[GITLAB] - UPGRADE TO v12 on Wednesday the 18th of December at 11.30AM

Commit dced40f7 authored by Daniele Venzano's avatar Daniele Venzano

Merge branch 'devel/master' into devel/wi9.1-wi9.2

parents 602dac53 efcc5ef3
......@@ -58,7 +58,7 @@ api-test:
script:
- cd tests
- coverage run -p basic_auth_success_test.py localhost:5100
- coverage run -p cookie_auth_success_test.py
- coverage run -p cookie_auth_success_test.py localhost:5100
- coverage combine
- coverage report
artifacts:
......@@ -77,6 +77,8 @@ images:
script:
- docker build --pull -t ${DOCKER_REGISTRY}/ci/${ZOE_TEST_IMAGE} .
- docker push ${DOCKER_REGISTRY}/ci/${ZOE_TEST_IMAGE}
only:
- /^.*master$/
docs:
stage: deploy
......@@ -90,22 +92,35 @@ docs:
- apt-get update -y && apt-get install rsync -y
script:
- sh ./build_docs.sh
- rsync -avz docs/_build/html/ ubuntu@${STAGING_IP}:${STAGING_PATH}/docs
- rsync -avz docs/_build/html/ ubuntu@${STAGING_IP}:${WEB_STAGING_PATH}/docs
environment:
name: staging
only:
- /^.*master$/
#frontend:
# stage: deploy
# image: node:latest
# before_script:
# - which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )
# - eval $(ssh-agent -s)
# - ssh-add <(echo "$SSH_PRIVATE_KEY")
# script:
# - cd zoe_fe
# - npm install
# - npm install -g @angular/cli
# - ng build --env=prod --output-path=build/prod
# - rsync -avz build/prod/ ubuntu@${STAGING_IP}:${STAGING_PATH}
# environment:
# name: staging
frontend:
stage: deploy
image: node:latest
before_script:
- which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )
- eval $(ssh-agent -s)
- ssh-add <(echo "$SSH_PRIVATE_KEY")
- mkdir -p ~/.ssh
- 'echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
- apt-get update -y && apt-get install rsync -y
script:
- rsync -avz . ubuntu@${STAGING_IP}:${ZOE_STAGING_PATH}
- ssh ubuntu@${STAGING_IP} sudo pip install --upgrade -r /srv/zoe/requirements.txt
- ssh ubuntu@${STAGING_IP} sudo supervisorctl restart zoe-api
- ssh ubuntu@${STAGING_IP} sudo supervisorctl restart zoe-master
- cd zoe_fe
- npm install
- npm install -g --save-dev @angular/cli
- 'sed -i -e "s/cors: false,/cors: true,/" src/environments/environment.prod.ts'
- 'sed -i -e "s/apiEndpoint: .*,/apiEndpoint: ''http:\/\/192.168.45.189:5001\/api\/0.7'',/" src/environments/environment.prod.ts'
- ng build --env=prod --output-path=build/prod
- rsync -avz build/prod/ ubuntu@${STAGING_IP}:${WEB_STAGING_PATH}
environment:
name: staging
only:
- /^.*master$/
FROM golang:1.8-alpine
MAINTAINER Quang-Nhat Hoang-Xuan <hxquangnhat@gmail.com>
VOLUME /config
EXPOSE 6060 6061
ENV GOPATH /go
RUN apk add --no-cache git bzr rpm xz && \
go get -v github.com/coreos/clair/cmd/clair && \
go install -v github.com/coreos/clair/cmd/clair && \
mv /go/bin/clair /clair && \
go install -v github.com/coreos/clair/contrib/analyze-local-images && \
mv /go/bin/analyze-local-images /bin/analyzer && \
rm -rf /go /usr/local/go
RUN apk update && \
apk add ca-certificates wget && \
update-ca-certificates
RUN wget https://get.docker.com/builds/Linux/x86_64/docker-17.03.0-ce.tgz && \
tar -xvf docker-17.03.0-ce.tgz && \
mv docker/docker /bin && \
rm -rf docker docker-17.03.0-ce.tgz
ENTRYPOINT ["/clair"]
# Copyright 2015 clair authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# The values specified here are the default values that Clair uses if no configuration file is specified or if the keys are not defined.
clair:
database:
# PostgreSQL Connection string
# http://www.postgresql.org/docs/9.4/static/libpq-connect.html
type: pgsql
options:
source:
postgresql://postgres:password@clair_postgres:5432?sslmode=disable
# Number of elements kept in the cache
# Values unlikely to change (e.g. namespaces) are cached in order to save prevent needless roundtrips to the database.
cacheSize: 16384
api:
# API server port
port: 6060
# Health server port
# This is an unencrypted endpoint useful for load balancers to check to healthiness of the clair server.
healthport: 6061
# Deadline before an API request will respond with a 503
timeout: 900s
# 32-bit URL-safe base64 key used to encrypt pagination tokens
# If one is not provided, it will be generated.
# Multiple clair instances in the same cluster need the same value.
paginationKey:
# Optional PKI configuration
# If you want to easily generate client certificates and CAs, try the following projects:
# https://github.com/coreos/etcd-ca
# https://github.com/cloudflare/cfssl
servername:
cafile:
keyfile:
certfile:
updater:
# Frequency the database will be updated with vulnerabilities from the default data sources
# The value 0 disables the updater entirely.
interval: 2h
notifier:
# Number of attempts before the notification is marked as failed to be sent
attempts: 3
# Duration before a failed notification is retried
renotifyInterval: 2h
http:
# Optional endpoint that will receive notifications via POST requests
endpoint:
# Optional PKI configuration
# If you want to easily generate client certificates and CAs, try the following projects:
# https://github.com/cloudflare/cfssl
# https://github.com/coreos/etcd-ca
servername:
cafile:
keyfile:
certfile:
# Optional HTTP Proxy: must be a valid URL (including the scheme).
proxy:
version: '2'
services:
postgres:
container_name: clair_postgres
image: postgres:latest
environment:
POSTGRES_PASSWORD: password
clair:
container_name: clair_clair
image: hxquangnhat/clair:latest
depends_on:
- postgres
ports:
- "6060-6061:6060-6061"
links:
- postgres
volumes:
- /tmp:/tmp
- ./clair_config:/config
- /var/run/docker.sock:/var/run/docker.sock
command: [-config, /config/config.yaml]
......@@ -189,4 +189,3 @@ class ZoeBackendDeploy():
def fallback(self, image):
return
......@@ -25,5 +25,5 @@ services:
driver: "gelf"
options:
gelf-address: "udp://192.168.12.2:5004"
tag: "zoe-api"
tag: "zoe-api"
FROM java:alpine
ENV SONAR_SCANNER_VERSION 2.8
RUN apk add --no-cache wget && \
wget https://sonarsource.bintray.com/Distribution/sonar-scanner-cli/sonar-scanner-${SONAR_SCANNER_VERSION}.zip && \
unzip sonar-scanner-${SONAR_SCANNER_VERSION} && \
cd /usr/bin && ln -s /sonar-scanner-${SONAR_SCANNER_VERSION}/bin/sonar-scanner sonar-scanner && \
apk del wget
RUN apk add --no-cache python3 curl && rm -f /var/cache/apk/*
RUN curl https://bootstrap.pypa.io/get-pip.py | python3
RUN pip install pylint
COPY sonar-scanner-run.sh /usr/bin
RUN chmod 755 /usr/bin/sonar-scanner-run.sh
#!/bin/sh
if [ -z "${SONAR_PROJECT_KEY}" ]; then
echo "Undefined \"projectKey\"" && exit 1
else
COMMAND="sonar-scanner -Dsonar.sourceEncoding=UTF-8 -Dsonar.sources=. -Dsonar.exclusions=\"zoe_api/web/static/**\" -Dsonar.host.url=\"$SONARQUBE_SERVER_URL\" -Dsonar.login=\"$SONARQUBE_USER\" -Dsonar.password=\"$SONARQUBE_PASSWORD\" -Dsonar.projectKey=\"${SONAR_PROJECT_KEY}\""
if [ ! -z "${SONAR_PROJECT_VERSION}" ]; then
COMMAND="$COMMAND -Dsonar.projectVersion=\"${SONAR_PROJECT_VERSION}\""
fi
if [ ! -z "${SONAR_PROJECT_NAME}" ]; then
COMMAND="$COMMAND -Dsonar.projectName=\"${SONAR_PROJECT_NAME}\""
fi
if [ ! -z ${CI_BUILD_REF} ]; then
COMMAND="$COMMAND -Dsonar.gitlab.commit_sha=\"${CI_BUILD_REF}\""
fi
if [ ! -z ${CI_BUILD_REF_NAME} ]; then
COMMAND="$COMMAND -Dsonar.gitlab.ref_name=\"${CI_BUILD_REF_NAME}\""
fi
if [ ! -z ${SONAR_BRANCH} ]; then
COMMAND="$COMMAND -Dsonar.branch=\"${SONAR_BRANCH}\""
fi
eval ${COMMAND}
fi
......@@ -20,7 +20,8 @@
from typing import Iterable
class DockerContainerParameter():
class DockerContainerParameter:
""" Class holding Docker Container configuration """
def __init__(self):
self.image = ''
self.volumes = []
......@@ -33,31 +34,38 @@ class DockerContainerParameter():
self.hostname = ''
def set_gelf(self, gelf_address):
""" setter gelf_address """
self.gelf_address = gelf_address
def get_gelf(self) -> str:
""" getter gelf_addres """
return self.gelf_address
def set_ports(self, ports):
""" setter ports """
self.ports.append(ports)
def get_ports(self) -> Iterable[str]:
""" getter ports """
return self.ports
def set_image(self, image) -> str:
def set_image(self, image):
""" setter image """
self.image = image
def get_image(self) -> str:
""" getter image """
return self.image
def set_volumes(self, volumes):
""" setter volume """
self.volumes.append(volumes)
def get_volumes(self) -> Iterable[str]:
"""Get the volumes in Docker format."""
return self.volumes
def set_command(self, cmd) -> str:
def set_command(self, cmd):
"""Setter for the command to run in the container."""
self.command = cmd
......@@ -65,15 +73,18 @@ class DockerContainerParameter():
"""Getter for the command to run in the container."""
return self.command
def set_name(self, name) -> str:
def set_name(self, name):
""" setter for name """
self.name = name
def get_name(self) -> str:
""" getter for name """
return self.name
def set_hostname(self, hostname) -> str:
def set_hostname(self, hostname):
""" setter for hostname """
self.hostname = hostname
def get_hostname(self) -> str:
""" getter for hostname """
return self.hostname
apiVersion: v1
kind: ReplicationController
metadata:
name: zoe-api-fsdna
namespace: fsdna
labels:
app: zoe-api
task: test
spec:
replicas: 3
selector:
app: zoe-api
task: test
template:
metadata:
labels:
app: zoe-api
task: test
spec:
containers:
- name: zoe-api-fsdna
image: zoe-repo/zoe:devel
ports:
- containerPort: 5001
name: zoe-api
command: ["python3", "zoe-api.py", "--debug", "--backend", "Kubernetes", "--deployment-name", "prod", "--dbuser", "postgres", "--dbhost", "zoe-postgres-service", "--dbport", "5432", "--dbname", "postgres", "--dbpass", "postgres", "--overlay-network-name", "my-net", "--master-url", "tcp://zoe-master-service:4850", "--auth-type", "text", "--proxy-type", "apache", "--proxy-container", "apache2", "--proxy-config-file", "/etc/apache2/sites-available/all.conf", "--proxy-path", "fsdna.on.kpmg.de/zoe", "--proxy-docker-sock", "tcp://192.168.12.2:2375"]
volumeMounts:
- name: kube-config
mountPath: /opt/zoe/kube.conf
volumes:
- name: kube-config
hostPath:
path: /media/sdb/kubernetes/config
apiVersion: v1
kind: Service
metadata:
name: zoe-api-service
namespace: fsdna
labels:
app: zoe-api
task: test
spec:
type: LoadBalancer
ports:
- name: zoe-api
port: 5001
targetPort: zoe-api
selector:
app: zoe-api
task: test
apiVersion: v1
kind: ReplicationController
metadata:
name: zoe-master-fsdna
namespace: fsdna
labels:
app: zoe-master
task: test
spec:
replicas: 1
selector:
app: zoe-master
task: test
template:
metadata:
labels:
app: zoe-master
task: test
spec:
containers:
- name: zoe-master-fsdna
image: zoerepo/zoe:devel
ports:
- containerPort: 4850
name: zoe-master
command: ["python3", "zoe-master.py", "--debug", "--backend", "Kubernetes", "--deployment-name", "prod", "--dbuser", "postgres", "--dbhost", "zoe-postgres-service", "--dbport", "5432", "--dbname", "postgres", "--dbpass", "postgres", "--overlay-network-name", "my-net", "--auth-type", "text", "--proxy-type", "apache", "--proxy-container", "apache2", "--proxy-config-file", "/etc/apache2/sites-available/all.conf", "--proxy-path", "fsdna.on.kpmg.de/zoe", "--proxy-docker-sock", "tcp://192.168.12.2:2375"]
volumeMounts:
- name: kube-config
mountPath: /opt/zoe/kube.conf
volumes:
- name: kube-config
hostPath:
path: /media/sdb/kubernetes/config
apiVersion: v1
kind: Service
metadata:
name: zoe-master-service
namespace: fsdna
labels:
app: zoe-master
task: test
spec:
type: LoadBalancer
ports:
- name: zoe-master
port: 4850
targetPort: zoe-master
selector:
app: zoe-master
task: test
apiVersion: v1
kind: ReplicationController
metadata:
name: zoe-postgres-fsdna
namespace: fsdna
labels:
app: zoe-postgres
task: test
spec:
replicas: 1
selector:
app: zoe-postgres
task: test
template:
metadata:
labels:
app: zoe-postgres
task: test
spec:
containers:
- name: zoe-postgres-fsdna
image: postgres
ports:
- containerPort: 5432
name: postgresql
env:
- name: "POSTGRES_USER"
value: "postgres"
- name: "POSTGRES_PASSWORD"
value: "postgres"
- name: "POSTGRES_DB"
value: "postgres"
apiVersion: v1
kind: Service
metadata:
name: zoe-postgres-service
namespace: fsdna
labels:
app: zoe-postgres
task: test
spec:
type: LoadBalancer
ports:
- name: postgresql
port: 5432
targetPort: 5432
selector:
app: zoe-postgres
task: test
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
description: A Helm chart to deploy Zoe on Kubernetes
name: zoe
version: 0.1.0
maintainers:
- name: Quang-Nhat Hoang-Xuan
email: qhoangxuan@kpmg.com
apiVersion: v1
kind: Service
metadata:
name: {{ template "postgres-fullname" . }}
labels:
heritage: {{.Release.Service | quote }}
release: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
component: "{{.Release.Name}}-{{.Values.Postgres.Component}}"
spec:
ports:
- port: {{.Values.Postgres.ServicePort}}
targetPort: {{.Values.Postgres.ContainerPort}}
selector:
component: "{{.Release.Name}}-{{.Values.Postgres.Component}}"
type: "LoadBalancer"
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "postgres-fullname" . }}
labels:
heritage: {{.Release.Service | quote }}
release: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
component: "{{.Release.Name}}-{{.Values.Postgres.Component}}"
spec:
replicas: {{default 1 .Values.Postgres.Replicas}}
strategy:
type: RollingUpdate
selector:
matchLabels:
component: "{{.Release.Name}}-{{.Values.Postgres.Component}}"
template:
metadata:
labels:
heritage: {{.Release.Service | quote }}
release: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
component: "{{.Release.Name}}-{{.Values.Postgres.Component}}"
spec:
containers:
- name: {{ template "postgres-fullname" . }}
image: "{{.Values.Postgres.Image}}:{{.Values.Postgres.ImageTag}}"
ports:
- containerPort: {{.Values.Postgres.ContainerPort}}
resources:
requests:
cpu: "{{.Values.Postgres.Cpu}}"
memory: "{{.Values.Postgres.Memory}}"
env:
- name: POSTGRES_USER
value: {{ default "postgres" .Values.Postgres.User | quote }}
- name: POSTGRES_PASSWORD
value: {{ default "postgres" .Values.Postgres.Password | quote }}
- name: POSTGRES_DB
value: {{ default "postgres" .Values.Postgres.Database | quote }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "api-fullname" . }}
labels:
heritage: {{.Release.Service | quote }}
release: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
component: "{{.Release.Name}}-{{.Values.API.Component}}"
spec:
ports:
- port: {{.Values.API.ServicePort}}
targetPort: {{.Values.API.ContainerPort}}
selector:
component: "{{.Release.Name}}-{{.Values.API.Component}}"
type: "LoadBalancer"
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "api-fullname" . }}
labels:
heritage: {{.Release.Service | quote }}
release: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
component: "{{.Release.Name}}-{{.Values.API.Component}}"
spec:
replicas: {{default 1 .Values.API.Replicas}}
strategy:
type: RollingUpdate
selector:
matchLabels:
component: "{{.Release.Name}}-{{.Values.API.Component}}"
template:
metadata:
labels:
heritage: {{.Release.Service | quote }}
release: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
component: "{{.Release.Name}}-{{.Values.API.Component}}"
spec:
containers:
- name: {{ template "api-fullname" . }}
image: "{{.Values.API.Image}}:{{.Values.API.ImageTag}}"
command: ["python3", "zoe-api.py", "--debug", "--swarm", "consul://{{.Values.Configuration.Swarm}}", "--deployment-name", "{{.Values.Configuration.DeploymentName}}", "--dbuser", "{{.Values.Postgres.Database}}", "--dbhost", "{{ template "postgres-fullname" . }}", "--dbport", "{{.Values.Postgres.ServicePort}}", "--dbname", "{{.Values.Postgres.Database}}", "--dbpass", "{{.Values.Postgres.Password}}", "--overlay-network-name", "{{.Values.Configuration.OverlayNetwork}}", "--master-url", "tcp://{{ template "master-fullname" . }}:{{.Values.Master.ServicePort}}", "--auth-type", "{{.Values.Configuration.AuthenticationType}}", "--proxy-type", "{{.Values.Configuration.ProxyType}}", "--proxy-container", "{{.Values.Configuration.ProxyContainerName}}", "--proxy-config-file", "{{.Values.Configuration.ProxyConfigFile}}", "--proxy-path", "{{.Values.Configuration.ProxyPath}}", "--proxy-docker-sock", "{{.Values.Configuration.ProxyDockerSock}}"]
ports:
- containerPort: {{.Values.API.ContainerPort}}
resources:
requests:
cpu: "{{.Values.API.Cpu}}"
memory: "{{.Values.API.Memory}}"
apiVersion: v1
kind: Service
metadata:
name: {{ template "master-fullname" . }}
labels:
heritage: {{.Release.Service | quote }}
release: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
component: "{{.Release.Name}}-{{.Values.Master.Component}}"
spec:
ports:
- port: {{.Values.Master.ServicePort}}
targetPort: {{.Values.Master.ContainerPort}}
selector:
component: "{{.Release.Name}}-{{.Values.Master.Component}}"
type: "LoadBalancer"
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "master-fullname" . }}
labels:
heritage: {{.Release.Service | quote }}
release: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
component: "{{.Release.Name}}-{{.Values.Master.Component}}"
spec:
replicas: {{default 1 .Values.Master.Replicas}}
strategy:
type: RollingUpdate
selector:
matchLabels:
component: "{{.Release.Name}}-{{.Values.Master.Component}}"
template:
metadata:
labels:
heritage: {{.Release.Service | quote }}
release: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
component: "{{.Release.Name}}-{{.Values.Master.Component}}"
spec:
containers:
- name: {{ template "master-fullname" . }}
image: "{{.Values.Master.Image}}:{{.Values.Master.ImageTag}}"
command: ["python3", "zoe-master.py", "--debug", "--swarm", "consul://{{.Values.Configuration.Swarm}}", "--deployment-name", "{{.Values.Configuration.DeploymentName}}", "--dbuser", "{{.Values.Postgres.Database}}", "--dbhost", "{{ template "postgres-fullname" . }}", "--dbport", "{{.Values.Postgres.ServicePort}}", "--dbname", "{{.Values.Postgres.Database}}", "--dbpass", "{{.Values.Postgres.Password}}", "--overlay-network-name", "{{.Values.Configuration.OverlayNetwork}}", "--auth-type", "{{.Values.Configuration.AuthenticationType}}", "--proxy-type", "{{.Values.Configuration.ProxyType}}", "--proxy-container", "{{.Values.Configuration.ProxyContainerName}}", "--proxy-config-file", "{{.Values.Configuration.ProxyConfigFile}}", "--proxy-path", "{{.Values.Configuration.ProxyPath}}", "--proxy-docker-sock", "{{.Values.Configuration.ProxyDockerSock}}"]
ports:
- containerPort: {{.Values.Master.ContainerPort}}
resources:
requests:
cpu: "{{.Values.Master.Cpu}}"
memory: "{{.Values.Master.Memory}}"
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 24 -}}
{{- end -}}