GRN-37: Externalized scripts for building/deploying docker images though CI (#375)

.gitlab-ci.yml

@@ -0,0 +1,56 @@
+stages:
+  - test
+  - build
+  - deploy
+
+before_script:
+
+test:
+  stage: test
+  image: ruby:2.5
+  script:
+  - apt-get update -qq && apt-get install -y -qq sqlite3 libsqlite3-dev nodejs
+  - bundle install --path /cache
+  - bundle exec rake db:create RAILS_ENV=test
+  - bundle exec rake test & bundle exec rspec & bundle exec rubocop
+  only:
+    refs:
+      - branches
+    variables:
+      - $GITLAB_TEST
+
+build:
+  stage: build
+  image: docker:stable
+  services:
+  - docker:dind
+  script:
+  # Install bash, curl, git for deployment script
+  - apk update && apk add --no-cache bash curl git
+  # Install CA certs, openssl to https downloads, python for gcloud sdk
+  - apk add --update make ca-certificates openssl python
+  - update-ca-certificates
+  # Build.
+  - ./scripts/image_build.sh $CI_PROJECT_PATH $CI_COMMIT_REF_NAME $CI_COMMIT_SHA
+  only:
+    variables:
+      - $GITLAB_BUILD
+
+deploy:
+  stage: deploy
+  image: docker:stable
+  services:
+  - docker:dind
+  script:
+  # Install bash, curl, git for deployment script
+  - apk update && apk add --no-cache bash curl git
+  # Install CA certs, openssl to https downloads, python for gcloud sdk
+  - apk add --update make ca-certificates openssl python
+  - update-ca-certificates
+  # Deploy.
+  - ./scripts/image_deploy.sh $CI_PROJECT_PATH $CI_COMMIT_REF_NAME $CI_COMMIT_SHA $CI_COMMIT_BEFORE_SHA
+  only:
+    refs:
+      - branches
+    variables:
+      - $GITLAB_DEPLOY

.travis.yml

@@ -6,8 +6,7 @@ rvm:
   - 2.5.1
 
 script:
-  - bundle exec rubocop
-  - bundle exec rspec
+  - bundle install && bundle exec rubocop && bundle exec rspec
 
 notifications:
   email: false

Jenkinsfile

@@ -63,14 +63,10 @@ volumes: [
             if (stageBuild) {
               sh "sed -i 's/VERSION =.*/VERSION = \"${gitBranch} (${gitCommit.substring(0, 7)})\"/g' config/initializers/version.rb"
               sh "gcloud docker -- build -t ${imageTag} -t 'bigbluebutton/${appName}:master' . && gcloud docker -- push ${imageTag}"
-              sh "docker login -u $DOCKER_USER -p $DOCKER_PASSWORD"
-              sh "docker push 'bigbluebutton/${appName}:master'"
             } else if (releaseBuild) {
               sh "sed -i 's/VERSION =.*/VERSION = \"${gitTag.substring(8)}\"/g' config/initializers/version.rb"
               imageTag = "gcr.io/${project}/${appName}:${gitTag}"
               sh "gcloud docker -- build -t ${imageTag} -t 'bigbluebutton/${appName}:${greenlightVersion}' -t 'bigbluebutton/${appName}:${gitTag}' . && gcloud docker -- push ${imageTag}"
-              sh "docker login -u $DOCKER_USER -p $DOCKER_PASSWORD"
-              sh "docker push 'bigbluebutton/${appName}:${greenlightVersion}' && docker push 'bigbluebutton/${appName}:${gitTag}'"
             }
           }
         }

scripts/image_build.sh

@@ -0,0 +1,84 @@
+#!/bin/bash
+
+################################################################################
+# For this script to work properly it is required to define some environment variables
+# in the CI/CD Env variable declaration, while others should be passed as parameters.
+#
+#------------------------------------------------------------------------------
+# Defined as part of the CD/CI Env Variables:
+#
+# CD_DOCKER_USERNAME
+# A DockerHub username to be used for uploading the build.
+#
+# CD_DOCKER_PASSWORD
+# A DockerHub password to be used for uploading the build.
+#
+# CD_BUILD_ALL
+# As the build is supposed to be done only for master (for a nightly deployments) and for releases
+# (like 'release-2.0.5' for production deployments), it is additionally required to include this
+# variable in order to build any other brnach, as it may be required for testing or reviewing work
+# as part of the development process.
+#
+
+echo "v1.0.3"
+
+display_usage() {
+  echo "This script should be used as part of a CI strategy."
+  echo -e "Usage:\n  build_image.sh [ARGUMENTS]"
+  echo -e "\nMandatory arguments \n"
+  echo -e "  repo_slug     The git repository  (e.g. bigbluebutton/greenlight)"
+  echo -e "  branch | tag  The branch (e.g. master | release-2.0.5)"
+  echo -e "  commit_sha    The sha for the current commit (e.g. 750615dd479c23c8873502d45158b10812ea3274)"
+}
+
+# if less than two arguments supplied, display usage
+if [ $# -le 1 ]; then
+	display_usage
+	exit 1
+fi
+
+# check whether user had supplied -h or --help . If yes display usage
+if [[ ($# == "--help") ||  $# == "-h" ]]; then
+	display_usage
+	exit 0
+fi
+
+export CD_REF_SLUG=$1
+export CD_REF_NAME=$2
+export CD_COMMIT_SHA=$3
+
+if [ "$CD_REF_NAME" != "master" ] && [[ "$CD_REF_NAME" != *"release"* ]] && [ -z $CD_BUILD_ALL ];then
+  echo "Docker image for $CD_REF_SLUG won't be built"
+  exit 0
+fi
+
+# Set the version tag when it is a release or the commit sha was included.
+if [[ "$CD_REF_NAME" == *"release"* ]]; then
+  sed -i "s/VERSION =.*/VERSION = \"$(expr substr $CD_REF_NAME 9)\"/g" config/initializers/version.rb
+elif [ ! -z $CD_COMMIT_SHA ]; then
+  sed -i "s/VERSION =.*/VERSION = \"$CD_REF_NAME ($(expr substr $CD_COMMIT_SHA 1 8))\"/g" config/initializers/version.rb
+fi
+# Build the image
+echo "Docker image $CD_REF_SLUG:$CD_REF_NAME is being built"
+docker build -t $CD_REF_SLUG:$CD_REF_NAME .
+
+if [ -z "$CD_DOCKER_USERNAME" ] || [ -z "$CD_DOCKER_PASSWORD" ]; then
+  echo "Docker image for $CD_REF_SLUG can't be published because CD_DOCKER_USERNAME or CD_DOCKER_PASSWORD are missing"
+  exit 0
+fi
+
+# Publish the image
+docker login -u="$CD_DOCKER_USERNAME" -p="$CD_DOCKER_PASSWORD"
+echo "Docker image $CD_REF_SLUG:$CD_REF_NAME is being published"
+docker push $CD_REF_SLUG:$CD_REF_NAME
+
+# Publish latest and v2 if it id a release
+echo $build_digest
+if [[ "$CD_REF_NAME" == *"release"* ]]; then
+  docker_image_id=$(docker images | grep -E "^$CD_REF_SLUG.*$CD_REF_NAME" | awk -e '{print $3}')
+  docker tag $docker_image_id $CD_REF_SLUG:latest
+  docker push $CD_REF_SLUG:latest
+  docker tag $docker_image_id $CD_REF_SLUG:v2
+  docker push $CD_REF_SLUG:v2
+fi
+exit 0

scripts/image_deploy.sh

@@ -0,0 +1,93 @@
+#!/bin/bash
+
+################################################################################
+# For this script to work properly it is required to define some environment variables
+# in the CI/CD Env variable declaration, while others should be passed as parameters.
+#
+#------------------------------------------------------------------------------
+# Defined as part of the CD/CI Env Variables:
+#
+# CD_DEPLOY_SCRIPT
+# The script to be used for the actual deployment. If a private repo is used, also the corresponding
+# OAuth token will be required. e.g CD_GITHUB_OAUTH_TOKEN when the script is stored in GitHub.
+#
+# CD_GITHUB_OAUTH_TOKEN
+# A GitHub token for granting access to https://github.com/blindsidenetworks/greenlight-scripts
+#
+# CD_DEPLOY_ALL
+# As the deployment is supposed to be normaly done only for master (for a nightly deployments) and
+# for releases(like 'release-2.0.5' for production deployments), it is additionally required to
+# include this variable in order to deploy any other brnach, as it may be required for testing
+# or reviewing work as part of development process.
+#
+
+echo "v1.0.3"
+
+display_usage() {
+  echo "This script should be used as part of a CI strategy."
+  echo -e "Usage:\n  build_image.sh [ARGUMENTS]"
+  echo -e "\nMandatory arguments \n"
+  echo -e "  repo_slug     The git repository  (e.g. bigbluebutton/greenlight)"
+  echo -e "  branch | tag  The branch (e.g. master | release-2.0.5)"
+  echo -e "  commit_sha    The sha for the current commit (e.g. 750615dd479c23c8873502d45158b10812ea3274)"
+}
+
+# if less than two arguments supplied, display usage
+if [ $# -le 1 ]; then
+	display_usage
+	exit 1
+fi
+
+# check whether user had supplied -h or --help . If yes display usage
+if [[ ($# == "--help") ||  $# == "-h" ]]; then
+	display_usage
+	exit 0
+fi
+
+if [ -z "$CD_DEPLOY_SCRIPT" ]; then
+  echo "Script for deployment is not defined"
+  exit 0
+fi
+echo "Source for deployment script: $CD_DEPLOY_SCRIPT"
+
+export CD_REF_SLUG=$1
+export CD_REF_NAME=$2
+export CD_COMMIT_SHA=$3
+export CD_COMMIT_BEFORE_SHA=$4
+
+
+if [ -z $CD_DEPLOY_SCRIPT ]; then
+  echo "Source for deployment script is not defined"
+  exit 0
+fi
+
+if [ -z $CD_REF_SLUG ]; then
+  echo "Repository not included [e.g. bigbluebutton/greenlight]"
+  exit 0
+fi
+
+if [ -z $CD_REF_NAME ]; then
+  echo "Neither branch nor tag were included [e.g. master|release-2.0.5]"
+  exit 0
+fi
+
+if [ "$CD_REF_NAME" != "master" ] && [[ "$CD_REF_NAME" != *"release"* ]] && [ -z $CD_DEPLOY_ALL ];then
+  echo "Docker image for $CD_REF_SLUG won't be deployed"
+  exit 0
+fi
+
+echo "Docker image $CD_REF_SLUG:$CD_REF_NAME is being deployed"
+
+# The actual script should be pulled from an external repository
+if [ ! -z $CD_GITHUB_OAUTH_TOKEN ]; then
+  echo "Script from a github private repo: $CD_DEPLOY_SCRIPT"
+  curl -H "Authorization: token $CD_GITHUB_OAUTH_TOKEN" -H "Accept: application/vnd.github.v3.raw" -H "Cache-Control: no-cache" -L $CD_DEPLOY_SCRIPT > deploy.sh
+else
+  echo "Script from a any other public repo: $CD_DEPLOY_SCRIPT"
+  curl -L $CD_DEPLOY_SCRIPT > deploy.sh
+fi
+
+chmod +x deploy.sh
+./deploy.sh $CD_REF_SLUG $CD_REF_NAME $CD_COMMIT_SHA $CD_COMMIT_BEFORE_SHA
+
+exit 0