diff --git a/ci/README.md b/ci/README.md index 07928d51d..93e611870 100644 --- a/ci/README.md +++ b/ci/README.md @@ -1,4 +1,4 @@ -#App Broker CI Pipeline +# App Broker CI Pipeline ## Running the acceptance tests on Cloud Foundry locally @@ -36,7 +36,7 @@ The original pipeline was decomposed into different jobs so that we could recove ### Fly -The pipeline can be run using the following script: +The pipeline can be set using the following script on the most recent branch of the repository: ```$bash $ ./scripts/set-pipelines.sh @@ -49,22 +49,22 @@ If you don't want to click, you can trigger each job using the CLI: To release a milestone: ```$bash -$ fly -t scs trigger-job -j release-test/stage-milestone -$ fly -t scs trigger-job -j release-test/promote-milestone +$ fly -t app-broker trigger-job -j release-test/stage-milestone +$ fly -t app-broker trigger-job -j release-test/promote-milestone ``` To release an RC: ```$bash -$ fly -t scs trigger-job -j release-test/stage-rc -$ fly -t scs trigger-job -j release-test/promote-rc +$ fly -t app-broker trigger-job -j release-test/stage-rc +$ fly -t app-broker trigger-job -j release-test/promote-rc ``` To release a GA: ```$bash -$ fly -t scs trigger-job -j release-test/stage-release -$ fly -t scs trigger-job -j release-test/promote-release -$ fly -t scs trigger-job -j release-test/distribute-release -$ fly -t scs trigger-job -j release-test/sync-to-maven-central +$ fly -t app-broker trigger-job -j release-test/stage-release +$ fly -t app-broker trigger-job -j release-test/promote-release +$ fly -t app-broker trigger-job -j release-test/distribute-release +$ fly -t app-broker trigger-job -j release-test/sync-to-maven-central ``` diff --git a/ci/pipeline.yml b/ci/pipeline.yml index 961017494..01cd0b722 100644 --- a/ci/pipeline.yml +++ b/ci/pipeline.yml @@ -22,31 +22,26 @@ jobs: trigger: true - get: ci-images-git-repo trigger: true + - task: generate-docker-credentials + file: ci-images-git-repo/ci/tasks/generate-docker-credentials.yml + input_mapping: + git-repo: ci-images-git-repo + vars: + registry: ((app-broker-dev-docker-registry)) + registry-username: ((broadcom-jfrog-artifactory-robot-account.username)) + registry-password: ((broadcom-jfrog-artifactory-robot-account.password)) - task: build-image privileged: true - config: - platform: linux - image_resource: - type: registry-image - source: - repository: ((dockerhub-mirror-registry))/concourse/oci-build-task - tag: 0.10.0 - inputs: - - name: source - outputs: - - name: image - run: - path: build + file: ci-images-git-repo/ci/tasks/build-oci-image.yml input_mapping: - source: ci-images-git-repo + git-repo: ci-images-git-repo params: - CONTEXT: source/ci/images/app-broker-ci + CONTEXT: git-repo/ci/images/app-broker-ci - put: app-broker-ci-image inputs: detect params: image: image/image.tar - get_params: - skip_download: true + no_get: true on_failure: *slack-failure-notification - name: build @@ -231,13 +226,17 @@ resource_types: - name: artifactory-resource type: registry-image source: - repository: ((dockerhub-mirror-registry))/springio/artifactory-resource + repository: ((app-broker-virtual-docker-registry))/springio/artifactory-resource + username: ((broadcom-jfrog-artifactory-robot-account.username)) + password: ((broadcom-jfrog-artifactory-robot-account.password)) tag: 0.0.14 - name: slack-notification type: registry-image source: - repository: ((dockerhub-mirror-registry))/cfcommunity/slack-notification-resource + repository: ((app-broker-virtual-docker-registry))/cfcommunity/slack-notification-resource + username: ((broadcom-jfrog-artifactory-robot-account.username)) + password: ((broadcom-jfrog-artifactory-robot-account.password)) tag: latest - name: shepherd @@ -296,14 +295,18 @@ resources: source: uri: ((github-repo)) branch: ((branch)) - paths: ["ci/images/*"] + paths: + - ci/images/* + - ci/scripts/generate-docker-credentials.sh + - ci/tasks/build-oci-image.yml + - ci/tasks/generate-docker-credentials.yml - name: app-broker-ci-image type: registry-image source: - repository: ((corporate-harbor-registry))/((dockerhub-organization))/app-broker-ci - username: ((corporate-harbor-robot-account.username)) - password: ((corporate-harbor-robot-account.password)) + repository: ((app-broker-dev-docker-registry))/ci/app-broker-ci + username: ((broadcom-jfrog-artifactory-robot-account.username)) + password: ((broadcom-jfrog-artifactory-robot-account.password)) tag: ((ci-image-tag)) - name: artifactory-repo diff --git a/ci/pr-manager-pipeline.yml b/ci/pr-manager-pipeline.yml index 2f51f93bf..64af138f3 100644 --- a/ci/pr-manager-pipeline.yml +++ b/ci/pr-manager-pipeline.yml @@ -39,7 +39,9 @@ resource_types: - name: pull-request type: registry-image source: - repository: ((dockerhub-mirror-registry))/teliaoss/github-pr-resource + repository: ((app-broker-virtual-docker-registry))/teliaoss/github-pr-resource + username: ((broadcom-jfrog-artifactory-robot-account.username)) + password: ((broadcom-jfrog-artifactory-robot-account.password)) tag: v0.23.0 resources: diff --git a/ci/pr-pipeline.yml b/ci/pr-pipeline.yml index 579953da8..bc56f5d41 100644 --- a/ci/pr-pipeline.yml +++ b/ci/pr-pipeline.yml @@ -63,13 +63,17 @@ resource_types: - name: pull-request type: registry-image source: - repository: ((dockerhub-mirror-registry))/teliaoss/github-pr-resource + repository: ((app-broker-virtual-docker-registry))/teliaoss/github-pr-resource + username: ((broadcom-jfrog-artifactory-robot-account.username)) + password: ((broadcom-jfrog-artifactory-robot-account.password)) tag: latest - name: slack-notification type: registry-image source: - repository: ((dockerhub-mirror-registry))/cfcommunity/slack-notification-resource + repository: ((app-broker-virtual-docker-registry))/cfcommunity/slack-notification-resource + username: ((broadcom-jfrog-artifactory-robot-account.username)) + password: ((broadcom-jfrog-artifactory-robot-account.password)) tag: latest - name: shepherd diff --git a/ci/scripts/generate-docker-credentials.sh b/ci/scripts/generate-docker-credentials.sh new file mode 100755 index 000000000..04166ed4d --- /dev/null +++ b/ci/scripts/generate-docker-credentials.sh @@ -0,0 +1,13 @@ +#!/bin/sh + +set -eu + +export TERM="xterm-256color" + +readonly DOCKER_CONFIG_OUTPUT="${DOCKER_CONFIG_OUTPUT:?must be set}" + +# Note that we don't use libs.sh here because that script requires bash, and +# we don't have bash in this container image + +printf "%s" "$REGISTRY_PASSWORD" | docker login "$REGISTRY" --username "$REGISTRY_USERNAME" --password-stdin +cp -v ~/.docker/config.json "$DOCKER_CONFIG_OUTPUT/" diff --git a/ci/tasks/acceptance-tests.yml b/ci/tasks/acceptance-tests.yml index e8397ebca..7c3544a3d 100644 --- a/ci/tasks/acceptance-tests.yml +++ b/ci/tasks/acceptance-tests.yml @@ -3,9 +3,9 @@ platform: linux image_resource: type: registry-image source: - repository: ((corporate-harbor-registry))/((dockerhub-organization))/app-broker-ci - username: ((corporate-harbor-robot-account.username)) - password: ((corporate-harbor-robot-account.password)) + repository: ((app-broker-dev-docker-registry))/ci/app-broker-ci + username: ((broadcom-jfrog-artifactory-robot-account.username)) + password: ((broadcom-jfrog-artifactory-robot-account.password)) tag: ((ci-image-tag)) inputs: - name: git-repo diff --git a/ci/tasks/build-oci-image.yml b/ci/tasks/build-oci-image.yml new file mode 100644 index 000000000..591235911 --- /dev/null +++ b/ci/tasks/build-oci-image.yml @@ -0,0 +1,23 @@ +platform: linux + +image_resource: + type: registry-image + source: + repository: ((app-broker-virtual-docker-registry))/concourse/oci-build-task + tag: 0.11.1 + username: ((broadcom-jfrog-artifactory-robot-account.username)) + password: ((broadcom-jfrog-artifactory-robot-account.password)) + +inputs: + - name: git-repo + - name: docker-config + +outputs: + - name: image + +run: + path: build + +params: + DEBUG: true + DOCKER_CONFIG: docker-config diff --git a/ci/tasks/build-project.yml b/ci/tasks/build-project.yml index b68058a78..fbe783189 100644 --- a/ci/tasks/build-project.yml +++ b/ci/tasks/build-project.yml @@ -3,9 +3,9 @@ platform: linux image_resource: type: registry-image source: - repository: ((corporate-harbor-registry))/((dockerhub-organization))/app-broker-ci - username: ((corporate-harbor-robot-account.username)) - password: ((corporate-harbor-robot-account.password)) + repository: ((app-broker-dev-docker-registry))/ci/app-broker-ci + username: ((broadcom-jfrog-artifactory-robot-account.username)) + password: ((broadcom-jfrog-artifactory-robot-account.password)) tag: ((ci-image-tag)) inputs: - name: git-repo diff --git a/ci/tasks/generate-docker-credentials.yml b/ci/tasks/generate-docker-credentials.yml new file mode 100644 index 000000000..4094063b4 --- /dev/null +++ b/ci/tasks/generate-docker-credentials.yml @@ -0,0 +1,25 @@ +platform: linux + +image_resource: + type: registry-image + source: + repository: ((app-broker-virtual-docker-registry))/docker + tag: 26-cli + username: ((broadcom-jfrog-artifactory-robot-account.username)) + password: ((broadcom-jfrog-artifactory-robot-account.password)) + +inputs: + - name: git-repo + +outputs: + - name: docker-config + +run: + path: ci/scripts/generate-docker-credentials.sh + dir: git-repo + +params: + DOCKER_CONFIG_OUTPUT: ../docker-config + REGISTRY: ((registry)) + REGISTRY_USERNAME: ((registry-username)) + REGISTRY_PASSWORD: ((registry-password)) diff --git a/ci/tasks/list-prs.yml b/ci/tasks/list-prs.yml index 100952002..3aca797c8 100644 --- a/ci/tasks/list-prs.yml +++ b/ci/tasks/list-prs.yml @@ -3,10 +3,10 @@ platform: linux image_resource: type: registry-image source: - repository: ((corporate-harbor-registry))/((dockerhub-organization))/app-broker-ci + repository: ((app-broker-dev-docker-registry))/ci/app-broker-ci + username: ((broadcom-jfrog-artifactory-robot-account.username)) + password: ((broadcom-jfrog-artifactory-robot-account.password)) tag: ((ci-image-tag)) - username: ((corporate-harbor-robot-account.username)) - password: ((corporate-harbor-robot-account.password)) inputs: - name: git-repo diff --git a/ci/tasks/promote.yml b/ci/tasks/promote.yml index ef4a0164b..ce143bd04 100644 --- a/ci/tasks/promote.yml +++ b/ci/tasks/promote.yml @@ -3,7 +3,9 @@ platform: linux image_resource: type: registry-image source: - repository: ((dockerhub-mirror-registry))/springio/concourse-release-scripts + repository: ((app-broker-virtual-docker-registry))/springio/concourse-release-scripts + username: ((broadcom-jfrog-artifactory-robot-account.username)) + password: ((broadcom-jfrog-artifactory-robot-account.password)) tag: '0.3.4' inputs: - name: git-repo diff --git a/ci/tasks/stage.yml b/ci/tasks/stage.yml index e9a3b8bf5..c4ade4a05 100644 --- a/ci/tasks/stage.yml +++ b/ci/tasks/stage.yml @@ -3,9 +3,9 @@ platform: linux image_resource: type: registry-image source: - repository: ((corporate-harbor-registry))/((dockerhub-organization))/app-broker-ci - username: ((corporate-harbor-robot-account.username)) - password: ((corporate-harbor-robot-account.password)) + repository: ((app-broker-dev-docker-registry))/ci/app-broker-ci + username: ((broadcom-jfrog-artifactory-robot-account.username)) + password: ((broadcom-jfrog-artifactory-robot-account.password)) tag: ((ci-image-tag)) inputs: - name: git-repo diff --git a/ci/tasks/sync-to-maven-central.yml b/ci/tasks/sync-to-maven-central.yml index 0b5d00903..8c1ae0610 100644 --- a/ci/tasks/sync-to-maven-central.yml +++ b/ci/tasks/sync-to-maven-central.yml @@ -3,7 +3,9 @@ platform: linux image_resource: type: registry-image source: - repository: ((dockerhub-mirror-registry))/springio/concourse-release-scripts + repository: ((app-broker-virtual-docker-registry))/springio/concourse-release-scripts + username: ((broadcom-jfrog-artifactory-robot-account.username)) + password: ((broadcom-jfrog-artifactory-robot-account.password)) tag: '0.3.4' inputs: - name: git-repo