Skip to content

Commit

Permalink
release(prod): enable unstable and prod image build/push...
Browse files Browse the repository at this point in the history 
...and deploy
  • Loading branch information
@iulianbarbu
iulianbarbu committed May 16, 2023
1 parent aeda976 commit 6eb1ca9
Show file tree
Hide file tree
Showing 2 changed files with 145 additions and 182 deletions.
326 changes: 144 additions & 182 deletions .circleci/config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -288,46 +288,6 @@ jobs:
- "/tmp/cache/buildx"
key: docker-buildx-{{ .Branch }}
when: always
# build-and-push:
# executor: image-ubuntu
# environment:
# CARGO_REGISTRIES_CRATES_IO_PROTOCOL: "sparse"
# steps:
# - checkout
# - run:
# name: Set git tag in bash_env
# command: |
# echo TAG=$(git describe --tags --abbrev=0) >> $BASH_ENV
# - restore-buildx-cache
# - aws-ecr/ecr-login:
# aws-access-key-id: AWS_ACCESS_KEY_ID
# aws-secret-access-key: AWS_SECRET_ACCESS_KEY
# public-registry: true
# - run:
# name: Make and push images
# command: |
# PUSH=true PROD=false PLATFORMS=linux/amd64 TAG=$TAG make images
# - save-buildx-cache
# build-and-push2:
# executor: image-ubuntu
# environment:
# CARGO_REGISTRIES_CRATES_IO_PROTOCOL: "sparse"
# steps:
# - checkout
# - run:
# name: Set git tag in bash_env
# command: |
# echo TAG=$(git describe --tags --abbrev=0) >> $BASH_ENV
# - restore-buildx-cache
# - aws-ecr/ecr-login:
# aws-access-key-id: PROD_AWS_ACCESS_KEY_ID
# aws-secret-access-key: PROD_AWS_SECRET_ACCESS_KEY
# public-registry: true
# - run:
# name: Make and push images
# command: |
# PUSH=true PROD=true PLATFORMS=linux/amd64 TAG=$TAG make images
# - save-buildx-cache
build-and-push:
executor: image-ubuntu
environment:
Expand Down Expand Up @@ -361,8 +321,7 @@ jobs:
- run:
name: Make and push images
command: |
echo "the tag is: $TAG"
PUSH=false PROD=<< parameters.production >> PLATFORMS=linux/amd64 TAG=$TAG make images
PUSH=true PROD=<< parameters.production >> PLATFORMS=linux/amd64 TAG=$TAG make images
- save-buildx-cache
deploy-images:
executor: image-ubuntu
Expand Down Expand Up @@ -400,16 +359,20 @@ jobs:
- << parameters.ssh-fingerprint >>
- run:
name: Generate ssh config
command: ./.circleci/<<parameters.ssh-config-script>>
command: ./.circleci/<< parameters.ssh-config-script >>
- run:
name: Deploy images
command: |
ssh ec2-user@master.<< parameters.ssh-host >> "ls | wc -l"
DOCKER_HOST=ssh://ec2-user@master.<< parameters.ssh-host >> docker images
DOCKER_HOST=ssh://ec2-user@master.<< parameters.ssh-host >> USE_TLS=enable PROD=<< parameters.production >> DD_API_KEY=$DD_API_KEY \
POSTGRES_PASSWORD=<< parameters.postgres-password >> \
MONGO_INITDB_ROOT_PASSWORD=<< parameters.mongodb-password >> \
TAG=$TAG \
make deploy
- run:
name: Pull new deployer image
command: |
# ssh ec2-user@controller.<< parameters.ssh-host >> "docker pull public.ecr.aws/shuttle-dev/deployer:$TAG"
[[ "<< parameters.production >>" == true ]] && ssh ec2-user@controller.<< parameters.ssh-host >> "docker pull public.ecr.aws/shuttle-prod/deployer:$TAG" || \
ssh ec2-user@controller.<< parameters.ssh-host >> "docker pull public.ecr.aws/shuttle-dev/deployer:$TAG"
build-binaries-linux:
machine:
Expand Down Expand Up @@ -593,103 +556,102 @@ jobs:
workflows:
ci:
jobs:
# - workspace
# - check-standalone:
# name: << matrix.path >>
# matrix:
# parameters:
# path:
# - resources/aws-rds
# - resources/persist
# - resources/secrets
# - resources/static-folder
# - services/shuttle-actix-web
# - services/shuttle-axum
# - services/shuttle-next
# - services/shuttle-poem
# - services/shuttle-poise
# - services/shuttle-rocket
# - services/shuttle-salvo
# - services/shuttle-serenity
# - services/shuttle-thruster
# - services/shuttle-tide
# - services/shuttle-tower
# - services/shuttle-warp
# - check-standalone:
# # shuttle-shared-db has mutually exclusive features
# # so we run checks for each feature separately
# name: "resources/shared-db: << matrix.features >>"
# matrix:
# alias: check-standalone-shared-db
# parameters:
# path: [resources/shared-db]
# features:
# - "-F mongodb"
# - "-F postgres"
# - "-F postgres-rustls"
# - platform-test:
# name: << matrix.crate >>
# requires:
# - workspace
# matrix:
# parameters:
# crate:
# [
# "shuttle-auth",
# "cargo-shuttle",
# "shuttle-codegen",
# "shuttle-common",
# "shuttle-deployer",
# "shuttle-proto",
# "shuttle-provisioner",
# "shuttle-runtime",
# "shuttle-service",
# ]
# - e2e-test:
# requires:
# - platform-test
# - check-standalone
# - check-standalone-shared-db
# filters:
# branches:
# only: production
- workspace
- check-standalone:
name: << matrix.path >>
matrix:
parameters:
path:
- resources/aws-rds
- resources/persist
- resources/secrets
- resources/static-folder
- services/shuttle-actix-web
- services/shuttle-axum
- services/shuttle-next
- services/shuttle-poem
- services/shuttle-poise
- services/shuttle-rocket
- services/shuttle-salvo
- services/shuttle-serenity
- services/shuttle-thruster
- services/shuttle-tide
- services/shuttle-tower
- services/shuttle-warp
- check-standalone:
# shuttle-shared-db has mutually exclusive features
# so we run checks for each feature separately
name: "resources/shared-db: << matrix.features >>"
matrix:
alias: check-standalone-shared-db
parameters:
path: [resources/shared-db]
features:
- "-F mongodb"
- "-F postgres"
- "-F postgres-rustls"
- platform-test:
name: << matrix.crate >>
requires:
- workspace
matrix:
parameters:
crate:
[
"shuttle-auth",
"cargo-shuttle",
"shuttle-codegen",
"shuttle-common",
"shuttle-deployer",
"shuttle-proto",
"shuttle-provisioner",
"shuttle-runtime",
"shuttle-service",
]
- e2e-test:
requires:
- platform-test
- check-standalone
- check-standalone-shared-db
filters:
branches:
only: production
- approve-push-unstable:
type: approval
# filters:
# branches:
# only: main
filters:
branches:
only: main
- build-and-push:
name: build-and-push-unstable
aws-access-key-id: AWS_ACCESS_KEY_ID
aws-secret-access-key: AWS_SECRET_ACCESS_KEY
production: false
requires:
- approve-push-unstable
# filters:
# branches:
# only: main
filters:
branches:
only: main
- deploy-images:
name: Deploy images to unstable
postgres-password: DEV_POSTGRES_PASSWORD
mongodb-password: DEV_MONGO_INITDB_ROOT_PASSWORD
production: true
requires:
- build-and-push-unstable
- approve-push-production:
type: approval
# filters:
# branches:
# only: production
filters:
branches:
only: production
- build-and-push:
name: build-and-push-production
aws-access-key-id: PROD_AWS_ACCESS_KEY_ID
aws-secret-access-key: PROD_AWS_SECRET_ACCESS_KEY
production: true
requires:
- approve-push-production
# filters:
# branches:
# only: production
filters:
branches:
only: production
- deploy-images:
name: Deploy images to production
postgres-password: PROD_POSTGRES_PASSWORD
Expand All @@ -700,66 +662,66 @@ workflows:
production: true
requires:
- build-and-push-production
# release:
# jobs:
# - linux-qa:
# filters:
# branches:
# only: production
# - mac-qa:
# filters:
# branches:
# only: production
# - build-binaries-linux:
# name: build-binaries-x86_64-gnu
# image: ubuntu-2204:2022.04.1
# target: x86_64-unknown-linux-gnu
# protoc_arch: linux-x86_64
# resource_class: xlarge
# # requires:
# # - linux-qa
# filters:
# branches:
# only: production
# - build-binaries-linux:
# name: build-binaries-x86_64-musl
# image: ubuntu-2204:2022.04.1
# target: x86_64-unknown-linux-musl
# protoc_arch: linux-x86_64
# resource_class: xlarge
# # requires:
# # - linux-qa
# filters:
# branches:
# only: production
# - build-binaries-linux:
# name: build-binaries-aarch64
# image: ubuntu-2004:202101-01
# target: aarch64-unknown-linux-musl
# resource_class: arm.xlarge
# protoc_arch: linux-aarch_64
# # requires:
# # - linux-qa
# filters:
# branches:
# only: production
# - build-binaries-windows:
# filters:
# branches:
# only: production
# - build-binaries-mac:
# # requires:
# # - mac-qa
# filters:
# branches:
# only: production
# - publish-github-release:
# requires:
# - build-binaries-x86_64-gnu
# - build-binaries-x86_64-musl
# - build-binaries-aarch64
# - build-binaries-windows
# - build-binaries-mac
# filters:
# branches:
# only: production
release:
jobs:
- linux-qa:
filters:
branches:
only: production
- mac-qa:
filters:
branches:
only: production
- build-binaries-linux:
name: build-binaries-x86_64-gnu
image: ubuntu-2204:2022.04.1
target: x86_64-unknown-linux-gnu
protoc_arch: linux-x86_64
resource_class: xlarge
# requires:
# - linux-qa
filters:
branches:
only: production
- build-binaries-linux:
name: build-binaries-x86_64-musl
image: ubuntu-2204:2022.04.1
target: x86_64-unknown-linux-musl
protoc_arch: linux-x86_64
resource_class: xlarge
# requires:
# - linux-qa
filters:
branches:
only: production
- build-binaries-linux:
name: build-binaries-aarch64
image: ubuntu-2004:202101-01
target: aarch64-unknown-linux-musl
resource_class: arm.xlarge
protoc_arch: linux-aarch_64
# requires:
# - linux-qa
filters:
branches:
only: production
- build-binaries-windows:
filters:
branches:
only: production
- build-binaries-mac:
# requires:
# - mac-qa
filters:
branches:
only: production
- publish-github-release:
requires:
- build-binaries-x86_64-gnu
- build-binaries-x86_64-musl
- build-binaries-aarch64
- build-binaries-windows
- build-binaries-mac
filters:
branches:
only: production
1 change: 1 addition & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -167,6 +167,7 @@ shuttle-%: ${SRC} Cargo.lock
--build-arg CARGO_PROFILE=$(CARGO_PROFILE) \
--tag $(CONTAINER_REGISTRY)/$(*):$(COMMIT_SHA) \
--tag $(CONTAINER_REGISTRY)/$(*):$(TAG) \
--tag $(CONTAINER_REGISTRY)/$(*):latest \
$(BUILDX_FLAGS) \
-f Containerfile \
.
Expand Down

0 comments on commit 6eb1ca9

Please sign in to comment.