Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
DBRepo
Manage
Activity
Members
Labels
Plan
External wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Deploy
Releases
Package registry
Model registry
Operate
Terraform modules
Analyze
Contributor analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
GitLab community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
FAIR Data Austria DB Repository
DBRepo
Commits
32146b94
Verified
Commit
32146b94
authored
6 months ago
by
Martin Weise
Browse files
Options
Downloads
Patches
Plain Diff
First attempt in GitOps pipeline
parent
a978b4ef
No related branches found
No related tags found
No related merge requests found
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
.gitlab-ci.yml
+100
-84
100 additions, 84 deletions
.gitlab-ci.yml
.gitlab/agents/dev/config.yaml
+0
-0
0 additions, 0 deletions
.gitlab/agents/dev/config.yaml
.gitlab/agents/dev/values.yaml
+161
-0
161 additions, 0 deletions
.gitlab/agents/dev/values.yaml
with
261 additions
and
84 deletions
.gitlab-ci.yml
+
100
−
84
View file @
32146b94
...
@@ -28,14 +28,55 @@ cache:
...
@@ -28,14 +28,55 @@ cache:
-
.m2/repository
-
.m2/repository
stages
:
stages
:
-
build
-
lint
-
lint
-
build
-
deploy
-
test
-
test
-
docs
-
docs
-
release
-
release
-
verify
-
verify
-
scan
-
scan
lint-docker-compose
:
image
:
docker.io/alpine:${ALPINE_VERSION}
stage
:
lint
variables
:
VERSION
:
3.3.0
BINARY
:
yq_linux_amd64
before_script
:
-
'
apk
--no-cache
add
bash
wget'
-
'
wget
https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY}
-O
/usr/bin/yq
&&
chmod
+x
/usr/bin/yq'
-
'
ls
-la
.scripts'
script
:
-
"
yq
compare
-P
docker-compose.yml
.docker/docker-compose.yml
'volumes.*'"
-
"
IGNORE_IMAGE=1
IGNORE_PORTS=1
bash
.scripts/check-service.sh
'dbrepo-analyse-service'"
-
"
bash
.scripts/check-service.sh
'dbrepo-auth-db'"
-
"
IGNORE_IMAGE=1
IGNORE_PORTS=1
bash
.scripts/check-service.sh
'dbrepo-auth-service'"
-
"
IGNORE_IMAGE=1
IGNORE_PORTS=1
bash
.scripts/check-service.sh
'dbrepo-broker-service'"
-
"
IGNORE_PORTS=1
bash
.scripts/check-service.sh
'dbrepo-dashboard-service'"
-
"
bash
.scripts/check-service.sh
'dbrepo-data-db'"
-
"
IGNORE_IMAGE=1
IGNORE_PORTS=1
bash
.scripts/check-service.sh
'dbrepo-data-service'"
-
"
IGNORE_VOLUMES=1
bash
.scripts/check-service.sh
'dbrepo-gateway-service'"
-
"
IGNORE_VOLUMES=1
bash
.scripts/check-service.sh
'dbrepo-identity-service'"
-
"
IGNORE_VOLUMES=1
bash
.scripts/check-service.sh
'dbrepo-metadata-db'"
-
"
IGNORE_IMAGE=1
IGNORE_PORTS=1
bash
.scripts/check-service.sh
'dbrepo-metadata-service'"
-
"
IGNORE_VOLUMES=1
bash
.scripts/check-service.sh
'dbrepo-metric-db'"
-
"
IGNORE_IMAGE=1
bash
.scripts/check-service.sh
'dbrepo-search-db'"
-
"
IGNORE_IMAGE=1
IGNORE_PORTS=1
bash
.scripts/check-service.sh
'dbrepo-search-service'"
-
"
IGNORE_IMAGE=1
bash
.scripts/check-service.sh
'dbrepo-search-service-init'"
-
"
IGNORE_VOLUMES=1
bash
.scripts/check-service.sh
'dbrepo-storage-service'"
-
"
IGNORE_VOLUMES=1
bash
.scripts/check-service.sh
'dbrepo-storage-service-init'"
-
"
IGNORE_IMAGE=1
bash
.scripts/check-service.sh
'dbrepo-ui'"
-
"
bash
.scripts/check-service.sh
'dbrepo-upload-service'"
lint-helm-chart
:
image
:
docker.io/alpine:3.20
stage
:
lint
before_script
:
-
apk add helm
script
:
-
helm lint ./helm/dbrepo
build-metadata-service
:
build-metadata-service
:
image
:
maven:3-openjdk-${JAVA_VERSION}
image
:
maven:3-openjdk-${JAVA_VERSION}
stage
:
build
stage
:
build
...
@@ -125,73 +166,24 @@ build-helm:
...
@@ -125,73 +166,24 @@ build-helm:
-
apk add sed helm curl
-
apk add sed helm curl
-
helm package ./helm/dbrepo --destination ./build
-
helm package ./helm/dbrepo --destination ./build
lint-docker-compose
:
deploy-staging
:
image
:
docker.io/alpine:${ALPINE_VERSION}
image
:
docker.io/alpine:${ALPINE_VERSION}
stage
:
lint
stage
:
deploy
variables
:
environment
:
VERSION
:
3.3.0
name
:
staging/datalab
BINARY
:
yq_linux_amd64
url
:
${CI_ENV_STAGING_URL}
before_script
:
before_script
:
-
'
apk
--no-cache
add
bash
wget'
-
apk add --no-cache helm make
-
'
wget
https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY}
-O
/usr/bin/yq
&&
chmod
+x
/usr/bin/yq'
-
echo ${CI_K8S_CONFIG} | base64 -d > ./kubecfg
-
'
ls
-la
.scripts'
-
make build-helm
-
helm -n ${CI_ENV_STAGING_NAMESPACE} uninstall ${CI_ENV_STAGING_RELEASE_NAME}
-
kubectl -n ${CI_ENV_STAGING_NAMESPACE} delete pvc --all
script
:
script
:
-
"
yq
compare
-P
docker-compose.yml
.docker/docker-compose.yml
'volumes.*'"
-
helm -n ${CI_ENV_STAGING_NAMESPACE} upgrade --install ${CI_ENV_STAGING_RELEASE_NAME} ./build/${CI_ENV_STAGING_RELEASE_NAME}-${CHART_VERSION}.tgz --create-namespace -f ./.gitlab/agents/dev/values.yaml
-
"
IGNORE_IMAGE=1
IGNORE_PORTS=1
bash
.scripts/check-service.sh
'dbrepo-analyse-service'"
-
"
bash
.scripts/check-service.sh
'dbrepo-auth-db'"
-
"
IGNORE_IMAGE=1
IGNORE_PORTS=1
bash
.scripts/check-service.sh
'dbrepo-auth-service'"
-
"
IGNORE_IMAGE=1
IGNORE_PORTS=1
bash
.scripts/check-service.sh
'dbrepo-broker-service'"
-
"
IGNORE_PORTS=1
bash
.scripts/check-service.sh
'dbrepo-dashboard-service'"
-
"
bash
.scripts/check-service.sh
'dbrepo-data-db'"
-
"
IGNORE_IMAGE=1
IGNORE_PORTS=1
bash
.scripts/check-service.sh
'dbrepo-data-service'"
-
"
IGNORE_VOLUMES=1
bash
.scripts/check-service.sh
'dbrepo-gateway-service'"
-
"
IGNORE_VOLUMES=1
bash
.scripts/check-service.sh
'dbrepo-identity-service'"
-
"
IGNORE_VOLUMES=1
bash
.scripts/check-service.sh
'dbrepo-metadata-db'"
-
"
IGNORE_IMAGE=1
IGNORE_PORTS=1
bash
.scripts/check-service.sh
'dbrepo-metadata-service'"
-
"
IGNORE_VOLUMES=1
bash
.scripts/check-service.sh
'dbrepo-metric-db'"
-
"
IGNORE_IMAGE=1
bash
.scripts/check-service.sh
'dbrepo-search-db'"
-
"
IGNORE_IMAGE=1
IGNORE_PORTS=1
bash
.scripts/check-service.sh
'dbrepo-search-service'"
-
"
IGNORE_IMAGE=1
bash
.scripts/check-service.sh
'dbrepo-search-service-init'"
-
"
IGNORE_VOLUMES=1
bash
.scripts/check-service.sh
'dbrepo-storage-service'"
-
"
IGNORE_VOLUMES=1
bash
.scripts/check-service.sh
'dbrepo-storage-service-init'"
-
"
IGNORE_IMAGE=1
bash
.scripts/check-service.sh
'dbrepo-ui'"
-
"
bash
.scripts/check-service.sh
'dbrepo-upload-service'"
verify-install-script
:
image
:
docker.io/docker:24-dind
stage
:
verify
only
:
only
:
refs
:
refs
:
-
/^release-.*/
-
dev
variables
:
when
:
manual
SKIP_CHECKS
:
1
before_script
:
-
"
apk
add
bash
curl"
script
:
-
"
curl
-sSL
https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/raw/release-${DOC_VERSION}/install.sh
|
bash
|
grep
'Success!'"
verify-dist
:
image
:
docker.io/alpine:${ALPINE_VERSION}
stage
:
verify
only
:
refs
:
-
/^release-.*/
before_script
:
-
"
apk
add
curl"
script
:
-
"
curl
-v
--output
/dev/null
--fail
https://www.ifs.tuwien.ac.at/infrastructures/dbrepo/${APP_VERSION}/dist.tar.gz"
lint-helm-chart
:
image
:
docker.io/alpine:3.20
stage
:
lint
needs
:
-
build-metadata-service
dependencies
:
-
build-metadata-service
before_script
:
-
apk add helm
script
:
-
helm lint ./helm/dbrepo
test-metadata-service
:
test-metadata-service
:
image
:
maven:3-openjdk-${JAVA_VERSION}
image
:
maven:3-openjdk-${JAVA_VERSION}
...
@@ -355,27 +347,6 @@ test-ui:
...
@@ -355,27 +347,6 @@ test-ui:
-
"
sleep
30"
-
"
sleep
30"
-
"
ENDPOINT=http://localhost:3000
bash
./dbrepo-ui/test/test_heap.sh"
-
"
ENDPOINT=http://localhost:3000
bash
./dbrepo-ui/test/test_heap.sh"
scan-sonarqube
:
image
:
sonarsource/sonar-scanner-cli:10.0
stage
:
scan
only
:
refs
:
-
master
needs
:
-
build-data-service
-
build-metadata-service
dependencies
:
-
build-data-service
-
build-metadata-service
script
:
-
'
sonar-scanner
-Dsonar.token="${CI_SONAR_TOKEN}"'
allow_failure
:
true
cache
:
policy
:
pull
key
:
"
${CI_COMMIT_SHORT_SHA}"
paths
:
-
sonar-scanner/
release-images
:
release-images
:
stage
:
release
stage
:
release
image
:
docker:24-dind
image
:
docker:24-dind
...
@@ -472,3 +443,48 @@ release-libs:
...
@@ -472,3 +443,48 @@ release-libs:
script
:
script
:
-
bash ./lib/python/package.sh
-
bash ./lib/python/package.sh
-
bash ./lib/python/release.sh
-
bash ./lib/python/release.sh
verify-install-script
:
image
:
docker.io/docker:24-dind
stage
:
verify
only
:
refs
:
-
/^release-.*/
variables
:
SKIP_CHECKS
:
1
before_script
:
-
"
apk
add
bash
curl"
script
:
-
"
curl
-sSL
https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/raw/release-${DOC_VERSION}/install.sh
|
bash
|
grep
'Success!'"
verify-dist
:
image
:
docker.io/alpine:${ALPINE_VERSION}
stage
:
verify
only
:
refs
:
-
/^release-.*/
before_script
:
-
"
apk
add
curl"
script
:
-
"
curl
-v
--output
/dev/null
--fail
https://www.ifs.tuwien.ac.at/infrastructures/dbrepo/${APP_VERSION}/dist.tar.gz"
scan-sonarqube
:
image
:
sonarsource/sonar-scanner-cli:10.0
stage
:
scan
only
:
refs
:
-
master
needs
:
-
build-data-service
-
build-metadata-service
dependencies
:
-
build-data-service
-
build-metadata-service
script
:
-
'
sonar-scanner
-Dsonar.token="${CI_SONAR_TOKEN}"'
allow_failure
:
true
cache
:
policy
:
pull
key
:
"
${CI_COMMIT_SHORT_SHA}"
paths
:
-
sonar-scanner/
\ No newline at end of file
This diff is collapsed.
Click to expand it.
.gitlab/agents/dev/config.yaml
0 → 100644
+
0
−
0
View file @
32146b94
This diff is collapsed.
Click to expand it.
.gitlab/agents/dev/values.yaml
0 → 100644
+
161
−
0
View file @
32146b94
hostname
:
s155.datalab.tuwien.ac.at
gateway
:
https://s155.datalab.tuwien.ac.at
metadatadb
:
enabled
:
true
rootUser
:
user
:
root
password
:
da19c7cf5c0deba7bd47c174a0eb273b
galera
:
mariabackup
:
user
:
mariabackup
password
:
9e447eeaf3e4b6aa26ea01582f0e8a54
persistence
:
enabled
:
true
authservice
:
enabled
:
true
auth
:
adminUser
:
admin
adminPassword
:
ea72038fa14b968fc0ed09e182ecf624
postgresql
:
auth
:
postgresPassword
:
129d5b888b8df271fa482da39f15c513
jwt
:
pubkey
:
"
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB"
client
:
id
:
dbrepo-client
secret
:
MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG
persistence
:
enabled
:
true
brokerservice
:
enabled
:
true
ldap
:
bindpw
:
b8534187c9adf9618e7bd1c79c7f4639
identityservice
:
enabled
:
true
global
:
adminUser
:
admin
adminPassword
:
b8534187c9adf9618e7bd1c79c7f4639
users
:
admin
userPasswords
:
ea72038fa14b968fc0ed09e182ecf624
datadb
:
enabled
:
true
rootUser
:
user
:
root
password
:
fdf8578499b2083eb3aa03a861ac7912
galera
:
mariabackup
:
user
:
mariabackup
password
:
ef60e32e3217525474635cd28422c829
replicaCount
:
3
persistence
:
enabled
:
true
searchdb
:
enabled
:
true
security
:
enabled
:
false
extraEnvs
:
-
name
:
DISABLE_INSTALL_DEMO_CONFIG
value
:
"
true"
persistence
:
enabled
:
true
analyseservice
:
enabled
:
true
metadataservice
:
enabled
:
true
admin
:
email
:
noreply@example.com
deletedRecord
:
permanent
repositoryName
:
Database Repository
granularity
:
YYYY-MM-DDThh:mm:ssZ
datacite
:
enabled
:
false
url
:
https://api.datacite.org
prefix
:
"
"
username
:
"
"
password
:
"
"
dataservice
:
enabled
:
true
rabbitmq
:
consumer
:
username
:
admin
password
:
ea72038fa14b968fc0ed09e182ecf624
s3
:
auth
:
username
:
a45e7a77607a8906e92237f00ea72f58
password
:
e2c4303dcbfd3a2c606fe30d19fcb82b
filePath
:
/s3
searchservice
:
enabled
:
true
storageservice
:
enabled
:
true
uploadservice
:
enabled
:
true
dashboardservice
:
enabled
:
true
metricdb
:
enabled
:
true
server
:
rbac
:
create
:
false
ui
:
enabled
:
true
public
:
api
:
client
:
https://s155.datalab.tuwien.ac.at
server
:
https://s155.datalab.tuwien.ac.at
title
:
"
Database
Repository"
logo
:
"
https://s155.datalab.tuwien.ac.at/assets/logo.png"
icon
:
"
https://s155.datalab.tuwien.ac.at/assets/favicon.png"
touch
:
"
https://s155.datalab.tuwien.ac.at/assets/favicon.png"
broker
:
host
:
s155.datalab.tuwien.ac.at
extra
:
"
128.130.0.0/15"
database
:
extra
:
"
128.130.0.0/15"
pid
:
default
:
publisher
:
"
TU
Wien"
doi
:
enabled
:
false
endpoint
:
https://doi.org
extraVolumes
:
[
]
# - name: images-map
# configMap:
# name: ui-config
extraVolumeMounts
:
[
]
# - name: images-map
# mountPath: /static/logo.svg
# subPath: logo.svg
gatewayservice
:
extraVolumes
:
-
name
:
config-map
configMap
:
name
:
gateway-service-config
extraVolumeMounts
:
-
name
:
config-map
mountPath
:
/etc/nginx/assets/assets
ingress
:
enabled
:
true
className
:
nginx
tls
:
enabled
:
true
secretName
:
ingress-cert
annotations
:
cert-manager.io/cluster-issuer
:
letsencrypt-cluster-issuer
# nginx.ingress.kubernetes.io/whitelist-source-range: 128.130.0.0/15
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment