Skip to content

Add new workflow Gitlab #19

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add new workflow Gitlab #19

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
75 changes: 75 additions & 0 deletions .gitlab-ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
stages:
- deploy

variables:
FEATURES_LEVEL_LOG: $FEATURES_LEVEL_LOG
CLIENT_ID: $CLIENT_ID
CLIENT_KEY: $CLIENT_KEY
CLIENT_REALM: $CLIENT_REALM
REPOSITORY_NAME: $REPOSITORY_NAME
AWS_ACCESS_KEY_ID: $AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY: $AWS_SECRET_ACCESS_KEY
AWS_SESSION_TOKEN: $AWS_SESSION_TOKEN
AWS_REGION: $AWS_REGION
AWS_ROLE_ARN: $AWS_ROLE_ARN
RUN_TASK_ID: $RUN_TASK_ID
CONTAINER_URL: ${CONTAINER_URL:-stackspot/runtime-job-deploy:latest}
FEATURES_TERRAFORM_MODULES: $FEATURES_TERRAFORM_MODULES
PATH_TO_MOUNT: ${PATH_TO_MOUNT:-$CI_PROJECT_DIR}
OUTPUT_FILE: ${OUTPUT_FILE:-outputs.json}
LOCALEXEC_ENABLED: ${LOCALEXEC_ENABLED:-false}
TF_LOG_PROVIDER: $TF_LOG_PROVIDER
CHECKOUT_BRANCH: ${CHECKOUT_BRANCH:-'false'}

deploy:
stage: deploy
script:
- |
if [ "$CHECKOUT_BRANCH" != 'false' ]; then
git checkout $CI_COMMIT_REF_NAME
fi
- echo "🤖 OS runner is $(uname)"
- |
if [ -n "$AWS_ROLE_ARN" ]; then
aws sts assume-role --role-arn $AWS_ROLE_ARN --role-session-name gitlab-ci-session > /tmp/creds.json
export AWS_ACCESS_KEY_ID=$(jq -r '.Credentials.AccessKeyId' /tmp/creds.json)
export AWS_SECRET_ACCESS_KEY=$(jq -r '.Credentials.SecretAccessKey' /tmp/creds.json)
export AWS_SESSION_TOKEN=$(jq -r '.Credentials.SessionToken' /tmp/creds.json)
fi
- |
FLAGS=$(echo "-v $PATH_TO_MOUNT:/app-volume \
-e FEATURES_LEVEL_LOG=$FEATURES_LEVEL_LOG \
-e AUTHENTICATE_CLIENT_ID=$CLIENT_ID \
-e AUTHENTICATE_CLIENT_SECRET=$CLIENT_KEY \
-e AUTHENTICATE_CLIENT_REALMS=$CLIENT_REALM \
-e AUTHENTICATE_URL=https://idm.stackspot.com \
-e REPOSITORY_NAME=$REPOSITORY_NAME \
-e FEATURES_API_MANAGER=https://runtime-manager.v1.stackspot.com \
-e FEATURES_BASEPATH_TMP=/tmp/runtime/deploys \
-e FEATURES_BASEPATH_EBS=/opt/runtime \
-e FEATURES_TEMPLATES_FILEPATH=/app/ \
-e FEATURES_BASEPATH_TERRAFORM=/root/.asdf/shims/terraform \
-e AWS_REGION=$AWS_REGION \
-e FEATURES_RELEASE_LOCALEXEC=$LOCALEXEC_ENABLED")

if [ -z "$AWS_ROLE_ARN" ]; then
FLAGS=$(echo "$FLAGS -e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID")
FLAGS=$(echo "$FLAGS -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY")
FLAGS=$(echo "$FLAGS -e AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN")
fi

if [ -n "$AWS_ROLE_ARN" ]; then
FLAGS=$(echo "$FLAGS -e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID")
FLAGS=$(echo "$FLAGS -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY")
FLAGS=$(echo "$FLAGS -e AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN")
fi

if [ -n "$TF_LOG_PROVIDER" ]; then
FLAGS=$(echo "$FLAGS -e FEATURES_TERRAFORM_LOGPROVIDER=$TF_LOG_PROVIDER")
fi

docker run --rm \
$FLAGS \
-e FEATURES_TERRAFORM_MODULES='$FEATURES_TERRAFORM_MODULES' \
--entrypoint=/app/stackspot-runtime-job-deploy \
$CONTAINER_URL start --run-task-id="$RUN_TASK_ID" --output-file="$OUTPUT_FILE"
34 changes: 34 additions & 0 deletions README-gitlab.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# GitLab CI/CD Workflow for Runtime Action Deploy

This GitLab CI/CD workflow runs the Runtime Action Deploy with the specified parameters.

## Inputs

The following environment variables must be configured in your GitLab CI/CD settings:

- `FEATURES_LEVEL_LOG`: Log Level (required)
- `CLIENT_ID`: CLIENT ID (required)
- `CLIENT_KEY`: CLIENT KEY (required)
- `CLIENT_REALM`: CLIENT REALM (required)
- `REPOSITORY_NAME`: Git Repository Name (required)
- `AWS_ACCESS_KEY_ID`: AWS ACCESS KEY ID from console (optional)
- `AWS_SECRET_ACCESS_KEY`: AWS SECRET ACCESS KEY from console (optional)
- `AWS_SESSION_TOKEN`: AWS SESSION TOKEN from console (optional)
- `AWS_REGION`: AWS REGION (required)
- `AWS_ROLE_ARN`: AWS ROLE ARN (optional)
- `RUN_TASK_ID`: Runtime Run Task Id (required)
- `CONTAINER_URL`: Deploy Container URL (optional, default: `stackspot/runtime-job-deploy:latest`)
- `FEATURES_TERRAFORM_MODULES`: Terraform Modules (optional)
- `PATH_TO_MOUNT`: Path to mount inside the docker (optional, default: `$CI_PROJECT_DIR`)
- `OUTPUT_FILE`: File name to save outputs (optional, default: `outputs.json`)
- `LOCALEXEC_ENABLED`: If Runtimes will allow execution of the local-exec command within terraform (optional, default: `false`)
- `TF_LOG_PROVIDER`: Level tf log provider - info, debug, warn or trace (optional)
- `CHECKOUT_BRANCH`: Whether or not checkout is enabled (optional, default: `false`)

## Usage

To use this workflow, add the above environment variables to your GitLab CI/CD settings and include the `.gitlab-ci.yml` file in your repository.

```yaml
include:
- local: '.gitlab-ci.yml'