Skip to content

Commit

Permalink
NXP-29877: enable ColdStorage CI/CD preview
Browse files Browse the repository at this point in the history
  • Loading branch information
RSalem07 authored and doulba committed Dec 7, 2020
1 parent e23cddb commit e754c30
Show file tree
Hide file tree
Showing 17 changed files with 522 additions and 11 deletions.
20 changes: 20 additions & 0 deletions ci/docker/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
ARG BASE_IMAGE=docker-private.packages.nuxeo.com/nuxeo/nuxeo:11.4.34

FROM ${BASE_IMAGE}

ARG BUILD_TAG
ARG SCM_REF
ARG VERSION

LABEL org.nuxeo.build-tag=$BUILD_TAG
LABEL org.nuxeo.scm-ref=$SCM_REF
LABEL org.nuxeo.version=$VERSION

COPY --chown=900:0 nuxeo-coldstorage-package-*.zip /packages/
COPY --chown=900:0 templates/s3-coldstorage /opt/nuxeo/server/templates/s3-coldstorage

USER root
RUN /install-packages.sh --offline /packages/*.zip
RUN chown -R 900:0 $NUXEO_HOME \
&& chmod -R g+rwX $NUXEO_HOME
USER 900
36 changes: 36 additions & 0 deletions ci/docker/skaffold.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
# (C) Copyright 2020 Nuxeo (http://nuxeo.com/) and others.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: skaffold/v1beta14
kind: Config
build:
tagPolicy:
envTemplate:
template: "{{.DOCKER_REGISTRY}}/{{.ORG}}/{{.IMAGE_NAME}}:{{.VERSION}}"
artifacts:
- image: nuxeo-coldstorage
context: ci/docker
kaniko:
dockerfile: Dockerfile
buildContext:
localDir: {}
buildArgs:
BASE_IMAGE: "{{.NUXEO_BASE_IMAGE}}"
BUILD_TAG: "{{.BUILD_TAG}}"
SCM_REF: "{{.GIT_COMMIT}}"
VERSION: "{{.VERSION}}"
cluster:
concurrency: 1
namespace: napps
dockerConfig:
secretName: jenkins-docker-cfg
5 changes: 5 additions & 0 deletions ci/docker/templates/s3-coldstorage/nuxeo.defaults
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
## DO NOT EDIT THIS FILE, USE nuxeo.conf ##
#GLACIER
s3-coldstorage.target=.
nuxeo.glacier.bucket=
nuxeo.glacier.bucket_prefix=
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
<?xml version="1.0"?>
<component name="org.nuxeo.ecm.core.coldstorage.ci.test">
<extension target="org.nuxeo.ecm.core.blob.BlobManager" point="configuration">
<blobprovider name="glacier">
<class>org.nuxeo.ecm.blob.s3.S3BlobProvider</class>
<property name="awsid">${nuxeo.aws.accessKeyId}</property>
<property name="awssecret">${nuxeo.aws.secretKey}</property>
<property name="region">${nuxeo.aws.region}</property>
<property name="bucket">${nuxeo.glacier.bucket}</property>
<property name="bucket_prefix">${nuxeo.glacier.bucket_prefix}/</property>
<property name="directdownload">true</property>
<property name="directdownload.expire">3600</property>
<property name="cachesize">100MB</property>
<property name="connection.max">50</property>
<property name="connection.retry">3</property>
<property name="connection.timeout">50000</property>
<property name="socket.timeout">50000</property>
</blobprovider>
</extension>
<extension target="org.nuxeo.ecm.core.blob.DocumentBlobManager" point="configuration">
<blobdispatcher>
<class>org.nuxeo.ecm.core.blob.DefaultBlobDispatcher</class>
<property name="blob:xpath=coldstorage:coldContent">glacier</property>
<property name="default">default</property>
</blobdispatcher>
</extension>
</component>
5 changes: 5 additions & 0 deletions ci/helm/preview/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
apiVersion: v1
description: A Helm chart for Kubernetes
icon: https://raw.githubusercontent.com/jenkins-x/jenkins-x-platform/master/images/java.png
name: preview
version: 0.1.0-SNAPSHOT
13 changes: 13 additions & 0 deletions ci/helm/preview/requirements.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
dependencies:
- alias: expose
name: exposecontroller
repository: http://chartmuseum.jenkins-x.io
version: 2.3.111
- alias: cleanup
name: exposecontroller
repository: http://chartmuseum.jenkins-x.io
version: 2.3.111
- alias: nuxeo
name: nuxeo
version: ~1.0.11
repository: https://chartmuseum.platform.dev.nuxeo.com
7 changes: 7 additions & 0 deletions ci/helm/preview/templates/empty-secret-for-aws-config.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: aws-config-napps
annotations:
replicator.v1.mittwald.de/replicate-from: napps/aws-config-napps
data: {}
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@

apiVersion: v1
kind: Secret
metadata:
name: aws-iam-user-credentials
annotations:
replicator.v1.mittwald.de/replicate-from: napps/aws-iam-user-credentials
data: {}
7 changes: 7 additions & 0 deletions ci/helm/preview/templates/empty-secret-for-instance-clid.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: instance-clid
annotations:
replicator.v1.mittwald.de/replicate-from: napps/instance-clid
data: {}
7 changes: 7 additions & 0 deletions ci/helm/preview/templates/empty-secret-for-tls.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: napps-tls
annotations:
replicator.v1.mittwald.de/replicate-from: napps/napps-tls
data: {}
143 changes: 143 additions & 0 deletions ci/helm/preview/values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,143 @@
expose:
Annotations:
helm.sh/hook: post-install,post-upgrade
helm.sh/hook-delete-policy: hook-succeeded
config:
# add tls configuration
domain: napps.dev.nuxeo.com
exposer: Ingress
http: true
tlsacme: true
tlsSecretName: napps-tls
urltemplate: '"{{.Service}}-{{.Namespace}}.{{.Domain}}"'

cleanup:
Args:
- --cleanup
Annotations:
helm.sh/hook: pre-delete
helm.sh/hook-delete-policy: hook-succeeded

nuxeo:
fullnameOverride: preview
nuxeo:
podLabels:
branch: "$BRANCH_NAME"
team: napps
resource: pod
usage: preview
service:
annotations:
fabric8.io/expose: "true"
fabric8.io/ingress.annotations: |-
nginx.ingress.kubernetes.io/proxy-body-size: 0
nginx.ingress.kubernetes.io/server-snippet: ignore_invalid_headers off;
labels:
branch: "$BRANCH_NAME"
team: napps
resource: service
usage: preview
image:
repository: ${DOCKER_REGISTRY}/${ORG}/nuxeo-coldstorage
tag: ${VERSION}
pullPolicy: Always
persistence:
enabled: disable
packages: nuxeo-web-ui-3.1.0-rc.9 amazon-s3-online-storage-$NUXEO_VERSION
livenessProbe:
initialDelaySeconds: 420
periodSeconds: 20
successThreshold: 1
failureThreshold: 5
timeoutSeconds: 10
readinessProbe:
periodSeconds: 20
initialDelaySeconds: 420
successThreshold: 1
timeoutSeconds: 10
failureThreshold: 5
customParams: |-
org.nuxeo.connect.url=https://nos-preprod-connect.nuxeocloud.com/nuxeo/site/
nuxeo.templates=default,s3-coldstorage
# AWS
nuxeo.aws.accessKeyId=${env:AWS_ACCESS_KEY}
nuxeo.aws.secretKey=${env:AWS_ACCESS_SECRET}
nuxeo.aws.region=${env:AWS_REGION}
nuxeo.s3storage.bucket_prefix=${env:AWS_S3_BUCKET_PREFIX}
nuxeo.s3storage.bucket=${env:AWS_S3_BUCKET}
nuxeo.glacier.bucket=${env:AWS_S3_GLACIER_BUCKET}
nuxeo.glacier.bucket_prefix=${env:AWS_S3_BUCKET_PREFIX}
customEnvs:
- name: NUXEO_CLID
valueFrom:
secretKeyRef:
name: instance-clid
key: CLID
- name: AWS_ACCESS_KEY
valueFrom:
secretKeyRef:
name: aws-iam-user-credentials
key: access_key_id
- name: AWS_ACCESS_SECRET
valueFrom:
secretKeyRef:
name: aws-iam-user-credentials
key: secret_access_key
- name: AWS_REGION
valueFrom:
secretKeyRef:
name: aws-config-napps
key: region
- name: AWS_S3_BUCKET
valueFrom:
secretKeyRef:
name: aws-config-napps
key: coldstorage.bucket
- name: AWS_S3_GLACIER_BUCKET
valueFrom:
secretKeyRef:
name: aws-config-napps
key: coldstorage.bucket.glacier
- name: AWS_S3_BUCKET_PREFIX
value: $BUCKET_PREFIX
tolerations:
- key: team
operator: Equal
value: napps
effect: NoSchedule
nodeSelector:
team: napps
mongodb:
deploy: false
postgresql:
deploy: true
useStatefulSet: true
image:
tag: "11.7.0"
initdbScripts:
db-init.sql: |
CREATE ROLE nuxeo WITH PASSWORD 'nuxeo' LOGIN;
CREATE DATABASE nuxeo ENCODING 'UTF8' OWNER nuxeo;
persistence:
enabled: false
labels:
branch: "$BRANCH_NAME"
resource: deployment
team: napps
usage: preview
resources:
requests:
cpu: 500m
memory: 1Gi
limits:
cpu: 1
memory: 2Gi
tolerations:
- key: team
operator: Equal
value: napps
effect: NoSchedule
nodeSelector:
team: napps
elasticsearch:
deploy: false
58 changes: 57 additions & 1 deletion ci/jenkinsfiles/build.groovy
Original file line number Diff line number Diff line change
Expand Up @@ -56,15 +56,23 @@ pipeline {
environment {
APP_NAME = "${appName}"
BACKEND_FOLDER = "${WORKSPACE}/nuxeo-coldstorage"
BRANCH_LC = "${BRANCH_NAME.toLowerCase()}"
BUCKET_PREFIX = "coldstorage-${BRANCH_LC}-${BUILD_NUMBER}"
CHANGE_BRANCH = "${env.CHANGE_BRANCH != null ? env.CHANGE_BRANCH : BRANCH_NAME}"
CHANGE_TARGET = "${env.CHANGE_TARGET != null ? env.CHANGE_TARGET : BRANCH_NAME}"
CHART_DIR = 'ci/helm/preview'
CONNECT_PREPROD_URL = 'https://nos-preprod-connect.nuxeocloud.com/nuxeo'
ENABLE_GITHUB_STATUS = 'true'
FRONTEND_FOLDER = "${WORKSPACE}/nuxeo-coldstorage-web"
JENKINS_HOME = '/root'
MAVEN_DEBUG = '-e'
MAVEN_OPTS = "${MAVEN_OPTS} -Xms512m -Xmx3072m"
NUXEO_VERSION = '11.4.34'
NUXEO_BASE_IMAGE = "docker-private.packages.nuxeo.com/nuxeo/nuxeo:${NUXEO_VERSION}"
ORG = 'nuxeo'
PREVIEW_NAMESPACE = "coldstorage-${BRANCH_LC}"
REFERENCE_BRANCH = 'master'
IS_REFERENCE_BRANCH = "${BRANCH_NAME == REFERENCE_BRANCH}"
}
stages {
stage('Load Common Library') {
Expand Down Expand Up @@ -156,6 +164,54 @@ pipeline {
}
}
}
stage('Build Docker Image') {
steps {
setGitHubBuildStatus('coldstorage/docker/build', 'Build Docker Image', 'PENDING', "${repositoryUrl}")
container('maven') {
script {
pipelineLib.buildDockerImage()
}
}
}
post {
success {
setGitHubBuildStatus('coldstorage/docker/build', 'Build Docker Image', 'SUCCESS', "${repositoryUrl}")
}
unsuccessful {
setGitHubBuildStatus('coldstorage/docker/build', 'Build Docker Image', 'FAILURE', "${repositoryUrl}")
}
}
}
stage('Buid Helm Chart') {
steps {
setGitHubBuildStatus('coldstorage/helm/chart', 'Build Helm Chart', 'PENDING', "${repositoryUrl}")
container('maven') {
script {
pipelineLib.buildHelmChart("${CHART_DIR}")
}
}
}
post {
success {
setGitHubBuildStatus('coldstorage/helm/chart', 'Build Helm Chart', 'SUCCESS', "${repositoryUrl}")
}
unsuccessful {
setGitHubBuildStatus('coldstorage/helm/chart', 'Build Helm Chart', 'FAILURE', "${repositoryUrl}")
}
}
}
stage('Deploy ColdStorage Preview') {
steps {
container('maven') {
script {
env.CLEANUP_PREVIEW = pipelineLib.needsPreviewCleanup()
pipelineLib.deployPreview(
"${PREVIEW_NAMESPACE}", "${CHART_DIR}", "${CLEANUP_PREVIEW}", "${repositoryUrl}", "${IS_REFERENCE_BRANCH}"
)
}
}
}
}
stage('Publish') {
when {
allOf {
Expand Down Expand Up @@ -231,7 +287,7 @@ pipeline {
pipelineLib.setSlackBuildStatus("${SLACK_CHANNEL}", "${message}", 'good')
}
}
failure {
unsuccessful {
script {
// update Slack Channel
String message = "${JOB_NAME} - #${BUILD_NUMBER} ${currentBuild.currentResult} (<${BUILD_URL}|Open>)"
Expand Down
Loading

0 comments on commit e754c30

Please sign in to comment.