT_DATA_PARTITION_ID_TENANT1: opendes
Daniel Scholl's avatar
Daniel Scholl committed
82
    DEFAULT_DATA_PARTITION_ID_TENANT2: $AZURE_DEFAULT_DATA_PARTITION_ID_TENANT2  # legal=common search=othertenant2
Daniel Scholl's avatar
Daniel Scholl committed
83
84
85
86
87
88
89
90
91
92
93
94
    ENTITLEMENTS_DOMAIN: contoso.com
    ENVIRONMENT: CLOUD
    LEGAL_TAG: opendes-public-usa-dataset-7643990
    OTHER_RELEVANT_DATA_COUNTRIES: US




# JOBS
# --------------------------------------------------------------------------------
azure_debug:
  stage: build
95
  tags: ["osdu-small"]
Daniel Scholl's avatar
Daniel Scholl committed
96
97
98
99
100
101
102
103
104
  image: maven:3.3.9-jdk-8
  extends:
    - .azure_variables
  script: |
    echo "# Pipeline Variables"
    echo "export AZURE_SERVICE=\"$AZURE_SERVICE\""
    echo "export AZURE_BUILD_SUBDIR=\"$AZURE_BUILD_SUBDIR\""
    echo "export AZURE_TEST_SUBDIR=\"$AZURE_TEST_SUBDIR\""
    echo "# Group Level Variables"
Daniel Scholl's avatar
Daniel Scholl committed
105
    echo "export AZURE_UNIQUE=\"$AZURE_UNIQUE\""
Daniel Scholl's avatar
Daniel Scholl committed
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
    echo "export AZURE_APP_ID=\"$AZURE_APP_ID\""
    echo "export AZURE_APP_ID_OTHER=\"$AZURE_APP_ID_OTHER\""
    echo "export AZURE_BASE=\"$AZURE_BASE\""
    echo "export AZURE_BASENAME=\"$AZURE_BASENAME\""
    echo "export AZURE_BASENAME_21=\"$AZURE_BASENAME_21\""
    echo "export AZURE_ELASTIC_HOST=\"$AZURE_ELASTIC_HOST\""
    echo "export AZURE_ELASTIC_PASSWORD=\"$AZURE_ELASTIC_PASSWORD\""
    echo "export AZURE_INVALID_JWT=\"$AZURE_INVALID_JWT\""
    echo "export AZURE_NO_ACCESS_SECRET=\"$AZURE_NO_ACCESS_SECRET\""
    echo "export AZURE_PRINCIPAL_ID=\"$AZURE_PRINCIPAL_ID\""
    echo "export AZURE_PRINCIPAL_SECRET=\"$AZURE_PRINCIPAL_SECRET\""
    echo "export AZURE_SERVICEBUS_KEY=\"$AZURE_SERVICEBUS_KEY\""
    echo "export AZURE_STORAGE_KEY=\"$AZURE_STORAGE_KEY\""
    echo "export AZURE_SUBSCRIPTION_ID=\"$AZURE_SUBSCRIPTION_ID\""
    echo "export AZURE_SUBSCRIPTION_NAME=\"$AZURE_SUBSCRIPTION_NAME\""
    echo "export AZURE_TENANT_ID=\"$AZURE_TENANT_ID\""
    echo "# Deploy Section"
    echo "export AZURE_CLIENT_ID=\"\$AZURE_PRINCIPAL_ID\""
    echo "export AZURE_CLIENT_SECRET=\"\$AZURE_PRINCIPAL_SECRET\""
    echo "export AZURE_RESOURCE_GROUP=\"${AZURE_BASENAME}-osdu-r2-app-rg\""
    echo "export AZURE_APPSERVICE_PLAN=\"${AZURE_BASENAME}-osdu-r2-sp\""
    echo "export AZURE_APPSERVICE_NAME=\"${AZURE_BASENAME_21}-au-${AZURE_SERVICE}\""
    echo "export AZURE_CONTAINER_REGISTRY=\"${AZURE_BASE}cr\""
    echo "export AZURE_FUNCTIONAPP_NAME=\"${AZURE_BASENAME_21}-enque\""
    echo "# Common Section"
    echo "export HOST_URL=\"$HOST_URL\""
    echo "export ENTITLEMENT_URL=\"$ENTITLEMENT_URL\""
    echo "export LEGAL_URL=\"$LEGAL_URL\""
Daniel Scholl's avatar
Daniel Scholl committed
134
    echo "export STORAGE_URL=\"$STORAGE_URL\""s
Daniel Scholl's avatar
Daniel Scholl committed
135
136
    echo "export SEARCH_URL=\"$SEARCH_URL\""
    echo "export INDEXER_URL=\"$INDEXER_URL\""
Daniel Scholl's avatar
Daniel Scholl committed
137
138
139
    echo "export INTEGRATION_TESTER=\"\$AZURE_PRINCIPAL_ID\""
    echo "export AZURE_TESTER_SERVICEPRINCIPAL_SECRET=\"\$AZURE_PRINCIPAL_SECRET\""
    echo "export AZURE_AD_APP_RESOURCE_ID=\"$AZURE_AD_APP_RESOURCE_ID\""
140
    echo "export AZURE_AD_APP_RESOURCE_OID=\"$AZURE_AD_APP_RESOURCE_OID\""
Daniel Scholl's avatar
Daniel Scholl committed
141
142
143
144
145
146
147
148
149
150
151
152
    echo "export MY_TENANT=\"$MY_TENANT\""
    echo "export DOMAIN=\"$DOMAIN\""
    echo "export ELASTIC_HOST=\"\$AZURE_ELASTIC_HOST\""
    echo "export ELASTIC_PORT=\"$ELASTIC_PORT\""
    echo "export ELASTIC_USER_NAME=\"$ELASTIC_USER_NAME\""
    echo "export ELASTIC_PASSWORD=\"\$AZURE_ELASTIC_PASSWORD\""
    echo "# Entitlement Section"
    echo "export ENTITLEMENT_MEMBER_NAME_VALID=\"\$AZURE_PRINCIPAL_ID\""
    echo "export AZURE_AD_OTHER_APP_RESOURCE_ID=\"\$AZURE_APP_ID_OTHER\""
    echo "export EXPIRED_TOKEN=\"\$AZURE_INVALID_JWT\""
    echo "export ENTITLEMENT_GROUP_NAME_VALID=\"$ENTITLEMENT_GROUP_NAME_VALID\""
    echo "export ENTITLEMENT_MEMBER_NAME_INVALID=\"$ENTITLEMENT_MEMBER_NAME_INVALID\""
153
154
155
156
    echo "export AZURE_AD_USER_EMAIL=\"\$AZURE_AD_USER_EMAIL\""
    echo "export AZURE_AD_USER_OID=\"\$AZURE_AD_USER_OID\""
    echo "export AZURE_AD_GUEST_EMAIL=\"\$AZURE_AD_GUEST_EMAIL\""
    echo "export AZURE_AD_GUEST_OID=\"\$AZURE_AD_GUEST_OID\""
Daniel Scholl's avatar
Daniel Scholl committed
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
    echo "# Legal Section"
    echo "export AZURE_LEGAL_STORAGE_ACCOUNT=\"$AZURE_LEGAL_STORAGE_ACCOUNT\""
    echo "export AZURE_LEGAL_STORAGE_KEY=\"\$AZURE_STORAGE_KEY\""
    echo "export LEGAL_STORAGE_CONTAINER=\"$LEGAL_STORAGE_CONTAINER\""
    echo "export AZURE_LEGAL_SERVICEBUS=\"Endpoint=sb://${AZURE_BASENAME_21}sb.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=\${AZURE_SERVICEBUS_KEY}\""
    echo "export AZURE_LEGAL_TOPICNAME=\"$AZURE_LEGAL_TOPICNAME\""
    echo ""
    echo "# Storage Section"
    echo "export AZURE_AD_TENANT_ID=\"$AZURE_TENANT_ID\""
    echo "export TENANT_NAME=\"$TENANT_NAME\""
    echo "export TESTER_SERVICEPRINCIPAL_SECRET=\"\$AZURE_PRINCIPAL_SECRET\""
    echo "export AZURE_STORAGE_ACCOUNT=\"$AZURE_STORAGE_ACCOUNT\""
    echo "export NO_DATA_ACCESS_TESTER=\"$NO_DATA_ACCESS_TESTER\""
    echo "export NO_DATA_ACCESS_TESTER_SERVICEPRINCIPAL_SECRET=\"\$AZURE_NO_ACCESS_SECRET\""
    echo "export PUBSUB_TOKEN=\"$PUBSUB_TOKEN\""
    echo "export DEPLOY_ENV=\"$DEPLOY_ENV\""
    echo ""
    echo "# Index Section"
Daniel Scholl's avatar
Daniel Scholl committed
175
    echo "export SEARCH_HOST=\"$SEARCH_HOST\""
Daniel Scholl's avatar
Daniel Scholl committed
176
    echo "export STORAGE_HOST=\"$STORAGE_HOST\""
Daniel Scholl's avatar
Daniel Scholl committed
177
    echo "export aad_client_id=\"$aad_client_id\""
Daniel Scholl's avatar
Daniel Scholl committed
178
179
180
181
    echo "export ELASTIC_HOST=\"$ELASTIC_HOST\""
    echo "export ELASTIC_USER_NAME=\"$ELASTIC_USER_NAME\""
    echo "export DEFAULT_DATA_PARTITION_ID_TENANT1=\"$DEFAULT_DATA_PARTITION_ID_TENANT1\""
    echo "export DEFAULT_DATA_PARTITION_ID_TENANT2=\"$DEFAULT_DATA_PARTITION_ID_TENANT2\""
Daniel Scholl's avatar
Daniel Scholl committed
182
    echo "export ENTITLEMENTS_DOMAIN=\"$ENTITLEMENTS_DOMAIN\""
Daniel Scholl's avatar
Daniel Scholl committed
183
184
185
186
187
188
189
190
    echo "export ENVIRONMENT=\"$ENVIRONMENT\""
    echo "export LEGAL_TAG=\"$LEGAL_TAG\""
    echo "export OTHER_RELEVANT_DATA_COUNTRIES=\"$OTHER_RELEVANT_DATA_COUNTRIES\""
  only:
    variables:
      - $AZURE_DEBUG == 'true'

azure_containerize:
191
  tags: ["osdu-medium"]
Daniel Scholl's avatar
Daniel Scholl committed
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
  image: docker:latest
  services:
    - docker:dind
  stage: containerize
  needs: ["compile-and-unit-test"]
  variables:
    IMAGE: ${CI_PROJECT_NAME}-${CI_COMMIT_REF_SLUG}
  before_script:
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
    - apk add bash make py-pip
    - apk add --virtual=build gcc libffi-dev musl-dev openssl-dev python3-dev
    - pip3 install azure-cli
    - az --version
    - az login --service-principal -u $AZURE_PRINCIPAL_ID -p $AZURE_PRINCIPAL_SECRET --tenant $AZURE_TENANT_ID
  script:
    - |
      echo 'FROM openjdk:8-jdk-alpine
            VOLUME /tmp
            ARG JAR_FILE
            COPY ${JAR_FILE} app.jar
            ENTRYPOINT ["java","-jar","/app.jar"]' > Dockerfile
213
214
215
216
217
218
    - |
      if [ "$AZURE_SERVICE"  == "entitlements" ]; then
        TARGET=$(find ./$AZURE_BUILD_SUBDIR/target -name '*.jar' |head -n 1)
      else
        TARGET=$(find ./$AZURE_BUILD_SUBDIR/target -name '*-spring-boot.jar' |head -n 1)
      fi
Daniel Scholl's avatar
Daniel Scholl committed
219
    # Gitlab Container Registry
Daniel Scholl's avatar
Daniel Scholl committed
220
221
    - echo "Startup Jar is $TARGET"
    - docker build --build-arg JAR_FILE=$TARGET -t ${CI_REGISTRY_IMAGE}/$IMAGE .
222
223
224
225
    - docker tag ${CI_REGISTRY_IMAGE}/$IMAGE ${CI_REGISTRY_IMAGE}/$IMAGE:$CI_COMMIT_SHA
    - docker tag ${CI_REGISTRY_IMAGE}/$IMAGE ${CI_REGISTRY_IMAGE}/$IMAGE:latest
    - docker push ${CI_REGISTRY_IMAGE}/$IMAGE:$CI_COMMIT_SHA
    - docker push ${CI_REGISTRY_IMAGE}/$IMAGE:latest
Daniel Scholl's avatar
Daniel Scholl committed
226
227
228

    # Azure Container Registry
    - az acr login -n ${AZURE_BASE}cr
229
230
231
232
    - docker tag ${CI_REGISTRY_IMAGE}/$IMAGE ${AZURE_BASE}cr.azurecr.io/$IMAGE:$CI_COMMIT_SHA
    - docker tag ${CI_REGISTRY_IMAGE}/$IMAGE ${AZURE_BASE}cr.azurecr.io/$IMAGE:latest
    - docker push ${AZURE_BASE}cr.azurecr.io/$IMAGE:$CI_COMMIT_SHA
    - docker push ${AZURE_BASE}cr.azurecr.io/$IMAGE:latest
Daniel Scholl's avatar
Daniel Scholl committed
233
234
235
236
237
238
239
  only:
    variables:
      - $AZURE == 'true'
  except:
    variables:
      - $AZURE_DEBUG == 'true'

Daniel Scholl's avatar
Daniel Scholl committed
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286

azure_containerize_aks:
  tags: ["osdu-medium"]
  image: danielscholl/azure-build-image
  stage: containerize
  needs: ["compile-and-unit-test"]
  variables:
    SHA_IMAGE: ${CI_PROJECT_NAME}-${CI_COMMIT_REF_SLUG}:${CI_COMMIT_SHA}
    LATEST_IMAGE: ${CI_PROJECT_NAME}-${CI_COMMIT_REF_SLUG}:latest
  before_script:
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
    - az --version
    - az login --service-principal -u $AZURE_AKS_PRINCIPAL_ID -p $AZURE_AKS_PRINCIPAL_SECRET --tenant $AZURE_TENANT_ID
  script:
    # Dockerfile
    - |
      echo 'FROM openjdk:8-jdk-alpine
            VOLUME /tmp
            ARG JAR_FILE
            COPY ${JAR_FILE} app.jar
            ENTRYPOINT ["java","-jar","/app.jar"]' > Dockerfile
    - |
      if [ "$AZURE_SERVICE"  == "entitlements" ]; then
        TARGET=$(find ./$AZURE_BUILD_SUBDIR/target -name '*.jar' |head -n 1)
      else
        TARGET=$(find ./$AZURE_BUILD_SUBDIR/target -name '*-spring-boot.jar' |head -n 1)
      fi

    # Gitlab Container Registry
    - echo "Startup Jar is $TARGET"
    - docker build --build-arg JAR_FILE=$TARGET -t $CI_REGISTRY_IMAGE/$SHA_IMAGE .
    - docker push ${CI_REGISTRY_IMAGE}/$SHA_IMAGE

    # Azure Container Registry
    - az acr login -n $AZURE_AKS_REGISTRY
    - docker tag $CI_REGISTRY_IMAGE/$SHA_IMAGE ${AZURE_AKS_REGISTRY}.azurecr.io/$SHA_IMAGE
    - docker push ${AZURE_AKS_REGISTRY}.azurecr.io/$SHA_IMAGE
    - docker tag $CI_REGISTRY_IMAGE/$SHA_IMAGE ${AZURE_AKS_REGISTRY}.azurecr.io/$LATEST_IMAGE
    - docker push ${AZURE_AKS_REGISTRY}.azurecr.io/$LATEST_IMAGE
  only:
    variables:
      - $AZURE == 'true'  && $AZURE_AKS == 'true'
  except:
    variables:
      - $AZURE_DEBUG == 'true'


Daniel Scholl's avatar
Daniel Scholl committed
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
azure_deploy:
  extends:
    - .maven
    - .azure_variables
  stage: deploy
  needs: ["compile-and-unit-test"]
  script:
    - cd $AZURE_BUILD_SUBDIR && pwd
    - |
      $MAVEN azure-webapp:deploy \
      -DAZURE_TENANT_ID=$AZURE_TENANT_ID \
      -Dazure.appservice.subscription=$AZURE_SUBSCRIPTION_ID \
      -DAZURE_CLIENT_ID=$AZURE_CLIENT_ID \
      -DAZURE_CLIENT_SECRET=$AZURE_CLIENT_SECRET \
      -Dazure.appservice.resourcegroup=$AZURE_RESOURCE_GROUP \
      -Dazure.appservice.plan=$AZURE_APPSERVICE_PLAN \
      -Dazure.appservice.appname=$AZURE_APPSERVICE_NAME
  only:
    variables:
      - $AZURE == 'true'
  except:
    variables:
      - $AZURE_DEBUG == 'true'

Daniel Scholl's avatar
Daniel Scholl committed
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
azure_deploy_aks:
  image: danielscholl/azure-build-image
  tags: ["osdu-medium"]
  stage: deploy
  needs: ["azure_containerize_aks"]
  variables:
    BRANCH: ${CI_COMMIT_REF_SLUG}
    TAG: $CI_COMMIT_SHA
  extends:
    - .azure_variables
  before_script:
    - az login --service-principal -u $AZURE_AKS_PRINCIPAL_ID -p $AZURE_AKS_PRINCIPAL_SECRET --tenant $AZURE_TENANT_ID
    - az aks get-credentials -g $AZURE_UNIQUE-rg -n $AZURE_UNIQUE-aks
    - echo "--set image.branch=$BRANCH --set image.tag=$TAG"
  script:
    - az aks get-credentials -g $AZURE_UNIQUE-rg -n $AZURE_UNIQUE-aks
    - cd devops/azure

    # Delete Service
    - kubectl delete deployment -n osdu osdu-gitlab-$CI_PROJECT_NAME
    - kubectl delete service -n osdu osdu-gitlab-$CI_PROJECT_NAME

    # Install Service
    - helm upgrade -i osdu-gitlab chart --set image.repository=${AZURE_AKS_REGISTRY}.azurecr.io --set image.branch=$BRANCH --set image.tag=$TAG
    - pod=$(kubectl get pod -n osdu|grep $CI_PROJECT_NAME |tail -1 |awk '{print $1}')
    - status=$(kubectl wait -n osdu --for=condition=Ready pod/$pod --timeout=60s)
    - if [[ "$status" != *"met"* ]]; then echo "POD didn't start correctly" ; exit 1 ; fi
  only:
    variables:
      - $AZURE == 'true' && $AZURE_AKS == 'true'
  except:
    variables:
      - $AZURE_DEBUG == 'true'

Daniel Scholl's avatar
Daniel Scholl committed
345
346
azure_config:
  image: mcr.microsoft.com/azure-cli
347
  tags: ["osdu-medium"]
Daniel Scholl's avatar
Daniel Scholl committed
348
349
350
351
352
353
354
  stage: deploy
  needs: ["compile-and-unit-test"]
  extends:
    - .azure_variables
  before_script:
    - az login --service-principal -u $AZURE_PRINCIPAL_ID -p $AZURE_PRINCIPAL_SECRET --tenant $AZURE_TENANT_ID
  script:
Daniel Scholl's avatar
Daniel Scholl committed
355
356
357
358
359
360
    - |
      if [ "$AZURE_SERVICE"  == "entitlements" ]; then
        TARGET=$(find ./$AZURE_BUILD_SUBDIR/target -name '*.jar' |head -n 1)
      else
        TARGET=$(find ./$AZURE_BUILD_SUBDIR/target -name '*-spring-boot.jar' |head -n 1)
      fi
Daniel Scholl's avatar
Daniel Scholl committed
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
    - JAR_FILE=${TARGET##*/}
    - echo "Startup Jar is $JAR_FILE"
    - JAVA_COMMAND="java -jar /home/site/wwwroot/${JAR_FILE}"
    - JSON_TEMPLATE='{"appCommandLine":"%s"}'
    - JSON_FILE="config.json"
    - echo $(printf "$JSON_TEMPLATE" "$JAVA_COMMAND") > $JSON_FILE
    - az webapp config set --resource-group $AZURE_RESOURCE_GROUP --name $AZURE_APPSERVICE_NAME --generic-configurations @$JSON_FILE
  only:
    variables:
      - $AZURE == 'true'
  except:
    variables:
      - $AZURE_DEBUG == 'true'

azure_test:
  stage: integration
  needs: ["azure_config", "azure_deploy"]
  extends:
    - .maven
    - .azure_variables
  script:
    - mvn clean test -f $AZURE_TEST_SUBDIR/pom.xml
  only:
    variables:
      - $AZURE == 'true'
  except:
    variables:
      - $AZURE_DEBUG == 'true' || $AZURE_SKIP_TEST == 'true'