Merge branch 'feat/component' into 'master'

Migrate to CI/CD component See merge request to-be-continuous/kubernetes!74

Merge branch 'feat/component' into 'master'
e5aba17d · Cédric OLIVIER · 8627a9f9 · 22447128 · e5aba17d · e5aba17d
Commit e5aba17d authored Jan 27, 2024 by Cédric OLIVIER
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -10,7 +10,7 @@ include:
    file: '/templates/validation.yml'
  - project: 'to-be-continuous/bash'
    ref: '3.3'
-    file: 'templates/gitlab-ci-bash.yml'
+    file: '/templates/gitlab-ci-bash.yml'
  - project: 'to-be-continuous/semantic-release'
    ref: '3.7'
    file: '/templates/gitlab-ci-semrel.yml'

--- a/README.md
+++ b/README.md
--- a/bumpversion.sh
+++ b/bumpversion.sh
@@ -27,13 +27,13 @@ if [[ "$curVer" ]]; then
  log_info "Bump version from \\e[33;1m${curVer}\\e[0m to \\e[33;1m${nextVer}\\e[0m (release type: $relType)..."

  # replace in README
-  sed -e "s/ref: '$curVer'/ref: '$nextVer'/" README.md > README.md.next
+  sed -e "s/ref: *'$curVer'/ref: '$nextVer'/" -e "s/ref: *\"$curVer\”/ref: \”$nextVer\”/" -e "s/component: *\(.*\)@$curVer/component: \1@$nextVer/" README.md > README.md.next
  mv -f README.md.next README.md

  # replace in template and variants
  for tmpl in templates/*.yml
  do
-    sed -e "s/\"$curVer\"/\"$nextVer\"/" "$tmpl" > "$tmpl.next"
+    sed -e "s/command: *\[\"--service\", \"\(.*\)\", \"$curVer\"\]/command: [\"--service\", \"\1\", \"$nextVer\"]/" "$tmpl" > "$tmpl.next"
    mv -f "$tmpl.next" "$tmpl"
  done
 else

--- a/kicker.json
+++ b/kicker.json
@@ -3,6 +3,8 @@
  "description": "Deploy your application to a [Kubernetes](https://kubernetes.io/) platform using [declarative configuration](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/declarative-config/) or [Kustomize](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/)",
  "template_path": "templates/gitlab-ci-k8s.yml",
  "kind": "hosting",
+  "prefix": "k8s",
+  "is_component": true,
  "variables": [
    {
      "name": "K8S_KUBECTL_IMAGE",
@@ -89,7 +91,7 @@
        },
        {
          "name": "K8S_REVIEW_APP_NAME",
-          "description": "The application name for review env (only define if different from global)",
+          "description": "The application name for review env (only define to override default)",
          "advanced": true
        },
        {
@@ -138,7 +140,7 @@
        },
        {
          "name": "K8S_INTEG_APP_NAME",
-          "description": "The application name for integration env (only define if different from global)",
+          "description": "The application name for integration env (only define to override default)",
          "advanced": true
        },
        {
@@ -182,7 +184,7 @@
        },
        {
          "name": "K8S_STAGING_APP_NAME",
-          "description": "The application name for staging env (only define if different from global)",
+          "description": "The application name for staging env (only define to override default)",
          "advanced": true
        },
        {
@@ -226,7 +228,7 @@
        },
        {
          "name": "K8S_PROD_APP_NAME",
-          "description": "The application name for production env (only define if different from global)",
+          "description": "The application name for production env (only define to override default)",
          "advanced": true
        },
        {

--- a/logo.png
+++ b/logo.png
--- a/templates/gitlab-ci-k8s-vault.yml
+++ b/templates/gitlab-ci-k8s-vault.yml
 # =====================================================================================================================
 # === Vault template variant
 # =====================================================================================================================
+spec:
+  inputs:
+    vault-base-url:
+      description: The Vault server base API url
+      default: ''
+    vault-oidc-aud:
+      description: The `aud` claim for the JWT
+      default: $CI_SERVER_URL
+---
 variables:
  # variabilized vault-secrets-provider image
-  TBC_VAULT_IMAGE: "registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:master"
+  TBC_VAULT_IMAGE: registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:master
  # variables have to be explicitly declared in the YAML to be exported to the service
-  VAULT_ROLE_ID: "$VAULT_ROLE_ID"
-  VAULT_SECRET_ID: "$VAULT_SECRET_ID"
-  VAULT_OIDC_AUD: "$CI_SERVER_URL"
+  VAULT_ROLE_ID: $VAULT_ROLE_ID
+  VAULT_SECRET_ID: $VAULT_SECRET_ID
+  VAULT_OIDC_AUD: $[[ inputs.vault-oidc-aud ]]
+  VAULT_BASE_URL: $[[ inputs.vault-base-url ]]
  
 .k8s-base:
  services:

--- a/templates/gitlab-ci-k8s.yml
+++ b/templates/gitlab-ci-k8s.yml
@@ -13,6 +13,104 @@
 # program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
 # Floor, Boston, MA  02110-1301, USA.
 # =========================================================================================
+spec:
+  inputs:
+    kubectl-image:
+      description: The Docker image used to run Kubernetes `kubectl` commands - **set the version required by your Kubernetes server**
+      default: registry.hub.docker.com/bitnami/kubectl:latest
+    url:
+      description: Global Kubernetes API url (only define if using exploded kubeconfig parameters)
+      default: ''
+    base-app-name:
+      description: Base application name
+      default: $CI_PROJECT_NAME
+    environment-url:
+      description: |-
+        The default environments url _(only define for static environment URLs declaration)_
+
+        _supports late variable expansion (ex: `https://%{environment_name}.k8s.acme.com`)_
+      default: ''
+    scripts-dir:
+      description: directory where Kubernetes scripts (templates, hook scripts) are located
+      default: .
+    kustomize-enabled:
+      description: Set to `true` to enable [Kustomize](https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/)
+      type: boolean
+      default: false
+    kustomize-args:
+      description: |-
+        Additional [`kubectl kustomize` options](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#kustomize)
+
+        _For example: `--enable-helm`_
+      default: ''
+    score-disabled:
+      description: Disable kube-score
+      type: boolean
+      default: false
+    kube-score-image:
+      description: Docker image to run [kube-score](https://github.com/zegl/kube-score)
+      default: registry.hub.docker.com/zegl/kube-score:latest
+    score-extra-opts:
+      description: Additional [kube-score options](https://github.com/zegl/kube-score#configuration)
+      default: ''
+    review-space:
+      description: Kubernetes namespace for review env
+      default: ''
+    review-app-name:
+      description: The application name for review env (only define to override default)
+      default: ''
+    review-autostop-duration:
+      description: The amount of time before GitLab will automatically stop `review` environments
+      default: 4 hours
+    review-environment-url:
+      description: The review environments url _(only define for static environment URLs declaration and if different from default)_
+      default: ''
+    review-url:
+      description: Kubernetes API url for review env (only define if using exploded kubeconfig parameters and if different from global)
+      default: ''
+    integ-space:
+      description: Kubernetes namespace for integration env
+      default: ''
+    integ-app-name:
+      description: The application name for integration env (only define to override default)
+      default: ''
+    integ-environment-url:
+      description: The integration environment url _(only define for static environment URLs declaration and if different from default)_
+      default: ''
+    integ-url:
+      description: Kubernetes API url for integration env (only define if using exploded kubeconfig parameters and if different from global)
+      default: ''
+    staging-space:
+      description: Kubernetes namespace for staging env
+      default: ''
+    staging-app-name:
+      description: The application name for staging env (only define to override default)
+      default: ''
+    staging-environment-url:
+      description: The staging environment url _(only define for static environment URLs declaration and if different from default)_
+      default: ''
+    staging-url:
+      description: Kubernetes API url for staging env (only define if using exploded kubeconfig parameters and if different from global)
+      default: ''
+    prod-space:
+      description: Kubernetes namespace for production env
+      default: ''
+    prod-app-name:
+      description: The application name for production env (only define to override default)
+      default: ''
+    prod-environment-url:
+      description: The production environment url _(only define for static environment URLs declaration and if different from default)_
+      default: ''
+    prod-deploy-strategy:
+      description: Defines the deployment to production strategy.
+      options:
+      - manual
+      - auto
+      default: manual
+    prod-url:
+      description: Kubernetes API url for production env (only define if using exploded kubeconfig parameters and if different from global)
+      default: ''
+---
 # default workflow rules: Merge Request pipelines
 workflow:
  rules:
@@ -56,26 +154,48 @@ workflow:

 variables:
  # variabilized tracking image
-  TBC_TRACKING_IMAGE: "registry.gitlab.com/to-be-continuous/tools/tracking:master"
+  TBC_TRACKING_IMAGE: registry.gitlab.com/to-be-continuous/tools/tracking:master

  # Docker Image with Kubernetes CLI tool (can be overridden)
-  K8S_KUBECTL_IMAGE: "registry.hub.docker.com/bitnami/kubectl:latest"
-  K8S_KUBE_SCORE_IMAGE: "registry.hub.docker.com/zegl/kube-score:latest"
-  K8S_BASE_APP_NAME: "$CI_PROJECT_NAME"
-  K8S_SCRIPTS_DIR: "."
-  # deprecated, backward compatibility
-  K8S_REVIEW_ENVIRONMENT_SCHEME: "https"
-  K8S_REVIEW_AUTOSTOP_DURATION: "4 hours"
+  K8S_KUBECTL_IMAGE: $[[ inputs.kubectl-image ]]
+  K8S_KUBE_SCORE_IMAGE: $[[ inputs.kube-score-image ]]
+  K8S_BASE_APP_NAME: $[[ inputs.base-app-name ]]
+  K8S_SCRIPTS_DIR: $[[ inputs.scripts-dir ]]
+
+  K8S_REVIEW_AUTOSTOP_DURATION: $[[ inputs.review-autostop-duration ]]

  # default: one-click deploy
-  K8S_PROD_DEPLOY_STRATEGY: manual
+  K8S_PROD_DEPLOY_STRATEGY: $[[ inputs.prod-deploy-strategy ]]

  #K8S_KUSTOMIZE_ARGS: "--enable-helm"

  # default production ref name (pattern)
-  PROD_REF: '/^(master|main)$/'
+  PROD_REF: /^(master|main)$/
  # default integration ref name (pattern)
-  INTEG_REF: '/^develop$/'
+  INTEG_REF: /^develop$/
+
+  K8S_URL: $[[ inputs.url ]]
+  K8S_ENVIRONMENT_URL: $[[ inputs.environment-url ]]
+  K8S_KUSTOMIZE_ENABLED: $[[ inputs.kustomize-enabled ]]
+  K8S_KUSTOMIZE_ARGS: $[[ inputs.kustomize-args ]]
+  K8S_SCORE_DISABLED: $[[ inputs.score-disabled ]]
+  K8S_SCORE_EXTRA_OPTS: $[[ inputs.score-extra-opts ]]
+  K8S_REVIEW_SPACE: $[[ inputs.review-space ]]
+  K8S_REVIEW_APP_NAME: $[[ inputs.review-app-name ]]
+  K8S_REVIEW_ENVIRONMENT_URL: $[[ inputs.review-environment-url ]]
+  K8S_REVIEW_URL: $[[ inputs.review-url ]]
+  K8S_INTEG_SPACE: $[[ inputs.integ-space ]]
+  K8S_INTEG_APP_NAME: $[[ inputs.integ-app-name ]]
+  K8S_INTEG_ENVIRONMENT_URL: $[[ inputs.integ-environment-url ]]
+  K8S_INTEG_URL: $[[ inputs.integ-url ]]
+  K8S_STAGING_SPACE: $[[ inputs.staging-space ]]
+  K8S_STAGING_APP_NAME: $[[ inputs.staging-app-name ]]
+  K8S_STAGING_ENVIRONMENT_URL: $[[ inputs.staging-environment-url ]]
+  K8S_STAGING_URL: $[[ inputs.staging-url ]]
+  K8S_PROD_SPACE: $[[ inputs.prod-space ]]
+  K8S_PROD_APP_NAME: $[[ inputs.prod-app-name ]]
+  K8S_PROD_ENVIRONMENT_URL: $[[ inputs.prod-environment-url ]]
+  K8S_PROD_URL: $[[ inputs.prod-url ]]

 stages:
  - build
@@ -415,7 +535,7 @@ stages:
  function k8s_deploy() {
    export environment_type=$ENV_TYPE
    export environment_name=${ENV_APP_NAME:-${K8S_BASE_APP_NAME}${ENV_APP_SUFFIX}}
-    environment_url=${ENV_URL:-${K8S_ENVIRONMENT_URL:-$ENV_URL_LEGACY}}
+    environment_url=${ENV_URL:-$K8S_ENVIRONMENT_URL}
    # also export environment_name in SCREAMING_SNAKE_CASE format (may be useful with Kubernetes env variables)
    environment_name_ssc=$(to_ssc "$environment_name")
    export environment_name_ssc
@@ -761,8 +881,6 @@ k8s-review:
    ENV_CA_CERT: "$K8S_REVIEW_CA_CERT"
    ENV_KUBE_CONFIG: "$K8S_REVIEW_KUBE_CONFIG"
    ENV_URL: "${K8S_REVIEW_ENVIRONMENT_URL}"
-    # deprecated, backward compatibility
-    ENV_URL_LEGACY: "${K8S_REVIEW_ENVIRONMENT_SCHEME}://${CI_PROJECT_NAME}-${CI_ENVIRONMENT_SLUG}.${K8S_REVIEW_ENVIRONMENT_DOMAIN}"
  environment:
    name: review/$CI_COMMIT_REF_NAME
    on_stop: k8s-cleanup-review