Add pipelines for unlimited staging (#3)

* Add pipelines for unlimited staging

Author: osterman

codefresh/deploy.yaml

@@ -13,25 +13,7 @@ steps:
     - cf_export NAMESPACE=${{STAGE}}
     - cf_export IMAGE_NAME=${{CF_DOCKER_REPO_URL}}/${{CF_REPO_NAME}}
     - cf_export IMAGE_TAG=${{CF_RELEASE_TAG}}
-
-  set_github_deployment_status_to_pending:
-    title: Set GitHub deployment status to "pending"
-    stage: Deploy
-    image: cloudposse/github-status-updater
-    environment:
-    - GITHUB_ACTION=update_state
-    - GITHUB_TOKEN=${{GITHUB_TOKEN}}
-    - GITHUB_OWNER=${{CF_REPO_OWNER}}
-    - GITHUB_REPO=${{CF_REPO_NAME}}
-    - GITHUB_REF=${{CF_REVISION}}
-    - GITHUB_CONTEXT=${{STAGE}}-environment
-    - GITHUB_STATE=pending
-    - GITHUB_DESCRIPTION=Deploying changes to ${{NAMESPACE}} namespace
-    - GITHUB_TARGET_URL=${{ATLANTIS_ATLANTIS_URL}}
-    when:
-      condition:
-        all:
-          githubNotificationsEnabled: "'${{GITHUB_NOTIFICATIONS_ENABLED}}' == 'true'"
+    - cf_export GATEWAY_HOST=example.${{BASE_HOST}}
 
   deploy_helmfile:
     title: "Deploy with helmfile"
@@ -41,25 +23,6 @@ steps:
     commands:
     # Announce the release version
     - "echo 'Preparing to deploy ${{CF_REPO_NAME}}:${{CF_RELEASE_TAG}}'"
-    - echo dev > .ctlenv
     # Deploy chart to cluster
     - "/deploy/ctl --namespace=${{NAMESPACE}} blue-green"
 
-  set_github_deployment_status_to_success:
-    title: Set GitHub deployment status to "success"
-    stage: "Deploy"
-    image: cloudposse/github-status-updater
-    environment:
-    - GITHUB_ACTION=update_state
-    - GITHUB_TOKEN=${{GITHUB_TOKEN}}
-    - GITHUB_OWNER=${{CF_REPO_OWNER}}
-    - GITHUB_REPO=${{CF_REPO_NAME}}
-    - GITHUB_REF=${{CF_REVISION}}
-    - GITHUB_CONTEXT=${{STAGE}}-environment
-    - GITHUB_STATE=success
-    - GITHUB_DESCRIPTION=Deployed to ${{NAMESPACE}} namespace
-    - GITHUB_TARGET_URL=${{ATLANTIS_ATLANTIS_URL}}
-    when:
-      condition:
-        all:
-          githubNotificationsEnabled: "'${{GITHUB_NOTIFICATIONS_ENABLED}}' == 'true'"

codefresh/destroy.yaml

@@ -0,0 +1,17 @@
+version: '1.0'
+
+stages:
+- Destroy
+
+steps:
+  main_clone:
+    title: Destroy namespace
+    stage: Destroy
+    image: cloudposse/build-harness:${{BUILD_HARNESS_VERSION}}
+    working_directory: /build-harness/
+    environment:
+    - NAMESPACE=pr-${{CF_PULL_REQUEST_NUMBER}}-${{CF_REPO_NAME}}
+    commands:
+    - "kubectl config use-context ${{KUBE_CONTEXT}}"
+    - "make helm/delete/namespace"
+    - "make helm/delete/namespace/empty"

codefresh/pull-request.yaml

@@ -0,0 +1,107 @@
+version: '1.0'
+
+stages:
+- Prepare
+- Build
+- Push
+- Deploy
+
+steps:
+  main_clone:
+    title: "Clone repository"
+    type: git-clone
+    stage: Prepare
+    description: "Initialize"
+    repo: ${{CF_REPO_OWNER}}/${{CF_REPO_NAME}}
+    git: CF-default
+    revision: ${{CF_REVISION}}
+
+  export:
+    title: Export Environment
+    stage: Prepare
+    image: alpine
+    commands:
+    - cf_export GIT_BRANCH=${{CF_BRANCH}}
+    - cf_export PROJECT=${{CF_REPO_NAME}}
+    - cf_export APP_NAME=${{CF_REPO_NAME}}
+    - cf_export CHART_NAME=monochart
+    - cf_export PIPELINE_ENV=integration
+    - cf_export NAMESPACE=pr-${{CF_PULL_REQUEST_NUMBER}}-${{CF_REPO_NAME}}
+    - cf_export RELEASE_NAME=pr-${{CF_PULL_REQUEST_NUMBER}}-${{CF_REPO_NAME}}
+    - cf_export APP_HOST=pr-${{CF_PULL_REQUEST_NUMBER}}.${{CF_REPO_NAME}}.${{BASE_HOST}}
+    - cf_export IMAGE_NAME=${{CF_DOCKER_REPO_URL}}/${{CF_REPO_NAME}}
+    - cf_export IMAGE_TAG=${{CF_REVISION}}
+
+  build_image:
+    title: Build image
+    stage: Build
+    type: build
+    description: Build app
+    image_name: ${{CF_REPO_NAME}}
+    dockerfile: Dockerfile
+    no_cache: false
+    no_cf_cache: false
+
+  push_image_commit:
+    title: Push image with commit tag
+    stage: Push
+    type: push
+    candidate: ${{build_image}}
+    tags:
+    - "${{CF_REVISION}}"
+
+  set_github_deployment_status_to_pending:
+    title: Set GitHub deployment status to "pending"
+    stage: Deploy
+    image: cloudposse/github-status-updater
+    environment:
+    - GITHUB_ACTION=update_state
+    - GITHUB_TOKEN=${{GITHUB_TOKEN}}
+    - GITHUB_OWNER=${{CF_REPO_OWNER}}
+    - GITHUB_REPO=${{CF_REPO_NAME}}
+    - GITHUB_REF=${{CF_REVISION}}
+    - GITHUB_CONTEXT=Staging Environment
+    - GITHUB_STATE=pending
+    - GITHUB_DESCRIPTION=Deploying changes to ${{NAMESPACE}} namespace
+    - GITHUB_TARGET_URL=http://${{APP_HOST}}
+    when:
+      condition:
+        all:
+          githubNotificationsEnabled: "'${{GITHUB_NOTIFICATIONS_ENABLED}}' == 'true'"
+
+  deploy_helmfile:
+    title: Deploy with helmfile
+    stage: Deploy
+    image: "${{CF_DOCKER_REPO_URL}}/${{CF_REPO_NAME}}:${{CF_REVISION}}"
+    working_directory: /deploy/
+    commands:
+    # Announce the release version
+    - "echo 'Preparing to deploy ${{CF_REPO_NAME}}:${{CF_RELEASE_TAG}}'"
+    # Deploy chart to cluster in a dedicated namespace
+    - "/deploy/ctl --namespace=${{NAMESPACE}} rolling"
+
+  set_github_deployment_status_to_success:
+    title: Set GitHub deployment status to "success"
+    stage: Deploy
+    image: cloudposse/github-status-updater
+    environment:
+    - GITHUB_ACTION=update_state
+    - GITHUB_TOKEN=${{GITHUB_TOKEN}}
+    - GITHUB_OWNER=${{CF_REPO_OWNER}}
+    - GITHUB_REPO=${{CF_REPO_NAME}}
+    - GITHUB_REF=${{CF_REVISION}}
+    - GITHUB_CONTEXT=Staging Environment
+    - GITHUB_STATE=success
+    - GITHUB_DESCRIPTION=Deployed to ${{NAMESPACE}} namespace
+    - GITHUB_TARGET_URL=http://${{APP_HOST}}
+    when:
+      condition:
+        all:
+          githubNotificationsEnabled: "'${{GITHUB_NOTIFICATIONS_ENABLED}}' == 'true'"
+
+  send_slack_notification:
+    title: Send notification to Slack channel
+    stage: Deploy
+    image: cloudposse/build-harness:${{BUILD_HARNESS_VERSION}}
+    commands:
+    - make codefresh/notify/slack/deploy/webapp

deploy/.ctlenv

@@ -0,0 +1 @@
+dev

deploy/ctl

@@ -42,9 +42,28 @@ tasks:
       if [ -f ${config} ]; then
         cat ${config}
       else
+        echo "Initializing as blue" >&2
         echo "blue" | tee ${config}
       fi
 
+  rolling:
+    description: "Trigger a standard rolling deployment without istio"
+
+    parameters:
+    - name: color
+      type: string
+      default: "black"
+      description: "Selected color to deploy"
+
+    steps:
+    - task: deps
+    - task: use-context
+    - script: |
+        export COLOR={{ get "color" }}
+        echo "Updating [${KUBE_CONTEXT}] context {{ get "namespace" }} namespace with color=${COLOR}"
+        # Deploy the app and update istio virtual service
+        helmfile --namespace {{ get "namespace" }} --selector pull-request=true sync
+
   blue-green:
     description: "Trigger a blue-green deployment"
     parameters:
@@ -73,6 +92,8 @@ tasks:
         echo "Config file is ${config}"
         echo "Updating [${KUBE_CONTEXT}] context {{ get "namespace" }} namespace: $cur_color => $new_color"
         export COLOR=$new_color
+        export APP_HOST=${COLOR}.example.${BASE_HOST}
+        export RELEASE_NAME=example-${COLOR}
         # Deploy the app and update istio virtual service
         helmfile --namespace {{ get "namespace" }} sync
         echo "$new_color" > ${config}

deploy/helmfile.yaml

@@ -1,4 +1,5 @@
 # Ordered list of releases. 
 helmfiles:
+  - "releases/pull-secret.yaml"
   - "releases/app.yaml"
   - "releases/istio.yaml"

deploy/releases/app.yaml

@@ -8,9 +8,10 @@ releases:
 # References:
 #   - https://github.com/cloudposse/charts/blob/master/incubator/monochart
 #
-- name: 'example-{{ requiredEnv "COLOR" }}'
+- name: '{{ requiredEnv "RELEASE_NAME" }}'
   labels:
     color: "{{ requiredEnv "COLOR" }}"
+    pull-request: "true"
   chart: "cloudposse-incubator/monochart"
   version: "0.7.0"
   wait: true
@@ -23,7 +24,7 @@ releases:
         tag: '{{ env "IMAGE_TAG" | default "0.1.0" }}'
         pullPolicy: Always
         pullSecrets:
-          - "pull-secret"
+          - "{{ requiredEnv "RELEASE_NAME" }}-pull-secret-dockercfg "
       replicaCount: 5
       # Deployment configuration
       deployment:
@@ -64,14 +65,14 @@ releases:
             external-dns.alpha.kubernetes.io/target: '{{ requiredEnv "NGINX_INGRESS_HOSTNAME" }}'
             external-dns.alpha.kubernetes.io/ttl: "60"
           hosts:
-            ### Required: APP_HOSTNAME;
-            '{{ requiredEnv "COLOR" }}.{{ env "APP_HOSTNAME" }}': /
+            ### Required: APP_HOST;
+            '{{ env "APP_HOST" }}': /
           tls:
               ### Optional: ATLANTIS_TLS_SECRET_NAME;
             - secretName: '{{ env "APP_TLS_SECRET_NAME" | default (requiredEnv "COLOR" | printf "example-%s-server-tls") }}'
               hosts:
-              ### Required: APP_HOSTNAME;
-              - '{{ requiredEnv "COLOR" }}.{{ env "APP_HOSTNAME" }}'
+              ### Required: APP_HOST;
+              - '{{ env "APP_HOST" }}'
 
       probes:
         # Probe that ensures service is healthy

deploy/releases/istio.yaml

@@ -32,7 +32,7 @@ releases:
               name: http
               protocol: HTTP
             hosts:
-            - "{{ env "APP_HOSTNAME" }}"
+            - "{{ env "GATEWAY_HOST" }}"
 
       # Istio Virtual Service
       - apiVersion: networking.istio.io/v1alpha3
@@ -41,7 +41,7 @@ releases:
           name: example-app
         spec:
           hosts:
-          - "{{ env "APP_HOSTNAME" }}"
+          - "{{ env "GATEWAY_HOST" }}"
           gateways:
           - example-app
           http:

deploy/releases/pull-secret.yaml

@@ -0,0 +1,43 @@
+#
+# Deploy Docker Repository Pull Secrets
+#
+
+#
+# Helm Defaults
+# 
+helmDefaults:
+  wait: true
+  verify: false
+  timeout: 600
+  recreatePods: false
+  force: true
+
+repositories:
+  # Cloud Posse incubator repo of helm charts
+  - name: "cloudposse-incubator"
+    url: "https://charts.cloudposse.com/incubator/"
+#
+# Kubernetes cluster
+#
+context: '{{ requiredEnv "KUBE_CONTEXT" }}'
+
+#
+# Helm Releases
+#
+releases:
+  # Pull Secret (.dockercfg)
+  - name: '{{ requiredEnv "RELEASE_NAME" }}-pull-secret'
+    chart: "cloudposse-incubator/dockercfg"
+    version: "0.1.0"
+    namespace: '{{ requiredEnv "NAMESPACE" }}'
+    labels:
+      chart: "dockercfg"
+      component: "secrets"
+      pull-request: "true"
+
+    values:
+    - image:
+        pullSecret:
+          registry: '{{ requiredEnv "IMAGE_PULL_SECRET_REGISTRY" }}'
+          username: '{{ requiredEnv "IMAGE_PULL_SECRET_USERNAME" }}'
+          password: '{{ requiredEnv "IMAGE_PULL_SECRET_PASSWORD" }}'