From 4fb3108c53a26e88f0b69449ae28e1e9875e0396 Mon Sep 17 00:00:00 2001 From: Carlos Rodriguez Lopez Date: Fri, 23 Aug 2024 18:12:15 +0200 Subject: [PATCH] remove cd pipeline --- .cloudbees/workflows/bp-tf-cd.yaml | 182 ----------------------------- 1 file changed, 182 deletions(-) delete mode 100644 .cloudbees/workflows/bp-tf-cd.yaml diff --git a/.cloudbees/workflows/bp-tf-cd.yaml b/.cloudbees/workflows/bp-tf-cd.yaml deleted file mode 100644 index 424dac28..00000000 --- a/.cloudbees/workflows/bp-tf-cd.yaml +++ /dev/null @@ -1,182 +0,0 @@ -# Copyright (c) CloudBees, Inc. - -apiVersion: automation.cloudbees.io/v1alpha1 -kind: workflow -name: cd -on: - workflow_dispatch: -env: - BUCKET_NAME_TF_STATE: cbci-eks-addon-bp - AWS_REGION_TF_BUCKET: us-east-1 - TAGS_TF_BUCKET: '[{Key=cb-owner,Value=professional-services},{Key=cb-user,Value=cb-platform},{Key=cb-purpose,Value=production shared cluster}]' - AWS_ROLE_TO_ASSUME: infra-admin-ci - TF_VAR_suffix: cd - TF_VAR_aws_region: us-east-1 - TF_AUTO_VARS_FILE: | - tags = { - "cb-owner" : "professional-services" - "cb-user" : "cb-platform" - "cb-purpose" : "production shared cluster" - } - trial_license = { - first_name = "CloudBees.io" - last_name = "Platform" - email = "cd.cbci.eks.bp@cloudbees.io" - company = "CloudBees Inc." - } - ci = true -jobs: - init: - steps: - - - name: Configure AWS Credentials - uses: cloudbees-io/configure-aws-credentials@v1 - with: - aws-region: ${{ env.AWS_REGION_TF_BUCKET }} - aws-access-key-id: ${{ secrets.AWS_TF_CBCI_EKS_AccessKeyID }} - aws-secret-access-key: ${{ secrets.AWS_TF_CBCI_EKS_SecretAccessKey }} - role-to-assume: ${{ env.AWS_ROLE_TO_ASSUME }} - role-external-id: cloudbees - role-duration-seconds: "3600" - - - name: Create Terraform Backend Bucket if not exists - uses: docker://public.ecr.aws/r1n1q0e5/cloudbees-labs/tf-aws-cb-ci-eks-addon-agent:latest - shell: bash - run: | - set -x - if aws s3api head-bucket --bucket ${{ env.BUCKET_NAME_TF_STATE }} 2>/dev/null; then - echo "Bucket ${{ env.BUCKET_NAME_TF_STATE }} already exists." - else - echo "Bucket ${{ env.BUCKET_NAME_TF_STATE }} does not exist. Creating now..." - aws s3api create-bucket --bucket ${{ env.BUCKET_NAME_TF_STATE }} \ - --region ${{ env.AWS_REGION_TF_BUCKET }} - fi - aws s3api put-bucket-tagging --bucket ${{ env.BUCKET_NAME_TF_STATE }} \ - --tagging 'TagSet=${{ env.TAGS_TF_BUCKET }}' - - bp02: - env: - # Stages - # CD: deploy,validate,onboarding - # Troubleshooting: deploy,validate,onboarding - # Nuke (Delete Dangling resource): wipeout - STAGES: "deploy,validate,onboarding" - ROOT: 02-at-scale - TF_VAR_hosted_zone: bp02-cd.aws.ps.beescloud.com - #Boolean values are not interpreted correctly within env vars - #DESTROY_ONLY_APPS: false - needs: - - init - steps: - - - name: Configure AWS Credentials - uses: cloudbees-io/configure-aws-credentials@v1 - with: - aws-region: ${{ env.TF_VAR_aws_region }} - aws-access-key-id: ${{ secrets.AWS_TF_CBCI_EKS_AccessKeyID }} - aws-secret-access-key: ${{ secrets.AWS_TF_CBCI_EKS_SecretAccessKey }} - role-to-assume: ${{ env.AWS_ROLE_TO_ASSUME }} - role-external-id: cloudbees - role-duration-seconds: "3600" - - - name: Checkout code - uses: cloudbees-io/checkout@v1 - with: - # Always checkout the main branch for CD - ref: main - - - name: 02-at-scale - Set - uses: docker://public.ecr.aws/r1n1q0e5/cloudbees-labs/tf-aws-cb-ci-eks-addon-agent:latest - shell: bash - run : | - cat <> blueprints/${{ env.ROOT }}/.auto.tfvars - ${{ env.TF_AUTO_VARS_FILE }} - dh_reg_secret_auth = { - username = "${{ secrets.AWS_TF_CBCI_EKS_DHUser }}" - password = "${{ secrets.AWS_TF_CBCI_EKS_DHPass }}" - email = "${{ secrets.AWS_TF_CBCI_EKS_DHMail }}" - } - EOT - cat blueprints/${{ env.ROOT }}/.auto.tfvars - cat <> blueprints/${{ env.ROOT }}/backend.tf - terraform { - backend "s3" { - bucket = "${{ env.BUCKET_NAME_TF_STATE }}" - key = "${{ env.ROOT }}/cd/terraform.tfstate" - region = "${{ env.AWS_REGION_TF_BUCKET }}" - } - } - EOT - #Workaround: Boolean values are not interpreted correctly within env vars - export DESTROY_ONLY_APPS=false - echo "Environment Variables:" - printenv - - - name: 02-at-scale - Deploy - uses: docker://public.ecr.aws/r1n1q0e5/cloudbees-labs/tf-aws-cb-ci-eks-addon-agent:latest - if: contains(env.STAGES, 'deploy') - kind: deploy - shell: bash - run : | - set -x - # It Resolves Issue #66 - aliases=("alias/eks/cbci-bp02-${{ env.TF_VAR_suffix }}-eks" "alias/eks/cbci-bp02-${{ env.TF_VAR_suffix }}") - for alias in "${aliases[@]}"; do - aws kms delete-alias \ - --alias-name $alias \ - --region ${{ env.TF_VAR_aws_region }} || echo "$alias does not exist" - done - CI=true make deploy - aws s3api put-object \ - --bucket "${{ env.BUCKET_NAME_TF_STATE }}" \ - --region "${{ env.AWS_REGION_TF_BUCKET }}" \ - --body blueprints/${{ env.ROOT }}/terraform.output \ - --key ${{ env.ROOT }}/cd/${{ env.ROOT }}.terraform.output || echo "Failed to put $body object in ${{ env.BUCKET_NAME_TF_STATE }}" - eval $(terraform -chdir="blueprints/${{ env.ROOT }}" output --raw kubeconfig_export) - eval $(terraform -chdir="blueprints/${{ env.ROOT }}" output --raw vault_init) - aws s3api put-object \ - --bucket "${{ env.BUCKET_NAME_TF_STATE }}" \ - --region "${{ env.AWS_REGION_TF_BUCKET }}" \ - --body blueprints/${{ env.ROOT }}/k8s/vault-init.log \ - --key ${{ env.ROOT }}/cd/${{ env.ROOT }}.vault.init.log || echo "Failed to put $body object in ${{ env.BUCKET_NAME_TF_STATE }}" - - - - name: 02-at-scale - Validate - uses: docker://public.ecr.aws/r1n1q0e5/cloudbees-labs/tf-aws-cb-ci-eks-addon-agent:latest - if: contains(env.STAGES, 'validate') - kind: test - shell: bash - run : | - CI=true make validate - - - name: 02-at-scale - Destroy - uses: docker://public.ecr.aws/r1n1q0e5/cloudbees-labs/tf-aws-cb-ci-eks-addon-agent:latest - if: contains(env.STAGES, 'destroy') - shell: bash - run : | - CI=true make destroy - - - name: 02-at-scale - Wipeout - uses: docker://public.ecr.aws/r1n1q0e5/cloudbees-labs/tf-aws-cb-ci-eks-addon-agent:latest - if: contains(env.STAGES, 'wipeout') - shell: bash - run : | - terraform -chdir=blueprints/${{ env.ROOT }} init -reconfigure && CI=true make destroy - - - name: 02-at-scale - Role Onboarding - uses: docker://public.ecr.aws/r1n1q0e5/cloudbees-labs/tf-aws-cb-ci-eks-addon-agent:latest - if: contains(env.STAGES, 'onboarding') - env: - TARGET_ROLE: arn:aws:iam::324005994172:role/AWSReservedSSO_infra-admin_256addbf79cfacd1 - shell: bash - run : | - set -x - eval $(terraform -chdir="blueprints/${{ env.ROOT }}" output --raw --raw kubeconfig_export) - kubectl describe configmap aws-auth -n kube-system - eksctl create iamidentitymapping \ - --cluster $(terraform -chdir="blueprints/${{ env.ROOT }}" output --raw eks_cluster_name) \ - --region ${{ env.TF_VAR_aws_region }} \ - --arn ${{ env.TARGET_ROLE }} \ - --username k8s-admin-rol \ - --group system:masters - kubectl describe configmap aws-auth -n kube-system