-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 39e82b3
Showing
557 changed files
with
159,122 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,85 @@ | ||
| version: 0.2 | ||
|
|
||
| env: | ||
| # ==================== # | ||
| # Ref: SECRET CONFIG # | ||
| # ==================== # | ||
| parameter-store: | ||
| BUILDNUMBER: /devopscorner/cicd/staging/repo/bookstore-adot/buildnumber | ||
| STORE_AWS_ACCOUNT: /devopscorner/cicd/staging/credentials/aws_account | ||
| STORE_AWS_ACCESS_KEY: /devopscorner/cicd/staging/credentials/aws_access_key | ||
| STORE_AWS_SECRET_KEY: /devopscorner/cicd/staging/credentials/aws_secret_key | ||
| STORE_REPO_URL: /devopscorner/cicd/staging/repo/bookstore-adot/url | ||
| STORE_REPO_BRANCH: /devopscorner/cicd/staging/repo/bookstore-adot/branch | ||
| STORE_REPO_FOLDER: /devopscorner/cicd/staging/repo/bookstore-adot/folder | ||
| STORE_EKS_CLUSTER: /devopscorner/cicd/staging/eks_cluster | ||
| STORE_BASE64_PUB_KEY: /devopscorner/cicd/staging/credentials/base64_pub_key | ||
| STORE_BASE64_PRIV_KEY: /devopscorner/cicd/staging/credentials/base64_priv_key | ||
| STORE_BASE64_PEM_KEY: /devopscorner/cicd/staging/credentials/base64_pem_key | ||
| STORE_BASE64_SSH_CONFIG: /devopscorner/cicd/staging/credentials/base64_ssh_config | ||
| STORE_BASE64_KNOWN_HOSTS: /devopscorner/cicd/staging/credentials/known_hosts | ||
| STORE_BASE64_KUBECONFIG: /devopscorner/cicd/staging/credentials/base64_kube_config | ||
|
|
||
| # ===================================== # | ||
| # Ref: Pipeline Environment Variables # | ||
| # ===================================== # | ||
| variables: | ||
| ENV_CICD: "dev" | ||
| AWS_DEFAULT_REGION: "us-west-2" | ||
| INFRA_CICD: "terraform/environment/providers/aws/infra/resources" | ||
| INFRA_CICD_PATH: "bookstore-adot" | ||
| INFRA_ECR_PATH: "devopscorner/bookstore-adot" | ||
|
|
||
| phases: | ||
| pre_build: | ||
| commands: | ||
| # ======================= # | ||
| # Setup Auth Repository # | ||
| # ======================= # | ||
| - mkdir -p ~/.ssh | ||
| - echo "${STORE_BASE64_PUB_KEY}" | base64 -d > ~/.ssh/id_rsa.pub | ||
| - echo "${STORE_BASE64_PRIV_KEY}" | base64 -d > ~/.ssh/id_rsa | ||
| - echo "${STORE_BASE64_KNOWN_HOSTS}" | base64 -d > ~/.ssh/known_hosts | ||
| - chmod 400 ~/.ssh/id_rsa* | ||
| - chmod 644 ~/.ssh/known_hosts | ||
| - eval "$(ssh-agent -s)" | ||
| - ssh-add ~/.ssh/id_rsa | ||
| - echo '- DONE -' | ||
| build: | ||
| commands: | ||
| # ========================= # | ||
| # Refactoring AWS Account # | ||
| # ========================= # | ||
| - cd ${CODEBUILD_SRC_DIR} && find ./ -type f -exec sed -i "s/YOUR_AWS_ACCOUNT/${STORE_AWS_ACCOUNT}/g" {} \; | ||
| # ============= # | ||
| # Build Image # | ||
| # ============= # | ||
| - make ecr-build-alpine ARGS=${STORE_AWS_ACCOUNT} CI_PATH=${INFRA_ECR_PATH} | ||
| # ============== # | ||
| # Unit Testing # | ||
| # ============== # | ||
| # - make unit-test | ||
| # ============ # | ||
| # Tags Image # | ||
| # ============ # | ||
| - make ecr-tag-alpine ARGS=${STORE_AWS_ACCOUNT} CI_PATH=${INFRA_ECR_PATH} | ||
| - docker images --format "{{.Repository}}:{{.Tag}}" | grep ${INFRA_ECR_PATH} | ||
| # ============ # | ||
| # Push Image # | ||
| # ============ # | ||
| - make ecr-push-alpine ARGS=${STORE_AWS_ACCOUNT} TAGS=${INFRA_ECR_PATH} | ||
|
|
||
| artifacts: | ||
| files: | ||
| - _infra/* | ||
| - .aws/* | ||
| - docs/* | ||
| - src/* | ||
| - dockerhub-build.sh | ||
| - dockerhub-push.sh | ||
| - dockerhub-tag.sh | ||
| - ecr-build.sh | ||
| - ecr-push.sh | ||
| - ecr-tag.sh | ||
| - Makefile | ||
| name: "artifact-$(date '+%Y%m%d-%H%M%S')" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,88 @@ | ||
| version: 0.2 | ||
|
|
||
| env: | ||
| # ==================== # | ||
| # Ref: SECRET CONFIG # | ||
| # ==================== # | ||
| parameter-store: | ||
| BUILDNUMBER: /devopscorner/cicd/staging/repo/bookstore-adot/buildnumber | ||
| STORE_AWS_ACCOUNT: /devopscorner/cicd/staging/credentials/aws_account | ||
| STORE_AWS_ACCESS_KEY: /devopscorner/cicd/staging/credentials/aws_access_key | ||
| STORE_AWS_SECRET_KEY: /devopscorner/cicd/staging/credentials/aws_secret_key | ||
| STORE_REPO_URL: /devopscorner/cicd/staging/repo/bookstore-adot/url | ||
| STORE_REPO_BRANCH: /devopscorner/cicd/staging/repo/bookstore-adot/branch | ||
| STORE_REPO_FOLDER: /devopscorner/cicd/staging/repo/bookstore-adot/folder | ||
| STORE_EKS_CLUSTER: /devopscorner/cicd/staging/eks_cluster | ||
| STORE_BASE64_PUB_KEY: /devopscorner/cicd/staging/credentials/base64_pub_key | ||
| STORE_BASE64_PRIV_KEY: /devopscorner/cicd/staging/credentials/base64_priv_key | ||
| STORE_BASE64_PEM_KEY: /devopscorner/cicd/staging/credentials/base64_pem_key | ||
| STORE_BASE64_SSH_CONFIG: /devopscorner/cicd/staging/credentials/base64_ssh_config | ||
| STORE_BASE64_KNOWN_HOSTS: /devopscorner/cicd/staging/credentials/known_hosts | ||
| STORE_BASE64_KUBECONFIG: /devopscorner/cicd/staging/credentials/base64_kube_config | ||
|
|
||
| # ===================================== # | ||
| # Ref: Pipeline Environment Variables # | ||
| # ===================================== # | ||
| variables: | ||
| ENV_CICD: "dev" | ||
| AWS_DEFAULT_REGION: "us-west-2" | ||
| INFRA_CICD: "terraform/environment/providers/aws/infra/resources" | ||
| INFRA_CICD_PATH: "bookstore-adot" | ||
| INFRA_ECR_PATH: "devopscorner/bookstore-adot" | ||
|
|
||
| phases: | ||
| pre_build: | ||
| commands: | ||
| # ======================= # | ||
| # Setup Auth Repository # | ||
| # ======================= # | ||
| - mkdir -p ~/.ssh | ||
| - mkdir -p ~/.kube | ||
| - echo "${STORE_BASE64_PUB_KEY}" | base64 -d > ~/.ssh/id_rsa.pub | ||
| - echo "${STORE_BASE64_PRIV_KEY}" | base64 -d > ~/.ssh/id_rsa | ||
| - echo "${STORE_BASE64_KNOWN_HOSTS}" | base64 -d > ~/.ssh/known_hosts | ||
| - echo "${STORE_BASE64_KUBECONFIG}" | base64 -d > ~/.kube/config | ||
| - chmod 400 ~/.ssh/id_rsa* | ||
| - chmod 400 ~/.kube/config* | ||
| - chmod 644 ~/.ssh/known_hosts | ||
| - eval "$(ssh-agent -s)" | ||
| - ssh-add ~/.ssh/id_rsa | ||
| - echo '- DONE -' | ||
| build: | ||
| commands: | ||
| # ========================= # | ||
| # Refactoring AWS Account # | ||
| # ========================= # | ||
| - cd ${CODEBUILD_SRC_DIR} && find ./ -type f -exec sed -i "s/YOUR_AWS_ACCOUNT/${STORE_AWS_ACCOUNT}/g" {} \; | ||
| # ================== # | ||
| # Helm Repo Update # | ||
| # ================== # | ||
| - AWS_REGION=${AWS_DEFAULT_REGION} helm repo add devopscorner-staging s3://devopscorner-adot-chart/staging | ||
| - AWS_REGION=${AWS_DEFAULT_REGION} helm repo add devopscorner-prod s3://devopscorner-adot-chart/prod | ||
| - helm repo update | ||
| # ============ # | ||
| # Deploy K8S # | ||
| # ============ # | ||
| - cd _infra/${ENV_CICD} | ||
| - aws eks update-kubeconfig --region ${AWS_DEFAULT_REGION} --name ${STORE_EKS_CLUSTER} | ||
| - kubectl version | ||
| - kubectl config use-context arn:aws:eks:${AWS_DEFAULT_REGION}:${STORE_AWS_ACCOUNT}:cluster/${STORE_EKS_CLUSTER} | ||
| - kubectl get ns -A | ||
| - helmfile --version | ||
| - helmfile -f helm-template.yml apply | ||
| - echo '-- ALL DONE --' | ||
|
|
||
| artifacts: | ||
| files: | ||
| - _infra/* | ||
| - .aws/* | ||
| - docs/* | ||
| - src/* | ||
| - dockerhub-build.sh | ||
| - dockerhub-push.sh | ||
| - dockerhub-tag.sh | ||
| - ecr-build.sh | ||
| - ecr-push.sh | ||
| - ecr-tag.sh | ||
| - Makefile | ||
| name: "artifact-$(date '+%Y%m%d-%H%M%S')" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,84 @@ | ||
| version: 0.2 | ||
|
|
||
| env: | ||
| # ==================== # | ||
| # Ref: SECRET CONFIG # | ||
| # ==================== # | ||
| parameter-store: | ||
| BUILDNUMBER: /devopscorner/cicd/staging/repo/bookstore-adot/buildnumber | ||
| STORE_AWS_ACCOUNT: /devopscorner/cicd/staging/credentials/aws_account | ||
| STORE_AWS_ACCESS_KEY: /devopscorner/cicd/staging/credentials/aws_access_key | ||
| STORE_AWS_SECRET_KEY: /devopscorner/cicd/staging/credentials/aws_secret_key | ||
| STORE_REPO_URL: /devopscorner/cicd/staging/repo/bookstore-adot/url | ||
| STORE_REPO_BRANCH: /devopscorner/cicd/staging/repo/bookstore-adot/branch | ||
| STORE_REPO_FOLDER: /devopscorner/cicd/staging/repo/bookstore-adot/folder | ||
| STORE_EKS_CLUSTER: /devopscorner/cicd/staging/eks_cluster | ||
| STORE_BASE64_PUB_KEY: /devopscorner/cicd/staging/credentials/base64_pub_key | ||
| STORE_BASE64_PRIV_KEY: /devopscorner/cicd/staging/credentials/base64_priv_key | ||
| STORE_BASE64_PEM_KEY: /devopscorner/cicd/staging/credentials/base64_pem_key | ||
| STORE_BASE64_SSH_CONFIG: /devopscorner/cicd/staging/credentials/base64_ssh_config | ||
| STORE_BASE64_KNOWN_HOSTS: /devopscorner/cicd/staging/credentials/known_hosts | ||
| STORE_BASE64_KUBECONFIG: /devopscorner/cicd/staging/credentials/base64_kube_config | ||
|
|
||
| # ===================================== # | ||
| # Ref: Pipeline Environment Variables # | ||
| # ===================================== # | ||
| variables: | ||
| ENV_CICD: "dev" | ||
| AWS_DEFAULT_REGION: "us-west-2" | ||
| INFRA_CICD: "terraform/environment/providers/aws/infra/resources" | ||
| INFRA_RESOURCES_TERRAFORM: "amg" | ||
| INFRA_CICD_PATH: "bookstore-adot" | ||
| INFRA_ECR_PATH: "devopscorner/bookstore-adot" | ||
|
|
||
| phases: | ||
| build: | ||
| commands: | ||
| # ========================= # | ||
| # Refactoring AWS Account # | ||
| # ========================= # | ||
| - cd ${CODEBUILD_SRC_DIR} && find ./ -type f -exec sed -i "s/YOUR_AWS_ACCOUNT/${STORE_AWS_ACCOUNT}/g" {} \; | ||
| # =========================== # | ||
| # Install Terraform Modules # | ||
| # =========================== # | ||
| - make codebuild-modules | ||
| - cd ${CODEBUILD_SRC_DIR}/${INFRA_RESOURCES}/${INFRA_RESOURCES_TERRAFORM} | ||
| # ========================= # | ||
| # Terraform Plan (Review) # | ||
| # ========================= # | ||
| - terraform init | ||
| - terraform workspace select ${WORKSPACE_ENV} || terraform workspace new ${WORKSPACE_ENV} | ||
| - terraform plan --out tfplan.binary | ||
| - terraform show -json tfplan.binary > tfplan.json | ||
| # ================== # | ||
| # Terraform Addons # | ||
| # ================== # | ||
| # ~ Terrascan ~ | ||
| - terrascan init | ||
| - terrascan scan -o human | ||
| # ~ Tfsec ~ | ||
| - tfsec . | ||
| # ~ Checkov | ||
| - checkov -f tfplan.json | ||
| # ~ Infracost | ||
| - infracost breakdown --path tfplan.json | ||
| # ======================== # | ||
| # Terraform Provisioning # | ||
| # ======================== # | ||
| - terraform apply -auto-approve | ||
| artifacts: | ||
| files: | ||
| - _infra/* | ||
| - .aws/* | ||
| - docs/* | ||
| - src/* | ||
| - dockerhub-build.sh | ||
| - dockerhub-push.sh | ||
| - dockerhub-tag.sh | ||
| - ecr-build.sh | ||
| - ecr-push.sh | ||
| - ecr-tag.sh | ||
| - Makefile | ||
| - tfplan.binary | ||
| - tfplan.json | ||
| name: "artifact-$(date '+%Y%m%d-%H%M%S')" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,84 @@ | ||
| version: 0.2 | ||
|
|
||
| env: | ||
| # ==================== # | ||
| # Ref: SECRET CONFIG # | ||
| # ==================== # | ||
| parameter-store: | ||
| BUILDNUMBER: /devopscorner/cicd/staging/repo/bookstore-adot/buildnumber | ||
| STORE_AWS_ACCOUNT: /devopscorner/cicd/staging/credentials/aws_account | ||
| STORE_AWS_ACCESS_KEY: /devopscorner/cicd/staging/credentials/aws_access_key | ||
| STORE_AWS_SECRET_KEY: /devopscorner/cicd/staging/credentials/aws_secret_key | ||
| STORE_REPO_URL: /devopscorner/cicd/staging/repo/bookstore-adot/url | ||
| STORE_REPO_BRANCH: /devopscorner/cicd/staging/repo/bookstore-adot/branch | ||
| STORE_REPO_FOLDER: /devopscorner/cicd/staging/repo/bookstore-adot/folder | ||
| STORE_EKS_CLUSTER: /devopscorner/cicd/staging/eks_cluster | ||
| STORE_BASE64_PUB_KEY: /devopscorner/cicd/staging/credentials/base64_pub_key | ||
| STORE_BASE64_PRIV_KEY: /devopscorner/cicd/staging/credentials/base64_priv_key | ||
| STORE_BASE64_PEM_KEY: /devopscorner/cicd/staging/credentials/base64_pem_key | ||
| STORE_BASE64_SSH_CONFIG: /devopscorner/cicd/staging/credentials/base64_ssh_config | ||
| STORE_BASE64_KNOWN_HOSTS: /devopscorner/cicd/staging/credentials/known_hosts | ||
| STORE_BASE64_KUBECONFIG: /devopscorner/cicd/staging/credentials/base64_kube_config | ||
|
|
||
| # ===================================== # | ||
| # Ref: Pipeline Environment Variables # | ||
| # ===================================== # | ||
| variables: | ||
| ENV_CICD: "dev" | ||
| AWS_DEFAULT_REGION: "us-west-2" | ||
| INFRA_CICD: "terraform/environment/providers/aws/infra/resources" | ||
| INFRA_RESOURCES_TERRAFORM: "amp" | ||
| INFRA_CICD_PATH: "bookstore-adot" | ||
| INFRA_ECR_PATH: "devopscorner/bookstore-adot" | ||
|
|
||
| phases: | ||
| build: | ||
| commands: | ||
| # ========================= # | ||
| # Refactoring AWS Account # | ||
| # ========================= # | ||
| - cd ${CODEBUILD_SRC_DIR} && find ./ -type f -exec sed -i "s/YOUR_AWS_ACCOUNT/${STORE_AWS_ACCOUNT}/g" {} \; | ||
| # =========================== # | ||
| # Install Terraform Modules # | ||
| # =========================== # | ||
| - make codebuild-modules | ||
| - cd ${CODEBUILD_SRC_DIR}/${INFRA_RESOURCES}/${INFRA_RESOURCES_TERRAFORM} | ||
| # ========================= # | ||
| # Terraform Plan (Review) # | ||
| # ========================= # | ||
| - terraform init | ||
| - terraform workspace select ${WORKSPACE_ENV} || terraform workspace new ${WORKSPACE_ENV} | ||
| - terraform plan --out tfplan.binary | ||
| - terraform show -json tfplan.binary > tfplan.json | ||
| # ================== # | ||
| # Terraform Addons # | ||
| # ================== # | ||
| # ~ Terrascan ~ | ||
| - terrascan init | ||
| - terrascan scan -o human | ||
| # ~ Tfsec ~ | ||
| - tfsec . | ||
| # ~ Checkov | ||
| - checkov -f tfplan.json | ||
| # ~ Infracost | ||
| - infracost breakdown --path tfplan.json | ||
| # ======================== # | ||
| # Terraform Provisioning # | ||
| # ======================== # | ||
| - terraform apply -auto-approve | ||
| artifacts: | ||
| files: | ||
| - _infra/* | ||
| - .aws/* | ||
| - docs/* | ||
| - src/* | ||
| - dockerhub-build.sh | ||
| - dockerhub-push.sh | ||
| - dockerhub-tag.sh | ||
| - ecr-build.sh | ||
| - ecr-push.sh | ||
| - ecr-tag.sh | ||
| - Makefile | ||
| - tfplan.binary | ||
| - tfplan.json | ||
| name: "artifact-$(date '+%Y%m%d-%H%M%S')" |
Oops, something went wrong.