feat(.devops) added devops pipeline (#2)

* feat: added repository structure * feat: added PULL REQUEST CHANGELOG TEMPLATE * feat: added helm value for dev and uat * feat: changed chart name * feat: added prod helm value * feat: added code review pipeline * feat: added deploy pipeline * feat: added azure template * fix(version):fixed project version * fix(main class reference):fixed main class reference name * fix(Dockerfile): add comment for COPY api-spec api-spec
pagopa · Aug 2, 2023 · 2df0436 · 2df0436
1 parent 05e3f81
commit 2df0436
Show file tree

Hide file tree

Showing 5 changed files with 896 additions and 0 deletions.
diff --git a/.devops/azure-templates/chart-current-version.yml b/.devops/azure-templates/chart-current-version.yml
@@ -0,0 +1,18 @@
+# Read the current chart version and output it two variables
+# -> 'chart_current_version.version' : the Chart version
+# -> 'chart_current_version.appVersion': the application version
+
+steps:
+  - task: Bash@3
+    name: chart_current_version
+    displayName: 'Read chart current version'
+    inputs:
+      targetType: "inline"
+      script: |
+        CHART_FILE="helm/Chart.yaml"
+        version=$(yq -r '.version' $CHART_FILE)
+        appVersion=$(yq -r '.appVersion' $CHART_FILE)
+        echo "##vso[task.setvariable variable=version;isOutput=true]$version"
+        echo "##vso[task.setvariable variable=appVersion;isOutput=true]$appVersion"
+      failOnStderr: true
+
diff --git a/.devops/azure-templates/gradle-github-release.yml b/.devops/azure-templates/gradle-github-release.yml
@@ -0,0 +1,153 @@
+# Node Github Relase steps
+# Mark a release on the project repository, with version bump and tag,
+# and publish a release on Github
+
+parameters:
+
+  # Versioning parameters
+  - name: 'semver'
+    type: string
+    values:
+      - major
+      - minor
+      - patch
+      - none
+
+  # Versioning parameters
+  - name: 'semver_chart'
+    type: string
+    values:
+      - major
+      - minor
+      - patch
+      - none
+
+  # This is the branch in which we will push the release tag.
+  # It'll be master, but it can be overridden
+  # Basically, this variable is used to enforce the fact that we use the very same branch in different steps
+  - name: 'release_branch'
+    type: string
+    default: main
+
+  # Github parameters
+  - name: 'gitUsername'
+    type: string
+  - name: 'gitEmail'
+    type: string
+  - name: 'gitHubConnection'
+    type: string
+
+steps:
+  # setup git author
+  - script: |
+      git config --global user.email "${{ parameters.gitEmail }}" && git config --global user.name "${{ parameters.gitUsername }}"
+    displayName: 'Git setup'
+
+  # Without this step, changes would be applied to a detached head
+  - script: |
+      git checkout ${{ parameters.release_branch }}
+    displayName: 'Checkout release branch'
+  - task: JavaToolInstaller@0
+    displayName: 'Installing JDK'
+    inputs:
+      versionSpec: "17"
+      jdkArchitectureOption: x64
+      jdkSourceOption: 'PreInstalled'
+  # bump version
+  - ${{ if ne(parameters['semver'], 'none') }}:
+      - task: Gradle@3
+        displayName: 'Bump version'
+        name: bump_version
+        inputs:
+          tasks: 'help'
+          options: 'incrementVersion --versionIncrementType=${{ parameters.semver }}'
+          jdkVersionOption: '1.17'
+      - task: Bash@3
+        name: next_version_app
+        displayName: 'Set release variables'
+        inputs:
+          targetType: "inline"
+          script: |
+            version=$(./gradlew printVersion -Psnapshot=false  -q | head -n1 | cut -d' ' -f2)
+            echo "##vso[task.setvariable variable=value;isOutput=true]$version"
+            git add build.gradle.kts
+          failOnStderr: true
+      - task: Bash@3
+        displayName: Update Version Values Helm
+        name: update_version_helm
+        inputs:
+          targetType: 'inline'
+          script: |
+            for i in helm/values-*.yaml; do
+              [ -f "$i" ] || break
+              yq -i ".microservice-chart.image.tag = \"$(next_version_app.value)\"" "$i"
+              git add "$i"
+            done
+      - task: Bash@3
+        name: update_app_version
+        displayName: 'Setup helm microservice chart'
+        inputs:
+          targetType: "inline"
+          script: |
+            CHART_FILE="helm/Chart.yaml"
+            if [[ -f "$CHART_FILE" ]]; then
+              yq -i ".appVersion = \"$(next_version_app.value)\"" "$CHART_FILE"
+              git add "$CHART_FILE"
+            fi   
+
+  - task: Bash@3
+    name: setup_semver_utility
+    displayName: 'Setup semver utility'
+    inputs:
+      targetType: "inline"
+      script: |
+        yarn global add semver
+  - task: Bash@3
+    name: update_chart_version
+    displayName: 'Setup helm microservice chart'
+    inputs:
+      targetType: "inline"
+      script: |
+        RELEASE_CHART_SEMVER=${{parameters.semver_chart}}
+        CHART_FILE="helm/Chart.yaml"
+        CURRENT_CHART_VERSION=$(yq -r '.version' $CHART_FILE)
+        if [[ -f "$CHART_FILE" ]]; then
+          yq -i ".version = \"$(semver $CURRENT_CHART_VERSION -i $RELEASE_CHART_SEMVER )\"" "$CHART_FILE"
+          git add "$CHART_FILE"
+        fi
+  - task: Bash@3
+    name: next_version_chart
+    displayName: 'Set release chart variables'
+    inputs:
+      targetType: "inline"
+      script: |
+        CHART_FILE="helm/Chart.yaml"
+        version=$(yq -r '.version' $CHART_FILE)
+        echo "##vso[task.setvariable variable=value;isOutput=true]$version"
+      failOnStderr: true
+  # push new version
+  - script: |
+      git commit -m "Bump version [skip ci]"
+      git push origin ${{ parameters.release_branch }}
+    displayName: 'Push to the release branch'
+
+  - script: |
+      HEAD_SHA=$(git rev-parse HEAD)
+      TAG="$(next_version_chart.value)"
+      TITLE="Release $(next_version_chart.value)"
+      echo "##vso[task.setvariable variable=title]$TITLE"
+      echo "##vso[task.setvariable variable=sha]$HEAD_SHA"
+      echo "##vso[task.setvariable variable=tag]$TAG"
+    displayName: 'Set release variables'
+
+  # create new release
+  - task: GitHubRelease@0
+    inputs:
+      gitHubConnection: ${{ parameters.gitHubConnection }}
+      repositoryName: $(Build.Repository.Name)
+      action: create
+      target: $(sha)
+      tagSource: manual
+      tag: $(tag)
+      title: $(title)
+      addChangelog: true
diff --git a/.devops/azure-templates/helm-microservice-chart-deploy.yml b/.devops/azure-templates/helm-microservice-chart-deploy.yml
@@ -0,0 +1,88 @@
+parameters:
+  # Required
+  - name: "DO_DEPLOY"
+    type: boolean
+  - name: "ENV"
+    type: string
+  - name: "KUBERNETES_SERVICE_CONN"
+    type: string
+  - name: "NAMESPACE"
+    type: string
+  - name: "APP_NAME"
+    type: string
+  - name: "VALUE_FILE"
+    type: string
+  - name: "GREEN_VERSION"
+    type: string
+  # Optional
+  - name: "DO_BLUE_GREEN_DEPLOY"
+    type: boolean
+    default: false
+  - name: "BLUE_VERSION"
+    type: string
+    default: "none"
+  - name: "CHART_TYPE"
+    type: string
+    default: "filepath"
+  - name: "CHART_PATH"
+    type: string
+    default: "helm"
+  - name: "WAIT_FOR_EXECUTION"
+    type: boolean
+    default: true
+  - name: "ARGUMENTS"
+    type: string
+    default: "--timeout 5m0s"
+  - name: "APPINSIGHTS_SERVICE_CONN"
+    type: string
+    default: "none"
+  - name: "APPINSIGHTS_RESOURCE_ID"
+    type: string
+    default: "none"
+
+steps:
+  - task: HelmDeploy@0
+    displayName: Deploy on ${{ parameters.ENV }} BLUEGREEN
+    condition: and(succeeded(), eq(${{ parameters.DO_DEPLOY }}, True))
+    inputs:
+      kubernetesServiceEndpoint: ${{ parameters.KUBERNETES_SERVICE_CONN }}
+      namespace: ${{ parameters.NAMESPACE }}
+      command: upgrade
+      chartType: ${{ parameters.CHART_TYPE }}
+      chartPath: ${{ parameters.CHART_PATH }}
+      chartName: ${{ parameters.APP_NAME }}
+      releaseName: ${{ parameters.APP_NAME }}
+      valueFile: ${{ parameters.VALUE_FILE }}
+      install: true
+      waitForExecution: ${{ parameters.WAIT_FOR_EXECUTION }}
+      arguments: ${{ parameters.ARGUMENTS }}
+      overrideValues: microservice-chart.image.tag=${{ parameters.GREEN_VERSION }},microservice-chart.canaryDelivery.create=${{ parameters.DO_BLUE_GREEN_DEPLOY }},microservice-chart.canaryDelivery.deployment.image.tag=${{ parameters.BLUE_VERSION }}
+  - template: ./chart-current-version.yml
+  - ${{ if ne(parameters['APPINSIGHTS_SERVICE_CONN'], 'none') }}:
+      - task: AzureCLI@2
+        displayName: Release annotations
+        condition: and(succeeded(), eq(${{ parameters.DO_DEPLOY }}, True))
+        inputs:
+          azureSubscription: '${{ parameters.APPINSIGHTS_SERVICE_CONN }}'
+          addSpnToEnvironment: true
+          scriptType: 'bash'
+          scriptLocation: 'inlineScript'
+          failOnStandardError: true
+          inlineScript: |
+            echo "[INFO] Creating release annotation in Application Insights"
+            
+            APPINSIGHTS_ID=${{ parameters.APPINSIGHTS_RESOURCE_ID }}
+            UUID=$(uuidgen)
+            releaseName="${{ parameters.APP_NAME }}-${{ parameters.ENV }}"
+            releaseDescription="$(chart_current_version.appVersion)"
+            triggerBy="Azure DevOps"
+            eventTime=$(date -u '+%Y-%m-%dT%H:%M:%S')
+            category="Deployment"
+            label="Success"
+            
+            body='{ "Id": "'$UUID'", "AnnotationName": "'$releaseName'", "EventTime":"'$eventTime'", "Category":"'$category'", "Properties":"{ \"ReleaseName\":\"'$releaseName'\", \"ReleaseDescription\" : \"'$releaseDescription'\", \"TriggerBy\": \"'$triggerBy'\" }"}'
+            
+            # echo "[INFO] body: $body"
+            # echo "[INFO] APPINSIGHTS_ID: $APPINSIGHTS_ID"
+            
+            az rest --method put --uri "$APPINSIGHTS_ID/Annotations?api-version=2015-05-01" --body "$body" -o none
diff --git a/.devops/code-review-pipelines.yml b/.devops/code-review-pipelines.yml
@@ -0,0 +1,62 @@
+variables:
+  BRANCH_NAME: $[ replace(variables['System.PullRequest.SourceBranch'], 'refs/heads/', '') ]
+  GRADLE_USER_HOME: $(Pipeline.Workspace)/.gradle
+trigger: none
+
+pool:
+  vmImage: ubuntu-latest
+
+stages:
+  - stage: BuildEndUnitTest
+    jobs:
+      - job: make_buildEndUnitTest
+        steps:
+          - task: Cache@2
+            inputs:
+              key: 'gradle | "$(Agent.OS)" | **/build.gradle.kts' # Swap build.gradle.kts for build.gradle when using Groovy
+              restoreKeys: |
+                gradle | "$(Agent.OS)"
+                gradle
+              path: $(GRADLE_USER_HOME)
+            displayName: Configure gradle caching
+
+          - task: SonarCloudPrepare@1
+            displayName: 'Prepare SonarCloud analysis configuration'
+            inputs:
+              SonarCloud: '$(SONARCLOUD_SERVICE_CONN)'
+              organization: '$(SONARCLOUD_ORG)'
+              scannerMode: Other
+              extraProperties: |
+                sonar.projectKey=$(SONARCLOUD_PROJECT_KEY)
+                sonar.projectName=$(SONARCLOUD_PROJECT_NAME)
+                sonar.coverage.exclusions=**/config/*,**/*Mock*,**/model/*
+                sonar.coverage.jacoco.xmlReportPaths=./build/reports/jacoco/test/jacocoTestReport.xml
+                sonar.junit.reportPaths=./build/test-results/test
+
+          - task: Gradle@3
+            inputs:
+              gradleWrapperFile: 'gradlew' # string. Alias: wrapperScript. Required. Gradle wrapper. Default: gradlew.
+              tasks: 'build' # string. Required. Tasks. Default: build.
+              publishJUnitResults: true
+              testResultsFiles: '**/TEST-*.xml' # string. Required when publishJUnitResults = true. Test results files. Default: **/TEST-*.xml.
+              codeCoverageToolOption: 'None' # 'None' | 'Cobertura' | 'JaCoCo'. Alias: codeCoverageTool. Code coverage tool. Default: None.
+              codeCoverageClassFilesDirectories: 'build/classes/main/' # string. Alias: classFilesDirectories. Required when codeCoverageTool != None. Class files directories. Default: build/classes/main/.
+              javaHomeOption: 'JDKVersion' # 'JDKVersion' | 'Path'. Alias: javaHomeSelection. Required. Set JAVA_HOME by. Default: JDKVersion.
+              jdkVersionOption: '1.17' # 'default' | '1.11' | '1.10' | '1.9' | '1.8' | '1.7' | '1.6'. Alias: jdkVersion. Optional. Use when javaHomeSelection = JDKVersion. JDK version. Default: default.
+              sonarQubeRunAnalysis: true
+
+          - task: SonarCloudPublish@1
+            displayName: 'Publish SonarCloud results on build summary'
+            inputs:
+              pollingTimeoutSec: '300'
+          - script: |
+              # stop the Gradle daemon to ensure no files are left open (impacting the save cache operation later)
+              ./gradlew --stop
+            displayName: Gradlew stop
+
+          - task: PublishCodeCoverageResults@1
+            inputs:
+              codeCoverageTool: 'JaCoCo'
+              summaryFileLocation: 'build/reports/jacoco/test/jacocoTestReport.xml'
+              reportDirectory: 'build/reports/jacoco/test/html'
+            displayName: 'Publish Code Coverage on Azure Devops'