Merge branch 'fix/remove-parallel-matrix' into 'master' (dc737c41) · Commits · to be continuous... / Helm

templates/gitlab-ci-helm.yml

+133 −49

Original line number	Diff line number	Diff line
		@@ -1080,23 +1080,46 @@ stages:
		- .cache
		- .config

		helm-values-lint:
		# Value Lint job prototype
		# Can be extended for each concrete environment
		#
		# @arg ENV_TYPE : environment type
		# @arg ENV_VALUES : env-specific Helm values
		.helm-values-lint:
		extends: .helm-base
		image:
		name: $HELM_YAMLLINT_IMAGE
		entrypoint: [""]
		stage: test
		parallel:
		matrix:
		- VAR_PREFIX: COMMON
		- VAR_PREFIX: REVIEW
		- VAR_PREFIX: INTEG
		- VAR_PREFIX: STAGING
		- VAR_PREFIX: PROD
		script:
		- values_file=$(eval echo "\$HELM_${VAR_PREFIX}_VALUES")
		- TBC_ENVSUBST_ENCODING=jsonstr tbc_envsubst "$values_file" > generated-values.yml
		- TBC_ENVSUBST_ENCODING=jsonstr tbc_envsubst "$ENV_VALUES" > generated-values.yml
		- yamllint -d "$HELM_YAMLLINT_CONFIG" $HELM_YAMLLINT_ARGS generated-values.yml

		helm-values-lint-review:
		extends: .helm-values-lint
		variables:
		ENV_TYPE: review
		ENV_VALUES: "$HELM_REVIEW_VALUES"
		rules:
		# exclude tags
		- if: $CI_COMMIT_TAG
		when: never
		# exclude when $HELM_YAMLLINT_DISABLED is set
		- if: '$HELM_YAMLLINT_DISABLED == "true"'
		when: never
		# exclude if $HELM_REVIEW_VALUES unset
		- if: '$HELM_REVIEW_VALUES == null \|\| $HELM_REVIEW_VALUES == ""'
		when: never
		# exclude on integration or prod branch
		- if: '$CI_COMMIT_REF_NAME =~ $INTEG_REF \|\| $CI_COMMIT_REF_NAME =~ $PROD_REF'
		when: never
		- !reference [.test-policy, rules]

		helm-values-lint-integration:
		extends: .helm-values-lint
		variables:
		ENV_TYPE: integration
		ENV_VALUES: "$HELM_INTEG_VALUES"
		rules:
		# exclude tags
		- if: $CI_COMMIT_TAG
		@@ -1104,30 +1127,54 @@ helm-values-lint:
		# exclude when $HELM_YAMLLINT_DISABLED is set
		- if: '$HELM_YAMLLINT_DISABLED == "true"'
		when: never
		# exclude common if $HELM_COMMON_VALUES unset
		- if: '$VAR_PREFIX == "COMMON" && ($HELM_COMMON_VALUES == null \|\| $HELM_COMMON_VALUES == "")'
		# exclude if $HELM_INTEG_VALUES unset
		- if: '$HELM_INTEG_VALUES == null \|\| $HELM_INTEG_VALUES == ""'
		when: never
		# exclude on prod branch
		- if: '$CI_COMMIT_REF_NAME =~ $PROD_REF'
		when: never
		# exclude review if $HELM_REVIEW_VALUES unset
		- if: '$VAR_PREFIX == "REVIEW" && ($HELM_REVIEW_VALUES == null \|\| $HELM_REVIEW_VALUES == "")'
		- !reference [.test-policy, rules]

		helm-values-lint-staging:
		extends: .helm-values-lint
		variables:
		ENV_TYPE: staging
		ENV_VALUES: "$HELM_STAGING_VALUES"
		rules:
		# exclude tags
		- if: $CI_COMMIT_TAG
		when: never
		# exclude review on integration or prod branch
		- if: '$VAR_PREFIX == "REVIEW" && ($CI_COMMIT_REF_NAME =~ $INTEG_REF \|\| $CI_COMMIT_REF_NAME =~ $PROD_REF)'
		# exclude when $HELM_YAMLLINT_DISABLED is set
		- if: '$HELM_YAMLLINT_DISABLED == "true"'
		when: never
		# exclude integration if $HELM_INTEG_VALUES unset
		- if: '$VAR_PREFIX == "INTEG" && ($HELM_INTEG_VALUES == null \|\| $HELM_INTEG_VALUES == "")'
		# exclude if $HELM_STAGING_VALUES unset
		- if: '$HELM_STAGING_VALUES == null \|\| $HELM_STAGING_VALUES == ""'
		when: never
		# exclude integration on prod branch
		- if: '$VAR_PREFIX == "INTEG" && $CI_COMMIT_REF_NAME =~ $PROD_REF'
		- !reference [.test-policy, rules]

		helm-values-lint-production:
		extends: .helm-values-lint
		variables:
		ENV_TYPE: production
		ENV_VALUES: "$HELM_PROD_VALUES"
		rules:
		# exclude tags
		- if: $CI_COMMIT_TAG
		when: never
		# exclude staging if $HELM_STAGING_VALUES unset
		- if: '$VAR_PREFIX == "STAGING" && ($HELM_STAGING_VALUES == null \|\| $HELM_STAGING_VALUES == "")'
		# exclude when $HELM_YAMLLINT_DISABLED is set
		- if: '$HELM_YAMLLINT_DISABLED == "true"'
		when: never
		# exclude production if $HELM_PROD_VALUES unset
		- if: '$VAR_PREFIX == "PROD" && ($HELM_PROD_VALUES == null \|\| $HELM_PROD_VALUES == "")'
		# exclude if $HELM_PROD_VALUES unset
		- if: '$HELM_PROD_VALUES == null \|\| $HELM_PROD_VALUES == ""'
		when: never
		- !reference [.test-policy, rules]

		helm-score:
		# Helm Score job prototype
		# Can be extended for each concrete environment
		#
		# @arg ENV_TYPE : environment type
		# @arg ENV_VALUES : env-specific Helm values
		.helm-score:
		extends: .helm-base
		image:
		name: $HELM_KUBE_SCORE_IMAGE
		@@ -1149,21 +1196,16 @@ helm-score:
		log_error "You need at least one Chart.yaml or external deploy chart reference"
		exit 1
		fi
		parallel:
		matrix:
		- ENV_TYPE: review
		VAR_PREFIX: REVIEW
		- ENV_TYPE: integration
		VAR_PREFIX: INTEG
		- ENV_TYPE: staging
		VAR_PREFIX: STAGING
		- ENV_TYPE: production
		VAR_PREFIX: PROD
		script:
		- TBC_ENVSUBST_ENCODING=jsonstr tbc_envsubst "${HELM_COMMON_VALUES:-/dev/null}" > generated-values-common.yml
		- env_values=$(eval echo "\$HELM_${VAR_PREFIX}_VALUES")
		- TBC_ENVSUBST_ENCODING=jsonstr tbc_envsubst "$env_values" > generated-values-env.yml
		- TBC_ENVSUBST_ENCODING=jsonstr tbc_envsubst "$ENV_VALUES" > generated-values-env.yml
		- helm template $helm_package ${HELM_K8S_VERSION:+--kube-version "$HELM_K8S_VERSION"} --values generated-values-common.yml --values generated-values-env.yml \| kube-score score ${HELM_K8S_VERSION:+--kubernetes-version "$HELM_K8S_VERSION"} ${HELM_KUBE_SCORE_ARGS} -

		helm-score-review:
		extends: .helm-score
		variables:
		ENV_TYPE: review
		ENV_VALUES: "$HELM_REVIEW_VALUES"
		rules:
		# exclude tags
		- if: $CI_COMMIT_TAG
		@@ -1171,23 +1213,65 @@ helm-score:
		# exclude when $HELM_SCORE_DISABLED is set
		- if: '$HELM_KUBE_SCORE_DISABLED == "true"'
		when: never
		# exclude review if $HELM_REVIEW_VALUES unset
		- if: '$ENV_TYPE == "review" && ($HELM_REVIEW_VALUES == null \|\| $HELM_REVIEW_VALUES == "")'
		# exclude if $HELM_REVIEW_VALUES unset
		- if: '$HELM_REVIEW_VALUES == null \|\| $HELM_REVIEW_VALUES == ""'
		when: never
		# exclude on integration or prod branch
		- if: '$CI_COMMIT_REF_NAME =~ $INTEG_REF \|\| $CI_COMMIT_REF_NAME =~ $PROD_REF'
		when: never
		- !reference [.test-policy, rules]

		helm-score-integration:
		extends: .helm-score
		variables:
		ENV_TYPE: integration
		ENV_VALUES: "$HELM_INTEG_VALUES"
		rules:
		# exclude tags
		- if: $CI_COMMIT_TAG
		when: never
		# exclude review on integration or prod branch
		- if: '$ENV_TYPE == "review" && ($CI_COMMIT_REF_NAME =~ $INTEG_REF \|\| $CI_COMMIT_REF_NAME =~ $PROD_REF)'
		# exclude when $HELM_SCORE_DISABLED is set
		- if: '$HELM_KUBE_SCORE_DISABLED == "true"'
		when: never
		# exclude integration if $HELM_INTEG_VALUES unset
		- if: '$ENV_TYPE == "integration" && ($HELM_INTEG_VALUES == null \|\| $HELM_INTEG_VALUES == "")'
		# exclude if $HELM_INTEG_VALUES unset
		- if: '$HELM_INTEG_VALUES == null \|\| $HELM_INTEG_VALUES == ""'
		when: never
		# exclude integration on prod branch
		- if: '$ENV_TYPE == "integration" && $CI_COMMIT_REF_NAME =~ $PROD_REF'
		# exclude on prod branch
		- if: '$CI_COMMIT_REF_NAME =~ $PROD_REF'
		when: never
		# exclude staging if $HELM_STAGING_VALUES unset
		- if: '$ENV_TYPE == "staging" && ($HELM_STAGING_VALUES == null \|\| $HELM_STAGING_VALUES == "")'
		- !reference [.test-policy, rules]

		helm-score-staging:
		extends: .helm-score
		variables:
		ENV_TYPE: staging
		ENV_VALUES: "$HELM_STAGING_VALUES"
		rules:
		# exclude tags
		- if: $CI_COMMIT_TAG
		when: never
		# exclude when $HELM_SCORE_DISABLED is set
		- if: '$HELM_KUBE_SCORE_DISABLED == "true"'
		when: never
		# exclude if $HELM_STAGING_VALUES unset
		- if: '$HELM_STAGING_VALUES == null \|\| $HELM_STAGING_VALUES == ""'
		when: never
		- !reference [.test-policy, rules]

		helm-score-production:
		extends: .helm-score
		variables:
		ENV_TYPE: production
		ENV_VALUES: "$HELM_PROD_VALUES"
		rules:
		# exclude tags
		- if: $CI_COMMIT_TAG
		when: never
		# exclude when $HELM_SCORE_DISABLED is set
		- if: '$HELM_KUBE_SCORE_DISABLED == "true"'
		when: never
		# exclude production if $HELM_PROD_VALUES unset
		- if: '$ENV_TYPE == "production" && ($HELM_PROD_VALUES == null \|\| $HELM_PROD_VALUES == "")'
		# exclude if $HELM_PROD_VALUES unset
		- if: '$HELM_PROD_VALUES == null \|\| $HELM_PROD_VALUES == ""'
		when: never
		- !reference [.test-policy, rules]