DevFW-CICD/spring-petclinic
16
0
Fork 1
mirror of https://github.com/spring-projects/spring-petclinic.git synced 2025-07-21 06:45:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update production file with v0.0.1 commit

Browse source
This commit is contained in:
Jenkins 2019-10-22 03:25:43 +00:00 committed by gavinfish
parent 1597babf25
commit 5ccceb699f
11 changed files with 110 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
infra/Jenkinsfile vendored
View file

@ -1,6 +1,10 @@
pipeline { pipeline {
agent any agent any
environment {
ACR_SECRET = credentials('acr-auth')
}
stages { stages {
stage('init') { stage('init') {
steps { steps {
@ -11,13 +15,15 @@ pipeline {
stage('init_and_plan') { stage('init_and_plan') {
steps { steps {
dir('infra/terraform') { dir('infra/terraform') {
sh "terraform init"
withCredentials([azureServicePrincipal(credentialsId: 'jenkins-sp', withCredentials([azureServicePrincipal(credentialsId: 'jenkins-sp',
subscriptionIdVariable: 'ARM_SUBSCRIPTION_ID', subscriptionIdVariable: 'ARM_SUBSCRIPTION_ID',
clientIdVariable: 'ARM_CLIENT_ID', clientIdVariable: 'ARM_CLIENT_ID',
clientSecretVariable: 'ARM_CLIENT_SECRET', clientSecretVariable: 'ARM_CLIENT_SECRET',
tenantIdVariable: 'ARM_TENANT_ID')]) { tenantIdVariable: 'ARM_TENANT_ID'),
sh "terraform plan -out=plan" azureStorage(credentialsId: 'jenkins-storage',
storageAccountKeyVariable: 'ARM_ACCESS_KEY')]) {
sh "terraform init"
sh "terraform plan -out=plan -var 'client_id=$ARM_CLIENT_ID' -var 'client_secret=$ARM_CLIENT_SECRET'"
} }
} }
} }
@ -30,8 +36,11 @@ pipeline {
subscriptionIdVariable: 'ARM_SUBSCRIPTION_ID', subscriptionIdVariable: 'ARM_SUBSCRIPTION_ID',
clientIdVariable: 'ARM_CLIENT_ID', clientIdVariable: 'ARM_CLIENT_ID',
clientSecretVariable: 'ARM_CLIENT_SECRET', clientSecretVariable: 'ARM_CLIENT_SECRET',
tenantIdVariable: 'ARM_TENANT_ID')]) { tenantIdVariable: 'ARM_TENANT_ID'),
sh 'terraform apply plan' azureStorage(credentialsId: 'jenkins-storage',
storageAccountKeyVariable: 'ARM_ACCESS_KEY')]) {
sh "terraform apply plan"
sh "terraform output kube_config > ~/.kube/config"
} }
} }
} }
@ -39,14 +48,15 @@ pipeline {
stage('setup_aks') { stage('setup_aks') {
steps { steps {
withCredentials([azureServicePrincipal(credentialsId: 'jenkins-sp', echo "$ACR_SECRET"
subscriptionIdVariable: 'AZURE_SUBSCRIPTION_ID', withCredentials([azureServicePrincipal(credentialsId: 'jenkins-sp',
clientIdVariable: 'AZURE_CLIENT_ID', subscriptionIdVariable: 'AZURE_SUBSCRIPTION_ID',
clientSecretVariable: 'AZURE_SECRET', clientIdVariable: 'AZURE_CLIENT_ID',
tenantIdVariable: 'AZURE_TENANT')]) { clientSecretVariable: 'AZURE_SECRET',
ansiblePlaybook installation: 'ansible', tenantIdVariable: 'AZURE_TENANT')]) {
playbook: 'infra/ansible/setenv.yaml' ansiblePlaybook installation: 'ansible',
} playbook: 'infra/ansible/setenv.yaml'
}
} }
} }
} }

14
infra/ansible/production/main.yaml Normal file
View file

@ -0,0 +1,14 @@
- name: deploy staging environment
hosts: localhost
connection: local
vars:
resource_group: azure-k8stest
tasks:
- name: apply deployment
k8s:
state: present
src: ../../kube/workloads/production/deployment.yaml
- name: apply service
k8s:
state: present
src: ../../kube/workloads/production/service.yaml

8
infra/ansible/setenv.yaml
View file

@ -12,3 +12,11 @@
k8s: k8s:
state: present state: present
src: ../kube/namespaces/production.yaml src: ../kube/namespaces/production.yaml
- name: Create staging ACR secret
k8s:
state: present
src: ../kube/secrets/production-registry.yaml
- name: Create production ACR secret
k8s:
state: present
src: ../kube/secrets/staging-registry.yaml

34
infra/kube/Jenkinsfile vendored
View file

@ -2,10 +2,21 @@ pipeline {
agent any agent any
stages { stages {
stage('init') {
steps {
git url: "git@github.com:azure-devops/spring-petclinic.git",
credentialsId: "github_ssh_key",
branch: "ignite"
stage('deploy') { script {
environment { env.SHA = sh(script: 'git rev-parse --short HEAD', returnStdout: true).trim()
sha = sh(script: 'git rev-parse --short HEAD', returnStdout: true).trim() }
}
}
stage('deploy to staging') {
when {
changeset "infra/kube/workloads/staging/*"
} }
steps { steps {
@ -19,5 +30,22 @@ pipeline {
} }
} }
} }
stage('deploy to production') {
when {
changeset "infra/kube/workloads/production/*"
}
steps {
withCredentials([azureServicePrincipal(credentialsId: 'jenkins-sp',
subscriptionIdVariable: 'AZURE_SUBSCRIPTION_ID',
clientIdVariable: 'AZURE_CLIENT_ID',
clientSecretVariable: 'AZURE_SECRET',
tenantIdVariable: 'AZURE_TENANT')]) {
ansiblePlaybook installation: 'ansible',
playbook: 'infra/ansible/production/main.yaml'
}
}
}
} }
} }

8
infra/kube/secrets/production-registry.yaml Normal file
View file

@ -0,0 +1,8 @@
apiVersion: v1
kind: Secret
metadata:
name: acr-secret
namespace: production
data:
.dockerconfigjson: "{{ lookup('env', 'ACR_SECRET') }}"
type: kubernetes.io/dockerconfigjson

8
infra/kube/secrets/staging-registry.yaml Normal file
View file

@ -0,0 +1,8 @@
apiVersion: v1
kind: Secret
metadata:
name: acr-secret
namespace: staging
data:
.dockerconfigjson: "{{ lookup('env', 'ACR_SECRET') }}"
type: kubernetes.io/dockerconfigjson

4
infra/kube/workloads/production/deployment.yaml
View file

@ -12,12 +12,12 @@ spec:
metadata: metadata:
labels: labels:
app: pet-clinic app: pet-clinic
version: v0.0.0 version: v0.0.1
spec: spec:
containers: containers:
- name: pet-clinic - name: pet-clinic
image: "jenkinsdemosacr.azurecr.io/pet-clinic:v0.0.0" image: "jenkinsdemosacr.azurecr.io/pet-clinic:v0.0.1"
ports: ports:
- containerPort: 8080 - containerPort: 8080
imagePullSecrets: imagePullSecrets:

4
infra/kube/workloads/production/service.yaml
View file

@ -4,11 +4,11 @@ metadata:
name: pet-clinic name: pet-clinic
namespace: production namespace: production
labels: labels:
version: v0.0.0 version: v0.0.1
spec: spec:
selector: selector:
app: auth-service app: auth-service
version: v0.0.0 version: v0.0.1
ports: ports:
- port: 80 - port: 80
targetPort: 8080 targetPort: 8080

5
infra/terraform/main.tf
View file

@ -3,4 +3,9 @@ provider "azurerm" {
} }
terraform { terraform {
backend "azurerm" {
storage_account_name = "jenkinsdemo1"
container_name = "tfstate"
key = "terraform.tfstate"
}
} }

14
infra/terraform/output.tf
View file

@ -1,27 +1,27 @@
output "client_key" { output "client_key" {
value = "${azurerm_kubernetes_cluster.k8s.kube_config.0.client_key}" value = azurerm_kubernetes_cluster.k8s.kube_config[0].client_key
} }
output "client_certificate" { output "client_certificate" {
value = "${azurerm_kubernetes_cluster.k8s.kube_config.0.client_certificate}" value = azurerm_kubernetes_cluster.k8s.kube_config[0].client_certificate
} }
output "cluster_ca_certificate" { output "cluster_ca_certificate" {
value = "${azurerm_kubernetes_cluster.k8s.kube_config.0.cluster_ca_certificate}" value = azurerm_kubernetes_cluster.k8s.kube_config[0].cluster_ca_certificate
} }
output "cluster_username" { output "cluster_username" {
value = "${azurerm_kubernetes_cluster.k8s.kube_config.0.username}" value = azurerm_kubernetes_cluster.k8s.kube_config[0].username
} }
output "cluster_password" { output "cluster_password" {
value = "${azurerm_kubernetes_cluster.k8s.kube_config.0.password}" value = azurerm_kubernetes_cluster.k8s.kube_config[0].password
} }
output "kube_config" { output "kube_config" {
value = "${azurerm_kubernetes_cluster.k8s.kube_config_raw}" value = azurerm_kubernetes_cluster.k8s.kube_config_raw
} }
output "host" { output "host" {
value = "${azurerm_kubernetes_cluster.k8s.kube_config.0.host}" value = azurerm_kubernetes_cluster.k8s.kube_config[0].host
} }

4
infra/terraform/variables.tf
View file

@ -1,8 +1,8 @@
variable "client_id" { variable "client_id" {
default = "764b3430-7053-4520-bbba-d74b8df5270c" default = ""
} }
variable "client_secret" { variable "client_secret" {
default = "Z.4tiyJc/l]ahAi:XKI2Ox3xg5UXWXdC" default = ""
} }
variable "agent_count" { variable "agent_count" {