2
0
mirror of https://github.com/offen/website.git synced 2024-11-22 17:10:29 +01:00
website/.circleci/config.yml

405 lines
13 KiB
YAML

version: 2
production_env: &production_env
environment:
- SERVER_HOST=https://server-alpha.offen.dev
- OPT_OUT_PIXEL_LOCATION=https://server-alpha.offen.dev/opt-out
- OPT_IN_PIXEL_LOCATION=https://server-alpha.offen.dev/opt-in
- KMS_HOST=https://kms-alpha.offen.dev
- SCRIPT_HOST=https://script-alpha.offen.dev
- AUDITORIUM_HOST=https://auditorium-alpha.offen.dev
- VAULT_HOST=https://vault-alpha.offen.dev
- ACCOUNTS_HOST=https://accounts-alpha.offen.dev
- NODE_ENV=production
deploy_preconditions: &deploy_preconditions
requires:
- server
- kms
- vault
- script
- auditorium
- packages
- shared
- accounts
filters:
branches:
only: /^master$/
jobs:
kms:
docker:
- image: circleci/golang:1.12
environment:
- PORT=8081
working_directory: ~/offen/kms
steps:
- checkout:
path: ~/offen
- restore_cache:
key: offen-kms-{{ checksum "go.mod" }}
- run:
name: Download modules
command: go mod download
- save_cache:
paths:
- /go/pkg/mod
key: offen-kms-{{ checksum "go.mod" }}
- run:
name: Generate one-off key file
command: make bootstrap
- run:
name: Run tests
command: make test-ci
server:
docker:
- image: circleci/golang:1.12
environment:
- POSTGRES_CONNECTION_STRING=postgres://circle:test@localhost:5432/circle_test?sslmode=disable
- PORT=8080
- image: circleci/postgres:11.2-alpine
environment:
- POSTGRES_USER=circle
- POSTGRES_PASSWORD=test
working_directory: ~/offen/server
steps:
- checkout:
path: ~/offen
- restore_cache:
key: offen-server-{{ checksum "go.mod" }}
- run:
name: Download modules
command: go mod download
- save_cache:
paths:
- /go/pkg/mod
key: offen-server-{{ checksum "go.mod" }}
- run:
name: Waiting for Postgres to be ready
command: |
for i in `seq 1 10`;
do
nc -z localhost 5432 && echo Success && exit 0
echo -n .
sleep 1
done
echo Failed waiting for Postgres && exit 1
- run:
name: Run tests
command: make test-ci
shared:
docker:
- image: circleci/golang:1.12
working_directory: ~/offen/shared
steps:
- checkout:
path: ~/offen
- run:
name: Install dependencies
command: go get ./...
- run:
name: Run tests
command: make test
vault:
docker:
- image: circleci/node:10-browsers
working_directory: ~/offen/vault
steps:
- checkout:
path: ~/offen
- restore_cache:
key: offen-vault-{{ checksum "package.json" }}
- run:
name: Install dependencies
command: npm install
- save_cache:
paths:
- ~/offen/vault/node_modules
key: offen-vault-{{ checksum "package.json" }}
- run:
name: Run tests
command: npm test
script:
docker:
- image: circleci/node:10-browsers
working_directory: ~/offen/script
steps:
- checkout:
path: ~/offen
- restore_cache:
key: offen-script-{{ checksum "package.json" }}
- run:
name: Install lsof
command: sudo apt-get install lsof
- run:
name: Install dependencies
command: npm install
- save_cache:
paths:
- ~/offen/script/node_modules
key: offen-script-{{ checksum "package.json" }}
- run:
name: Run tests
command: npm test
auditorium:
docker:
- image: circleci/node:10-browsers
working_directory: ~/offen/auditorium
steps:
- checkout:
path: ~/offen
- restore_cache:
key: offen-auditorium-{{ checksum "package.json" }}
- run:
name: Install lsof
command: sudo apt-get install lsof
- run:
name: Install dependencies
command: npm install
- save_cache:
paths:
- ~/offen/auditorium/node_modules
key: offen-auditorium-{{ checksum "package.json" }}
- run:
name: Run tests
command: npm test
packages:
docker:
- image: circleci/node:10-browsers
working_directory: ~/offen/packages
steps:
- checkout:
path: ~/offen
- restore_cache:
key: offen-packages-{{ checksum "package.json" }}
- run:
name: Install lsof
command: sudo apt-get install lsof
- run:
name: Install dependencies
command: npm install
- save_cache:
paths:
- ~/offen/packages/node_modules
key: offen-packages-{{ checksum "package.json" }}
- run:
name: Run tests
command: npm test
accounts:
docker:
- image: circleci/python:3.6
environment:
HASHED_PASSWORD: JDJhJDEwJGpFRXJMOVVSQndZQlFQNjkxallkZi53aGp1cDMvRW5maGUvakZleG1pWFlnWEVXcU93ODBp
JWT_PRIVATE_KEY: |-
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCzgU18PnRrpbVK
LU4EewU476arjLeMAXoxQAvrufvnwAGlrvnuh+TE7z7R3KslOyP0m3bTMaNyn2la
DFz0ERR8KFA3rbUUDLG8QAUomm6X2WNbZJqFG/ORBWyEWy/bvNEbCTtF8K09v6HT
PcNzpSrzN8MK/xsIXnMTa/acftbfD3jnb1KFNWaSUKgEM9OL8NSW8PpqTf+le/+R
0Dwhd4vNnELpobKY3tvhxjvlQmbZA6vRrOoWfWbKXuS/7B7CWXWEhXPTbcJPcKPt
zlkpJGlrcHgvTBorM/lBZw7zrmfUcJROdX6ziU1ymEENkKtLBORedWdBZU8Ivuyy
hDIzS7cdAgMBAAECggEAVReXfq0wjRMJhHdDg5Y5nIrmbG4RWFoe7ZfZzs3kXzDC
1yLCMdPTm5N6KQu9SbHmUn8b7fOa8qwkyd4QdlZeapjFpg8/RpjZ7E5A48WJZYxU
sC9ZnH3qkTWMApYjcrvoODPBGF+GED52XOfrbje+y3sEh4L08purW2qThg4Ol8A2
+lqh7W0DCAYV9BG4jFo0QyJRsXa88JIxVS2gSbuegDyHwRTtPq0ZH+vqUEsJti0c
G60hwcl0v9eRbJk/e9lzhKFKnf4/ReRAX9pUyyIb7za3vhYwDmjglgZ+Ax4HhkPK
SR8KjqX5hQ2nOtDmxkxEO1QF5Qm99VLlZyo55vdJYQKBgQDomtQ7jwc41JM9naZC
1agGjJamZAtfDf/00KQILWplaDCDEyue9A1iSnu7yNLX4VOjsKhfvugARwz2pOrw
PkOYasurM+P16qNkyfyVUilC/QoOcm5UjsCy/wAViwYFG8hZGBj+jPELqPglSdr4
m2FPTFOmtQDzB7EOk9Mzaic26QKBgQDFjz96/3OAC2dBdjQz7zXKHYPPo2gXqS76
3UOX2u+S43jJGEEKLdWa34qO6KrnnUsivyvEyF2/5H6n8Dc2Xj0LBdO67wyzbtFM
dI9RiQ3DqTBbebmrkSdIaTBAGu1VtSCzBKUqckkM3lLSHhJBg0XrURGdqro28nhZ
uSQ8EzzGFQKBgQCCiVlvrz3jU9Dp9E45FcR9IGrvKBgFmUq6bliPykT6cfU/qgOB
6f6U2a4E3ZgN1QNmSp7DVNTISxdoV3cNqjOvFsgD5VQaTzqxNnXMqtZDJNR+9RMb
2x0jlt3KOUIAne3aqh5kxF4GKCZSbtc3S6PZp8EOPmgw+3EO+EC/iuRE+QKBgHIW
uqs2UKY2b6ffMmB3mVGiX9eOX3OikW3wT7OnjMkAMmW3awAM3hl1VNgYx3HAZX6o
dgdLStChjP9A+zGblJcEA3Ulzejla1tCyO1mP5up3jJFhpLs3Ym0rVen9T2Uv1CC
sztjCoqy7ZNIKHTK8Zrmk0zBJo7K0fPGtoU2+tbNAoGAc2x7cW8y9ERRJg8FSWj0
ADPUPzsW3Bu76U0oVEXg66d3+D9z8LBVhBYjL/+tJWADapePnye+gpqzd4kGFeV4
q49Qz5hhZUzsUl2iOURQLUnI2g0AINiMIVL5EkZtdD+Au65+AaYL7YEsXmKcLXHX
coEomAoy102k4A6WsM2bKf4=
-----END PRIVATE KEY-----
JWT_PUBLIC_KEY: |-
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4FNfD50a6W1Si1OBHsF
OO+mq4y3jAF6MUAL67n758ABpa757ofkxO8+0dyrJTsj9Jt20zGjcp9pWgxc9BEU
fChQN621FAyxvEAFKJpul9ljW2SahRvzkQVshFsv27zRGwk7RfCtPb+h0z3Dc6Uq
8zfDCv8bCF5zE2v2nH7W3w94529ShTVmklCoBDPTi/DUlvD6ak3/pXv/kdA8IXeL
zZxC6aGymN7b4cY75UJm2QOr0azqFn1myl7kv+wewll1hIVz023CT3Cj7c5ZKSRp
a3B4L0waKzP5QWcO865n1HCUTnV+s4lNcphBDZCrSwTkXnVnQWVPCL7ssoQyM0u3
HQIDAQAB
-----END PUBLIC KEY-----
working_directory: ~/offen/accounts
steps:
- checkout:
path: ~/offen
- restore_cache:
key: offen-accounts-{{ checksum "requirements.txt" }}-{{ checksum "requirements-dev.txt" }}
- run:
name: Install dependencies
command: |
python3 -m venv venv
. venv/bin/activate
pip install -r requirements.txt
pip install -r requirements-dev.txt
- save_cache:
paths:
- ~/offen/accounts/venv
key: offen-accounts-{{ checksum "requirements.txt" }}-{{ checksum "requirements-dev.txt" }}
- run:
name: Run tests
command: |
. venv/bin/activate
make
deploy_python:
docker:
- image: circleci/python:3.6-node
<<: *production_env
working_directory: ~/offen
steps:
- checkout:
path: ~/offen
- restore_cache:
key: offen-deploy-{{ checksum "package.json" }}
- run:
name: Install dependencies
command: npm install
- save_cache:
paths:
- ~/offen/packages/node_modules
key: offen-packages-{{ checksum "package.json" }}
- run:
name: Deploy
working_directory: ~/offen/accounts
command: |
echo "Deploying accounts ..."
$(npm bin)/sls deploy
deploy_golang:
docker:
- image: circleci/golang:1.12-node
<<: *production_env
working_directory: ~/offen
steps:
- checkout:
path: ~/offen
- restore_cache:
key: offen-deploy-{{ checksum "package.json" }}
- run:
name: Install dependencies
command: npm install
- save_cache:
paths:
- ~/offen/packages/node_modules
key: offen-packages-{{ checksum "package.json" }}
- restore_cache:
key: offen-server-{{ checksum "server/go.mod" }}
- run:
name: Build server service
working_directory: ~/offen/server
command: make build
- run:
name: Manually clear go cache
command: sudo rm -rf /go/pkg/mod
- restore_cache:
key: offen-kms-{{ checksum "kms/go.mod" }}
- run:
name: Build kms service
working_directory: ~/offen/kms
command: make build
- run:
name: Manually clear go cache
command: sudo rm -rf /go/pkg/mod
- run:
name: Deploy
working_directory: ~/offen
command: |
echo "Deploying server ..."
$(npm bin)/sls deploy --config server/serverless.yml
echo "Deploying kms ..."
$(npm bin)/sls deploy --config kms/serverless.yml
deploy_node:
docker:
- image: circleci/node:10
<<: *production_env
working_directory: ~/offen
steps:
- checkout:
path: ~/offen
- restore_cache:
key: offen-deploy-{{ checksum "package.json" }}
- run:
name: Install dependencies
command: npm install
- save_cache:
paths:
- ~/offen/packages/node_modules
key: offen-packages-{{ checksum "package.json" }}
- restore_cache:
key: offen-auditorium-{{ checksum "auditorium/package.json" }}
- run:
name: Build auditorium service
working_directory: ~/offen/auditorium
command: npm run build
- restore_cache:
key: offen-script-{{ checksum "script/package.json" }}
- run:
name: Build script service
working_directory: ~/offen/script
command: npm run build
- restore_cache:
key: offen-vault-{{ checksum "vault/package.json" }}
- run:
name: Build vault service
working_directory: ~/offen/vault
command: npm run build
- run:
name: Deploy
working_directory: ~/offen
command: |
echo "Deploying auditorium ..."
$(npm bin)/sls deploy --config auditorium/serverless.yml
$(npm bin)/sls client deploy --config auditorium/serverless.yml --no-confirm
echo "Deploying script ..."
$(npm bin)/sls deploy --config script/serverless.yml
$(npm bin)/sls client deploy --config script/serverless.yml --no-confirm
echo "Deploying vault ..."
$(npm bin)/sls deploy --config vault/serverless.yml
$(npm bin)/sls client deploy --config vault/serverless.yml --no-confirm
workflows:
version: 2
test_build_deploy:
jobs:
- server
- kms
- vault
- script
- auditorium
- packages
- shared
- accounts
- deploy_golang:
<<: *deploy_preconditions
- deploy_node:
<<: *deploy_preconditions
- deploy_python:
<<: *deploy_preconditions