.circleci/config.yml
version: 2.1
orbs:
ruby: circleci/ruby@1.4.0
aws-ecr: circleci/aws-ecr@8.2.1
aws-eks: circleci/aws-eks@1.1.0
aws-cli: circleci/aws-cli@3.1.4
kubernetes: circleci/kubernetes@1.3.1
docker: circleci/docker@1.5.0
jobs:
build_and_test:
parameters:
ruby_version:
type: string
elasticsearch_version:
type: string
docker:
- image: cimg/ruby:<< parameters.ruby_version >>
# Using custom Docker images including required Elasticsearch plugins.
# See Dockerfile.elasticsearch* for details
- image: searchgov/elasticsearch:<< parameters.elasticsearch_version >>
environment:
- bootstrap.memory_lock=true
- discovery.type=single-node
- xpack.security.enabled=false
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
working_directory: ~/app
steps:
- checkout
- run: cp -p config/secrets_example.yml config/secrets.yml
# Install gems with Bundler
- ruby/install-deps:
# Need to clear the gem cache? Set or bump the CACHE_VERSION in your
# CircleCi project: Project Settings > Environment Variables
key: gems-ruby-<< parameters.ruby_version >>-v{{ .Environment.CACHE_VERSION }}
- run:
name: Setup Code Climate test-reporter
command: |
curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
chmod +x ./cc-test-reporter
- run:
name: Wait for Elasticsearch
command: dockerize -wait tcp://localhost:9200 -timeout 1m
- run:
name: RSpec
environment:
CC_TEST_REPORTER_ID: 09d5a7d453407f367679c8f86c4c582ec3583bed3c7a06286d61d16e89290bd1
command: |
bundle exec rake i14y:setup
./cc-test-reporter before-build
bundle exec rspec spec
./cc-test-reporter after-build --exit-code $?
- store_artifacts:
path: coverage
destination: ~/coverage
update-staging:
docker:
- image: cimg/aws:2023.01
steps:
- checkout
- setup_remote_docker
- aws-cli/setup:
aws-region: STAGING_AWS_REGION
aws-access-key-id: CIRCLE_CI_USER_ACCESS_KEY_ID
aws-secret-access-key: CIRCLE_CI_USER_SECRET_ACCESS_KEY
- run: docker build -t i14y .
- run: docker tag i14y:latest 213305845712.dkr.ecr.us-east-2.amazonaws.com/i14y:latest
- run: docker tag i14y:latest 213305845712.dkr.ecr.us-east-2.amazonaws.com/i14y:${CIRCLE_BUILD_NUM}
- run: aws ecr get-login-password --region us-east-2 | docker login --username AWS --password-stdin 213305845712.dkr.ecr.us-east-2.amazonaws.com
- run: docker push 213305845712.dkr.ecr.us-east-2.amazonaws.com/i14y:latest
- run: docker push 213305845712.dkr.ecr.us-east-2.amazonaws.com/i14y:${CIRCLE_BUILD_NUM}
- run:
name: update i14y k8s deployment
command: |
aws ssm send-command \
--document-name "searchgov-deployment-ssm-document" \
--targets "Key=tag:Name,Values=jumphost-staging-search-instance" \
--parameters '{"DeploymentName":["search-staging-i14y-deploy"], "Namespace":["search"]}' \
--comment "restart i14y staging deployment"
update-prod:
docker:
- image: cimg/aws:2023.01
steps:
- checkout
- setup_remote_docker
- aws-cli/setup:
aws-region: PROD_AWS_REGION
aws-access-key-id: CIRCLE_CI_USER_ACCESS_KEY_ID
aws-secret-access-key: CIRCLE_CI_USER_SECRET_ACCESS_KEY
- run: docker build -t i14y .
- run: docker tag i14y:latest 213305845712.dkr.ecr.us-east-1.amazonaws.com/i14y:latest
- run: docker tag i14y:latest 213305845712.dkr.ecr.us-east-1.amazonaws.com/i14y:${CIRCLE_BUILD_NUM}
- run: aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 213305845712.dkr.ecr.us-east-1.amazonaws.com
- run: docker push 213305845712.dkr.ecr.us-east-1.amazonaws.com/i14y:latest
- run: docker push 213305845712.dkr.ecr.us-east-1.amazonaws.com/i14y:${CIRCLE_BUILD_NUM}
- run:
name: update i14y k8s deployment
command: |
aws ssm send-command \
--document-name "searchgov-deployment-ssm-document" \
--targets "Key=tag:Name,Values=jumphost-prod-search-instance" \
--parameters '{"DeploymentName":["search-prod-i14y-deploy"], "Namespace":["search"]}' \
--comment "restart i14y prod deployment"
workflows:
build_and_test:
jobs:
- build_and_test:
name: "Ruby << matrix.ruby_version >>, ES << matrix.elasticsearch_version >>"
matrix:
parameters:
ruby_version:
- 3.1.4
- 3.3.0
elasticsearch_version:
- 7.17.7
# not yet compatible with Elasticsearch 8
build_image_and_deploy:
jobs:
- update-staging:
context:
- aws-client-keys
filters:
branches:
only:
- main
- update-prod:
context:
- aws-client-keys
filters:
branches:
only:
- production