forked from google/nomulus
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcloudbuild-deploy-gke.yaml
65 lines (65 loc) · 2.79 KB
/
cloudbuild-deploy-gke.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# This job deploys auxiliary resources for Nomulus, such as Cloud Scheduler tasks
# and Cloud Tasks queues.
#
# To manually trigger a build on GCB, run:
# gcloud builds submit --config=cloudbuild-deploy-gke.yaml \
# --substitutions=TAG_NAME=[TAG],_ENV=[ENV] ..
#
# To trigger a build automatically, follow the instructions below and add a trigger:
# https://cloud.google.com/cloud-build/docs/running-builds/automate-builds
#
# Note: to work around the issue in Spinnaker's 'Deployment Manifest' stage,
# variable references must avoid the ${var} format. Valid formats include
# $var or ${"${var}"}. This file uses the former. Since TAG_NAME and _ENV are
# expanded in the copies sent to Spinnaker, we preserve the brackets around
# them for safe pattern matching during release.
# See https://github.com/spinnaker/spinnaker/issues/3028 for more information.
steps:
# Pull the credential for nomulus tool.
- name: 'gcr.io/$PROJECT_ID/builder:latest'
entrypoint: /bin/bash
args:
- -c
- |
set -e
gcloud secrets versions access latest \
--secret nomulus-tool-cloudbuild-credential > tool-credential.json
# Create/Update cloud scheduler and cloud tasks based on a cloud-scheduler-tasks.xml
- name: 'gcr.io/$PROJECT_ID/builder:latest'
entrypoint: /bin/bash
args:
- -c
- |
set -e
gcloud auth activate-service-account --key-file=tool-credential.json
if [ ${_ENV} == production ]; then
project_id="domain-registry"
else
project_id="domain-registry-${_ENV}"
fi
gcloud storage cp gs://$PROJECT_ID-deploy/${TAG_NAME}/nomulus-config-${_ENV}.yaml .
gcloud storage cp gs://$PROJECT_ID-deploy/${TAG_NAME}/cloud-scheduler-tasks-${_ENV}.xml .
gcloud storage cp gs://$PROJECT_ID-deploy/${TAG_NAME}/cloud-tasks-queue.xml .
deployCloudSchedulerAndQueue nomulus-config-${_ENV}.yaml cloud-scheduler-tasks-${_ENV}.xml $project_id --gke
deployCloudSchedulerAndQueue nomulus-config-${_ENV}.yaml cloud-tasks-queue.xml $project_id --gke
# Save the deployed tag for the current environment on GCS, and update the
# mappings from Nomulus releases to deployment timestamp.
- name: 'gcr.io/$PROJECT_ID/builder:latest'
entrypoint: /bin/bash
args:
- -c
- |
set -e
echo ${TAG_NAME} | \
gcloud storage cp - gs://$PROJECT_ID-deployed-tags/nomulus-gke.${_ENV}.tag
now=$(TZ=UTC date '+%Y-%m-%dT%H:%M:%S.%3NZ')
echo "${TAG_NAME},$now" | \
gcloud storage cp - gs://$PROJECT_ID-deployed-tags/nomulus-gke.${_ENV}.tmp
# Atomically append uploaded tmp file to nomulus-gke.${_ENV}.versions
gcloud storage objects compose \
gs://$PROJECT_ID-deployed-tags/nomulus-gke.${_ENV}.versions \
gs://$PROJECT_ID-deployed-tags/nomulus-gke.${_ENV}.tmp \
gs://$PROJECT_ID-deployed-tags/nomulus-gke.${_ENV}.versions
timeout: 3600s
options:
machineType: 'E2_HIGHCPU_32'