Merge pull request #264 from davidferlay/deployscript

Adding script for Continuous Delivery

Author: David Ferlay

.gitlab-ci.yml

@@ -246,6 +246,8 @@ deploy:storybook:
   <<: *runner_tag_selection
   <<: *only_branches
   <<: *only_var_theme
+  except:
+    - tags
 
 test:behat:
   stage: tests

scripts/delivery-docker/.gitlab-ci.delivery_via_docker_example.yml

@@ -0,0 +1,52 @@
+# Example of .gitlab-ci.yml jobs
+
+stages:
+  - deliver
+
+.delivery_template: &delivery_template
+  stage: deliver
+  dependencies:
+    - prepare:front # Where front dependencies are installed and assets are builded
+    - prepare:back # Where back dependencies are installed
+  allow_failure: true
+  retry:
+    max: 2
+  only:
+    - tags
+  except:
+    - branches
+  after_script:
+    - docker rmi -f ${CI_PROJECT_NAME}-artifact:${CI_COMMIT_REF_NAME}
+    - docker rmi -f ${DELIVERY_REPOSITORIES_DOCKER_REGISTRY_DOMAIN_1}/${CI_PROJECT_NAME}-artifact:${CI_COMMIT_REF_NAME}
+    - docker images --quiet --filter=dangling=true | xargs --no-run-if-empty docker rmi -f
+    - docker images
+
+delivery:
+  <<: *delivery_template
+  <<: *runner_tag_selection
+  script:
+  - echo " - Start of CI job"
+  - date; pwd; ls -lah;
+  - echo ${CI_PROJECT_NAME}
+  - echo ${CI_COMMIT_REF_NAME}
+  - echo ${CI_PROJECT_URL}
+  - echo ${DELIVERY_REPOSITORIES_DOCKER_REGISTRY_DOMAIN_1}
+  - echo ${DELIVERY_REPOSITORIES_USERNAME}
+  - docker info
+  - docker build -t ${CI_PROJECT_NAME}-artifact:${CI_COMMIT_REF_NAME} -f scripts/delivery-docker/Dockerfile . --no-cache --force-rm --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` --build-arg BUILD_URL="${CI_PROJECT_URL}" --build-arg BUILD_DESC="Drupal build artifact" --build-arg BUILD_NAME="${CI_PROJECT_NAME}" --build-arg BUILD_MAINTAINER="${CI_PROJECT_NAME}/mgmt@skilld.cloud"
+  - docker tag ${CI_PROJECT_NAME}-artifact:${CI_COMMIT_REF_NAME} ${DELIVERY_REPOSITORIES_DOCKER_REGISTRY_DOMAIN_1}/${CI_PROJECT_NAME}-artifact:${CI_COMMIT_REF_NAME}
+  - docker tag ${CI_PROJECT_NAME}-artifact:${CI_COMMIT_REF_NAME} ${DELIVERY_REPOSITORIES_DOCKER_REGISTRY_DOMAIN_1}/${CI_PROJECT_NAME}-artifact:latest
+  - docker inspect ${CI_PROJECT_NAME}-artifact:${CI_COMMIT_REF_NAME}
+  - docker login ${DELIVERY_REPOSITORIES_DOCKER_REGISTRY_DOMAIN_1} --username ${DELIVERY_REPOSITORIES_USERNAME} --password ${DELIVERY_REPOSITORIES_PASSWORD}
+  - docker push ${DELIVERY_REPOSITORIES_DOCKER_REGISTRY_DOMAIN_1}/${CI_PROJECT_NAME}-artifact:${CI_COMMIT_REF_NAME}
+  - docker push ${DELIVERY_REPOSITORIES_DOCKER_REGISTRY_DOMAIN_1}/${CI_PROJECT_NAME}-artifact:latest
+  - echo " - End of CI job"
+  artifacts:
+    name: "$CI_COMMIT_REF_NAME:$CI_COMMIT_SHA:delivery"
+    expire_in: 1d
+    paths:
+      - ./*
+
+Delivery 2: # Job can then be duplicated to deliver to multiples registries (just use a different REPOSITORIES_DOCKER_REGISTRY_DOMAIN_N variable for each)
+  ...
+

scripts/delivery-docker/Dockerfile

@@ -0,0 +1,18 @@
+FROM scratch
+
+ARG BUILD_DATE
+ARG BUILD_NAME
+ARG BUILD_DESC
+ARG BUILD_URL
+ARG BUILD_MAINTAINER
+
+LABEL org.label-schema.build-date=$BUILD_DATE \
+	org.label-schema.name=$BUILD_NAME \
+	org.label-schema.description=$BUILD_DESC \
+	org.label-schema.vcs-url=$BUILD_URL \
+	maintainer=$BUILD_MAINTAINER
+
+WORKDIR src
+COPY . .
+
+

scripts/delivery-docker/README.md

@@ -0,0 +1,28 @@
+# Delivering script
+
+## What
+
+- This script deliver the current tag from a repo to a docker registry using a Gitlab CI job, as part of continuous deployments
+- You can also deliver to multiple registries at the same time using multiple jobs in the same pipeline
+
+## Why
+
+Why not use the built-in registry functionality Gitlab-ci and other repository services usualy offer ?
+
+- Because it doesn't work when your git repo is protected behind a basic authentication
+- Because mirroring to multiple registries at once is sometime a premium (paid) feature
+- Because artifacts (downloaded and generated files) are usualy not versioned in git
+
+## Setup
+
+2 files are required : 
+- `.gitlab-ci.yml`
+- `Dockerfile`
+
+1. Define a delivery CI job like "Delivery 1" in .gitlab-ci.yml, as shown in .gitlab-ci.delivery_via_docker_example.yml
+   - To include artefact dependencies, this CI job should be positioned after all dependencies have been built and installed and use the [dependencies](https://docs.gitlab.com/ee/ci/yaml/#dependencies) key word
+1. In Gitlab UI, add the following custom CI/CD variables :
+   - DELIVERY_REPOSITORIES_DOCKER_REGISTRY_DOMAIN_1 : Docker repository to which deliver current tag (you can have multiple ones)
+   - DELIVERY_REPOSITORIES_USERNAME : Service account credentials to use to push Docker image
+   - DELIVERY_REPOSITORIES_PASSWORD : Service account credentials to use to push Docker image
+

scripts/delivery-git/.gitlab-ci.delivery_via_git_example.yml

@@ -0,0 +1,51 @@
+# Example of .gitlab-ci.yml jobs
+# Use with scripts/delivery/deliver_current_tag_via_git.sh
+
+stages:
+  - deliver
+
+.delivery_via_git_template: &delivery_via_git_template
+  stage: deliver
+  dependencies:
+    - prepare:front # Where front dependencies are installed and assets are builded
+    - prepare:back # Where back dependencies are installed
+  allow_failure: true
+  retry:
+    max: 2
+  only:
+    - tags
+  except:
+    - branches
+
+Delivery to hoster:
+  <<: *delivery_via_git_template
+  script:
+  - echo " - Start of CI script"
+  - date; pwd; ls -lah;
+  - mkdir -p ~/.ssh
+  - ls -lah ~
+  - echo "$DELIVERY_REMOTE_REPO_PRIVATE_KEY" > ~/.ssh/id_rsa
+  - chmod 0600 ~/.ssh/id_rsa
+  - ls -lah ~/.ssh
+  - apk add --no-cache openssh-client git rsync
+  - ssh-keyscan -H "$DELIVERY_REMOTE_REPO_IP" >> ~/.ssh/known_hosts
+  - git version
+  - rsync --version
+  - export TARGET_GIT_REPO="${DELIVERY_REMOTE_REPO_URL_1}" # Gitlab custom variable to update for each repo to mirror
+  - echo -e "TARGET_GIT_REPO = $TARGET_GIT_REPO"
+  - export TARGET_GIT_REPO_BRANCH="${DELIVERY_REMOTE_REPO_BRANCH}" # Gitlab custom variable to update for each repo to mirror
+  - echo -e "TARGET_GIT_REPO_BRANCH = $TARGET_GIT_REPO_BRANCH"
+  - export TARGET_GIT_REPO_TYPE="${DELIVERY_REMOTE_REPO_TYPE}"
+  - echo -e "TARGET_GIT_REPO_TYPE = $TARGET_GIT_REPO_TYPE"
+  - chmod +x scripts/delivery/deliver_current_tag_via_git.sh
+  - ./scripts/delivery/deliver_current_tag_via_git.sh
+  - echo " - End of CI script"
+  artifacts:
+    name: "$CI_COMMIT_REF_NAME:$CI_COMMIT_SHA:delivery"
+    expire_in: 1d
+    paths:
+      - ./*
+
+Delivery to repo YYY: # Job can then be duplicated to deliver to multiples repos (just use a different DELIVERY_REMOTE_REPO_URL_N variable for each)
+  ...
+

scripts/delivery-git/README.md

@@ -0,0 +1,32 @@
+# Delivering script
+
+## What
+
+- This script deliver the current tag from a repo to another one using a Gitlab CI job, as part of continuous deployments
+- You can also deliver to multiple repositories at the same time using multiple jobs in the same pipeline
+
+## Why
+
+Why not use the built-in mirroring functionality Gitlab-ci and other repository services usualy offer ?
+
+- Because it doesn't work when your git repo is protected behind a basic authentication
+- Because mirroring to multiple repos at once is sometime a premium (paid) feature
+- Because artifacts (downloaded and generated files) are usualy not versioned in git
+
+## Setup
+
+2 files are required : 
+- `.gitlab-ci.yml`
+- `deliver_current_tag_via_git.sh`
+
+1. Define a delivery CI job like "Deliver to repo XXX" in .gitlab-ci.yml, as shown in .gitlab-ci.delivery_example.yml
+   - To include artefact dependencies, this CI job should be positioned after all dependencies have been built and installed and use the [dependencies](https://docs.gitlab.com/ee/ci/yaml/#dependencies) key word
+1. In Gitlab UI, add the following custom CI/CD variables :
+   - DELIVERY_REMOTE_REPO_IP : IP or domain name of target git repos
+   - DELIVERY_REMOTE_REPO_PRIVATE_KEY : SSH private key matching public key added to git user
+   - DELIVERY_REMOTE_REPO_TYPE : Possible values : "PLATFORM.SH" only for now, or leave empty if appropriate
+   - DELIVERY_REMOTE_REPO_URL_1 : Git repo to which deliver current tag (you can have multiple ones)
+   - DELIVERY_REMOTE_REPO_BRANCH : Git branch to which deliver current tag
+   - GIT_USER_EMAIL : Email to be used by git user (used to commit)
+   - GIT_USER_NAME : Name to be used by git user (used to commit)
+

scripts/delivery-git/deliver_current_tag_via_git.sh

@@ -0,0 +1,116 @@
+#!/usr/bin/env sh
+# Use with Gitlab CI jobs from scripts/delivery/.gitlab-ci.delivery_example.yml
+
+echo -e "\n- Start of delivery script"
+# set -x #echo on
+
+# Defining functions # For local use only, NOT FOR USE IN CI
+
+CURRENT_TAG_FUNC()
+	{
+		git describe --tags $(git rev-list --tags --max-count=1)
+	}
+
+# Defining variables
+echo -e "- Defining variables...\n"
+
+PACKAGE_DIR=$(pwd)/files_to_be_deployed
+echo -e "PACKAGE_DIR = $PACKAGE_DIR"
+
+# TARGET_GIT_REPO=XXX@XXX.git # For local use only, NOT FOR USE IN CI
+# For CI use, var is moved to CI job itself, so that same script can be used to clone on multiple repos
+echo -e "TARGET_GIT_REPO = $TARGET_GIT_REPO"
+
+# TARGET_GIT_REPO_BRANCH=master # For local use only, NOT FOR USE IN CI
+# For CI use, var is moved to CI job itself, so that same script can be used to clone on multiple repos
+echo -e "TARGET_GIT_REPO_BRANCH = $TARGET_GIT_REPO_BRANCH"
+
+# TARGET_GIT_REPO_TYPE=GITLAB # For local use only, NOT FOR USE IN CI
+# For CI use, var is moved to CI job itself, so that same script can be used to clone on multiple repos
+echo -e "TARGET_GIT_REPO_TYPE = $TARGET_GIT_REPO_TYPE"
+
+# CURRENT_TAG=$(CURRENT_TAG_FUNC) # For local use only, NOT FOR USE IN CI
+CURRENT_TAG="$CI_COMMIT_REF_NAME" # For CI use only, using Gitlab predefined variable
+echo -e "CURRENT_TAG = $CURRENT_TAG"
+
+# GIT_USER_EMAIL="XXX@XXX.com" # For local use only, NOT FOR USE IN CI
+echo -e "GIT_USER_EMAIL = $GIT_USER_EMAIL" # For CI use only, using Gitlab custom variable
+
+# GIT_USER_NAME="XXX CI/CD" # For local use only, NOT FOR USE IN CI
+echo -e "GIT_USER_NAME = $GIT_USER_NAME" # For CI use only, using Gitlab custom variable
+
+# Preparing delivery dir
+echo -e "- Preparing delivery dir...\n"
+mkdir "$PACKAGE_DIR"
+cd "$PACKAGE_DIR"
+
+# Initialising external git repo
+echo -e "- Initialising external git repo...\n"
+git init && git config --local core.excludesfile false && git config --local core.fileMode true
+git remote add origin $TARGET_GIT_REPO
+git pull origin master
+git fetch
+git checkout $TARGET_GIT_REPO_BRANCH
+git config --local user.email "$GIT_USER_EMAIL"
+git config --local user.name "$GIT_USER_NAME"
+
+# Deleting files in delivery dir
+echo -e "- Deleting files in delivery dir...\n"
+set -x #echo on
+find -maxdepth 1 ! -name '.git' -exec rm -rv {} \; 1> /dev/null
+ls -lah
+
+# Copying files to delivery dir
+echo -e "- Copying files to delivery dir...\n"
+rsync -av --quiet --progress ../. . --exclude .git/ --exclude files_to_be_deployed/
+
+# Making sure everything needed will be included in commit
+echo -e "- Making sure everything needed will be included in commit...\n"
+echo -e "-- Deleting all .gitignore files...\n"
+mv .gitignore .gitig
+find . -name '.gitignore' -type f | wc -l
+find . -name '.gitignore' -type f -exec rm {} +
+# mv .gitig .gitignore // Note that we don't keep the .gitignore file like we usualy do, all project content must be commited here
+
+echo -e "-- Deleting all .git directories except root one...\n"
+mv .git .got
+find . -name '.git' -type d | wc -l
+find . -name '.git' -type d -exec rm -rf {} +
+mv .got .git
+
+# Removing local DB settings from settings.php
+sed -i -e "/$databases\['default'\]\['default'\] = array (/,/)/d" web/sites/default/settings.php
+# Adding install profile value in settings.php
+echo "\$settings['install_profile'] = 'sdd';" >> web/sites/default/settings.php
+# Adding settings.local.php to web dir
+cp settings/settings.local.php web/sites/default/settings.local.php
+sed -i "/settings.local.php';/s/# //g" web/sites/default/settings.php
+
+# Preventing platform.sh error "Application name 'app' is not unique"
+if [ "$TARGET_GIT_REPO_TYPE" = "PLATFORM.SH" ]; then
+	echo -e "- Preventing platform.sh error "Application name 'app' is not unique"...\n"
+	sed -i "s|name: 'app'|name: 'XXX'|g" ../.platform.app.yaml
+fi
+# Moving hosting env files back at project root
+if [ "$TARGET_GIT_REPO_TYPE" = "GITLAB" ]; then
+	echo -e "- Moving hosting env files back at project root...\n"
+	mv .gitlab-ci.yml .gitlab-ci-backup.yml
+	mv hosting/* hosting/.* .
+fi
+
+# Commiting to external repo
+echo -e "- Commiting to external repo...\n"
+git add -A 1> /dev/null
+git status -s
+git commit --quiet -m "$CURRENT_TAG"
+git push origin $TARGET_GIT_REPO_BRANCH --quiet
+git tag "$CURRENT_TAG"
+git push --tag
+
+# Cleaning delivery dir
+echo -e "- Cleaning delivery dir...\n"
+cd ..
+rm -rf "$PACKAGE_DIR"
+
+echo -e "- End of delivery script"
+