-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathcloudbuild.yaml
92 lines (83 loc) · 2.87 KB
/
cloudbuild.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
steps:
- id: build-daemon-dagit
waitFor: ["-"]
name: gcr.io/kaniko-project/executor:latest
args:
- "--dockerfile=daemon_dagit.Dockerfile"
- "--context=dir:///workspace"
- "--destination=gcr.io/${PROJECT_ID}/daemon-dagit:${SHORT_SHA}"
- "--cache=true"
- id: build-dagster-pipelines
waitFor: ["-"]
name: gcr.io/kaniko-project/executor:latest
args:
- "--dockerfile=dagster_pipelines.Dockerfile"
- "--context=dir:///workspace"
- "--destination=gcr.io/${PROJECT_ID}/dagster-pipelines:${SHORT_SHA}"
- "--cache=true"
- id: build-dagster-compose
waitFor: ["-"]
name: gcr.io/kaniko-project/executor:latest
args:
- "--dockerfile=compose.Dockerfile"
- "--context=dir:///workspace/deploy"
- "--destination=gcr.io/${PROJECT_ID}/dagster-compose:${SHORT_SHA}"
- "--cache=true"
- id: cleanup-ssh-keys
waitFor: ["-"]
name: gcr.io/cloud-builders/gcloud
entrypoint: "bash"
args:
- "-c"
- |
for i in $(gcloud compute os-login ssh-keys list)
do
echo $i;
gcloud compute os-login ssh-keys remove --key $i || continue
done
- id: docker-permissions
waitFor: ["cleanup-ssh-keys"]
name: gcr.io/cloud-builders/gcloud
args:
- compute
- ssh
- "--zone=${_GCE_ZONE}"
- "--ssh-key-expire-after=1m"
- "${_DAGSTER_INSTANCE}"
- "--"
- |
sudo groupadd docker
sudo usermod -aG docker $${USER}
sudo docker system prune -a -f
- id: deploy-dagster
waitFor:
[
"build-daemon-dagit",
"build-dagster-compose",
"build-dagster-pipelines",
"docker-permissions",
]
name: gcr.io/cloud-builders/gcloud
entrypoint: "bash"
args:
- -c
- |
gcloud compute ssh --zone=${_GCE_ZONE} --ssh-key-expire-after=1m ${_DAGSTER_INSTANCE} -- \
"docker-credential-gcr configure-docker gcr.io && \
docker pull gcr.io/${PROJECT_ID}/daemon-dagit:${SHORT_SHA} && \
docker pull gcr.io/${PROJECT_ID}/dagster-pipelines:${SHORT_SHA} && \
docker pull gcr.io/${PROJECT_ID}/dagster-compose:${SHORT_SHA} && \
docker run --rm \
-v "/var/run/docker.sock:/var/run/docker.sock" \
--env "DAGSTER_POSTGRES_DB=${_DAGSTER_POSTGRES_DB}" \
--env "DAGSTER_POSTGRES_USER=${_DAGSTER_POSTGRES_USER}" \
--env "DAGSTER_POSTGRES_HOSTNAME=${_DAGSTER_POSTGRES_HOSTNAME}" \
--env "DAGSTER_POSTGRES_PASSWORD=$$DAGSTER_POSTGRES_PASSWORD" \
--env "GCP_PROJECT_ID=${PROJECT_ID}" \
--env "SHA=${SHORT_SHA}" \
gcr.io/$PROJECT_ID/dagster-compose:${SHORT_SHA}"
secretEnv: ["DAGSTER_POSTGRES_PASSWORD"]
availableSecrets:
secretManager:
- versionName: projects/${PROJECT_ID}/secrets/DAGSTER_POSTGRES_PASSWORD/versions/1
env: "DAGSTER_POSTGRES_PASSWORD"