From 75fd07bda72f325b9aa58412deaafa361efc6d09 Mon Sep 17 00:00:00 2001 From: Giulio Giunta <56529931+giulio-giunta@users.noreply.github.com> Date: Wed, 29 Nov 2023 06:49:45 +0000 Subject: [PATCH] Restored deploy jobs in cicd pipeline (#698) * Restored deploy jobs in cicd pipeline * Updated dependencies versions and commented out deploy job to test only ci * Restored deploy jobs * Removed cache after package installation as per Sonarqube recommendation * Empty-Commit --- .circleci/config.yml | 176 ++++++++++++++++++++-------------------- docker/proxy/Dockerfile | 4 +- requirements.txt | 2 +- 3 files changed, 91 insertions(+), 91 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 988d2ed4..a57ceda6 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -70,79 +70,79 @@ jobs: echo "This branch is not allowed to merge" exit 1 - # deploy-test: - # docker: - # - image: 'geekzone/infra' - # environment: - # TAG: 0.1.<< pipeline.number >> - # steps: - # - checkout - # - run: - # name: Create .terraformrc file locally - # command: >- - # echo "credentials \"app.terraform.io\" {token = - # \"$TERRAFORM_TOKEN\"}" > $HOME/.terraformrc - # - run: - # name: Connect to or create k8s cluster - # command: | - # cd /usr/src/infra - # { az login --service-principal -u $CLIENT_ID -p $CLIENT_PASSWORD --tenant $TENANT_ID - # } && - # { az aks get-credentials --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --admin - # } || - # { create-azure-infra - # } - # - run: - # name: Deploy k8s resources - # command: | - # cd /usr/src/infra - # az login --service-principal -u $CLIENT_ID -p $CLIENT_PASSWORD --tenant $TENANT_ID - # az aks get-credentials --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --admin - # deploy-test-in-azure - # - run: - # name: Plan cluster destruction - # command: | - # cd /usr/src/infra - # az login --service-principal -u $CLIENT_ID -p $CLIENT_PASSWORD --tenant $TENANT_ID - # az aks get-credentials --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --admin - # kubectl apply -f azure/k8s/cronjobs/destroy-infra-test.yaml + deploy-test: + docker: + - image: "geekzone/infra" + environment: + TAG: 0.1.<< pipeline.number >> + steps: + - checkout + - run: + name: Create .terraformrc file locally + command: >- + echo "credentials \"app.terraform.io\" {token = + \"$TERRAFORM_TOKEN\"}" > $HOME/.terraformrc + - run: + name: Connect to or create k8s cluster + command: | + cd /usr/src/infra + { az login --service-principal -u $CLIENT_ID -p $CLIENT_PASSWORD --tenant $TENANT_ID + } && + { az aks get-credentials --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --admin + } || + { create-azure-infra + } + - run: + name: Deploy k8s resources + command: | + cd /usr/src/infra + az login --service-principal -u $CLIENT_ID -p $CLIENT_PASSWORD --tenant $TENANT_ID + az aks get-credentials --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --admin + deploy-test-in-azure + - run: + name: Plan cluster destruction + command: | + cd /usr/src/infra + az login --service-principal -u $CLIENT_ID -p $CLIENT_PASSWORD --tenant $TENANT_ID + az aks get-credentials --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --admin + kubectl apply -f azure/k8s/cronjobs/destroy-infra-test.yaml - # deploy-prod: - # docker: - # - image: 'geekzone/infra' - # environment: - # TAG: 0.1.<< pipeline.number >> - # steps: - # - checkout - # - run: - # name: Create .terraformrc file locally - # command: >- - # echo "credentials \"app.terraform.io\" {token = - # \"$TERRAFORM_TOKEN\"}" > $HOME/.terraformrc - # - run: - # name: Connect to or create k8s cluster - # command: | - # cd /usr/src/infra - # { az login --service-principal -u $CLIENT_ID -p $CLIENT_PASSWORD --tenant $TENANT_ID - # } && - # { az aks get-credentials --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --admin - # } || - # { create-azure-infra - # } - # - run: - # name: Deploy k8s resources - # command: | - # cd /usr/src/infra - # az login --service-principal -u $CLIENT_ID -p $CLIENT_PASSWORD --tenant $TENANT_ID - # az aks get-credentials --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --admin - # deploy-prod-in-azure - # - run: - # name: Plan cluster destruction - # command: | - # cd /usr/src/infra - # az login --service-principal -u $CLIENT_ID -p $CLIENT_PASSWORD --tenant $TENANT_ID - # az aks get-credentials --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --admin - # kubectl apply -f azure/k8s/cronjobs/destroy-infra-prod.yaml + deploy-prod: + docker: + - image: "geekzone/infra" + environment: + TAG: 0.1.<< pipeline.number >> + steps: + - checkout + - run: + name: Create .terraformrc file locally + command: >- + echo "credentials \"app.terraform.io\" {token = + \"$TERRAFORM_TOKEN\"}" > $HOME/.terraformrc + - run: + name: Connect to or create k8s cluster + command: | + cd /usr/src/infra + { az login --service-principal -u $CLIENT_ID -p $CLIENT_PASSWORD --tenant $TENANT_ID + } && + { az aks get-credentials --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --admin + } || + { create-azure-infra + } + - run: + name: Deploy k8s resources + command: | + cd /usr/src/infra + az login --service-principal -u $CLIENT_ID -p $CLIENT_PASSWORD --tenant $TENANT_ID + az aks get-credentials --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --admin + deploy-prod-in-azure + - run: + name: Plan cluster destruction + command: | + cd /usr/src/infra + az login --service-principal -u $CLIENT_ID -p $CLIENT_PASSWORD --tenant $TENANT_ID + az aks get-credentials --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --admin + kubectl apply -f azure/k8s/cronjobs/destroy-infra-prod.yaml workflows: version: 2 @@ -156,19 +156,19 @@ workflows: branches: only: - /^junk-.*/ - # - deploy-test: - # requires: - # - build-test-publish - # filters: - # branches: - # only: /feature-.*/ - # context: - # - org-global - # - deploy-prod: - # requires: - # - build-test-publish - # filters: - # branches: - # only: main - # context: - # - org-global + - deploy-test: + requires: + - build-test-publish + filters: + branches: + only: /feature-.*/ + context: + - org-global + - deploy-prod: + requires: + - build-test-publish + filters: + branches: + only: main + context: + - org-global diff --git a/docker/proxy/Dockerfile b/docker/proxy/Dockerfile index b60550d3..b8b205e5 100644 --- a/docker/proxy/Dockerfile +++ b/docker/proxy/Dockerfile @@ -14,12 +14,12 @@ RUN ["python", "manage.py", "collectstatic"] CMD [ "gunicorn", "web.wsgi", "-b 0.0.0.0:8000" ] -FROM nginx:1.25.2-alpine3.18 +FROM nginx:1.25.3-alpine3.18 RUN apk update && apk upgrade # Install the fixed versions of libwebp and curl -RUN apk add libwebp=1.3.2-r0 curl=8.3.0-r0 +RUN apk add --no-cache libwebp=1.3.2-r0 curl=8.4.0-r0 COPY docker/proxy/default.conf /etc/nginx/conf.d/ COPY docker/proxy/nginx.conf /etc/nginx/ diff --git a/requirements.txt b/requirements.txt index 500fc558..a0aec58b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -22,7 +22,7 @@ soupsieve~=2.2 sqlparse==0.4.4 stripe==5.4.0 tornado==6.3.3 -urllib3>=2.0.6 +urllib3>=2.0.7 celery==5.2.2 django-clacks>=0.1.0 cookiecutter==2.1.1 # not directly required, pinned by Snyk to avoid a vulnerability