Merge pull request #191 from cloudbees/shared-lib

[Blueprints, 02-at-scale]: Shared Lib configuration HA vs not HA

Makefile

@@ -6,7 +6,7 @@ BP_AGENT_USER       := bp-agent
 MKFILEDIR 			:= $(abspath $(dir $(lastword $(MAKEFILE_LIST))))
 CBCI_REPO		    ?= https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon.git
 CBCI_BRANCH			?= main
-DESTROY_ONLY_APPS	?= false
+DESTROY_WL_ONLY	?= false
 
 define helpers
 	source blueprints/helpers.sh && $(1)
@@ -57,18 +57,17 @@ endif
 	@$(call helpers,INFO "CloudBees CI Blueprint $(ROOT) Validation target finished succesfully.")
 
 .PHONY: destroy
-destroy: ## Destroy Terraform Blueprint passed as parameter. Example: ROOT=02-at-scale make destroy
-destroy: tfChecks agentCheck
+destroy: ## Destroy Terraform Blueprint passed as parameter. Example: [DESTROY_WL_ONLY=false] ROOT=02-at-scale make destroy
+destroy: tfChecks agentCheck guard-DESTROY_WL_ONLY
 ifeq ($(CI),false)
-	@$(call helpers,ask-confirmation "Destroy $(ROOT)")
+	@$(call helpers,ask-confirmation "Destroy $(ROOT) with Destroy Workloads Only=$(DESTROY_WL_ONLY)")
 endif
-ifeq ($(DESTROY_ONLY_APPS),false)
+ifeq ($(DESTROY_WL_ONLY),false)
 	@$(call helpers,tf-destroy $(ROOT))
-	@$(call helpers,INFO "CloudBees CI Blueprint $(ROOT) Destroy target finished succesfully. Mode: ALL")
 else
-	@$(call helpers,tf-destroy-apps $(ROOT))
-	@$(call helpers,INFO "CloudBees CI Blueprint $(ROOT) Destroy ONLY APPS target finished succesfully. Mode: ONLY APPS")
+	@$(call helpers,tf-destroy-wl $(ROOT))
 endif
+	@$(call helpers,INFO "CloudBees CI Blueprint $(ROOT) Destroy target finished succesfully. Destroy Workloads Only=$(DESTROY_WL_ONLY)")
 
 .PHONY: clean
 clean: ## Clean Blueprint passed as parameter. Example: ROOT=02-at-scale make clean

blueprints/02-at-scale/README.md

@@ -235,7 +235,9 @@ HashiCorp Vault is used as a credential provider for CloudBees CI Pipelines in t
 
 6. Select **Test Connection** to verify the inputs are correct.
 
-7. Move to `team-b` or `team-c-ha` to run the Pipeline (**admin > validations > vault-credentials**) and validate that credentials are fetched correctly from the Hashicorp Vault.
+7. Move to `team-b` to run the Pipeline (**admin > validations > vault-credentials**) and validate that credentials are fetched correctly from the Hashicorp Vault.
+
+   Known issue [#190](https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon/issues/190) makes the same pipeline fails in `team-c-ha`
 
 > [!NOTE]
 > Hashicorp Vault can be also be configured to be used for [Configuration as Code - Handling Secrets - Vault](https://github.com/jenkinsci/configuration-as-code-plugin/blob/master/docs/features/secrets.adoc#hashicorp-vault-secret-source).
@@ -272,6 +274,8 @@ HashiCorp Vault is used as a credential provider for CloudBees CI Pipelines in t
 
       The `linux-mavenAndKaniko-L` agent template is deployed over on-demand Linux nodes that have smaller instance types versus the `linux-mavenAndKaniko-XL` template that is deployed over Spot Linux nodes that have defined larger instance types.
 
+      Known issue [#190](https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon/issues/190) makes the same pipeline fails in `team-c-ha`
+
    - For Windows node pool use:
 
       ```sh

blueprints/02-at-scale/cbci/casc/mc/ha/bundle.yaml

@@ -7,3 +7,5 @@ allowCapExceptions: true
 jcascMergeStrategy: "errorOnConflict"
 jcasc:
   - jcasc
+variables:
+  - variables

blueprints/02-at-scale/cbci/casc/mc/ha/jcasc/main.yaml

@@ -1,3 +1,20 @@
 unclassified:
   globalDefaultFlowDurabilityLevel:
     durabilityHint: MAX_SURVIVABILITY
+  globalLibraries:
+    libraries:
+    - defaultVersion: ${sharedLibBranch}
+      name: "common"
+      retriever:
+        modernSCM:
+          clone: true
+          libraryPath: ${sharedLibPath}
+          scm:
+            git:
+              remote: ${sharedLibRepo}
+              traits:
+              - cloneOption:
+                  extension:
+                    depth: 1
+                    noTags: false
+                    shallow: true

blueprints/02-at-scale/cbci/casc/mc/ha/variables/variables.yaml

@@ -0,0 +1,4 @@
+variables:
+  - sharedLibRepo: "https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon.git"
+  - sharedLibBranch: shared-lib
+  - sharedLibPath: "blueprints/02-at-scale/cbci/shared-lib"

blueprints/02-at-scale/cbci/casc/mc/none-ha/bundle.yaml

@@ -7,3 +7,5 @@ allowCapExceptions: true
 jcascMergeStrategy: "errorOnConflict"
 jcasc:
   - jcasc
+variables:
+  - variables

blueprints/02-at-scale/cbci/casc/mc/none-ha/jcasc/main.yaml

@@ -1,3 +1,15 @@
 unclassified:
   globalDefaultFlowDurabilityLevel:
     durabilityHint: PERFORMANCE_OPTIMIZED
+  globalLibraries:
+    libraries:
+    - defaultVersion: ${sharedLibBranch}
+      name: "common"
+      retriever:
+        modernSCM:
+          libraryPath: ${sharedLibPath}
+          scm:
+            git:
+              remote: ${sharedLibRepo}
+      cachingConfiguration:
+        refreshTimeMinutes: 0

blueprints/02-at-scale/cbci/casc/mc/none-ha/variables/variables.yaml

@@ -0,0 +1,4 @@
+variables:
+  - sharedLibRepo: "https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon.git"
+  - sharedLibBranch: shared-lib
+  - sharedLibPath: "blueprints/02-at-scale/cbci/shared-lib"

blueprints/02-at-scale/cbci/casc/mc/parent/jcasc/main.yaml

@@ -38,16 +38,6 @@ unclassified:
     endpoint: ${ot_endpoint}
   cascItemsConfiguration:
     variableInterpolationEnabledForAdmin: true
-  globalLibraries:
-    libraries:
-    - defaultVersion: ${sharedLibBranch}
-      name: "common"
-      retriever:
-        modernSCM:
-          libraryPath: ${sharedLibPath}
-          scm:
-            git:
-              remote: ${sharedLibRepo}
 aws:
   awsCredentials:
     region: "${sec_awsRegion}"

blueprints/02-at-scale/cbci/casc/mc/parent/variables/variables.yaml

@@ -2,6 +2,4 @@ variables:
   - ot_endpoint: "http://tempo.kube-prometheus-stack.svc.cluster.local:4317"
   - s3bucketPreffix: "cbci"
   - regSecretsName: "cbci-sec-reg"
-  - sharedLibRepo: "https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon.git"
-  - sharedLibBranch: develop
-  - sharedLibPath: "blueprints/02-at-scale/cbci/shared-lib"
+

blueprints/02-at-scale/cbci/casc/oc/items/root.yaml

@@ -53,7 +53,7 @@ items:
               "cloudbees.prometheus": "true"
     properties:
       - configurationAsCode:
-          bundle: "develop/none-ha"
+          bundle: "shared-lib/none-ha"
   # Casc, HA
   - kind: managedController
     name: team-c-ha
@@ -100,4 +100,4 @@ items:
               "cloudbees.prometheus": "true"
     properties:
       - configurationAsCode:
-          bundle: "develop/ha"
+          bundle: "shared-lib/ha"

blueprints/02-at-scale/cbci/casc/oc/variables/variables.yaml

@@ -1,7 +1,7 @@
 variables:
   - message: "Welcome to the CloudBees CI blueprint add-on: At scale!"
   - cascRepo: "https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon.git"
-  - cascBranch: develop
+  - cascBranch: shared-lib
   - cascPathController: "/blueprints/02-at-scale/cbci/casc/mc/"
   - ldapManagerDN: "cn=admin,dc=acme,dc=org"
   - ldapRootDN: "dc=acme,dc=org"

blueprints/02-at-scale/k8s/cbci-values.yml

@@ -16,7 +16,7 @@ OperationsCenter:
     Retriever:
       Enabled: true
       scmRepo: "https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon.git"
-      scmBranch: develop
+      scmBranch: shared-lib
       scmBundlePath: blueprints/02-at-scale/cbci/casc/oc
       scmPollingInterval: PT20M
 Persistence:

blueprints/helpers.sh

@@ -91,13 +91,13 @@ tf-apply () {
 tf-destroy () {
   local root="$1"
   export TF_LOG_PATH="$SCRIPTDIR/$root/terraform.log"
-  tf-destroy-apps "$root"
+  tf-destroy-wl "$root"
   retry 3 "terraform -chdir=$SCRIPTDIR/$root destroy -target=module.eks -auto-approve"
   retry 3 "terraform -chdir=$SCRIPTDIR/$root destroy -auto-approve"
   rm -f "$SCRIPTDIR/$root/terraform.output"
 }
 
-tf-destroy-apps () {
+tf-destroy-wl () {
   local root="$1"
   export TF_LOG_PATH="$SCRIPTDIR/$root/terraform.log"
   retry 3 "terraform -chdir=$SCRIPTDIR/$root destroy -target=module.eks_blueprints_addon_cbci -auto-approve"
@@ -199,10 +199,13 @@ set-cbci-location () {
   #Repo
   sed -i "s|scmRepo: .*|scmRepo: \"$repo\"|g" "$SCRIPTDIR/02-at-scale/k8s/cbci-values.yml"
   sed -i "s|scmCascMmStore: .*|scmCascMmStore: \"$repo\"|g" "$SCRIPTDIR/02-at-scale/cbci/casc/oc/variables/variables.yaml"
+  sed -i "s|sharedLibRepo: .*|sharedLibRepo: \"$repo\"|g" "$SCRIPTDIR/02-at-scale/cbci/casc/mc/ha/variables/variables.yaml"
+  sed -i "s|sharedLibRepo: .*|sharedLibRepo: \"$repo\"|g" "$SCRIPTDIR/02-at-scale/cbci/casc/mc/none-ha/variables/variables.yaml"
   #Branch
   sed -i "s|scmBranch: .*|scmBranch: $branch|g" "$SCRIPTDIR/02-at-scale/k8s/cbci-values.yml"
   sed -i "s|cascBranch: .*|cascBranch: $branch|g" "$SCRIPTDIR/02-at-scale/cbci/casc/oc/variables/variables.yaml"
-  sed -i "s|sharedLibBranch: .*|sharedLibBranch: $branch|g" "$SCRIPTDIR/02-at-scale/cbci/casc/mc/parent/variables/variables.yaml"
+  sed -i "s|sharedLibBranch: .*|sharedLibBranch: $branch|g" "$SCRIPTDIR/02-at-scale/cbci/casc/mc/ha/variables/variables.yaml"
+  sed -i "s|sharedLibBranch: .*|sharedLibBranch: $branch|g" "$SCRIPTDIR/02-at-scale/cbci/casc/mc/none-ha/variables/variables.yaml"
   sed -i "s|bundle: \".*/none-ha\"|bundle: \"$branch/none-ha\"|g" "$SCRIPTDIR/02-at-scale/cbci/casc/oc/items/root.yaml"
   sed -i "s|bundle: \".*/ha\"|bundle: \"$branch/ha\"|g" "$SCRIPTDIR/02-at-scale/cbci/casc/oc/items/root.yaml"
 }