-
Notifications
You must be signed in to change notification settings - Fork 0
/
.gitlab-ci.yml
140 lines (129 loc) · 3.57 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
variables:
PACKER_DIR: 01-consul/consul-ami
TF_FOUNDATION_PATH: 01-consul/foundation
TF_CONSUL: 01-consul/consul-cluster
TF_VPCEP: 01-consul/vpcendpoints
TF_ALB: 01-consul/applicationlb
#PLAN: plan.tfplan
S3_BUCKET: terraform-remote-state-spc
AWS_ACCESS_KEY: "$AWS_ACCESS_KEY"
AWS_SECRET_ACCESS_KEY: "$AWS_SECRET_KEY"
CONSUL_VERSION: "$CONSUL_VERSION"
AWS_REGION: "us-east-1"
RUN_PATH: 02-fizzbuzz
TF_DEBUG: 03-debugging
#Image for AMI Creation
image:
name: hashicorp/packer:1.7.4
entrypoint: [""]
stages:
- validate
- build
- create_bucket
- foundation
- consul
- endpoints
- alb
- deploy
- debug
packer validate:
stage: validate
script:
- packer validate -var "aws_access_key=$AWS_ACCESS_KEY" -var "aws_secret_key=$AWS_SECRET_KEY" -var "consul_version=$CONSUL_VERSION" $PACKER_DIR/ubuntu_ami.json
rules:
- changes:
- $PACKER_DIR/ubuntu_ami.json
build_ami:
stage: build
script:
- packer build -var "aws_access_key=$AWS_ACCESS_KEY" -var "aws_secret_key=$AWS_SECRET_KEY" -var "consul_version=$CONSUL_VERSION" $PACKER_DIR/ubuntu_ami.json
rules:
- changes:
- $PACKER_DIR/ubuntu_ami.json
create_bucket_job:
stage: create_bucket
image:
name: amazon/aws-cli
entrypoint: [""]
script:
- echo "Creating S3 bucket..."
- aws configure set aws_access_key_id $AWS_ACCESS_KEY
- aws configure set aws_secret_access_key $AWS_SECRET_KEY
- aws s3api create-bucket --bucket $S3_BUCKET --region $AWS_REGION
foundation_setup:
stage: foundation
image:
name: hashicorp/terraform:1.4.4
entrypoint: [""]
script:
- cd $TF_FOUNDATION_PATH
- terraform init -backend-config "access_key=$AWS_ACCESS_KEY" -backend-config "secret_key=$AWS_SECRET_KEY"
- terraform fmt
- terraform validate
- terraform plan
- terraform apply --auto-approve
consul_cluster_on_aws:
stage: consul
image:
name: hashicorp/terraform:1.4.4
entrypoint: [""]
script:
- cd $TF_CONSUL
- terraform init -backend-config "access_key=$AWS_ACCESS_KEY" -backend-config "secret_key=$AWS_SECRET_KEY"
- terraform fmt
- terraform validate
- terraform plan
- terraform apply --auto-approve
vpc endpoints host:
stage: endpoints
image:
name: hashicorp/terraform:1.4.4
entrypoint: [""]
script:
- cd $TF_VPCEP
- terraform init -backend-config "access_key=$AWS_ACCESS_KEY" -backend-config "secret_key=$AWS_SECRET_KEY"
- terraform fmt
- terraform validate
- terraform plan
- terraform apply --auto-approve
application alb:
stage: alb
image:
name: hashicorp/terraform:1.4.4
entrypoint: [""]
script:
- cd $TF_ALB
- terraform init -backend-config "access_key=$AWS_ACCESS_KEY" -backend-config "secret_key=$AWS_SECRET_KEY"
- terraform fmt
- terraform validate
- terraform plan
- terraform apply --auto-approve
- terraform output -raw external-alb-to-access
# artifacts:
# paths:
#- cd $RUN_PATH/url.txt
deploy kv pair:
stage: deploy
image: ellerbrock/alpine-bash-curl-ssl:latest
script:
- cd $RUN_PATH
- bash fizzbuzz.sh $CONSUL_URL
only:
variables:
- $RUN_PATH && $AWS_ACCESS_KEY && $AWS_SECRET_KEY
when: manual
debug:
stage: debug
image:
name: hashicorp/terraform:1.4.4
entrypoint: [""]
script:
- cd $TF_DEBUG
- terraform init -backend-config "access_key=$AWS_ACCESS_KEY" -backend-config "secret_key=$AWS_SECRET_KEY"
- terraform fmt
- terraform validate
- terraform plan
only:
variables:
- $TF_DEBUG && $AWS_ACCESS_KEY && $AWS_SECRET_KEY
when: manual