version: 2.1 orbs: kubernetes: circleci/kubernetes@1.0.0 helm: circleci/helm@2.0.1 parameters: project-name: type: string description: Name of the global project, it will be used for the container registry, example -> tezoslink (has frontend and backend modules) default: tezoslink project-module: type: string description: Name of the app or module of the project, it will be used for the container registry, for example tezoslink has a front and back app, example -> front default: p1-api dockerfile-location: type: string description: Location of the Dockerfile from the root of the repo default: . project-helm-values: type: string description: Index of values in the helm chart file, example -> testApp default: tezosLink ######################################################## ################## DO NOT EDIT ######################### ######################################################## src: type: boolean description: This is the directory of the app, used to trigger app build & deploy default: false devops: type: boolean description: This is the directory of the devops, used to trigger devops only deploy default: false ######################################################## ################################################################### ################ COMMANDS ####################### ################################################################### commands: install-yq: parameters: version: type: string default: v4.27.3 steps: - run: name: Install YQ command: > curl -L -o ${HOME}/yq https://github.com/mikefarah/yq/releases/download/<< parameters.version >>/yq_linux_amd64 chmod +x ${HOME}/yq ${HOME}/yq --version jobs: default: docker: - image: cimg/base:stable steps: - run: name: Nothing to do command: echo There is nothing to do verify-tag: docker: - image: cimg/base:stable steps: - checkout - install-yq - run: name: Get name of project from repo url command: echo "export NAMESPACE=$(echo '<>' | sed 's:.*/::')">> $BASH_ENV - run: name: Slugify name from repo url command: echo "export NAMESPACE=$(echo $NAMESPACE | awk '{gsub(/[^0-9a-zA-Z .-]/,""); gsub(/^[ \t\r\n]+/, ""); gsub(/[ \t\r\n]+$/, ""); gsub(/[ ]+/,"-"); print tolower($0);}')">> $BASH_ENV - run: name: Extract TAG from Chart.yaml command: echo "export TAG=$(${HOME}/yq '.appVersion' devops/Chart.yaml )" >> $BASH_ENV - run: name: Verify if TAG is in Chart.yaml command: | if [ -z "1" ] then echo "Tag is either null or missformed (check documentation)" exit 1 fi - run: name: Tag is 1 command: echo 1 - setup_remote_docker: version: 20.10.12 docker_layer_caching: true - run: name: Login to SCW registry command: docker login rg.fr-par.scw.cloud/$NAMESPACE -u nologin -p $SCW_SECRET_KEY - run: name: Check if TAG already exists in registry command: docker manifest inspect rg.fr-par.scw.cloud/<>/<>:1 && exit 1 || echo 'TAG is available' - run: when: on_fail command: echo 'Please review your tag' run-gitleaks: docker: - image: zricethezav/gitleaks:v8.15.0 steps: - checkout - run: name: Create scan directory command: mkdir /tmp/gitleaks - run: name: Starting scan command: gitleaks detect --source . --log-opts "-p -n 1" -r /tmp/gitleaks/scan.json -v - store_artifacts: path: /tmp/gitleaks/scan.json build-docker-image: machine: image: ubuntu-2004:202010-01 steps: - checkout - install-yq - run: name: Create persistent workspace command: mkdir -p workspace - run: name: Extract TAG from Chart.yaml command: echo "export TAG=$(${HOME}/yq '.appVersion' devops/Chart.yaml )" >> $BASH_ENV - run: name: Display Tag command: echo You are building version 1 - run: name: Build image command: > docker build --tag rg.fr-par.scw.cloud/<>/<>:1 <> | while read line; do echo "$(date +%T) > $line"; done; - run: name: Save image command: > docker save -o workspace/tezoslink-back.tar rg.fr-par.scw.cloud/<>/<>:1 - persist_to_workspace: root: workspace paths: - tezoslink-back.tar push-docker-image: docker: - image: cimg/base:stable steps: - checkout - install-yq - attach_workspace: # at: /tmp/workspace at: /workspace - run: name: Extract TAG from Chart.yaml command: echo "export TAG=$(${HOME}/yq '.appVersion' devops/Chart.yaml )" >> $BASH_ENV - run: name: Display Tag command: echo You are pushing version 1 - setup_remote_docker: version: 20.10.12 docker_layer_caching: true - run: name: Login to SCW registry command: docker login rg.fr-par.scw.cloud -u nologin -p $SCW_SECRET_KEY - run: name: Load docker image from workspace # command: docker load -i /tmp/workspace/tezoslink-back.tar command: docker load -i /workspace/tezoslink-back.tar - run: name: Push image command: docker push rg.fr-par.scw.cloud/<>/<>:1 workflows: version: 2 build-scan-push-deploy-stg: when: <> jobs: - run-gitleaks: filters: &filters-stg branches: only: application-segmentation-2 - verify-tag: filters: <<: *filters-stg requires: - run-gitleaks - build-docker-image: # requires: # - verify-tag context: - application-segmentation-2 filters: <<: *filters-stg - push-docker-image: context: - application-segmentation-2 filters: <<: *filters-stg default: when: and: # - not: <> - not: <> jobs: - default: filters: branches: only: - dev