diff options
| author | James Lopez <james@gitlab.com> | 2018-11-02 08:20:40 +0000 |
|---|---|---|
| committer | James Lopez <james@gitlab.com> | 2018-11-02 08:20:40 +0000 |
| commit | a69a8e9d880c9f0cb3f0a3c2e58ecfbd9fc194be (patch) | |
| tree | a64f66efd0e10ce3464fe6c3a8b9aa61b02d8dbb /scripts | |
| parent | 5332995ca419bfaa8a84708914fb60c461434c9d (diff) | |
| parent | f4023a69cb5e78fca595a2151a2272fbdfd5917a (diff) | |
| download | gitlab-ce-a69a8e9d880c9f0cb3f0a3c2e58ecfbd9fc194be.tar.gz | |
Merge branch 'master' into 'security-fix-uri-xss-applications'
# Conflicts:
# db/schema.rb
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/build_assets_image | 21 | ||||
| -rwxr-xr-x | scripts/review_apps/review-apps.sh | 37 | ||||
| -rwxr-xr-x | scripts/static-analysis | 1 | ||||
| -rwxr-xr-x | scripts/trigger-build | 12 |
4 files changed, 61 insertions, 10 deletions
diff --git a/scripts/build_assets_image b/scripts/build_assets_image new file mode 100755 index 00000000000..1d77524d503 --- /dev/null +++ b/scripts/build_assets_image @@ -0,0 +1,21 @@ +#!/bin/bash + +# Generate the image name based on the project this is being run in +ASSETS_IMAGE_NAME=$(echo ${CI_PROJECT_NAME} | + awk '{ + split($1, p, "-"); + interim = sprintf("%s-assets-%s", p[1], p[2]); + sub(/-$/, "", interim); + print interim + }' +) + +ASSETS_IMAGE_PATH=${CI_REGISTRY}/${CI_PROJECT_PATH}/${ASSETS_IMAGE_NAME} + +mkdir -p assets_container.build/public +cp -r public/assets assets_container.build/public/ +cp Dockerfile.assets assets_container.build/ +docker build -t ${ASSETS_IMAGE_PATH}:${CI_COMMIT_REF_SLUG} -f assets_container.build/Dockerfile.assets assets_container.build/ +docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY} +docker push ${ASSETS_IMAGE_PATH} + diff --git a/scripts/review_apps/review-apps.sh b/scripts/review_apps/review-apps.sh index 78293464265..d372bcbdab1 100755 --- a/scripts/review_apps/review-apps.sh +++ b/scripts/review_apps/review-apps.sh @@ -47,15 +47,23 @@ function create_secret() { --dry-run -o json | kubectl apply -f - } +function deployExists() { + local namespace="${1}" + local deploy="${2}" + helm status --tiller-namespace "${namespace}" "${deploy}" >/dev/null 2>&1 + return $? +} + function previousDeployFailed() { set +e - echo "Checking for previous deployment of $CI_ENVIRONMENT_SLUG" - deployment_status=$(helm status $CI_ENVIRONMENT_SLUG >/dev/null 2>&1) + deploy="${1}" + echo "Checking for previous deployment of ${deploy}" + deployment_status=$(helm status ${deploy} >/dev/null 2>&1) status=$? # if `status` is `0`, deployment exists, has a status if [ $status -eq 0 ]; then echo "Previous deployment found, checking status" - deployment_status=$(helm status $CI_ENVIRONMENT_SLUG | grep ^STATUS | cut -d' ' -f2) + deployment_status=$(helm status ${deploy} | grep ^STATUS | cut -d' ' -f2) echo "Previous deployment state: $deployment_status" if [[ "$deployment_status" == "FAILED" || "$deployment_status" == "PENDING_UPGRADE" || "$deployment_status" == "PENDING_INSTALL" ]]; then status=0; @@ -113,7 +121,7 @@ function deploy() { fi # Cleanup and previous installs, as FAILED and PENDING_UPGRADE will cause errors with `upgrade` - if [ "$CI_ENVIRONMENT_SLUG" != "production" ] && previousDeployFailed ; then + if [ "$CI_ENVIRONMENT_SLUG" != "production" ] && previousDeployFailed "$CI_ENVIRONMENT_SLUG" ; then echo "Deployment in bad state, cleaning up $CI_ENVIRONMENT_SLUG" delete cleanup @@ -149,6 +157,7 @@ HELM_CMD=$(cat << EOF --set gitlab.gitlab-shell.image.tag="v$GITLAB_SHELL_VERSION" \ --set gitlab.unicorn.workhorse.image="$gitlab_workhorse_image_repository" \ --set gitlab.unicorn.workhorse.tag="$CI_COMMIT_REF_NAME" \ + --set nginx-ingress.controller.config.ssl-ciphers="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4" \ --namespace="$KUBE_NAMESPACE" \ --version="$CI_PIPELINE_ID-$CI_JOB_ID" \ "$name" \ @@ -182,3 +191,23 @@ function cleanup() { | xargs kubectl -n "$KUBE_NAMESPACE" delete \ || true } + +function install_external_dns() { + local release_name="dns-gitlab-review-app" + local domain=$(echo "${REVIEW_APPS_DOMAIN}" | awk -F. '{printf "%s.%s", $(NF-1), $NF}') + + if ! deployExists "${KUBE_NAMESPACE}" "${release_name}" || previousDeployFailed "${release_name}" ; then + echo "Installing external-dns helm chart" + helm repo update + helm install stable/external-dns \ + -n "${release_name}" \ + --namespace "${KUBE_NAMESPACE}" \ + --set provider="aws" \ + --set aws.secretKey="${REVIEW_APPS_AWS_SECRET_KEY}" \ + --set aws.accessKey="${REVIEW_APPS_AWS_ACCESS_KEY}" \ + --set aws.zoneType="public" \ + --set domainFilters[0]="${domain}" \ + --set txtOwnerId="${KUBE_NAMESPACE}" \ + --set rbac.create="true" + fi +} diff --git a/scripts/static-analysis b/scripts/static-analysis index 0e67eabfec1..25ba7ec6c8e 100755 --- a/scripts/static-analysis +++ b/scripts/static-analysis @@ -29,6 +29,7 @@ tasks = [ %w[bin/rake lint:all], %w[bundle exec license_finder], %w[yarn run eslint], + %w[yarn run prettier-all], %w[bundle exec rubocop --parallel], %w[scripts/lint-conflicts.sh], %w[scripts/lint-rugged] diff --git a/scripts/trigger-build b/scripts/trigger-build index b76cd5dd6f0..dd0425b6472 100755 --- a/scripts/trigger-build +++ b/scripts/trigger-build @@ -32,32 +32,32 @@ module Trigger private - # Must be overriden + # Must be overridden def downstream_project_path raise NotImplementedError end - # Must be overriden + # Must be overridden def ref raise NotImplementedError end - # Must be overriden + # Must be overridden def trigger_token raise NotImplementedError end - # Must be overriden + # Must be overridden def access_token raise NotImplementedError end - # Can be overriden + # Can be overridden def extra_variables {} end - # Can be overriden + # Can be overridden def version_param_value(version_file) File.read(version_file).strip end |