PLT-37: Test development orb: send images -> ECR

.circleci/config.yml

@@ -5,8 +5,8 @@ setup: true
 
 orbs:
   dynamic: bjd2385/[email protected]
-  general: premiscale/general@1.0.12
-  slack: circleci/slack@4.12.5
+  general: premiscale/general@dev:01763b8c3a8e0b307930a921eca7f2b2faa81823
+  slack: circleci/slack@4.13.2
 
 
 workflows:
@@ -29,6 +29,7 @@ workflows:
               only: /^v?[0-9]+\.[0-9]+\.[0-9]+$/
 
       - request-approval:
+          name: Artifact generation approval
           type: approval
           filters:
             branches:
@@ -41,22 +42,21 @@ workflows:
             - github
             - circleci
           requires:
-            - request-approval
+            - Artifact generation approval
           filters:
             branches:
               ignore: /.*/
             tags:
               only: /^v?[0-9]+\.[0-9]+\.[0-9]+$/
 
-      - general/docker-nexus:
+      - general/docker-ecr:
           name: docker [cluster-checkin] [tag]
           image-name: cluster-checkin
           tag: $CIRCLE_TAG
           context:
-            - nexus
-          nexus-domain: $DOCKER_DOMAIN
+            - aws-development
           requires:
-            - request-approval
+            - Artifact generation approval
           filters:
             branches:
               ignore: /.*/
@@ -68,44 +68,72 @@ workflows:
           image-name: cluster-checkin
           tag: $CIRCLE_TAG
           context:
-            - nexus
             - dockerhub
           requires:
-            - request-approval
+            - Artifact generation approval
           filters:
             branches:
               ignore: /.*/
             tags:
               only: /^v?[0-9]+\.[0-9]+\.[0-9]+$/
 
-      - general/helm-release-nexus:
+      - general/helm-release-ecr:
           name: helm build and push [helm/cluster-checkin] [tag]
-          context: nexus
-          repo: $HELM_REPOSITORY_URL
+          context:
+            - aws-development
+          chart-name-postfix: chart
           version: $CIRCLE_TAG
           image-tag: $CIRCLE_TAG
           image-tag-path: .cron.image.tag
           requires:
+            - Artifact generation approval
+          filters:
+            branches:
+              ignore: /.*/
+            tags:
+              only: /^v?[0-9]+\.[0-9]+\.[0-9]+$/
+
+      ##
+
+      - slack/on-hold:
+          context: slack
+          requires:
+            - helm build and push [helm/cluster-checkin] [tag]
+            - dockerhub [cluster-checkin] [tag]
             - docker [cluster-checkin] [tag]
-            - request-approval
           filters:
             branches:
               ignore: /.*/
             tags:
               only: /^v?[0-9]+\.[0-9]+\.[0-9]+$/
 
+      - request-approval:
+          name: Helm upgrade approval
+          type: approval
+          requires:
+            - helm build and push [helm/cluster-checkin] [tag]
+            - dockerhub [cluster-checkin] [tag]
+            - docker [cluster-checkin] [tag]
+          filters:
+            branches:
+              ignore: /.*/
+            tags:
+              only: /^v?[0-9]+\.[0-9]+\.[0-9]+$/
+
+      ##
+
       - general/helm-upgrade:
           name: helm upgrade install [helm/cluster-checkin] [tag]
           cluster: $CHELSEA_CLUSTER
           namespace: crons
           repo: $HELM_REPOSITORY_URL
           additional-values: |
-            --set global.image.registry="$DOCKER_DOMAIN" --set cron.image.pullSecrets[0]=nexus-docker-registry --set cron.env[0].name=CLUSTER_ID,cron.env[0].value="$LOFT_CHELSEA_CLUSTER_ID"
+            --set global.image.registry="${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/$CIRCLE_PROJECT" --set cron.image.pullSecrets[0]=ecr-docker-registry --set cron.env[0].name=CLUSTER_ID,cron.env[0].value="$LOFT_CHELSEA_CLUSTER_ID"
           requires:
-            - helm build and push [helm/cluster-checkin] [tag]
-            - docker [cluster-checkin] [tag]
+            - Helm upgrade approval
           context:
             - kubeconfig
+            - aws-development
             - nexus
           filters:
             branches:

.circleci/helm.ignore

@@ -0,0 +1,2 @@
+!bin/
+!Dockerfile

.circleci/helm.yml

@@ -2,7 +2,8 @@ version: 2.1
 
 
 orbs:
-  general: premiscale/[email protected]
+  general: premiscale/general@dev:01763b8c3a8e0b307930a921eca7f2b2faa81823
+  slack: circleci/[email protected]
 
 
 workflows:
@@ -12,48 +13,73 @@ workflows:
           name: helm lint [helm/cluster-checkin]
           chart-path: helm/$CIRCLE_PROJECT_REPONAME
 
-      # develop branches
+      # develop
 
-      - general/docker-nexus:
+      - general/docker-ecr:
           name: docker [cluster-checkin] [develop]
           image-name: cluster-checkin
-          context: nexus
+          branch-tag: true
+          context:
+            - aws-development
           requires:
             - helm lint [helm/cluster-checkin]
           path: .
-          nexus-domain: $DOCKER_DEVELOP_DOMAIN
           tag: 0.0.<< pipeline.number >>
           filters:
             branches:
               ignore:
                 - master
 
-      - general/helm-release-nexus:
+      - general/helm-release-ecr:
           name: helm build and push [helm/cluster-checkin] [develop]
-          context: nexus
-          repo: $HELM_DEVELOP_REPOSITORY_URL
+          context:
+            - aws-development
           version: 0.0.<< pipeline.number >>
+          chart-name-postfix: chart
           image-tag: 0.0.<< pipeline.number >>
           image-tag-path: .cron.image.tag
           requires:
             - helm lint [helm/cluster-checkin]
+          filters:
+            branches:
+              ignore:
+                - master
+
+      ##
+
+      - slack/on-hold:
+          context: slack
+          requires:
+            - docker [cluster-checkin] [develop]
+            - helm build and push [helm/cluster-checkin] [develop]
+          filters:
+            branches:
+              ignore:
+                - master
+
+      - request-approval:
+          name: Helm upgrade approval [develop]
+          requires:
             - docker [cluster-checkin] [develop]
+            - helm build and push [helm/cluster-checkin] [develop]
+          type: approval
           filters:
             branches:
               ignore:
                 - master
 
+      ##
+
       - general/helm-upgrade:
           name: helm upgrade install [helm/cluster-checkin] [develop]
           cluster: $CHELSEA_CLUSTER
           namespace: crons
           repo: $HELM_DEVELOP_REPOSITORY_URL
           version: 0.0.<< pipeline.number >>
           additional-values: |
-            --set global.image.registry="$DOCKER_DEVELOP_DOMAIN" --set cron.image.pullSecrets[0]=nexus-docker-registry --set cron.env[0].name=CLUSTER_ID,cron.env[0].value="$LOFT_CHELSEA_CLUSTER_ID"
+            --set global.image.registry="" --set cron.image.pullSecrets[0]=ecr-develop-docker-registry --set cron.env[0].name=CLUSTER_ID,cron.env[0].value="$LOFT_CHELSEA_CLUSTER_ID"
           requires:
-            - helm build and push [helm/cluster-checkin] [develop]
-            - docker [cluster-checkin] [develop]
+            - Helm upgrade approval [develop]
           context:
             - kubeconfig
             - nexus
@@ -62,26 +88,29 @@ workflows:
               ignore:
                 - master
 
-      # master branch
+      # master
 
-      - general/docker-nexus:
+      - general/docker-ecr:
           name: docker [cluster-checkin] [master]
           image-name: cluster-checkin
-          context: nexus
+          branch-tag: true
+          context:
+            - aws-development
           requires:
             - helm lint [helm/cluster-checkin]
           path: .
-          nexus-domain: $DOCKER_MASTER_DOMAIN
           tag: 0.0.<< pipeline.number >>
           filters:
             branches:
               only:
                 - master
 
-      - general/helm-release-nexus:
+      - general/helm-release-ecr:
           name: helm build and push [helm/cluster-checkin] [master]
-          context: nexus
+          context:
+            - aws-development
           repo: $HELM_MASTER_REPOSITORY_URL
+          chart-name-postfix: chart
           version: 0.0.<< pipeline.number >>
           image-tag: 0.0.<< pipeline.number >>
           image-tag-path: .cron.image.tag
@@ -93,6 +122,31 @@ workflows:
               only:
                 - master
 
+      ##
+
+      - slack/on-hold:
+          context: slack
+          requires:
+            - helm build and push [helm/cluster-checkin] [master]
+            - docker [cluster-checkin] [master]
+          filters:
+            branches:
+              only:
+                - master
+
+      - request-approval:
+          name: Helm upgrade approval [master]
+          type: approval
+          requires:
+            - helm build and push [helm/cluster-checkin] [master]
+            - docker [cluster-checkin] [master]
+          filters:
+            branches:
+              only:
+                - master
+
+      ##
+
       - general/helm-upgrade:
           name: helm upgrade install [helm/cluster-checkin] [master]
           cluster: $CHELSEA_CLUSTER
@@ -102,8 +156,7 @@ workflows:
           additional-values: |
             --set global.image.registry="$DOCKER_MASTER_DOMAIN" --set cron.image.pullSecrets[0]=nexus-docker-registry --set cron.env[0].name=CLUSTER_ID,cron.env[0].value="$LOFT_CHELSEA_CLUSTER_ID"
           requires:
-            - helm build and push [helm/cluster-checkin] [master]
-            - docker [cluster-checkin] [master]
+            - Helm upgrade approval [master]
           context:
             - kubeconfig
             - nexus

.gitignore

@@ -0,0 +1,47 @@
+# Created by https://www.toptal.com/developers/gitignore/api/helm,terraform,ansible
+# Edit at https://www.toptal.com/developers/gitignore?templates=helm,terraform,ansible
+
+### Ansible ###
+*.retry
+
+### Helm ###
+# Chart dependencies
+**/charts/*.tgz
+
+### Terraform ###
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
+# End of https://www.toptal.com/developers/gitignore/api/helm,terraform,ansible