-
Notifications
You must be signed in to change notification settings - Fork 68
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Microclimate User
committed
Mar 19, 2018
0 parents
commit 8f5ec08
Showing
35 changed files
with
1,371 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
{ | ||
"$schema": "http://json-schema.org/draft-04/schema#", | ||
"title": "Sample Deploy Stage", | ||
"longDescription": "The Delivery Pipeline automates continuous deployment.", | ||
"type": "object", | ||
"properties": { | ||
"dev-region": { | ||
"description": "The bluemix region", | ||
"type": "string" | ||
}, | ||
"dev-organization": { | ||
"description": "The bluemix org", | ||
"type": "string" | ||
}, | ||
"dev-space": { | ||
"description": "The bluemix space", | ||
"type": "string" | ||
}, | ||
"app-name": { | ||
"description": "app name", | ||
"type": "string" | ||
} | ||
}, | ||
"required": ["dev-region", "dev-organization", "dev-space", "app-name"], | ||
"form": [{ | ||
"type": "validator", | ||
"url": "/devops/setup/bm-helper/helper.html" | ||
}, | ||
{ | ||
"type": "text", | ||
"readonly": false, | ||
"title": "App Name", | ||
"key": "app-name" | ||
}, { | ||
"type": "table", | ||
"columnCount": 3, | ||
"widths": ["28%", "28%", "28%"], | ||
"items": [{ | ||
"type": "label", | ||
"title": "Region" | ||
}, { | ||
"type": "label", | ||
"title": "Organization" | ||
}, { | ||
"type": "label", | ||
"title": "Space" | ||
}, { | ||
"type": "select", | ||
"key": "dev-region" | ||
}, { | ||
"type": "select", | ||
"key": "dev-organization" | ||
}, { | ||
"type": "select", | ||
"key": "dev-space", | ||
"readonly": false | ||
}] | ||
}] | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
stages: | ||
- name: Build Stage | ||
inputs: | ||
- type: git | ||
branch: master | ||
service: ${REPO} | ||
triggers: | ||
- type: commit | ||
jobs: | ||
- name: Build | ||
type: builder | ||
build_type: shell | ||
script: | | ||
#!/bin/bash | ||
export JAVA_HOME=$JAVA8_HOME | ||
mvn install -DskipTests | ||
- name: Post Build | ||
type: builder | ||
artifact_dir: '' | ||
build_type: shell | ||
script: |- | ||
#!/bin/bash | ||
if [[ -f post_build.sh ]]; then | ||
chmod +x post_build.sh; | ||
echo "executing the post_build script"; | ||
sh post_build.sh; | ||
else | ||
echo "the post_build script does not exist"; | ||
fi | ||
- name: Deploy Stage | ||
inputs: | ||
- type: job | ||
stage: Build Stage | ||
job: Build | ||
triggers: | ||
- type: stage | ||
jobs: | ||
- name: Deploy | ||
type: deployer | ||
target: | ||
region_id: ${REGION_ID} | ||
organization: ${CF_ORGANIZATION} | ||
space: ${CF_SPACE} | ||
application: ${CF_APP} | ||
script: |- | ||
#!/bin/bash | ||
cf push "${CF_APP}" -p target/MyProject-1.0-SNAPSHOT.zip | ||
# cf logs "${CF_APP}" --recent |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,96 @@ | ||
#!/bin/bash | ||
#set -x | ||
|
||
echo -e "Build environment variables:" | ||
echo "REGISTRY_URL=${REGISTRY_URL}" | ||
echo "REGISTRY_NAMESPACE=${REGISTRY_NAMESPACE}" | ||
echo "IMAGE_NAME=${IMAGE_NAME}" | ||
echo "CHART_NAME=${CHART_NAME}" | ||
echo "BUILD_NUMBER=${BUILD_NUMBER}" | ||
echo "ARCHIVE_DIR=${ARCHIVE_DIR}" | ||
|
||
# Learn more about the available environment variables at: | ||
# https://console.bluemix.net/docs/services/ContinuousDelivery/pipeline_deploy_var.html#deliverypipeline_environment | ||
|
||
# To review or change build options use: | ||
# bx cr build --help | ||
|
||
echo "==========================================================" | ||
echo "Checking for Dockerfile at the repository root" | ||
if [ -f Dockerfile ]; then | ||
echo "Dockerfile found" | ||
else | ||
echo "Dockerfile not found" | ||
exit 1 | ||
fi | ||
|
||
echo "==========================================================" | ||
echo "Checking registry current plan and quota" | ||
bx cr plan | ||
bx cr quota | ||
echo "If needed, discard older images using: bx cr image-rm" | ||
|
||
# TODO this check for namespace is not enough, namespace has to be unique per region. | ||
# This only checks for existence of namespace in user's account. When creating namespace, | ||
# need to handle case where it's already taken, and perhaps generate a unique one. | ||
# Rules for namespace: | ||
# The namespace must be unique and not taken in registry region. | ||
# The namespace must be 4-30 characters long. | ||
# The namespace must start with at least one letter or number. | ||
# The namespace can only contain lowercase letters, numbers or underscores (_). | ||
#echo "Checking registry namespace: ${REGISTRY_NAMESPACE}" | ||
#ns=$( bx cr namespaces | grep ${REGISTRY_NAMESPACE} ||: ) | ||
#if [ -z $ns ]; then | ||
# echo "Registry namespace ${REGISTRY_NAMESPACE} not found, creating it." | ||
# bx cr namespace-add ${REGISTRY_NAMESPACE} | ||
# echo "Registry namespace ${REGISTRY_NAMESPACE} created." | ||
#else | ||
# echo "Registry namespace ${REGISTRY_NAMESPACE} found." | ||
#fi | ||
|
||
echo -e "Existing images in registry" | ||
bx cr images | ||
|
||
echo "==========================================================" | ||
echo -e "Building container image: ${IMAGE_NAME}:${BUILD_NUMBER}" | ||
set -x | ||
bx cr build -t $REGISTRY_URL/$REGISTRY_NAMESPACE/$IMAGE_NAME:$BUILD_NUMBER . | ||
set +x | ||
bx cr image-inspect $REGISTRY_URL/$REGISTRY_NAMESPACE/$IMAGE_NAME:$BUILD_NUMBER | ||
|
||
echo "==========================================================" | ||
echo "Copying artifacts needed for deployment and testing" | ||
|
||
echo -e "Checking archive dir presence" | ||
mkdir -p $ARCHIVE_DIR | ||
|
||
# IMAGE_NAME from build.properties is used by Vulnerability Advisor job to reference the image qualified location in registry | ||
echo "IMAGE_NAME=${REGISTRY_URL}/${REGISTRY_NAMESPACE}/${IMAGE_NAME}:${BUILD_NUMBER}" >> $ARCHIVE_DIR/build.properties | ||
|
||
# RELEASE_NAME from build.properties is used in Helm Chart deployment to set the release name | ||
echo "RELEASE_NAME=${CHART_NAME}" >> $ARCHIVE_DIR/build.properties | ||
|
||
# REGISTRY_HOST from build.properties is used to create imagePullSecret, ex: registry.ng.bluemix.net | ||
echo "REGISTRY_HOST=${REGISTRY_URL}" >> $ARCHIVE_DIR/build.properties | ||
|
||
# Copy scripts (incl. deploy scripts) | ||
if [ ! -d $ARCHIVE_DIR/$SCRIPTS_DIR ]; then # no need to copy if working in ./ already | ||
echo "Copying scripts to ${ARCHIVE_DIR}/${SCRIPTS_DIR}" | ||
mkdir -p $ARCHIVE_DIR/$SCRIPTS_DIR | ||
cp -r $SCRIPTS_DIR/ $ARCHIVE_DIR/$SCRIPTS_DIR/ | ||
fi | ||
|
||
if [ -f ./chart/${CHART_NAME}/values.yaml ]; then | ||
#Update Helm chart values.yml with image name and tag | ||
echo "UPDATING CHART VALUES:" | ||
sed -i "s~^\([[:blank:]]*\)repository:.*$~\1repository: ${REGISTRY_URL}/${REGISTRY_NAMESPACE}/${IMAGE_NAME}~" ./chart/${CHART_NAME}/values.yaml | ||
sed -i "s~^\([[:blank:]]*\)tag:.*$~\1tag: ${BUILD_NUMBER}~" ./chart/${CHART_NAME}/values.yaml | ||
cat ./chart/${CHART_NAME}/values.yaml | ||
if [ ! -d $ARCHIVE_DIR/chart/ ]; then # no need to copy if working in ./ already | ||
echo "Copying chart to ${ARCHIVE_DIR}" | ||
cp -r ./chart/ $ARCHIVE_DIR/ | ||
fi | ||
else | ||
echo -e "${red}Helm chart values for Kubernetes deployment (/chart/${CHART_NAME}/values.yaml) not found.${no_color}" | ||
exit 1 | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
#!/bin/bash | ||
#set -x | ||
|
||
#View build properties | ||
cat build.properties | ||
|
||
echo "Check cluster availability" | ||
ip_addr=$(bx cs workers $PIPELINE_KUBERNETES_CLUSTER_NAME | grep normal | awk '{ print $2 }') | ||
if [ -z $ip_addr ]; then | ||
echo "$PIPELINE_KUBERNETES_CLUSTER_NAME not created or workers not ready" | ||
exit 1 | ||
fi | ||
|
||
echo "Check cluster target namespace" | ||
if ! kubectl get namespace $CLUSTER_NAMESPACE; then | ||
echo "$CLUSTER_NAMESPACE cluster namespace does not exist, creating it" | ||
kubectl create namespace $CLUSTER_NAMESPACE | ||
fi | ||
|
||
echo "create ${IMAGE_PULL_SECRET_NAME} imagePullSecret if it does not exist" | ||
if ! kubectl get secret ${IMAGE_PULL_SECRET_NAME} --namespace $CLUSTER_NAMESPACE; then | ||
echo "${IMAGE_PULL_SECRET_NAME} not found in $CLUSTER_NAMESPACE, creating it" | ||
# for Container Registry, docker username is 'token' and email does not matter | ||
kubectl --namespace $CLUSTER_NAMESPACE create secret docker-registry $IMAGE_PULL_SECRET_NAME --docker-server=$REGISTRY_HOST --docker-password=$IMAGE_REGISTRY_TOKEN --docker-username=token [email protected] | ||
fi | ||
|
||
echo "enable default serviceaccount to use the pull secret" | ||
kubectl patch -n $CLUSTER_NAMESPACE serviceaccount/default -p '{"imagePullSecrets":[{"name":"'"$IMAGE_PULL_SECRET_NAME"'"}]}' | ||
echo "Namespace $CLUSTER_NAMESPACE is now authorized to pull from the private image registry" | ||
echo "default serviceAccount:" | ||
kubectl get serviceAccount default -o yaml | ||
|
||
# Check Helm/Tiller | ||
echo "CHECKING TILLER (Helm's server component)" | ||
helm init --upgrade | ||
while true; do | ||
tiller_deployed=$(kubectl --namespace=kube-system get pods | grep tiller | grep Running | grep 1/1 ) | ||
if [[ "${tiller_deployed}" != "" ]]; then | ||
echo "Tiller ready." | ||
break; | ||
fi | ||
echo "Waiting for Tiller to be ready." | ||
sleep 1 | ||
done | ||
helm version | ||
|
||
echo "CHART_NAME: $CHART_NAME" | ||
echo "RELEASE_NAME: $RELEASE_NAME" | ||
|
||
echo "CHECKING CHART (lint)" | ||
helm lint ${RELEASE_NAME} ./chart/${CHART_NAME} | ||
|
||
echo "DRY RUN DEPLOYING into: $PIPELINE_KUBERNETES_CLUSTER_NAME/$CLUSTER_NAMESPACE." | ||
helm upgrade ${RELEASE_NAME} ./chart/${CHART_NAME} --namespace $CLUSTER_NAMESPACE --install --debug --dry-run | ||
|
||
echo "DEPLOYING into: $PIPELINE_KUBERNETES_CLUSTER_NAME/$CLUSTER_NAMESPACE." | ||
helm upgrade ${RELEASE_NAME} ./chart/${CHART_NAME} --namespace $CLUSTER_NAMESPACE --install | ||
|
||
echo "" | ||
echo "DEPLOYED SERVICE:" | ||
kubectl describe services ${CHART_NAME} --namespace $CLUSTER_NAMESPACE | ||
|
||
echo "" | ||
echo "DEPLOYED PODS:" | ||
kubectl describe pods --selector app=${CHART_NAME}-selector --namespace $CLUSTER_NAMESPACE | ||
|
||
port=$(kubectl get services --namespace $CLUSTER_NAMESPACE | grep ${CHART_NAME} | sed 's/.*:\([0-9]*\).*/\1/g') | ||
echo "" | ||
echo "VIEW THE APPLICATION AT: http://$ip_addr:$port" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
name: Continuous Delivery Toolchain | ||
description: "This toolchain includes tools to develop and deploy your app. Depending on your app, when you create the toolchain, the GitHub repository will either be empty or will contain source code from your app.\n\nThis toolchain uses tools that are part of the Continuous Delivery service. If an instance of that service isn't already in your organization, when you click **Create**, it is automatically added at no cost to you. For more information and terms, see the [Bluemix catalog](/catalog/services/continuous-delivery/).\n\nTo get started, click **Create**." | ||
version: 0.2 | ||
required: | ||
- deploy | ||
- repo | ||
|
||
toolchain: | ||
name: stockquote | ||
|
||
# Github repos | ||
repo: | ||
service_id: hostedgit | ||
parameters: | ||
repo_url: "{{#zip_url}}{{zip_url}}{{/zip_url}}{{^zip_url}}{{repository}}{{/zip_url}}" | ||
repo_name: "{{toolchain.name}}" | ||
type: clone | ||
has_issues: true | ||
enable_traceability: true | ||
|
||
# Pipelines | ||
build: | ||
service_id: pipeline | ||
parameters: | ||
name: "{{name}}" | ||
ui-pipeline: true | ||
configuration: | ||
content: $file(pipeline.yml) | ||
env: | ||
REPO: "repo" | ||
CF_APP: "{{deploy.parameters.app-name}}" | ||
CF_SPACE: "{{deploy.parameters.dev-space}}" | ||
CF_ORGANIZATION: "{{deploy.parameters.dev-organization}}" | ||
REGION_ID: "{{deploy.parameters.dev-region}}" | ||
execute: true | ||
services: ["repo"] | ||
hidden: ["form"] | ||
|
||
#Web IDE | ||
webide: | ||
service_id: orion | ||
|
||
#Deployment | ||
deploy: | ||
schema: | ||
$ref: deploy.json | ||
service-category: pipeline | ||
parameters: | ||
app-name: stockquote | ||
dev-space: "{{space}}" | ||
dev-organization: "{{organization}}" | ||
dev-region: "{{region}}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
/.classpath | ||
/.project | ||
/.settings | ||
/src/main/liberty/config/server.env | ||
target/ | ||
mc-target/ | ||
build/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
#Ignore Liberty server files | ||
target/liberty/wlp/usr/servers/defaultServer/logs | ||
target/liberty/wlp/usr/servers/defaultServer/workarea | ||
target/liberty/wlp/usr/servers/defaultServer/.classCache | ||
target/liberty/wlp/usr/servers/defaultServer/.pid | ||
mc-target/liberty/wlp/usr/servers/defaultServer/logs | ||
mc-target/liberty/wlp/usr/servers/defaultServer/workarea | ||
mc-target/liberty/wlp/usr/servers/defaultServer/.classCache | ||
mc-target/liberty/wlp/usr/servers/defaultServer/.pid | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
/target | ||
/mc-target | ||
/.m2 | ||
/load-test/*/ | ||
|
||
|
||
/.classpath | ||
/.project | ||
/.settings | ||
|
||
/caches | ||
/local.properties | ||
.*.swp | ||
.DS_Store | ||
/src/main/liberty/config/server.env |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
FROM websphere-liberty:webProfile7 | ||
MAINTAINER IBM Java engineering at IBM Cloud | ||
COPY /target/liberty/wlp/usr/servers/defaultServer /config/ | ||
COPY /target/liberty/wlp/usr/shared/resources /config/resources/ | ||
COPY /src/main/liberty/config/jvmbx.options /config/jvm.options | ||
RUN installUtility install --acceptLicense defaultServer | ||
# Upgrade to production license if URL to JAR provided | ||
ARG LICENSE_JAR_URL | ||
RUN \ | ||
if [ $LICENSE_JAR_URL ]; then \ | ||
wget $LICENSE_JAR_URL -O /tmp/license.jar \ | ||
&& java -jar /tmp/license.jar -acceptLicense /opt/ibm \ | ||
&& rm /tmp/license.jar; \ | ||
fi |
Oops, something went wrong.