Skip to content

Concourse CI #48

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jan 3, 2019
Merged

Concourse CI #48

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0c06db8
Restructure Docker build process to inherit from shared base image
Jberlinsky Jan 2, 2019
9ea4516
Reduce complexity of node_pool test
Jberlinsky Jan 2, 2019
46bc9c4
Fix handling of credentials file
Jberlinsky Jan 3, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 29 additions & 28 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,15 +16,12 @@
SHELL := /usr/bin/env bash

# Docker build config variables
BUILD_TERRAFORM_VERSION ?= 0.11.10
BUILD_CLOUD_SDK_VERSION ?= 216.0.0
BUILD_PROVIDER_GOOGLE_VERSION ?= 1.17.1
BUILD_PROVIDER_GSUITE_VERSION ?= 0.1.8
DOCKER_IMAGE_TERRAFORM := cftk/terraform
DOCKER_TAG_TERRAFORM ?= ${BUILD_TERRAFORM_VERSION}_${BUILD_CLOUD_SDK_VERSION}_${BUILD_PROVIDER_GOOGLE_VERSION}_${BUILD_PROVIDER_GSUITE_VERSION}
BUILD_RUBY_VERSION := 2.5.3
DOCKER_IMAGE_KITCHEN_TERRAFORM := cftk/kitchen_terraform
DOCKER_TAG_KITCHEN_TERRAFORM ?= ${BUILD_TERRAFORM_VERSION}_${BUILD_CLOUD_SDK_VERSION}_${BUILD_PROVIDER_GOOGLE_VERSION}_${BUILD_PROVIDER_GSUITE_VERSION}
CREDENTIALS_PATH ?= /cft/workdir/credentials.json
DOCKER_ORG := gcr.io/cloud-foundation-cicd
DOCKER_TAG_BASE_KITCHEN_TERRAFORM ?= 0.11.10_216.0.0_1.19.1_0.1.10
DOCKER_REPO_BASE_KITCHEN_TERRAFORM := ${DOCKER_ORG}/cft/kitchen-terraform:${DOCKER_TAG_BASE_KITCHEN_TERRAFORM}
DOCKER_TAG_KITCHEN_TERRAFORM ?= ${DOCKER_TAG_BASE_KITCHEN_TERRAFORM}
DOCKER_IMAGE_KITCHEN_TERRAFORM := cft/kitchen-terraform_terraform-google-kubernetes-engine

# All is the first target in the file so it will get picked up when you just run 'make' on its own
all: check_shell check_python check_golang check_terraform check_docker check_base_files test_check_headers check_headers check_trailing_whitespace generate_docs
Expand Down Expand Up @@ -94,57 +91,61 @@ version:
@source helpers/version-repo.sh

# Build Docker
.PHONY: docker_build_terraform
docker_build_terraform:
docker build -f build/docker/terraform/Dockerfile \
--build-arg BUILD_TERRAFORM_VERSION=${BUILD_TERRAFORM_VERSION} \
--build-arg BUILD_CLOUD_SDK_VERSION=${BUILD_CLOUD_SDK_VERSION} \
--build-arg BUILD_PROVIDER_GOOGLE_VERSION=${BUILD_PROVIDER_GOOGLE_VERSION} \
--build-arg BUILD_PROVIDER_GSUITE_VERSION=${BUILD_PROVIDER_GSUITE_VERSION} \
--build-arg CREDENTIALS_FILE=${CREDENTIALS_FILE} \
-t ${DOCKER_IMAGE_TERRAFORM}:${DOCKER_TAG_TERRAFORM} .

.PHONY: docker_build_kitchen_terraform
docker_build_kitchen_terraform:
docker build -f build/docker/kitchen_terraform/Dockerfile \
--build-arg BUILD_TERRAFORM_IMAGE="${DOCKER_IMAGE_TERRAFORM}:${DOCKER_TAG_TERRAFORM}" \
--build-arg BUILD_RUBY_VERSION="${BUILD_RUBY_VERSION}" \
--build-arg CREDENTIALS_FILE="${CREDENTIALS_FILE}" \
--build-arg BASE_IMAGE=${DOCKER_REPO_BASE_KITCHEN_TERRAFORM} \
-t ${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM} .

# Push Docker image
.PHONY: docker_push_kitchen_terraform
docker_push_kitchen_terraform:
docker tag ${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM} ${DOCKER_ORG}/${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM}
docker push ${DOCKER_ORG}/${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM}

# Run docker
.PHONY: docker_run
docker_run:
docker run --rm -it \
-v $(CURDIR):/cftk/workdir \
-e CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE=${CREDENTIALS_PATH} \
-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
-v $(CURDIR):/cft/workdir \
${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM} \
/bin/bash

.PHONY: docker_create
docker_create: docker_build_terraform docker_build_kitchen_terraform
docker_create: docker_build_kitchen_terraform
docker run --rm -it \
-v $(CURDIR):/cftk/workdir \
-e CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE=${CREDENTIALS_PATH} \
-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
-v $(CURDIR):/cft/workdir \
${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM} \
/bin/bash -c "kitchen create"

.PHONY: docker_converge
docker_converge:
docker run --rm -it \
-v $(CURDIR):/cftk/workdir \
-e CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE=${CREDENTIALS_PATH} \
-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
-v $(CURDIR):/cft/workdir \
${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM} \
/bin/bash -c "kitchen converge && kitchen converge"

.PHONY: docker_verify
docker_verify:
docker run --rm -it \
-v $(CURDIR):/cftk/workdir \
-e CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE=${CREDENTIALS_PATH} \
-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
-v $(CURDIR):/cft/workdir \
${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM} \
/bin/bash -c "kitchen verify"

.PHONY: docker_destroy
docker_destroy:
docker run --rm -it \
-v $(CURDIR):/cftk/workdir \
-e CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE=${CREDENTIALS_PATH} \
-e GOOGLE_APPLICATION_CREDENTIALS=${CREDENTIALS_PATH} \
-v $(CURDIR):/cft/workdir \
${DOCKER_IMAGE_KITCHEN_TERRAFORM}:${DOCKER_TAG_KITCHEN_TERRAFORM} \
/bin/bash -c "kitchen destroy"

Expand Down
6 changes: 3 additions & 3 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -230,8 +230,8 @@ The test-kitchen instances in `test/fixtures/` wrap identically-named examples i
3. Build the Docker containers for testing:

```
CREDENTIALS_FILE="credentials.json" make docker_build_terraform
CREDENTIALS_FILE="credentials.json" make docker_build_kitchen_terraform
make docker_build_terraform
make docker_build_kitchen_terraform
```
4. Run the testing container in interactive mode:

Expand All @@ -247,7 +247,7 @@ The test-kitchen instances in `test/fixtures/` wrap identically-named examples i
3. `kitchen verify` tests the created infrastructure. Run `kitchen verify <INSTANCE_NAME>` to run a specific test case.
4. `kitchen destroy` tears down the underlying resources created by `kitchen converge`. Run `kitchen destroy <INSTANCE_NAME>` to tear down resources for a specific test case.

Alternatively, you can simply run `CREDENTIALS_FILE="credentials.json" make test_integration_docker` to run all the test steps non-interactively.
Alternatively, you can simply run `make test_integration_docker` to run all the test steps non-interactively.

#### Test configuration

Expand Down
47 changes: 3 additions & 44 deletions build/docker/kitchen_terraform/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,58 +12,17 @@
# See the License for the specific language governing permissions and
# limitations under the License.

ARG BUILD_TERRAFORM_IMAGE
ARG BUILD_RUBY_VERSION
# hadolint ignore=DL3006
FROM $BUILD_TERRAFORM_IMAGE as cfkt_terraform
ARG BASE_IMAGE



FROM ruby:$BUILD_RUBY_VERSION-alpine
FROM $BASE_IMAGE

RUN apk add --no-cache \
bash=4.4.19-r1 \
curl=7.61.1-r1 \
git=2.18.1-r0 \
g++=6.4.0-r9 \
jq=1.6_rc1-r1 \
make=4.2.1-r2 \
musl-dev=1.1.19-r10 \
python2=2.7.15-r1 \
python2-dev=2.7.15-r1 \
py2-pip=10.0.1-r0 \
ca-certificates=20171114-r3

ADD https://storage.googleapis.com/kubernetes-release/release/v1.12.2/bin/linux/amd64/kubectl /usr/local/bin/kubectl
RUN chmod +x /usr/local/bin/kubectl

SHELL ["/bin/bash", "-c"]

ENV APP_BASE_DIR="/cftk"

COPY --from=cfkt_terraform $APP_BASE_DIR $APP_BASE_DIR

ARG CREDENTIALS_FILE

ENV HOME="$APP_BASE_DIR/home"
ENV PATH $APP_BASE_DIR/bin:$APP_BASE_DIR/google-cloud-sdk/bin:$PATH
ENV GOOGLE_APPLICATION_CREDENTIALS="$APP_BASE_DIR/workdir/$CREDENTIALS_FILE" \
CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE="$APP_BASE_DIR/workdir/$CREDENTIALS_FILE"

# Fix base64 inconsistency
SHELL ["/bin/bash", "-c"]
RUN echo 'base64() { if [[ $@ == "--decode" ]]; then command base64 -d | more; else command base64 "$@"; fi; }' >> $APP_BASE_DIR/home/.bashrc

RUN terraform --version && \
gcloud --version && \
ruby --version && \
bundle --version

COPY ./Gemfile /opt/kitchen/

WORKDIR /opt/kitchen
COPY Gemfile .
RUN bundle install

RUN gcloud components install beta --quiet

WORKDIR $APP_BASE_DIR/workdir
102 changes: 0 additions & 102 deletions build/docker/terraform/Dockerfile
View file
Open in desktop

This file was deleted.

6 changes: 3 additions & 3 deletions examples/node_pool/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,14 +38,14 @@ module "gke" {
node_pools = [
{
name = "pool-01"
min_count = 4
min_count = 1
service_account = "${var.compute_engine_service_account}"
},
{
name = "pool-02"
machine_type = "n1-standard-2"
min_count = 2
max_count = 3
min_count = 1
max_count = 2
disk_size_gb = 30
disk_type = "pd-standard"
image_type = "COS"
Expand Down
6 changes: 3 additions & 3 deletions test/integration/node_pool/controls/gcloud.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@
including(
"name" => "pool-01",
"autoscaling" => including(
"minNodeCount" => 4,
"minNodeCount" => 1,
),
)
)
Expand Down Expand Up @@ -173,7 +173,7 @@
including(
"name" => "pool-02",
"autoscaling" => including(
"minNodeCount" => 2,
"minNodeCount" => 1,
),
)
)
Expand All @@ -184,7 +184,7 @@
including(
"name" => "pool-02",
"autoscaling" => including(
"maxNodeCount" => 3,
"maxNodeCount" => 2,
),
)
)
Expand Down