diff --git a/.gitlab/merge_request_templates/default.md b/.gitlab/merge_request_templates/default.md new file mode 100644 index 0000000000000000000000000000000000000000..be6a84b749ec0f4ed08e6ec80def4e8fb383614b --- /dev/null +++ b/.gitlab/merge_request_templates/default.md @@ -0,0 +1,22 @@ +## All Submissions: +------------------------------------- +* [YES/NO] Have you added an explanation of what your changes do and why you'd like us to include them? +* [YES/NO] I have updated the documentation accordingly. +* [YES/NO/NA] My code follows the code style of this project. + + +## Current Behavior or Linked Issues +------------------------------------- + + + +## Does this introduce a breaking change? +------------------------------------- +- [YES/NO] + + + + +## Other information +------------------------------------- + diff --git a/.gitlab/merge_request_templates/infra_template.md b/.gitlab/merge_request_templates/infra_template.md new file mode 100644 index 0000000000000000000000000000000000000000..e6ecde36acb1c3837d51721d259bf08ea4b87cf1 --- /dev/null +++ b/.gitlab/merge_request_templates/infra_template.md @@ -0,0 +1,23 @@ +## Infrastructure Submissions: +------------------------------------- +* [YES/NO] Have you added an explanation of what your changes do and why you'd like us to include them? +* [YES/NO] I have updated the documentation accordingly. +* [YES/NO/NA] I have added tests to cover my changes. +* [YES/NO/NA] All new and existing tests passed. +* [YES/NO/NA] I have formatted the terraform code. _(`terraform fmt -recursive && go fmt ./...`)_ + +## Current Behavior or Linked Issues +------------------------------------- + + + +## Does this introduce a breaking change? +------------------------------------- +- [YES/NO] + + + + +## Other information +------------------------------------- + diff --git a/README.md b/README.md index 160add6b22f11bd457720e7299498d23bd547b85..cdb2dc7faae8a7296ec49c1f34808ad2f46045f6 100644 --- a/README.md +++ b/README.md @@ -99,6 +99,13 @@ export GIT_REPO=git@ssh.dev.azure.com:v3/${ADO_ORGANIZATION}/${ADO_PROJECT}/k8-g && git push -u origin --all) ``` +In order for Automated Pipelines to be able to work with this repository the following Permissions must be set in the ADO Project for `All Repositories/Permissions` on the user `osdu-mvp Build Service`. + +- Create Branch `Allow` +- Contribute `Allow` +- Contribute to Pull requests `Allow` + + ## Provision the Common Resources diff --git a/docs/infra-automation.md b/docs/infra-automation.md index c8f5830dabaa48c3fc451c49379289c8940fe16a..b4328fe0df845a2695b46e902d4214f082ac885f 100644 --- a/docs/infra-automation.md +++ b/docs/infra-automation.md @@ -137,7 +137,7 @@ az pipelines create \ --repository infra-azure-provisioning \ --branch master \ --repository-type tfsgit \ - --yaml-path /infra/templates/osdu-r3-mvp/pipeline-central-resources.yml \ + --yaml-path /devops/pipelines/infrastructure-central-resources.yml \ -ojson ``` @@ -153,7 +153,7 @@ az pipelines create \ --repository infra-azure-provisioning \ --branch master \ --repository-type tfsgit \ - --yaml-path /infra/templates/osdu-r3-mvp/pipeline-data-partition.yml \ + --yaml-path /devops/pipelines/infrastructure-data-partition.yml \ -ojson ``` @@ -169,6 +169,6 @@ az pipelines create \ --repository infra-azure-provisioning \ --branch master \ --repository-type tfsgit \ - --yaml-path /infra/templates/osdu-r3-mvp/pipeline-service-resources.yml \ + --yaml-path /devops/pipelines/infrastructure-service-resources.yml \ -ojson ``` diff --git a/docs/service-automation.md b/docs/service-automation.md index 02b06fd64bb1f0c79d84ca8bab847de0ea9a6161..122893a49a605489c673b8293dd97b43c3f1cd2a 100644 --- a/docs/service-automation.md +++ b/docs/service-automation.md @@ -298,7 +298,7 @@ Create the pipelines and run things in this exact order. 1. Add a Pipeline for __chart-osdu-common__ to deploy common components. _Repo:_ `infra-azure-provisioning` - _Path:_ `/charts/osdu-common/pipeline.yml` + _Path:_ `/devops/pipelines/chart-osdu-common.yml` _Validate:_ https:// is alive. ```bash @@ -307,27 +307,42 @@ az pipelines create \ --repository infra-azure-provisioning \ --branch master \ --repository-type tfsgit \ - --yaml-path /charts/osdu-common/pipeline.yml \ + --yaml-path /devops/pipelines/chart-osdu-common.yml \ -ojson ``` 2. Add a Pipeline for __chart-osdu-istio__ to deploy Istio components. _Repo:_ `infra-azure-provisioning` - - _Path:_ `/charts/osdu-istio/pipeline.yml` - + _Path:_ `/devops/pipelines/chart-osdu-istio.yml` _Validate:_ Pods are running in Istio Namespace. +```bash +az pipelines create \ + --name 'chart-osdu-istio' \ + --repository infra-azure-provisioning \ + --branch master \ + --repository-type tfsgit \ + --yaml-path /devops/pipelines/chart-osdu-istio.yml \ + -ojson +``` + 3. Add a Pipeline for __chart-osdu-istio-auth__ to deploy Istio Authorization Policies. _Repo:_ `infra-azure-provisioning` - - _Path:_ `/charts/osdu-istio-auth/pipeline.yml` - + _Path:_ `/devops/pipelines/chart-osdu-istio-auth.yml` _Validate:_ Authorization Policies exist in osdu namespace. +```bash +az pipelines create \ + --name 'chart-osdu-istio-auth' \ + --repository infra-azure-provisioning \ + --branch master \ + --repository-type tfsgit \ + --yaml-path /devops/pipelines/chart-osdu-istio-auth.yml \ + -ojson +``` __Create the Service Pipelines__ @@ -336,63 +351,115 @@ Create the pipelines and run things in this exact order. 1. Add a Pipeline for __service-partition__ to deploy the Partition Service. _Repo:_ `partition` - _Path:_ `/devops/azure/pipeline.yml` - _Validate:_ https:///api/partition/v1/swagger-ui.html is alive. +```bash +az pipelines create \ + --name 'service-partition' \ + --repository partition \ + --branch master \ + --repository-type tfsgit \ + --yaml-path /devops/azure/pipeline.yml \ + -ojson +``` + 2. Add a Pipeline for __service-entitlements-azure__ to deploy the Entitlements Service. > This pipeline may have to be run twice for integration tests to pass due to a preload data issue. _Repo:_ `entitlements-azure` - _Path:_ `/devops/azure/pipeline.yml` - _Validate:_ https:///entitlements/v1/swagger-ui.html is alive. +```bash +az pipelines create \ + --name 'service-entitlements-azure' \ + --repository entitlements-azure \ + --branch master \ + --repository-type tfsgit \ + --yaml-path /devops/azure/pipeline.yml \ + -ojson +``` + 3. Add a Pipeline for __service-legal__ to deploy the Legal Service. _Repo:_ `legal` - _Path:_ `/devops/azure/pipeline.yml` - _Validate:_ https:///api/legal/v1/swagger-ui.html is alive. +```bash +az pipelines create \ + --name 'service-legal' \ + --repository legal \ + --branch master \ + --repository-type tfsgit \ + --yaml-path /devops/azure/pipeline.yml \ + -ojson +``` 4. Add a Pipeline for __service-storage__ to deploy the Storage Service. _Repo:_ `storage` - _Path:_ `/devops/azure/pipeline.yml` - _Validate:_ https:///api/storage/v2/swagger-ui.html is alive. +```bash +az pipelines create \ + --name 'service-storage' \ + --repository storage \ + --branch master \ + --repository-type tfsgit \ + --yaml-path /devops/azure/pipeline.yml \ + -ojson +``` + 5. Add a Pipeline for __service-indexer-queue__ to deploy the Indexer Queue Function. _Repo:_ `indexer-queue` - _Path:_ `/devops/azure/pipeline.yml` - _Validate:_ ScaledObject exist in osdu namespace. +```bash +az pipelines create \ + --name 'service-indexer-queue' \ + --repository indexer-queue \ + --branch master \ + --repository-type tfsgit \ + --yaml-path /devops/azure/pipeline.yml \ + -ojson +``` 6. Add a Pipeline for __service-indexer__ to deploy the Indexer Service. _Repo:_ `indexer-service` - _Path:_ `/devops/azure/pipeline.yml` - _Validate:_ https:///api/indexer/v2/swagger-ui.html is alive. +```bash +az pipelines create \ + --name 'service-indexer' \ + --repository indexer-service \ + --branch master \ + --repository-type tfsgit \ + --yaml-path /devops/azure/pipeline.yml \ + -ojson +``` 7. Add a Pipeline for __service-search__ to deploy the Search Service. _Repo:_ `search-service` - _Path:_ `/devops/azure/pipeline.yml` - _Validate:_ https:///api/search/v2/swagger-ui.html is alive. +```bash +az pipelines create \ + --name 'service-search' \ + --repository search-service \ + --branch master \ + --repository-type tfsgit \ + --yaml-path /devops/azure/pipeline.yml \ + -ojson +``` diff --git a/infra/common_prepare.sh b/infra/common_prepare.sh index 04d220e9d431703a95d83ffded6fdc76dafe86cb..e0d1333debef9f61dcd8ba6defb849bf4075539e 100755 --- a/infra/common_prepare.sh +++ b/infra/common_prepare.sh @@ -546,7 +546,7 @@ export TF_VAR_remote_state_container="remote-state-container" export TF_VAR_resource_group_location="${AZURE_LOCATION}" export TF_VAR_cosmosdb_replica_location="${AZURE_PAIR_LOCATION}" -export TF_VAR_central_resources_workspace_name="${UNIQUE}-cr" +export TF_VAR_central_resources_workspace_name="cr-${UNIQUE}" export TF_VAR_principal_appId="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/osdu-mvp-${UNIQUE}-principal-id --query value -otsv)" export TF_VAR_principal_name="osdu-mvp-${UNIQUE}-principal" diff --git a/infra/templates/osdu-r3-mvp/central_resources/README.md b/infra/templates/osdu-r3-mvp/central_resources/README.md index ddced8c25098ab144c8169891ae0dae5d7aee12e..9135151263c2f7dd79766d17c93414d123ee38c6 100644 --- a/infra/templates/osdu-r3-mvp/central_resources/README.md +++ b/infra/templates/osdu-r3-mvp/central_resources/README.md @@ -91,7 +91,7 @@ terraform init -backend-config "storage_account_name=${TF_VAR_remote_state_accou # This command configures terraform to use a workspace unique to you. This allows you to work # without stepping over your teammate's deployments -TF_WORKSPACE="${UNIQUE}-cr" +TF_WORKSPACE="cr-${UNIQUE}" terraform workspace new $TF_WORKSPACE || terraform workspace select $TF_WORKSPACE ``` diff --git a/infra/templates/osdu-r3-mvp/data_partition/README.md b/infra/templates/osdu-r3-mvp/data_partition/README.md index 9f64acc3682a041a558055623b6bb65a0dd87174..bdb23ac92d4d00068ccbe3b5cbd33e6bf968ed96 100644 --- a/infra/templates/osdu-r3-mvp/data_partition/README.md +++ b/infra/templates/osdu-r3-mvp/data_partition/README.md @@ -59,7 +59,7 @@ terraform init -backend-config "storage_account_name=${TF_VAR_remote_state_accou # This command configures terraform to use a workspace unique to you. This allows you to work # without stepping over your teammate's deployments -TF_WORKSPACE="${UNIQUE}-dp" +TF_WORKSPACE="dp1-${UNIQUE}" terraform workspace new $TF_WORKSPACE || terraform workspace select $TF_WORKSPACE ``` diff --git a/infra/templates/osdu-r3-mvp/pipeline-central-resources.yml b/infra/templates/osdu-r3-mvp/pipeline-central-resources.yml index ce2108d98f8b8227a174ef59016c00ad1ba16461..a46eb88c0937ff9cbfd789f9a36d0b186596f92c 100644 --- a/infra/templates/osdu-r3-mvp/pipeline-central-resources.yml +++ b/infra/templates/osdu-r3-mvp/pipeline-central-resources.yml @@ -65,9 +65,13 @@ stages: - template: /devops/infra-prepare-stage.yml parameters: environments: - - name: 'demo' + - name: 'dev' enablePrIsolation: false resourceNameIsolationLevel: 8 + - ${{ if eq(variables['Build.SourceBranchName'], 'master') }}: + - name: 'glab' + enablePrIsolation: false + resourceNameIsolationLevel: 8 configurations: - jobName: central_resources diff --git a/infra/templates/osdu-r3-mvp/pipeline-data-partition.yml b/infra/templates/osdu-r3-mvp/pipeline-data-partition.yml index a0c8f17700f650bc948b886c6cb0cde210fba9b9..a2012999972183699871557c31d1ee9615eea60c 100644 --- a/infra/templates/osdu-r3-mvp/pipeline-data-partition.yml +++ b/infra/templates/osdu-r3-mvp/pipeline-data-partition.yml @@ -64,9 +64,13 @@ stages: - template: /devops/infra-prepare-stage.yml parameters: environments: - - name: 'demo' + - name: 'dev' enablePrIsolation: false resourceNameIsolationLevel: 8 + - ${{ if eq(variables['Build.SourceBranchName'], 'master') }}: + - name: 'glab' + enablePrIsolation: false + resourceNameIsolationLevel: 8 configurations: - jobName: data_partition_1 diff --git a/infra/templates/osdu-r3-mvp/pipeline-service-resources.yml b/infra/templates/osdu-r3-mvp/pipeline-service-resources.yml index d8463368d700905a16c94eba1a2c7246ce82756f..e34e3096224ae5483be41fafc761db118955b881 100644 --- a/infra/templates/osdu-r3-mvp/pipeline-service-resources.yml +++ b/infra/templates/osdu-r3-mvp/pipeline-service-resources.yml @@ -63,9 +63,13 @@ stages: - template: /devops/infra-prepare-stage.yml parameters: environments: - - name: 'demo' + - name: 'dev' enablePrIsolation: false resourceNameIsolationLevel: 8 + - ${{ if eq(variables['Build.SourceBranchName'], 'master') }}: + - name: 'glab' + enablePrIsolation: false + resourceNameIsolationLevel: 8 configurations: - jobName: service_resources diff --git a/infra/templates/osdu-r3-mvp/service_resources/README.md b/infra/templates/osdu-r3-mvp/service_resources/README.md index ca5b3a001ce40665d8920c7810e11665efe2229b..65f4826cb72331b15c941c132dc578baea3924f8 100644 --- a/infra/templates/osdu-r3-mvp/service_resources/README.md +++ b/infra/templates/osdu-r3-mvp/service_resources/README.md @@ -58,7 +58,7 @@ terraform init -backend-config "storage_account_name=${TF_VAR_remote_state_accou # This command configures terraform to use a workspace unique to you. This allows you to work # without stepping over your teammate's deployments -TF_WORKSPACE="${UNIQUE}-sr" +TF_WORKSPACE="sr-${UNIQUE}" terraform workspace new $TF_WORKSPACE || terraform workspace select $TF_WORKSPACE ```