From dc0be553669986adabe2a58df857f4ab09a87499 Mon Sep 17 00:00:00 2001 From: frantuma Date: Tue, 7 Nov 2023 09:33:45 +0100 Subject: [PATCH] add docker build/push/deploy to release CI --- .github/workflows/release.yml | 124 ++++++++++++++++++++++++++++++++++ CI/CI.md | 3 +- CI/docker-release.sh | 16 +++++ 3 files changed, 142 insertions(+), 1 deletion(-) create mode 100755 CI/docker-release.sh diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 61164f4..3d5c506 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -65,6 +65,15 @@ jobs: nexus_username: ${{ secrets.OSSRH_USERNAME }} nexus_password: ${{ secrets.OSSRH_TOKEN }} maven_profiles: "release" + - name: docker login + run: | + docker login --username=${{ secrets.DOCKERHUB_SB_USERNAME }} --password=${{ secrets.DOCKERHUB_SB_PASSWORD }} + set -e + - name: Docker build and push + id: docker_build_push + if: env.RELEASE_OK == 'yes' + run: | + . ./CI/docker-release.sh - name: Run post release script id: postRelease if: env.RELEASE_OK == 'yes' @@ -78,6 +87,121 @@ jobs: commit-message: bump snapshot ${{ env.SC_NEXT_VERSION }}-SNAPSHOT title: 'bump snapshot ${{ env.SC_NEXT_VERSION }}-SNAPSHOT' branch: bump-snap-${{ env.SC_NEXT_VERSION }}-SNAPSHOT + - name: deploy docker + run: | + SC_RELEASE_TAG="v${{ env.SC_VERSION }}" + echo "$SC_RELEASE_TAG" + + TOKEN="${{ secrets.RANCHER2_BEARER_TOKEN }}" + RANCHER_HOST="rancher.tools.swagger.io" + CLUSTER_ID="c-n8zp2" + NAMESPACE_NAME="swagger-oss" + K8S_OBJECT_TYPE="daemonsets" + K8S_OBJECT_NAME="swagger-validator-v2" + DEPLOY_IMAGE="swaggerapi/swagger-validator-v2:$SC_RELEASE_TAG" + + workloadStatus="" + getStatus() { + echo "Getting update status..." + if ! workloadStatus="$(curl -s -X GET \ + -H "Authorization: Bearer ${TOKEN}" \ + -H 'Content-Type: application/json' \ + "https://${RANCHER_HOST}/k8s/clusters/${CLUSTER_ID}/apis/apps/v1/namespaces/${NAMESPACE_NAME}/${K8S_OBJECT_TYPE}/${K8S_OBJECT_NAME}/status")" + then + echo 'ERROR - get status k8s API call failed!' + echo "Exiting build"... + exit 1 + fi + } + + # $1 = image to deploy + updateObject() { + local image="${1}" + echo "Updating image value..." + + if ! curl -s -X PATCH \ + -H "Authorization: Bearer ${TOKEN}" \ + -H 'Content-Type: application/json-patch+json' \ + "https://${RANCHER_HOST}/k8s/clusters/${CLUSTER_ID}/apis/apps/v1/namespaces/${NAMESPACE_NAME}/${K8S_OBJECT_TYPE}/${K8S_OBJECT_NAME}" \ + -d "[{\"op\": \"replace\", \"path\": \"/spec/template/spec/containers/0/image\", \"value\": \"${image}\"}]" + then + echo 'ERROR - image update k8s API call failed!' + echo "Exiting build..." + exit 1 + fi + } + + + # Check that the TAG is valid + if [[ $SC_RELEASE_TAG =~ ^[vV]?[0-9]*\.[0-9]*\.[0-9]*$ ]]; then + echo "" + echo "This is a Valid TAG..." + + # Get current image/tag in case we need to rollback + getStatus + ROLLBACK_IMAGE="$(echo "${workloadStatus}" | jq -r '.spec.template.spec.containers[0].image')" + echo "" + echo "Current image: ${ROLLBACK_IMAGE}" + + # Update image and validate response + echo "" + updateObject "${DEPLOY_IMAGE}" + echo "" + + echo "" + echo "Waiting for pods to start..." + echo "" + sleep 60s + + # Get state of the k8s object. If numberReady == desiredNumberScheduled, consider the upgrade successful. Else raise error + getStatus + status="$(echo "${workloadStatus}" | jq '.status')" + echo "" + echo "${status}" + echo "" + + numberDesired="$(echo "${status}" | jq -r '.desiredNumberScheduled')" + numberReady="$(echo "${status}" | jq -r '.numberReady')" + + if (( numberReady == numberDesired )); then + echo "${K8S_OBJECT_NAME} has been upgraded to ${DEPLOY_IMAGE}" + + # If pods are not starting, rollback the upgrade and exit the build with error + else + echo "state = error...rolling back upgrade" + updateObject "${ROLLBACK_IMAGE}" + echo "" + + echo "" + echo "Waiting for rollback pods to start..." + echo "" + sleep 60s + + getStatus + status="$(echo "${workloadStatus}" | jq '.status')" + echo "" + echo "${status}" + echo "" + + numberDesired="$(echo "${status}" | jq -r '.desiredNumberScheduled')" + numberReady="$(echo "${status}" | jq -r '.numberReady')" + + if (( numberReady == numberDesired )); then + echo "Rollback to ${ROLLBACK_IMAGE} completed." + else + echo "FATAL - rollback failed" + fi + echo "Exiting Build..." + exit 1 + fi + + else + echo "This TAG is not in a valid format..." + echo "Exiting Build..." + exit 0 + fi + echo "Exiting Build..." + exit 0 env: ACTIONS_ALLOW_UNSECURE_COMMANDS: true MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} diff --git a/CI/CI.md b/CI/CI.md index d2294b6..9bcf65b 100644 --- a/CI/CI.md +++ b/CI/CI.md @@ -51,9 +51,10 @@ and clicking `Run Workflow` `Release` takes care of: * build and test maven -* build and test gradle plugin * deploy/publish to maven central * publish the previously prepared GitHub release / tag +* build and push docker image +* deploy/publish docker image to docker hub * push PR for next snapshot diff --git a/CI/docker-release.sh b/CI/docker-release.sh new file mode 100755 index 0000000..05049f0 --- /dev/null +++ b/CI/docker-release.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +CUR=$(pwd) + +SC_RELEASE_TAG="v$SC_VERSION" + +echo "docker tag:" +echo "$SC_RELEASE_TAG" + +export DOCKER_VALIDATOR_IMAGE_NAME=swaggerapi/swagger-validator-v2 +docker build --rm=false -t $DOCKER_VALIDATOR_IMAGE_NAME:$SC_RELEASE_TAG . +docker tag $DOCKER_VALIDATOR_IMAGE_NAME:$SC_RELEASE_TAG $DOCKER_VALIDATOR_IMAGE_NAME:latest +docker push $DOCKER_VALIDATOR_IMAGE_NAME:$SC_RELEASE_TAG +docker push $DOCKER_VALIDATOR_IMAGE_NAME:latest +echo "docker images:" +docker images | grep -i validator