From ba802dec4018ef3ddebf947c2c3b3423695a9221 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=B9=AF=E6=9C=AC=20=E9=96=8B?= Date: Thu, 12 Oct 2023 08:23:13 +0000 Subject: [PATCH] =?UTF-8?q?Merged=20PR=20491:=20Staging=E3=83=91=E3=82=A4?= =?UTF-8?q?=E3=83=97=E3=83=A9=E3=82=A4=E3=83=B3=E3=82=92=E4=BD=9C=E6=88=90?= =?UTF-8?q?=E3=81=99=E3=82=8B=EF=BC=88=E3=83=93=E3=83=AB=E3=83=89=E3=81=AE?= =?UTF-8?q?=E3=81=BF=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## 概要 [Task2842: Stagingパイプラインを作成する(ビルドのみ)](https://paruru.nds-tyo.co.jp:8443/tfs/ReciproCollection/fa4924a4-d079-4fab-9fb5-a9a11eb205f0/_workitems/edit/2842) - Stagingパイプラインで稼働させる用のpipeline.ymlを実装 - STGビルドのみを行い、ビルド結果を前提とする本番環境デプロイが通常ルートで出来るようにすることが目的 - 現在のSTG環境には一切触らない想定 ## レビューポイント - 今稼働している環境へ影響するような処理がコメントアウトされて動かないようになっているか? - STG環境のWebApps/StaticWebApps/DBに影響ある操作をしていなさそうか ## 動作確認状況 - 未確認 --- azure-pipelines-production.yml | 2 +- azure-pipelines-staging-test.yml | 235 ------------------------------- azure-pipelines-staging.yml | 117 ++++----------- 3 files changed, 29 insertions(+), 325 deletions(-) delete mode 100644 azure-pipelines-staging-test.yml diff --git a/azure-pipelines-production.yml b/azure-pipelines-production.yml index e3a4ada..1359ec5 100644 --- a/azure-pipelines-production.yml +++ b/azure-pipelines-production.yml @@ -41,7 +41,7 @@ jobs: deployToSlotOrASE: true resourceGroupName: 'odms-prod-rg' slotName: 'staging' - containers: 'crodmsregistrymaintenance.azurecr.io/odmscloud/test/dictation:$(Build.SourceVersion)' + containers: 'crodmsregistrymaintenance.azurecr.io/odmscloud/staging/dictation:$(Build.SourceVersion)' # TODO: stagingパイプライン実装時、staging用のイメージに変更する - job: frontend_deploy dependsOn: backend_deploy diff --git a/azure-pipelines-staging-test.yml b/azure-pipelines-staging-test.yml deleted file mode 100644 index 87ca222..0000000 --- a/azure-pipelines-staging-test.yml +++ /dev/null @@ -1,235 +0,0 @@ -# Pipeline側でKeyVaultやDocker、AppService等に対する操作権限を持ったServiceConenctionを作成しておくこと -# また、環境変数 STATIC_DICTATION_DEPLOYMENT_TOKEN の値として静的WebAppsのデプロイトークンを設定しておくこと -trigger: - # branches: - # include: - # - main - tags: - include: - - stage-* - -jobs: -- job: initialize - displayName: Initialize - pool: - vmImage: ubuntu-latest - steps: - - checkout: self - clean: true - fetchDepth: 1 - persistCredentials: true - # - script: | - # git fetch origin main:main - # if git merge-base --is-ancestor $(Build.SourceVersion) main; then - # echo "This commit is in the main branch." - # else - # echo "This commit is not in the main branch." - # exit 1 - # fi - # displayName: 'タグが付けられたCommitがmainブランチに存在するか確認' -- job: backend_build - dependsOn: initialize - condition: succeeded('initialize') - displayName: Build And Push Backend Image - pool: - name: odms-deploy-pipeline - steps: - - checkout: self - clean: true - fetchDepth: 1 - - task: Npm@1 - displayName: npm ci - inputs: - command: ci - workingDir: dictation_server - verbose: false - - task: AzureKeyVault@2 - displayName: 'Azure Key Vault: kv-odms-secret-stg' - inputs: - ConnectedServiceName: 'omds-service-connection-stg' - KeyVaultName: kv-odms-secret-stg - SecretsFilter: '*' - - task: Bash@3 - displayName: Bash Script (Test) - inputs: - targetType: inline - script: | - cd dictation_server - npm run test - env: - JWT_PUBLIC_KEY: $(token-public-key) - SENDGRID_API_KEY: $(sendgrid-api-key) - NOTIFICATION_HUB_NAME: $(notification-hub-name) - NOTIFICATION_HUB_CONNECT_STRING: $(notification-hub-connect-string) - STORAGE_ACCOUNT_NAME_US: $(storage-account-name-us) - STORAGE_ACCOUNT_NAME_AU: $(storage-account-name-au) - STORAGE_ACCOUNT_NAME_EU: $(storage-account-name-eu) - STORAGE_ACCOUNT_KEY_US: $(storage-account-key-us) - STORAGE_ACCOUNT_KEY_AU: $(storage-account-key-au) - STORAGE_ACCOUNT_KEY_EU: $(storage-account-key-eu) - STORAGE_ACCOUNT_ENDPOINT_US: $(storage-account-endpoint-us) - STORAGE_ACCOUNT_ENDPOINT_AU: $(storage-account-endpoint-au) - STORAGE_ACCOUNT_ENDPOINT_EU: $(storage-account-endpoint-eu) - ADB2C_TENANT_ID: $(adb2c-tenant-id) - ADB2C_CLIENT_ID: $(adb2c-client-id) - ADB2C_CLIENT_SECRET: $(adb2c-client-secret) - - task: Docker@0 - displayName: build - inputs: - azureSubscriptionEndpoint: 'omds-service-connection-stg' - azureContainerRegistry: '{"loginServer":"crodmsregistrymaintenance.azurecr.io", "id" : "/subscriptions/108fb131-cdca-4729-a2be-e5bd8c0b3ba7/resourceGroups/maintenance-rg/providers/Microsoft.ContainerRegistry/registries/crOdmsRegistryMaintenance"}' - dockerFile: DockerfileServerDictation.dockerfile - imageName: odmscloud/test/dictation:$(Build.SourceVersion) - buildArguments: | - BUILD_VERSION=$(Build.SourceVersion) - - task: Docker@0 - displayName: push - inputs: - azureSubscriptionEndpoint: 'omds-service-connection-stg' - azureContainerRegistry: '{"loginServer":"crodmsregistrymaintenance.azurecr.io", "id" : "/subscriptions/108fb131-cdca-4729-a2be-e5bd8c0b3ba7/resourceGroups/maintenance-rg/providers/Microsoft.ContainerRegistry/registries/crOdmsRegistryMaintenance"}' - action: Push an image - imageName: odmscloud/test/dictation:$(Build.SourceVersion) -- job: backend_deploy - dependsOn: backend_build - condition: succeeded('backend_build') - displayName: Backend Deploy - pool: - name: odms-deploy-pipeline - steps: - - checkout: self - clean: true - fetchDepth: 1 - # - task: AzureRmWebAppDeployment@4 - # inputs: - # ConnectionType: 'AzureRM' - # azureSubscription: 'omds-service-connection-stg' - # appType: 'webAppContainer' - # WebAppName: 'app-odms-dictation-stg' - # ResourceGroupName: 'stg-application-rg' - # DockerNamespace: 'crodmsregistrymaintenance.azurecr.io' - # DockerRepository: 'odmscloud/test/dictation' - # DockerImageTag: '$(Build.SourceVersion)' -- job: frontend_build - dependsOn: initialize - condition: succeeded('initialize') - displayName: Build Frontend Files - variables: - storageAccountName: saomdspipeline - containerName: staging - pool: - name: odms-deploy-pipeline - steps: - - checkout: self - clean: true - fetchDepth: 1 - - task: Npm@1 - displayName: npm ci - inputs: - command: ci - workingDir: dictation_client - verbose: false - - task: Bash@3 - displayName: Bash Script - inputs: - targetType: inline - script: cd dictation_client && npm run build - - task: ArchiveFiles@2 - inputs: - rootFolderOrFile: dictation_client/build - includeRootFolder: false - archiveType: 'zip' - archiveFile: '$(Build.ArtifactStagingDirectory)/$(Build.SourceVersion).zip' - replaceExistingArchive: true - - task: AzureCLI@2 - inputs: - azureSubscription: 'omds-service-connection-stg' - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - az storage blob upload \ - --auth-mode login \ - --account-name $(storageAccountName) \ - --container-name $(containerName) \ - --name $(Build.SourceVersion).zip \ - --type block \ - --overwrite \ - --file $(Build.ArtifactStagingDirectory)/$(Build.SourceVersion).zip -- job: frontend_deploy - dependsOn: frontend_build - condition: succeeded('frontend_build') - displayName: Deploy Frontend Files - variables: - storageAccountName: saomdspipeline - containerName: staging - pool: - name: odms-deploy-pipeline - steps: - - checkout: self - clean: true - fetchDepth: 1 - # - task: AzureKeyVault@2 - # displayName: 'Azure Key Vault: kv-odms-secret-stg' - # inputs: - # ConnectedServiceName: 'omds-service-connection-stg' - # KeyVaultName: kv-odms-secret-stg - # SecretsFilter: '*' - # - task: AzureCLI@2 - # inputs: - # azureSubscription: 'omds-service-connection-stg' - # scriptType: 'bash' - # scriptLocation: 'inlineScript' - # inlineScript: | - # az storage blob download \ - # --auth-mode login \ - # --account-name $(storageAccountName) \ - # --container-name $(containerName) \ - # --name $(Build.SourceVersion).zip \ - # --file $(Build.SourcesDirectory)/$(Build.SourceVersion).zip - # - task: Bash@3 - # displayName: Bash Script - # inputs: - # targetType: inline - # script: unzip $(Build.SourcesDirectory)/$(Build.SourceVersion).zip -d $(Build.SourcesDirectory)/$(Build.SourceVersion) - # - task: AzureStaticWebApp@0 - # displayName: 'Static Web App: ' - # inputs: - # workingDirectory: '$(Build.SourcesDirectory)' - # app_location: '/$(Build.SourceVersion)' - # config_file_location: /dictation_client - # skip_app_build: true - # skip_api_build: true - # is_static_export: false - # verbose: false - # azure_static_web_apps_api_token: $(STATIC_DICTATION_DEPLOYMENT_TOKEN) -- job: migration - condition: succeeded('initialize') - displayName: DB migration - dependsOn: - - initialize - - backend_deploy - - frontend_deploy - pool: - name: odms-deploy-pipeline - steps: - - checkout: self - clean: true - fetchDepth: 1 - # - task: AzureKeyVault@2 - # displayName: 'Azure Key Vault: kv-odms-secret-stg' - # inputs: - # ConnectedServiceName: 'omds-service-connection-stg' - # KeyVaultName: kv-odms-secret-stg - # - task: CmdLine@2 - # displayName: migration - # inputs: - # script: >2 - # # DB接続情報書き換え - # sed -i -e "s/DB_NAME/$(db-name)/g" ./dictation_server/db/dbconfig.yml - # sed -i -e "s/DB_PASS/$(db-pass)/g" ./dictation_server/db/dbconfig.yml - # sed -i -e "s/DB_USERNAME/$(db-user)/g" ./dictation_server/db/dbconfig.yml - # sed -i -e "s/DB_PORT/$(db-port)/g" ./dictation_server/db/dbconfig.yml - # sed -i -e "s/DB_HOST/$(db-host)/g" ./dictation_server/db/dbconfig.yml - # sql-migrate --version - # cat ./dictation_server/db/dbconfig.yml - # # migration実行 - # sql-migrate up -config=./dictation_server/db/dbconfig.yml -env=ci \ No newline at end of file diff --git a/azure-pipelines-staging.yml b/azure-pipelines-staging.yml index 78965ab..4ecbc47 100644 --- a/azure-pipelines-staging.yml +++ b/azure-pipelines-staging.yml @@ -1,5 +1,4 @@ -# Pipeline側でKeyVaultやDocker、AppService等に対する操作権限を持ったServiceConenctionを作成し、 -# 環境変数 AZURE_SERVICE_CONNECTION の値としてServiceConenction名を設定しておくこと +# Pipeline側でKeyVaultやDocker、AppService等に対する操作権限を持ったServiceConenctionを作成しておくこと # また、環境変数 STATIC_DICTATION_DEPLOYMENT_TOKEN の値として静的WebAppsのデプロイトークンを設定しておくこと trigger: branches: @@ -47,7 +46,7 @@ jobs: - task: AzureKeyVault@2 displayName: 'Azure Key Vault: kv-odms-secret-stg' inputs: - ConnectedServiceName: $(AZURE_SERVICE_CONNECTION) + ConnectedServiceName: 'omds-service-connection-stg' KeyVaultName: kv-odms-secret-stg SecretsFilter: '*' - task: Bash@3 @@ -77,40 +76,22 @@ jobs: - task: Docker@0 displayName: build inputs: - azureSubscriptionEndpoint: $(AZURE_SERVICE_CONNECTION) + azureSubscriptionEndpoint: 'omds-service-connection-stg' azureContainerRegistry: '{"loginServer":"crodmsregistrymaintenance.azurecr.io", "id" : "/subscriptions/108fb131-cdca-4729-a2be-e5bd8c0b3ba7/resourceGroups/maintenance-rg/providers/Microsoft.ContainerRegistry/registries/crOdmsRegistryMaintenance"}' dockerFile: DockerfileServerDictation.dockerfile - imageName: $(Build.Repository.Name)/staging/dictation:$(Build.SourceVersion) + imageName: odmscloud/staging/dictation:$(Build.SourceVersion) + buildArguments: | + BUILD_VERSION=$(Build.SourceVersion) - task: Docker@0 displayName: push inputs: - azureSubscriptionEndpoint: $(AZURE_SERVICE_CONNECTION) + azureSubscriptionEndpoint: 'omds-service-connection-stg' azureContainerRegistry: '{"loginServer":"crodmsregistrymaintenance.azurecr.io", "id" : "/subscriptions/108fb131-cdca-4729-a2be-e5bd8c0b3ba7/resourceGroups/maintenance-rg/providers/Microsoft.ContainerRegistry/registries/crOdmsRegistryMaintenance"}' action: Push an image - imageName: $(Build.Repository.Name)/staging/dictation:$(Build.SourceVersion) -- job: backend_deploy + imageName: odmscloud/staging/dictation:$(Build.SourceVersion) +- job: frontend_build dependsOn: backend_build condition: succeeded('backend_build') - displayName: Backend Deploy - pool: - name: odms-deploy-pipeline - steps: - - checkout: self - clean: true - fetchDepth: 1 - - task: AzureRmWebAppDeployment@4 - inputs: - ConnectionType: 'AzureRM' - azureSubscription: $(AZURE_SERVICE_CONNECTION) - appType: 'webAppContainer' - WebAppName: 'app-odms-dictation-stg' - ResourceGroupName: 'stg-application-rg' - DockerNamespace: 'crodmsregistrymaintenance.azurecr.io' - DockerRepository: '$(Build.Repository.Name)/staging/dictation' - DockerImageTag: '$(Build.SourceVersion)' -- job: frontend_build - dependsOn: initialize - condition: succeeded('initialize') displayName: Build Frontend Files variables: storageAccountName: saomdspipeline @@ -141,7 +122,7 @@ jobs: replaceExistingArchive: true - task: AzureCLI@2 inputs: - azureSubscription: $(AZURE_SERVICE_CONNECTION) + azureSubscription: 'omds-service-connection-stg' scriptType: 'bash' scriptLocation: 'inlineScript' inlineScript: | @@ -151,10 +132,22 @@ jobs: --container-name $(containerName) \ --name $(Build.SourceVersion).zip \ --type block \ + --overwrite \ --file $(Build.ArtifactStagingDirectory)/$(Build.SourceVersion).zip -- job: frontend_deploy +- job: backend_deploy dependsOn: frontend_build condition: succeeded('frontend_build') + displayName: Backend Deploy + pool: + name: odms-deploy-pipeline + steps: + - checkout: self + clean: true + fetchDepth: 1 + # TODO: Productionと同様にデプロイを行う +- job: frontend_deploy + dependsOn: backend_deploy + condition: succeeded('backend_deploy') displayName: Deploy Frontend Files variables: storageAccountName: saomdspipeline @@ -165,69 +158,15 @@ jobs: - checkout: self clean: true fetchDepth: 1 - - task: AzureKeyVault@2 - displayName: 'Azure Key Vault: kv-odms-secret-stg' - inputs: - ConnectedServiceName: $(AZURE_SERVICE_CONNECTION) - KeyVaultName: kv-odms-secret-stg - SecretsFilter: '*' - - task: AzureCLI@2 - inputs: - azureSubscription: $(AZURE_SERVICE_CONNECTION) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - az storage blob download \ - --auth-mode login \ - --account-name $(storageAccountName) \ - --container-name $(containerName) \ - --name $(Build.SourceVersion).zip \ - --file $(Build.SourcesDirectory)/$(Build.SourceVersion).zip - - task: Bash@3 - displayName: Bash Script - inputs: - targetType: inline - script: unzip $(Build.SourcesDirectory)/$(Build.SourceVersion).zip -d $(Build.SourcesDirectory)/$(Build.SourceVersion) - - task: AzureStaticWebApp@0 - displayName: 'Static Web App: ' - inputs: - workingDirectory: '$(Build.SourcesDirectory)' - app_location: '/$(Build.SourceVersion)' - config_file_location: /dictation_client - skip_app_build: true - skip_api_build: true - is_static_export: false - verbose: false - azure_static_web_apps_api_token: $(STATIC_DICTATION_DEPLOYMENT_TOKEN) + # TODO: Productionと同様にデプロイを行う - job: migration - condition: succeeded('initialize') + dependsOn: frontend_deploy + condition: succeeded('frontend_deploy') displayName: DB migration - dependsOn: - - initialize - - backend_deploy - - frontend_deploy pool: - name: db-migrate-pipelines + name: odms-deploy-pipeline steps: - checkout: self clean: true fetchDepth: 1 - - task: AzureKeyVault@2 - displayName: 'Azure Key Vault: kv-odms-secret-stg' - inputs: - ConnectedServiceName: $(AZURE_SERVICE_CONNECTION) - KeyVaultName: kv-odms-secret-stg - - task: CmdLine@2 - displayName: migration - inputs: - script: >2 - # DB接続情報書き換え - sed -i -e "s/DB_NAME/$(db-name)/g" ./dictation_server/db/dbconfig.yml - sed -i -e "s/DB_PASS/$(db-pass)/g" ./dictation_server/db/dbconfig.yml - sed -i -e "s/DB_USERNAME/$(db-user)/g" ./dictation_server/db/dbconfig.yml - sed -i -e "s/DB_PORT/$(db-port)/g" ./dictation_server/db/dbconfig.yml - sed -i -e "s/DB_HOST/$(db-host)/g" ./dictation_server/db/dbconfig.yml - sql-migrate --version - cat ./dictation_server/db/dbconfig.yml - # migration実行 - sql-migrate up -config=./dictation_server/db/dbconfig.yml -env=ci \ No newline at end of file + # TODO: Productionと同様にマイグレーションを行う \ No newline at end of file