-
Notifications
You must be signed in to change notification settings - Fork 0
/
.travis.yml
53 lines (49 loc) · 2.82 KB
/
.travis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
dist: focal
vm:
size: large
services:
- docker
env:
global:
- CLOUDSDK_CORE_DISABLE_PROMPTS=1
before_install:
- mkdir -p /home/travis/.snaps
- echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
- curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add -
- sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7123CB760FF18869
- sudo apt-get update && sudo apt-get install -y google-cloud-sdk google-cloud-sdk-gke-gcloud-auth-plugin
- sudo snap set system refresh.hold="$(date --date=tomorrow +%Y-%m-%dT%H:%M:%S%:z)"
- sudo snap get system refresh.hold
- wget -q -i ${TRAVIS_BUILD_DIR}/snap.list -P /home/travis/.snaps
- cd /home/travis/.snaps && sudo snap ack core_8935.assert && sudo snap ack core18_1705.assert && sudo snap ack fluxctl_70.assert && sudo snap ack google-cloud-sdk_128.assert && sudo snap ack kubectl_1506.assert && sudo snap ack vault_1822.assert
- cd /home/travis/.snaps ; for snap in core core18 ; do ls $snap*.snap > /dev/null 2>&1 || snap download $snap ; sudo snap install --dangerous $snap*.snap ; done ; cd ${TRAVIS_BUILD_DIR}
- cd /home/travis/.snaps ; for snap in google-cloud-sdk fluxctl kubectl vault ; do ls $snap*.snap > /dev/null 2>&1 || snap download $snap ; sudo snap install --dangerous $snap*.snap --classic ; done ; cd ${TRAVIS_BUILD_DIR}
- export PATH=$PATH:/snap/google-cloud-sdk/current/bin
- vault login "${VAULT_TOKEN}"
- docker login --username rarek --password ${DOCKER_HUB_TOKEN}
- vault kv get -field=secret "gcp/gcp-k8s-sa-${PROJECT}" > client-secret.json;
- vault kv get -field=secret "gcp/k8s-deploy-ssh-key" > /tmp/ssh_key
- curl -sLO http://ppa.launchpad.net/rmescandon/yq/ubuntu/pool/main/y/yq/yq_3.1-2_amd64.deb && sudo dpkg -i yq_3.1-2_amd64.deb && rm -f yq_3.1-2_amd64.deb;
- if [[ "${PROJECT}" == "production" ]]; then export GCP_ZONE="${GCP_ZONE:-us-east1}";
export GKE_CLUSTER="${GKE_CLUSTER:-travis-ci-services}";
APPS_CLUSTER=$(yq r ./apps.yaml ${DEPLOYMENT_NAME}-${PROJECT}.cluster);
if [[ "xx${APPS_CLUSTER}" != "xx" ]]; then GKE_CLUSTER=${APPS_CLUSTER}; fi;
export GCE_PROJECT="travis-ci-prod-services-1";
else
export GCP_ZONE="${GCP_ZONE:-us-east4}";
export GKE_CLUSTER="${GKE_CLUSTER:-travis-ci-services-1}";
export GCE_PROJECT="travis-ci-staging-services-1"; fi
- gcloud -q auth activate-service-account --key-file "${TRAVIS_BUILD_DIR}/client-secret.json";
- eval "$(ssh-agent -s)"
- chmod 600 /tmp/ssh_key
- ssh-add /tmp/ssh_key
- gcloud -q config set project ${GCE_PROJECT}
- gcloud -q config set compute/zone ${GCP_ZONE}
- gcloud container clusters get-credentials ${GKE_CLUSTER}
- gcloud auth configure-docker
install: true
jobs:
include:
- stage: ":ship: it"
script:
- make ship