Switch to gitlab agent (#1107)

Co-authored-by: Kamal Dodiya <[email protected]>
Ensembl · Mar 26, 2024 · 7fe815c · 7fe815c
1 parent f8d84ad
commit 7fe815c
Show file tree

Hide file tree

Showing 2 changed files with 131 additions and 92 deletions.
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -22,6 +22,12 @@ variables:
   ENVIRONMENT: production
   DOCKER_TLS_CERTDIR: ""
 
+# The `before_script` commands for deployment jobs that are used to set up gitlab agent
+# (will be used via yaml anchors in the jobs below)
+.gitlab-agent-setup-commands: &gitlab-agent-setup-commands
+  - kubectl config use-context ${AGENT}
+  - kubectl config set-context --current --namespace=${NAMESPACE}
+
 # Template to build static assets
 .build-static:
   stage: test_build_static
@@ -70,32 +76,15 @@ variables:
     - docker rmi ${CONTAINER_IMAGE}
     - docker logout $CI_REGISTRY
 
-.publish_assets:
-  image: dockerhub.ebi.ac.uk/ensembl-web/deploy-tools:latest
-  stage: deploy
-  environment:
-    name: jobs/k8s-job
-
-  before_script:
-    - git clone https://gitlab.ebi.ac.uk/ensembl-web/ensembl-k8s-manifests.git
-    - git -C ensembl-k8s-manifests/ checkout wp-k8s
-    - cd ensembl-k8s-manifests
-
-  script:
-    - sed -i "s#<PROJECT_ID>#${CI_PROJECT_ID}#g" static_assets_copy_job.yaml
-    - sed -i "s#<JOB_ID>#${BUILD_JOB_ID}#g" static_assets_copy_job.yaml
-    - kustomize edit set namesuffix -- -${CI_PROJECT_ID}-${BUILD_JOB_ID}
-    - kubectl apply -k .
-
 # Template for publishing static assets for the new kubernetes cluster
-# Will need updating after the migration is completed (see the name of the template, name of the ensembl-k8s-manifests branch)
-.publish_assets-newcluster:
+.publish_assets:
   image: dockerhub.ebi.ac.uk/ensembl-web/deploy-tools:latest
   stage: deploy
   environment:
     name: jobs/k8s-job
 
   before_script:
+    - *gitlab-agent-setup-commands
     - git clone https://gitlab.ebi.ac.uk/ensembl-web/ensembl-k8s-manifests.git
     - git -C ensembl-k8s-manifests/ checkout k8s123-migration
     - cd ensembl-k8s-manifests/ensembl-client/static-assets
@@ -127,10 +116,11 @@ variables:
 
 # Template for deployment to the new kubernetes cluster
 # For live deployment, it does not need to deploy a static assets container
-# Will need updating after the migration is completed (the name of the template, name of the ensembl-k8s-manifests branch)
-.deploy-newcluster:
+.deploy:
   stage: deploy
   image: dockerhub.ebi.ac.uk/ensembl-web/deploy-tools:latest
+  before_script:
+    - *gitlab-agent-setup-commands
   script:
     - git clone https://gitlab.ebi.ac.uk/ensembl-web/ensembl-k8s-manifests.git
     - git -C ensembl-k8s-manifests/ checkout k8s123-migration
@@ -142,6 +132,8 @@ variables:
 .deploy-review:
   stage: deploy
   image: dockerhub.ebi.ac.uk/ensembl-web/deploy-tools:latest
+  before_script:
+    - *gitlab-agent-setup-commands
   script:
   - git clone https://gitlab.ebi.ac.uk/ensembl-web/ensembl-k8s-manifests.git
   - git -C ensembl-k8s-manifests/ checkout k8s123-migration
@@ -189,7 +181,7 @@ Test:
   rules:
     - if: $CI_COMMIT_BRANCH =~ /^nodeploy\/.*$/
 
-# Job to build static asset for staging and live environment
+# Job to build static assets for staging and live environment
 # dev branch -> Staging
 # master branch -> Live
 Test_N_Build:
@@ -201,7 +193,7 @@ Test_N_Build:
   rules:
     - if: $CI_COMMIT_BRANCH == "master" || $CI_COMMIT_BRANCH == "dev"
 
-# Job to build static asset for internal environment
+# Job to build static assets for internal environment
 # master branch -> Internal
 Test_N_Build:internal:
   extends: .build-static
@@ -240,7 +232,7 @@ Node:Live:
   needs:
     - Test_N_Build
 
-# Job to build node docker image for internal environment at WP
+# Job to build node docker image for internal environment
 # master branch -> internal
 Node:Internal:
   extends: .build-node
@@ -252,7 +244,7 @@ Node:Internal:
   needs:
     - Test_N_Build:internal
 
-# Job to build nginx docker image for review environment at WP
+# Job to build nginx docker image for review environment
 # all other branch -> dev
 Nginx:review:
   extends: .build-nginx
@@ -264,7 +256,7 @@ Nginx:review:
   needs:
     - Test_N_Build:review
 
-# Job to build node docker image for review environment at WP
+# Job to build node docker image for review environment
 # all other branch -> dev
 Node:review:
   extends: .build-node
@@ -278,115 +270,148 @@ Node:review:
 
 
 ######## DEPLOYMENT JOBS ########
-# Job to deploy to staging environment on the new cluster (WP40-HL k8s cluster)
-Staging:WP40:HL:
-  extends: .deploy-newcluster
+
+
+# DEPLOYMENT TO THE LIVE (PRODUCTION) ENVIRONMENT (beta.ensembl.org)
+
+# Deploy the Node server
+Live:
+  extends: .deploy
+  variables:
+    CONTAINER_NODE_IMAGE: ${CI_REGISTRY_IMAGE}:node-${CI_COMMIT_SHORT_SHA}-prod
+    AGENT: ${PROD_AGENT}
+    NAMESPACE: ${PROD_NS}
   environment:
-    name: wp40-hl-staging
+    name: production
   rules:
-    - if: $CI_COMMIT_BRANCH == "dev"
+    - if: '$CI_DEPLOY_FREEZE == null && $CI_COMMIT_BRANCH == "master"'
   needs:
     - Test_N_Build
-    - Node:Staging
+    - Node:Live
 
-Pub:Staging:WP40:HL:
-  extends: .publish_assets-newcluster
+# Publish static assets
+Pub:Live:
+  extends: .publish_assets
   environment:
-    name: wp40-hl-staging
-    kubernetes:
-      namespace: ensembl-stage
+    name: production
+  variables:
+    AGENT: ${PROD_AGENT}
+    NAMESPACE: ${PROD_NS}
   rules:
-    - if: $CI_COMMIT_BRANCH == "dev"
+    - if: '$CI_DEPLOY_FREEZE == null && $CI_COMMIT_BRANCH == "master"'
   needs:
     - Test_N_Build
-    - Node:Staging
+    - Node:Live
+
 
-# Job to deploy to live environment in the new kubernetes cluster (wp40)
-Live:wp40:HL:
-  extends: .deploy-newcluster
+# DEPLOYMENT TO THE LIVE (PRODUCTION) FALLBACK ENVIRONMENT (beta.ensembl.org, running in Hinxton)
+
+# Deploy the Node server
+LiveFallback:
+  extends: .deploy
   variables:
+    CONTAINER_IMAGE: ${CI_REGISTRY_IMAGE}:nginx-${CI_COMMIT_SHORT_SHA}-prod
     CONTAINER_NODE_IMAGE: ${CI_REGISTRY_IMAGE}:node-${CI_COMMIT_SHORT_SHA}-prod
+    AGENT: ${FALLBACK_AGENT}
+    NAMESPACE: ${FALLBACK_NS}
   environment:
-    name: wp40-hl-prod
+    name: fallback
   rules:
     - if: '$CI_DEPLOY_FREEZE == null && $CI_COMMIT_BRANCH == "master"'
   needs:
     - Test_N_Build
     - Node:Live
 
-Pub:Live-HL:wp40:
-  extends: .publish_assets-newcluster
+# Publish static assets
+Pub::LiveFallback:
+  extends: .publish_assets
   environment:
-    name: wp40-hl-prod
-    kubernetes:
-      namespace: ensembl-prod
+    name: fallback
+  variables:
+    AGENT: ${FALLBACK_AGENT}
+    NAMESPACE: ${FALLBACK_NS}
   rules:
     - if: '$CI_DEPLOY_FREEZE == null && $CI_COMMIT_BRANCH == "master"'
   needs:
     - Test_N_Build
     - Node:Live
 
 
-# Job to deploy a production fallback to the new kubernetes cluster in Hinxton (WP41)
-Live:WP41:HX:
-  extends: .deploy-newcluster
-  variables:
-    CONTAINER_IMAGE: ${CI_REGISTRY_IMAGE}:nginx-${CI_COMMIT_SHORT_SHA}-prod
-    CONTAINER_NODE_IMAGE: ${CI_REGISTRY_IMAGE}:node-${CI_COMMIT_SHORT_SHA}-prod
+# DEPLOYMENT TO THE STAGING ENVIRONMENT (staging-2020.ensembl.org)
+
+# Deploy the Node server
+Staging:
+  extends: .deploy
   environment:
-    name: wp41-hx-prod
+    name: staging
   rules:
-    - if: '$CI_DEPLOY_FREEZE == null && $CI_COMMIT_BRANCH == "master"'
+    - if: $CI_COMMIT_BRANCH == "dev"
   needs:
     - Test_N_Build
-    - Node:Live
+    - Node:Staging
+  variables:
+    AGENT: ${STAGING_AGENT}
+    NAMESPACE: ${STAGING_NS}
 
-Pub::WP41:Live-HX:
-  extends: .publish_assets-newcluster
+# Publish static assets
+Pub:Staging:
+  extends: .publish_assets
   environment:
-    name: wp41-hx-prod
-    kubernetes:
-      namespace: ensembl-prod
+    name: staging
+  variables:
+    AGENT: ${STAGING_AGENT}
+    NAMESPACE: ${STAGING_NS}
   rules:
-    - if: '$CI_DEPLOY_FREEZE == null && $CI_COMMIT_BRANCH == "master"'
+    - if: $CI_COMMIT_BRANCH == "dev"
   needs:
     - Test_N_Build
-    - Node:Live
+    - Node:Staging
+
+
+# DEPLOYMENT TO THE INTERNAL ENVIRONMENT (internal-2020.ensembl.org)
 
-# Job to deploy to internal environment in the new cluster in Harlow (WP40)
-Internal:WP40:HL:
-  extends: .deploy-newcluster
+# Deploy the Node server
+Internal:
+  extends: .deploy
   variables:
     CONTAINER_IMAGE: ${CI_REGISTRY_IMAGE}:nginx-${CI_COMMIT_SHORT_SHA}-internal
     CONTAINER_NODE_IMAGE: ${CI_REGISTRY_IMAGE}:node-${CI_COMMIT_SHORT_SHA}-internal
+    AGENT: ${INTERNAL_AGENT}
+    NAMESPACE: ${INTERNAL_NS}
   environment:
-    name: wp40-hl-internal
+    name: internal
   rules:
     - if: $CI_COMMIT_BRANCH == "master"
   needs:
     - Test_N_Build:internal
     - Node:Internal
 
-Pub:Internal::WP40:HL:
-  extends: .publish_assets-newcluster
+# Publish static assets
+Pub:Internal:
+  extends: .publish_assets
   environment:
-    name: wp40-hl-internal
-    kubernetes:
-      namespace: ensembl-internal
+    name: internal
+  variables:
+    AGENT: ${INTERNAL_AGENT}
+    NAMESPACE: ${INTERNAL_NS}
   rules:
     - if: $CI_COMMIT_BRANCH == "master"
   needs:
     - Test_N_Build:internal
     - Node:Internal
 
-# Job to deploy to Dev environment in the new kubernetes cluster (wp51)
-# This deployment is for dev-2020.ensembl.org and same as production environment
-Dev:wp51:HL:
-  extends: .deploy-newcluster
+
+# DEPLOYMENT TO THE DEVELOPMENT ENVIRONMENT (dev-2020.ensembl.org)
+
+# Deploy the Node server
+Dev:
+  extends: .deploy
   variables:
     CONTAINER_NODE_IMAGE: ${CI_REGISTRY_IMAGE}:node-${CI_COMMIT_SHORT_SHA}-prod
+    AGENT: ${DEV_AGENT}
+    NAMESPACE: ${DEV_NS}
   environment:
-    name: wp51-hl-development
+    name: development
     kubernetes:
       namespace: ensembl-dev
   rules:
@@ -395,27 +420,33 @@ Dev:wp51:HL:
     - Test_N_Build
     - Node:Live
 
-Pub:Dev-HL:wp51:
-  extends: .publish_assets-newcluster
+# Publish static assets
+Pub:Dev:
+  extends: .publish_assets
   environment:
-    name: wp51-hl-development
-    kubernetes:
-      namespace: ensembl-dev
+    name: development
+  variables:
+    AGENT: ${DEV_AGENT}
+    NAMESPACE: ${DEV_NS}
   rules:
     - if: '$CI_DEPLOY_FREEZE == null && $CI_COMMIT_BRANCH == "master"'
   needs:
     - Test_N_Build
     - Node:Live
 
 
-# Job to deploy review deployments to development environment in the new cluster in Harlow (WP51)
-Review:WP51:HL:
+# REVIEW DEPLOYMENTS (<branch_name>.review.ensembl.org)
+
+# Job to deploy Node server and a dedicated Nginx container with embedded static assets
+Review:
   extends: .deploy-review
   variables:
     CONTAINER_IMAGE: ${CI_REGISTRY_IMAGE}:nginx-${CI_COMMIT_SHORT_SHA}-${CI_COMMIT_REF_SLUG}
     CONTAINER_NODE_IMAGE: ${CI_REGISTRY_IMAGE}:node-${CI_COMMIT_SHORT_SHA}-${CI_COMMIT_REF_SLUG}
+    AGENT: ${DEV_AGENT}
+    NAMESPACE: ${CI_COMMIT_REF_SLUG}
   environment:
-    name: wp51-hl-development
+    name: development
     url: http://$CI_COMMIT_REF_SLUG.review.ensembl.org
     kubernetes:
       namespace: ${CI_COMMIT_REF_SLUG}
@@ -425,22 +456,28 @@ Review:WP51:HL:
     - Test_N_Build:review
     - Nginx:review
     - Node:review
+
 # Clean up the review app resources
-stop_review:
+CleanUpReview:
   extends: .stop-review
   environment:
-    name: wp51-hl-development
+    name: development
     action: stop
     kubernetes:
-      namespace: ensembl-development
+      namespace: ${CI_COMMIT_REF_SLUG}
   except:
   - dev
   - master
 
-SetupReview:HL51:
+
+# Create a review deployment (runs once per new branch)
+SetupReview:
   extends: .setup-review-newk8s
   environment:
-    name: wp51-hl-development
+    name: development
+  variables:
+    AGENT: ${DEV_AGENT}
+    NAMESPACE: ${CI_COMMIT_REF_SLUG}
   rules:
     - if: $CI_PIPELINE_SOURCE == "push" && 
           $CI_COMMIT_BEFORE_SHA == "0000000000000000000000000000000000000000" &&