Merge branch 'trigger' into 'master'

Trigger See merge request !20

Merge branch 'trigger' into 'master'
Trigger See merge request !20
956dfa6c · Malin, James (Contractor) Christopher · 1446e5e5 · 67730669 · 956dfa6c
Commit 956dfa6c authored May 28, 2019 by Malin, James (Contractor) Christopher
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
 variables:
-  # DOCKER_DRIVER: overlay2
-  # TEST_IMAGE: node:latest
-  # RELEASE_IMAGE: node:latest
-  BUILD_ID: "test"
+  BUILD_ID: "1.0.6"
  APP_NAME: "earthquake-geoserve-ui"
-  DEVOPS_REGISTRY: "$GITLAB_INNERSOURCE_REGISTRY/devops/images"
+  # DEVOPS_REGISTRY: "$GITLAB_INNERSOURCE_REGISTRY/devops/images"
  #WORKSPACE: "prod"
  FAILURE: "null"
  # name of the branch; if master, do latest
-  IMAGE_VERSION: "test"
+  IMAGE_VERSION: "1.0.6"
  SCM_VARS: "[:]"
  # Name of image to use as basis when building LOCAL_IMAGE/DEPLOY_IMAGE
  BASE_IMAGE: "usgs/nginx:latest"
@@ -16,21 +13,39 @@ variables:
  BUILDER_CONTAINER: $APP_NAME-$BUILD_ID-BUILDER
  BUILDER_IMAGE: "usgs/node:10"
  # Name of image to deploy (push) to registry
-  DEPLOY_IMAGE: "$GITLAB_INNERSOURCE_REGISTRY/ghsc/hazdev/earthquake-geoserve/ui"
-  DOCKER_HUB_IMAGE: "usgs/earthquake-geoserve-ui"
-  # DOCKER_HUB_IMAGE: "jamesmalin/usgs-geoserve-ui"
+  DEPLOY_IMAGE: "$GITLAB_INNERSOURCE_REGISTRY:5001/ghsc/hazdev/earthquake-geoserve/ui"
+  # DOCKER_HUB_IMAGE: "usgs/earthquake-geoserve-ui"
+  DOCKER_HUB_IMAGE: "jamesmalin/usgs-geoserve-ui"
  # Run application locally for testing security vulnerabilities
-  LOCAL_CONTAINER: $APP_NAME-$BUILD_ID-pentest
+  LOCAL_CONTAINER: $APP_NAME-$BUILD_ID-PENTEST
  LOCAL_IMAGE: local/$APP_NAME:$BUILD_ID
  # Runs zap.sh as daemon and used to execute zap-cli calls within
-  OWASP_CONTAINER: $APP_NAME-$BUILD_ID-owasp
-  OWASP_IMAGE: "$DEVOPS_REGISTRY/owasp/zap2docker-stable"
+  OWASP_CONTAINER: $APP_NAME-$BUILD_ID-OWASP
+  OWASP_IMAGE: "owasp/zap2docker-stable"
  OWASP_REPORT_DIR: "owasp-data"
  ZAP_API_PORT: "8090"
-  PENTEST_IP: "application:8080"
+  PENTEST_IP: 'application:8080'

  S3_BUCKET: usgs-cf-templates

+
+  # COMBINING VARIABLES FROM DEPLOY JOB
+  CONFIG: ''
+  # DEPLOY_DIR: '/tmp/${APP_NAME}'
+  DEPLOY_APP_NAME: 'earthquake-geoserve'
+  DEPLOY_DIR: '${APP_NAME}'
+  REMOTE_DEPLOY_DIR: '/tmp/${DEPLOY_DIR}'
+  EXPORTS: ''
+  TARGET_HOSTS: ''
+  branch: 'origin/master'
+  REMOTE_USER: 'jmalin'
+  #WORKING_DIR: '/var/lib/jenkins/workspace/HazDev/earthquake-geoserve/deploy'
+  #WORKING_DIR: ''
+  # GENERIC_APP_REPOSITORY: 'https://${CHS_USERNAME}:${CHS_PASSWORD}@${GITLAB_INNERSOURCE_REGISTRY}/ghsc/hazdev/container-deploy.git'
+  # CUSTOM_APP_REPOSITORY: 'https://${CHS_USERNAME}:${CHS_PASSWORD}@${GITLAB_INNERSOURCE_REGISTRY}/ghsc/hazdev/earthquake-geoserve.git'
+  # CONFIG_REPOSITORY: 'https://${CHS_USERNAME}:${CHS_PASSWORD}@${GITLAB_INNERSOURCE_REGISTRY}/ghsc/hazdev/jenkins.git'
+  # ENVIRONMENT: 'dev01'
+  
 # Using docker in docker
 services:
  - docker:dind
@@ -38,9 +53,10 @@ services:
 stages:
  # - init
  - build
-  - unit-tests
+  - trigger_deploy
+  # - unit-tests
  # - pen-tests
-  - publish-image
+  # - publish-image
  # - deploy

 # initialize:
@@ -59,6 +75,7 @@ stages:
 #     paths:
 #       - code

+    ###### Build ######
 build:
  stage: build
  image: docker:stable
@@ -66,48 +83,53 @@ build:
    - rm -rf docker-images
    - rm -rf $OWASP_REPORT_DIR
    - rm package-lock.json
-    # - rm -rf node_modules
-    # - ls
-   # - npm install
-  # cache:
-  #   untracked: true
-  only:
-    - master
  script:
-    - echo $OWASP_CONTAINER $LOCAL_CONTAINER $OWASP_REPORT_DIR $OWASP_IMAGE $ZAP_API_PORT
-    # - docker login -u $DOCKER_USERNAME -p '$DOCKER_PASSWORD' $CI_REGISTRY
    - echo "Building..."
-    # build a local directory to be used later for testing or deploying
-    - mkdir docker-images
-    # build image and save
-    - "docker build --build-arg FROM_IMAGE=$BASE_IMAGE
-    --build-arg BUILD_IMAGE=$BUILDER_IMAGE -t $LOCAL_IMAGE ."
-    - docker save $LOCAL_IMAGE > docker-images/app.tar
+
+    # # build a local directory to be used later for testing or deploying
+    # - mkdir docker-images
+    # # build image and save
+    # - "docker build --build-arg FROM_IMAGE=$BASE_IMAGE
+    # --build-arg BUILD_IMAGE=$BUILDER_IMAGE -t $LOCAL_IMAGE ."
+    # - docker save $LOCAL_IMAGE > docker-images/app.tar
+    
+  # Needed later when loading docker images
+  # Could test without the docker images saved and try to pull local image
  artifacts:
    paths:
      - docker-images
+  cache:
+    key: "$CI_BUILD_REF_NAME"
+    paths:
+      - docker-images

-run unit tests:
-  stage: unit-tests
-  image: trion/ng-cli-e2e
-  only:
-    - master
-  script:
-    - npm install --no-audit --no-save
-    - ng lint
-    - ng test hazdev-ng-geoserve-output --watch=false --code-coverage --progress false --browsers ChromeHeadless
-    - npm run build
-    - ng test earthquake-geoserve-ui --watch=false --code-coverage --progress false --browsers ChromeHeadless
-    - ng e2e
+# run unit tests:
+#   stage: unit-tests
+#   image: trion/ng-cli-e2e
+#   cache:
+#     # untracked: true # cache all files that are untracked in your Git repository
+#     # job doesn’t alter cached files, skip the upload step by setting policy: pull
+#     policy: pull 
+#   # only:
+#   #   - master
+#   script:
+#     - npm install --no-audit --no-save
+#     - ng lint
+#     - ng test hazdev-ng-geoserve-output --watch=false --code-coverage --progress false --browsers ChromeHeadless
+#     - npm run build
+#     - ng test earthquake-geoserve-ui --watch=false --code-coverage --progress false --browsers ChromeHeadless
+#     - ng e2e

 # run penetration tests:
 #   stage: pen-tests
 #   image: docker:stable
+#   cache:
+#     policy: pull
 #   # before_script:
 #   #   - npm i
 #   #   - npm i highlightjs
-#   only:
-#     - master
+#   # only:
+#   #   - master
 #   script:
 #     - mkdir -p $OWASP_REPORT_DIR
 #     - chmod 777 $OWASP_REPORT_DIR
@@ -118,65 +140,86 @@ run unit tests:
 #     # docker run --rm -d -u zap --name=earthquake-geoserve-ui-3-OWASP --link=earthquake-geoserve-ui-3-PENTEST:application -v /var/lib/jenkins/workspace/HazDev/earthquake-geoserve/build-ui/owasp-data:/zap/reports:rw -i code.chs.usgs.gov:5001/devops/images/owasp/zap2docker-stable zap.sh -daemon -port 8090 -config api.disablekey=true
 #     # docker run --rm --name earthquake-geoserve-ui-1.0.4-PENTEST -d jamesmalin/usgs-geoserve-ui:1.0.4
 #     # docker run --rm -d -u zap --name=earthquake-geoserve-ui-1.0.4-OWASP --link=earthquake-geoserve-ui-1.0.4-PENTEST:application -v /owasp-data:/zap/reports:rw -i owasp/zap2docker-stable zap.sh -daemon -port 8090 -config api.disablekey=true
-#     - "docker exec -i ${OWASP_CONTAINER}
-#     curl -I localhost:${ZAP_API_PORT}
+#     - "docker exec -i ${OWASP_CONTAINER} 
+#     curl -I localhost:${ZAP_API_PORT} 
 #     > /dev/null 2>&1 && echo 'SUCCESS'"
-#     # - sleep 10
 #     - docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT spider http://$PENTEST_IP/
-#     # - sleep 10
 #     - docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT active-scan http://$PENTEST_IP/
 #     - docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT report -o owasp-zap-report.html -f html
 #     - docker stop $OWASP_CONTAINER ${LOCAL_CONTAINER}
 #   artifacts: # can you make this not available to the public
 #     paths:
 #       - owasp-zap-report.html
+#       - docker-images
 #   dependencies:
 #     - build

-publish image:
-  stage: publish-image
-  # image: node:latest
-  image: docker:stable
-  only:
-    - master
-  # before_script:
-    # - curl -O https://bootstrap.pypa.io/get-pip.py
-    # - python3 get-pip.py --user
-    # - /root/.local/bin/pip3 install awscli --upgrade --user
-    # - npm install -g docker
-    # - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
-  script:
-    # - aws cloudformation package --template-file ./deployment/aws-create-user.json --s3-bucket $S3_BUCKET --output-template usgs-user-template-export.yml
-    # - aws cloudformation deploy --template-file /builds/jmalin/earthquake-geoserve-ui/usgs-user-template-export.yml --stack-name usgs-user-deploy-stack
-    # Re-tag candidate image as actual image name and push actual image to repository
-    # TODO - Deploy to USGS Hazdev Registry
-    # - docker tag ${LOCAL_IMAGE} ${DEPLOY_IMAGE}:${IMAGE_VERSION}
-    # - docker push ${DEPLOY_IMAGE}:${IMAGE_VERSION}
+#     ###### Publish ######

-    # Re-tag candidate image as public image name and push to docker hub
-    # For a private registry include registry URL
-    - docker load -i docker-images/app.tar
-    # - docker build --build-arg FROM_IMAGE=$BASE_IMAGE --build-arg BUILD_IMAGE=$BUILDER_IMAGE -t $LOCAL_IMAGE .
-    # - docker tag ${LOCAL_IMAGE} ${DOCKER_HUB_IMAGE}:${IMAGE_VERSION}
-    - docker tag ${LOCAL_IMAGE} ${DEPLOY_IMAGE}:${IMAGE_VERSION}
-    # login to dockerhub
-    # - echo $CHS_PASSWORD | docker login --username $CHS_USERNAME --password-stdin https://$GITLAB_INNERSOURCE_REGISTRY
-    - echo $TEST_PASSWORD | docker login --username $TEST_USERNAME --password-stdin https://$GITLAB_INNERSOURCE_REGISTRY
-    # - docker push ${DOCKER_HUB_IMAGE}:${IMAGE_VERSION}
-    - docker push ${DEPLOY_IMAGE}:${IMAGE_VERSION}
-    # Delete pass file
-    - rm -rf /root/.docker/config.json
-  dependencies:
-    - build
-# deploy:
-#   stage: deploy
-#   image: node:latest
-#   before_script:
-#     - npm i -g docker
+# publish image:
+#   stage: publish-image
+#   image: docker:stable
 #   only:
-#     - master
+#     - merge_requests
+#   before_script:
+#     # - curl -O https://bootstrap.pypa.io/get-pip.py
+#     # - python3 get-pip.py --user
+#     # - /root/.local/bin/pip3 install awscli --upgrade --user
+#     # - npm install -g docker
+#     # - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
 #   script:
-#     - sleep 5
+#     # - aws cloudformation package --template-file ./deployment/aws-create-user.json --s3-bucket $S3_BUCKET --output-template usgs-user-template-export.yml
+#     # - aws cloudformation deploy --template-file /builds/jmalin/earthquake-geoserve-ui/usgs-user-template-export.yml --stack-name usgs-user-deploy-stack
+#     # Re-tag candidate image as actual image name and push actual image to repository
+#     # TODO - Deploy to USGS Hazdev Registry
+#     # - docker build --build-arg FROM_IMAGE=$BASE_IMAGE --build-arg BUILD_IMAGE=$BUILDER_IMAGE -t $LOCAL_IMAGE .
+#     - docker load -i docker-images/app.tar
+#     - docker tag ${LOCAL_IMAGE} ${DEPLOY_IMAGE}:${IMAGE_VERSION}
+#     - echo "$CHS_PASSWORD" | docker login --username $CHS_USERNAME --password-stdin $GITLAB_INNERSOURCE_REGISTRY
+#     - docker push ${DEPLOY_IMAGE}:${IMAGE_VERSION}
+
+#     # Re-tag candidate image as public image name and push to docker hub
+#     # For a private registry include registry URL
+#     - docker tag ${LOCAL_IMAGE} ${DOCKER_HUB_IMAGE}:${IMAGE_VERSION}
+#     # login to dockerhub
+#     - echo "$DOCKER_PASSWORD" | docker login --username $DOCKER_USERNAME --password-stdin
+#     - docker push ${DOCKER_HUB_IMAGE}:${IMAGE_VERSION}
+#     # Delete pass file
+#     - rm -rf /root/.docker/config.json
 #   dependencies:
 #     - build
-#     - publish-image
+#     # - 'run unit tests'
+#     # - 'run penetration tests'
+#   cache:
+#     key: "$CI_BUILD_REF_NAME"
+#     paths:
+#       - docker-images
+
+trigger deploy:
+  # variables:
+  #   BUILD_ID: $${BUILD_ID}
+  image: node:latest
+  stage: trigger_deploy
+  only:
+    - merge_requests
+  # trigger: jmalin/container-deploy
+  script:
+     - 'curl -X POST
+     -F token=c09718baf4dd9bce693eecc01fda51
+     -F "ref=master"
+     -F "variables[CI_COMMIT_MESSAGE]=$CI_COMMIT_MESSAGE"
+     -F "variables[IMAGE_VERSION]=${IMAGE_VERSION}"
+     -F "variables[DB_IMAGE_NAME]=ghsc/hazdev/earthquake-geoserve/db:${IMAGE_VERSION}"
+     -F "variables[ENVIRONMENT]=${ENVIRONMENT}"
+     -F "variables[UI_IMAGE_NAME]=ghsc/hazdev/earthquake-geoserve/ui:${IMAGE_VERSION}"
+     -F "variables[APP_NAME]=${DEPLOY_APP_NAME}"
+     -F "variables[GIT_BRANCH]=origin/master"
+     -F "variables[WS_IMAGE_NAME]=ghsc/hazdev/earthquake-geoserve/ws:${IMAGE_VERSION}"
+     -F "variables[APP_REPO]=ghsc/hazdev/earthquake-geoserve.git"
+     -F "variables[STACK_NAME]=earthquake-geoserve"
+     -F "variables[TARGET_HOSTNAME]=dev01-container01.cr.usgs.gov"
+     -F "variables[REMOTE_DEPLOY_DIR]=${REMOTE_DEPLOY_DIR}"
+     https://code.usgs.gov/api/v4/projects/1207/trigger/pipeline'
+
+# use triggers with Jenkins config
+# use triggers w/ container master
\ No newline at end of file