forked from jfrog/terraform-provider-artifactory
-
Notifications
You must be signed in to change notification settings - Fork 0
/
TFproviderTest.yml
246 lines (244 loc) · 14.2 KB
/
TFproviderTest.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
resources:
- name: GitHubTFProviderRepoJFrog
type: GitRepo
configuration:
gitProvider: Partnership_GitHub
path: jfrog/terraform-provider-artifactory # if path is modified, change the name as well, per Pipelines doc
branches:
include: master
buildOn:
commit: false
pullRequestCreate: true
cancelPendingRunsOn:
pullRequestUpdate: true
pipelines:
- name: tf_provider_artifactory_xray_gke
steps:
- name: fozzie_gke_jfrog_rt_xray_create
type: Bash
configuration:
priority: 0
runtime:
type: image
image:
custom:
name: partnership-fozzie-images.jfrog.io/gke
tag: latest
registry: PartnershipArtifactory
sourceRepository: fozzie-images
integrations:
- name: gkeEnvVars
- name: partnersSlack
inputResources:
- name: GitHubTFProviderRepoJFrog
environmentVariables:
FOZZIE_HOME: "/home/fozzie"
PROVISIONER: "native-steps"
GIT_ACCESS_USER: ${int_gkeEnvVars_git_user}
GIT_ACCESS_TOKEN: ${int_gkeEnvVars_git_token}
PARTNERSHIP_USER: ${int_gkeEnvVars_partnership_user}
PARTNERSHIP_API_KEY: ${int_gkeEnvVars_partnership_api_key}
SERVICE_ACCOUNT_JSON: /home/fozzie/native-steps/credentials/serviceaccount.json
GKE_CLUSTER: ${int_gkeEnvVars_gke_cluster}
GKE_ZONE: ${int_gkeEnvVars_gke_zone}
GKE_PROJECT: ${int_gkeEnvVars_gke_project}
CLOUDFLARE_ZONE_ID: ${int_gkeEnvVars_cloudflare_zone_id}
CLOUDFLARE_TOKEN: ${int_gkeEnvVars_cloudflare_token}
NUM_NODES: ${int_gkeEnvVars_NUM_NODES}
ARTIFACTORY_DISTRIBUTION: artifactory
NEW_RT_PASSWORD: ${int_gkeEnvVars_new_rt_password}
execution:
onStart:
- echo "Preparing for work..."
- echo "Create GKE cluster and deploy Artifactory and Xray, latest versions form Helm repo"
onExecute:
- GKE_CLUSTER=tf-provider-rt-xray-$(date +%s)
- fozzie checkout native-steps
- fozzie gke/create_cluster
- echo "Creating Artifactory Secret"
- kubectl create secret generic artifactory-license --from-file=$FOZZIE_HOME/native-steps/license/artifactory.cluster.license
- echo "Creating TLS Secret"
- kubectl create secret tls tls-ingress --cert=$FOZZIE_HOME/native-steps/dns/tls.crt --key=$FOZZIE_HOME/native-steps/dns/tls.key
- helm repo add jfrog https://charts.jfrog.io/
- helm repo update
- add_run_variables rt_helm_chart_version=$(helm search repo | grep "${ARTIFACTORY_DISTRIBUTION} " | awk '{$1=$1};1' | cut -f2 -d " ")
- echo "Helm chart version "${rt_helm_chart_version}
- add_run_variables artifactory_version=$(helm search repo | grep "${ARTIFACTORY_DISTRIBUTION} " | awk '{$1=$1};1' | cut -f3 -d " ")
- echo "Artifactory version "${artifactory_version}
- add_run_variables xray_helm_chart_version=$(helm search repo | grep "/xray" | awk '{$1=$1};1' | cut -f2 -d " ")
- echo "Xray Helm chart version "${xray_helm_chart_version}
- add_run_variables xray_version=$(helm search repo | grep "/xray" | awk '{$1=$1};1' | cut -f3 -d " ")
- echo "Xray version "${xray_version}
- echo "Installing ${ARTIFACTORY_DISTRIBUTION}"
- MASTER_KEY=$(openssl rand -hex 32)
- JOIN_KEY=$(openssl rand -hex 32)
- >-
if [[ ${ARTIFACTORY_DISTRIBUTION} == "artifactory-ha" ]]; then
helm upgrade --install artifactory-ha jfrog/artifactory-ha --set nginx.service.ssloffload=true --set nginx.tlsSecretName=tls-ingress --set artifactory.masterKey=$MASTER_KEY --set artifactory.joinKey=$JOIN_KEY --set artifactory.license.secret=artifactory-license --set artifactory.license.dataKey=artifactory.cluster.license --set artifactory.node.replicaCount=1 --set postgresql.persistence.size=50Gi --set artifactory.persistence.size=50Gi
echo "Waiting for Artifactory HA roll out"
kubectl rollout status deployment/artifactory-ha-nginx
kubectl rollout status statefulset/artifactory-ha-artifactory-ha-primary
kubectl rollout status statefulset/artifactory-ha-artifactory-ha-member
echo "Mapping Artifactory DNS record"
export IP_ADDR=$(kubectl get svc artifactory-ha-nginx -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
export URL="${GKE_CLUSTER}-rt.jfrog.tech"
fozzie dns/add
echo "Installing JFrog Xray"
helm upgrade --install xray jfrog/xray --set postgresql.persistence.size=200Gi --set xray.jfrogUrl=http://artifactory-ha-nginx --set xray.masterKey=$MASTER_KEY --set xray.joinKey=$JOIN_KEY
else
helm upgrade --install artifactory jfrog/artifactory --set nginx.service.ssloffload=true --set nginx.tlsSecretName=tls-ingress --set artifactory.masterKey=$MASTER_KEY --set artifactory.joinKey=$JOIN_KEY --set artifactory.license.secret=artifactory-license --set artifactory.license.dataKey=artifactory.cluster.license --set postgresql.persistence.size=50Gi --set artifactory.persistence.size=50Gi
echo "Waiting for Artifactory roll out"
kubectl rollout status deployment/artifactory-artifactory-nginx
kubectl rollout status statefulset/artifactory
echo "Mapping Artifactory DNS record"
export IP_ADDR=$(kubectl get svc artifactory-artifactory-nginx -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
export URL="${GKE_CLUSTER}-rt.jfrog.tech"
fozzie dns/add
echo "Installing JFrog Xray"
helm upgrade --install xray jfrog/xray --set postgresql.persistence.size=200Gi --set xray.jfrogUrl=http://artifactory-artifactory-nginx --set xray.masterKey=$MASTER_KEY --set xray.joinKey=$JOIN_KEY
fi
- kubectl rollout status statefulset/xray-postgresql
- kubectl rollout status statefulset/xray-rabbitmq
- kubectl rollout status statefulset/xray
- add_run_variables jdp_url=https://${GKE_CLUSTER}-rt.jfrog.tech
- add_run_variables NEW_RT_PASSWORD=$NEW_RT_PASSWORD
- export RT_URL=$(echo ${jdp_url} | sed -e 's/.*https:\/\///g') && echo ${RT_URL}
- git clone https://${int_Partnership_GitHub_token}@github.com/jfrog/partner-integration-tests.git
- cd partner-integration-tests
- echo "Common test will check services health and change the default admin user password, if NEW_RT_PASSWORD is set"
- ./gradlew artifactory_common
onSuccess:
- echo "GKE cluster created successfully with JFrog Artifactory and Xray"
- echo "Visit Artifactory at https://${GKE_CLUSTER}-rt.jfrog.tech"
- echo "Artifactory username admin"
- echo "Artifactory password ${NEW_RT_PASSWORD}"
onFailure:
- echo "JFrog Artifactory and Xray creation failed."
- send_notification partnersSlack --text "<${res_GitHubTFProviderRepoJFrog_gitRepoRepositoryHttpsUrl}|Terraform Provider>. Pipeline failed on <${step_url}|${step_name}> step"
- fozzie checkout native-steps
- echo "Removing GKE cluster"
- fozzie gke/authorize
- fozzie gke/delete_cluster
- echo "Removing DNS entry"
- export URL="${GKE_CLUSTER}-rt.jfrog.tech"
- fozzie dns/delete
onComplete:
- echo "JFrog Artifactory and Xray Job Complete"
- name: build_and_run_tf_provider
type: Bash
configuration:
priority: 1
timeoutSeconds: 1200 # 20 minutes
runtime:
type: image
image:
auto:
language: go
versions:
- "1.15.2"
integrations:
- name: partnersSlack
- name: gkeEnvVars
- name: Partnership_GitHub
inputSteps:
- name: fozzie_gke_jfrog_rt_xray_create
inputResources:
- name: GitHubTFProviderRepoJFrog
environmentVariables:
NEW_RT_PASSWORD: ${int_gkeEnvVars_new_rt_password}
execution:
onStart:
- echo "Preparing for work..."
- echo "Make sure that changes merged into development branch don't break the TF provider"
onExecute:
- go version
- echo "Install Terraform"
- sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys DA418C88A3219F7B
- sudo apt-add-repository "deb [arch=$(dpkg --print-architecture)] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
- sudo apt install terraform && terraform -version
- add_run_variables gitHubRepoUrl=${res_GitHubTFProviderRepoJFrog_gitRepoRepositorySshUrl}
- add_run_variables TFProviderRepo=$(echo ${gitHubRepoUrl} | sed -e 's/git@/@/g' -e 's/:/\//g')
- add_run_variables repoFolder=$(echo "${res_GitHubTFProviderRepoJFrog_gitRepoFullName}" | sed -e 's/.*\///g')
- cd ${res_GitHubTFProviderRepoJFrog_resourcePath}
- echo "Verify the code contents merged feature branch with development branch"
- git branch && ls -al
- export PROVIDER_VERSION=$(git tag --sort=-v:refname | head -1 | sed -n 's/v\([0-9]*\).\([0-9]*\).\([0-9]*\)/\1.\2.\3/p')
- export NEXT_PROVIDER_VERSION=$(echo ${PROVIDER_VERSION}| awk -F '.' '{print $1 "." $2 "." $3 +1 }')
- echo $PROVIDER_VERSION
- echo $NEXT_PROVIDER_VERSION
- echo "Rename the build to make it work on Ubuntu"
- cat GNUmakefile | sed -e "s/darwin_amd64/linux_amd64/g" > GNUmakefile.tmp
- cp GNUmakefile.tmp GNUmakefile && rm GNUmakefile.tmp
- cat GNUmakefile
- cat sample.tf | sed -e "s/version =.*/version = \"${NEXT_PROVIDER_VERSION}\"/g" > sample.tf.tmp
- cp sample.tf.tmp sample.tf && rm sample.tf.tmp
- cat sample.tf
- echo "Add variables needed to run Terraform Provider"
- export ARTIFACTORY_URL=${jdp_url} && echo ${ARTIFACTORY_URL}
- export ARTIFACTORY_USERNAME=admin
- export ARTIFACTORY_PASSWORD=${NEW_RT_PASSWORD} && echo ${ARTIFACTORY_PASSWORD}
- echo "Get cookie to generate Access token"
- >-
export COOKIES=$(curl -c - "${ARTIFACTORY_URL}/ui/api/v1/ui/auth/login?_spring_security_remember_me=false" \
--header "accept: application/json, text/plain, */*" \
--header "content-type: application/json;charset=UTF-8" \
--header "x-requested-with: XMLHttpRequest" \
-d '{"user":"admin","password":"'"${ARTIFACTORY_PASSWORD}"'","type":"login"}' | grep FALSE)
- export REFRESHTOKEN=$(echo $COOKIES | grep REFRESHTOKEN | awk '{print $7 }')
- export ACCESSTOKEN=$(echo $COOKIES | grep ACCESSTOKEN | awk '{print $14 }') # awk returns null on Mac, and the actual key on Ubuntu
- >-
export ACCESS_KEY=$(curl -g --request GET "${ARTIFACTORY_URL}/ui/api/v1/system/security/token?services[]=all" \
--header "accept: application/json, text/plain, */*" \
--header "x-requested-with: XMLHttpRequest" \
--header "cookie: ACCESSTOKEN=${ACCESSTOKEN}; REFRESHTOKEN=${REFRESHTOKEN}")
- add_run_variables ARTIFACTORY_ACCESS_TOKEN=${ACCESS_KEY}
- echo "Unset ARTIFACTORY_PASSWORD, acceptance test will use ARTIFACTORY_ACCESS_TOKEN instead"
- unset ARTIFACTORY_PASSWORD
- export TF_ACC=1
- make acceptance
- make install
onSuccess:
- send_notification partnersSlack --text "Terraform Provider run is completed. Version ${NEXT_PROVIDER_VERSION}."
onFailure:
- echo "Failure"
- send_notification partnersSlack --text "Pipeline failed on <${step_url}|${step_name}> step"
onComplete:
- echo "Complete"
- name: create_pr_to_master_branch
type: Bash
configuration:
integrations:
- name: partnersSlack
- name: partnership_jfrog_io
- name: Partnership_GitHub
inputSteps:
- name: build_and_run_tf_provider
inputResources:
- name: GitHubTFProviderRepoJFrog
execution:
onStart:
- echo "Preparing for work..."
- echo "Create and push a new tag, associated with the lates changes on develpment branch"
onExecute:
- printenv
- export PR_URL=${res_GitHubTFProviderRepoJFrog_commitUrl}
- export PR_COMMITTER=${res_GitHubTFProviderRepoJFrog_committerLogin}
- export PR_BRANCH=${res_GitHubTFProviderRepoJFrog_headCommitRef}
- export PR_TITLE=${res_GitHubTFProviderRepoJFrog_commitMessage}
- >-
if [[ "${PR_URL}" == null ]]; then
echo "PR was not created (already exists from this head branch?). PR link is empty!"
exit 1
fi
onSuccess:
- echo "Success"
- send_notification partnersSlack --text "<${res_GitHubTFProviderRepoJFrog_gitRepoRepositoryHttpsUrl}|Terraform Provider>. A new PR was submitted by *${PR_COMMITTER}* - <${PR_URL}|${PR_TITLE}>, branch *${PR_BRANCH}*. Changes tested successfully. <@U01DWTXV01M> please, review and merge."
onFailure:
- >-
if [[ "${PR_URL}" == null ]]; then
send_notification partnersSlack --text "${step_name} step is failed. PR was not created (already exists from this head branch?)"
else
send_notification partnersSlack --text "Pipeline failed on <${step_url}|${step_name}> step"
fi
onComplete:
- echo "Cleaning up"