zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-05 06:27:51 +02:00
Code Issues Projects Releases Packages Wiki Activity
google-nomulus/release/cloudbuild-nomulus.yaml
Lai Jiang 5da48184f9
Merge beam and GAE configs deployment to one GCB job (#182) 
* Merge beam and GAE configs deployment to one GCB job

Deployment of GAE configs requires that the credential used by gcloud to
have GAE admin role of the project to be managed. We do not want to
grant the GCB service account that role, because it would all *any* GCB
job to deploy anything to GAE. Instead we use a dedicated credential
originally created to deploy beam pipelines. This credential is
encrypted by KMS and stored on GCS. Since the beam pipeline deployment
GCB job already does the decryption, it make sense to add the config
deployment step there as well. The beam deployment steps are tweaked to
use the nomulus tool docker image instead of the jar file.

Also moved the content of deploy_configs_to_env.sh to the GCB yaml file
itself because the shell script is not uploaded to GC Bat the same time
as the yaml file when the job is triggered by Spinnaker.

Lastly, due to b/137891685, using GCB to deploy cron jobs does not work
as we cannot use service account credential to deploy to projects under
google.com.
2019-07-19 16:54:56 -04:00

76 lines
3.2 KiB
YAML
Raw Blame History

# To run the build locally, install cloud-build-local first.
# See: https://cloud.google.com/cloud-build/docs/build-debug-locally
# You will need access to a private registry, so be sure to install the docker
# credential helper.
# Then, in the root of a nomulus source tree, run:
# cloud-build-local --config=cloudbuild-nomulus.yaml --dryrun=false \
# --substitutions TAG_NAME=[TAG] ..
# This will build the contents of the current directory and generate the
# nomulus war-files locally.
# The PROJECT_ID is the current project name that gcloud uses.
# You can add "--push true" to have the image pushed to GCR.
#
# To manually trigger a build on GCB, run:
# gcloud builds submit --config cloudbuild-nomulus.yaml --substitutions TAG_NAME=[TAG] ..
#
# To trigger a build automatically, follow the instructions below and add a trigger:
# https://cloud.google.com/cloud-build/docs/running-builds/automate-builds
steps:
# Create a directory to store the artifacts
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
args: ['mkdir', 'nomulus']
# Run tests
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
args: ['./gradlew', 'test', '-PskipDockerIncompatibleTests=true']
# Build the tool binary and image.
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
args: ['release/build_nomulus_for_env.sh', 'tool', 'output']
# Tag the tool image and push it to the registry.
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
entrypoint: /bin/bash
args:
- -c
- |
set -e
docker tag nomulus-tool gcr.io/${PROJECT_ID}/nomulus-tool:${TAG_NAME}
docker tag nomulus-tool gcr.io/${PROJECT_ID}/nomulus-tool:latest
docker push gcr.io/${PROJECT_ID}/nomulus-tool:${TAG_NAME}
docker push gcr.io/${PROJECT_ID}/nomulus-tool:latest
# Get the tool image digest and substitute in the digest in other GCB files.
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
entrypoint: /bin/bash
args:
- -c
- |
set -e
digest=$(gcloud container images list-tags gcr.io/${PROJECT_ID}/nomulus-tool \
--format="get(digest)" --filter="tags = ${TAG_NAME}")
sed -i s/'$${_IMAGE}'/nomulus-tool/g release/cloudbuild-tag.yaml
sed -i s/':$${TAG_NAME}'/@$digest/g release/cloudbuild-tag.yaml
sed -i s/'nomulus-tool:latest'/nomulus-tool@$digest/g release/cloudbuild-deploy-*.yaml
# Build and package the deployment files for alpha.
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
args: ['release/build_nomulus_for_env.sh', 'alpha', 'output']
# Build and package the deployment files for crash.
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
args: ['release/build_nomulus_for_env.sh', 'crash', 'output']
# Build and package the deployment files for sandbox.
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
args: ['release/build_nomulus_for_env.sh', 'sandbox', 'output']
# Build and package the deployment files for production.
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
args: ['release/build_nomulus_for_env.sh', 'production', 'output']
# The tarballs to upload to GCS.
artifacts:
objects:
location: 'gs://${PROJECT_ID}-deploy/${TAG_NAME}'
paths:
- 'output/*.tar'
- 'output/nomulus.jar'
- 'release/cloudbuild-tag.yaml'
- 'release/cloudbuild-sync.yaml'
- 'release/cloudbuild-deploy-*.yaml'
timeout: 3600s
options:
machineType: 'N1_HIGHCPU_8'
Reference in a new issue View git blame Copy permalink