nik/OMDSCloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged PR 491: Stagingパイプラインを作成する(ビルドのみ)

Browse Source 
## 概要
[Task2842: Stagingパイプラインを作成する(ビルドのみ)](https://paruru.nds-tyo.co.jp:8443/tfs/ReciproCollection/fa4924a4-d079-4fab-9fb5-a9a11eb205f0/_workitems/edit/2842)

- Stagingパイプラインで稼働させる用のpipeline.ymlを実装
- STGビルドのみを行い、ビルド結果を前提とする本番環境デプロイが通常ルートで出来るようにすることが目的
- 現在のSTG環境には一切触らない想定

## レビューポイント
- 今稼働している環境へ影響するような処理がコメントアウトされて動かないようになっているか?
  - STG環境のWebApps/StaticWebApps/DBに影響ある操作をしていなさそうか

## 動作確認状況
- 未確認
This commit is contained in:
湯本 開 2023-10-12 08:23:13 +00:00
parent 2d569aee6d
commit ba802dec40
3 changed files with 29 additions and 325 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
azure-pipelines-production.yml
View File

@ -41,7 +41,7 @@ jobs:
deployToSlotOrASE: true deployToSlotOrASE: true
resourceGroupName: 'odms-prod-rg' resourceGroupName: 'odms-prod-rg'
slotName: 'staging' slotName: 'staging'
containers: 'crodmsregistrymaintenance.azurecr.io/odmscloud/test/dictation:$(Build.SourceVersion)' containers: 'crodmsregistrymaintenance.azurecr.io/odmscloud/staging/dictation:$(Build.SourceVersion)'
# TODO: stagingパイプライン実装時、staging用のイメージに変更する # TODO: stagingパイプライン実装時、staging用のイメージに変更する
- job: frontend_deploy - job: frontend_deploy
dependsOn: backend_deploy dependsOn: backend_deploy

235
azure-pipelines-staging-test.yml
View File

@ -1,235 +0,0 @@
# Pipeline側でKeyVaultやDocker、AppService等に対する操作権限を持ったServiceConenctionを作成しておくこと
# また、環境変数 STATIC_DICTATION_DEPLOYMENT_TOKEN の値として静的WebAppsのデプロイトークンを設定しておくこと
trigger:
# branches:
# include:
# - main
tags:
include:
- stage-*
jobs:
- job: initialize
displayName: Initialize
pool:
vmImage: ubuntu-latest
steps:
- checkout: self
clean: true
fetchDepth: 1
persistCredentials: true
# - script: |
# git fetch origin main:main
# if git merge-base --is-ancestor $(Build.SourceVersion) main; then
# echo "This commit is in the main branch."
# else
# echo "This commit is not in the main branch."
# exit 1
# fi
# displayName: 'タグが付けられたCommitがmainブランチに存在するか確認'
- job: backend_build
dependsOn: initialize
condition: succeeded('initialize')
displayName: Build And Push Backend Image
pool:
name: odms-deploy-pipeline
steps:
- checkout: self
clean: true
fetchDepth: 1
- task: Npm@1
displayName: npm ci
inputs:
command: ci
workingDir: dictation_server
verbose: false
- task: AzureKeyVault@2
displayName: 'Azure Key Vault: kv-odms-secret-stg'
inputs:
ConnectedServiceName: 'omds-service-connection-stg'
KeyVaultName: kv-odms-secret-stg
SecretsFilter: '*'
- task: Bash@3
displayName: Bash Script (Test)
inputs:
targetType: inline
script: |
cd dictation_server
npm run test
env:
JWT_PUBLIC_KEY: $(token-public-key)
SENDGRID_API_KEY: $(sendgrid-api-key)
NOTIFICATION_HUB_NAME: $(notification-hub-name)
NOTIFICATION_HUB_CONNECT_STRING: $(notification-hub-connect-string)
STORAGE_ACCOUNT_NAME_US: $(storage-account-name-us)
STORAGE_ACCOUNT_NAME_AU: $(storage-account-name-au)
STORAGE_ACCOUNT_NAME_EU: $(storage-account-name-eu)
STORAGE_ACCOUNT_KEY_US: $(storage-account-key-us)
STORAGE_ACCOUNT_KEY_AU: $(storage-account-key-au)
STORAGE_ACCOUNT_KEY_EU: $(storage-account-key-eu)
STORAGE_ACCOUNT_ENDPOINT_US: $(storage-account-endpoint-us)
STORAGE_ACCOUNT_ENDPOINT_AU: $(storage-account-endpoint-au)
STORAGE_ACCOUNT_ENDPOINT_EU: $(storage-account-endpoint-eu)
ADB2C_TENANT_ID: $(adb2c-tenant-id)
ADB2C_CLIENT_ID: $(adb2c-client-id)
ADB2C_CLIENT_SECRET: $(adb2c-client-secret)
- task: Docker@0
displayName: build
inputs:
azureSubscriptionEndpoint: 'omds-service-connection-stg'
azureContainerRegistry: '{"loginServer":"crodmsregistrymaintenance.azurecr.io", "id" : "/subscriptions/108fb131-cdca-4729-a2be-e5bd8c0b3ba7/resourceGroups/maintenance-rg/providers/Microsoft.ContainerRegistry/registries/crOdmsRegistryMaintenance"}'
dockerFile: DockerfileServerDictation.dockerfile
imageName: odmscloud/test/dictation:$(Build.SourceVersion)
buildArguments: |
BUILD_VERSION=$(Build.SourceVersion)
- task: Docker@0
displayName: push
inputs:
azureSubscriptionEndpoint: 'omds-service-connection-stg'
azureContainerRegistry: '{"loginServer":"crodmsregistrymaintenance.azurecr.io", "id" : "/subscriptions/108fb131-cdca-4729-a2be-e5bd8c0b3ba7/resourceGroups/maintenance-rg/providers/Microsoft.ContainerRegistry/registries/crOdmsRegistryMaintenance"}'
action: Push an image
imageName: odmscloud/test/dictation:$(Build.SourceVersion)
- job: backend_deploy
dependsOn: backend_build
condition: succeeded('backend_build')
displayName: Backend Deploy
pool:
name: odms-deploy-pipeline
steps:
- checkout: self
clean: true
fetchDepth: 1
# - task: AzureRmWebAppDeployment@4
# inputs:
# ConnectionType: 'AzureRM'
# azureSubscription: 'omds-service-connection-stg'
# appType: 'webAppContainer'
# WebAppName: 'app-odms-dictation-stg'
# ResourceGroupName: 'stg-application-rg'
# DockerNamespace: 'crodmsregistrymaintenance.azurecr.io'
# DockerRepository: 'odmscloud/test/dictation'
# DockerImageTag: '$(Build.SourceVersion)'
- job: frontend_build
dependsOn: initialize
condition: succeeded('initialize')
displayName: Build Frontend Files
variables:
storageAccountName: saomdspipeline
containerName: staging
pool:
name: odms-deploy-pipeline
steps:
- checkout: self
clean: true
fetchDepth: 1
- task: Npm@1
displayName: npm ci
inputs:
command: ci
workingDir: dictation_client
verbose: false
- task: Bash@3
displayName: Bash Script
inputs:
targetType: inline
script: cd dictation_client && npm run build
- task: ArchiveFiles@2
inputs:
rootFolderOrFile: dictation_client/build
includeRootFolder: false
archiveType: 'zip'
archiveFile: '$(Build.ArtifactStagingDirectory)/$(Build.SourceVersion).zip'
replaceExistingArchive: true
- task: AzureCLI@2
inputs:
azureSubscription: 'omds-service-connection-stg'
scriptType: 'bash'
scriptLocation: 'inlineScript'
inlineScript: |
az storage blob upload \
--auth-mode login \
--account-name $(storageAccountName) \
--container-name $(containerName) \
--name $(Build.SourceVersion).zip \
--type block \
--overwrite \
--file $(Build.ArtifactStagingDirectory)/$(Build.SourceVersion).zip
- job: frontend_deploy
dependsOn: frontend_build
condition: succeeded('frontend_build')
displayName: Deploy Frontend Files
variables:
storageAccountName: saomdspipeline
containerName: staging
pool:
name: odms-deploy-pipeline
steps:
- checkout: self
clean: true
fetchDepth: 1
# - task: AzureKeyVault@2
# displayName: 'Azure Key Vault: kv-odms-secret-stg'
# inputs:
# ConnectedServiceName: 'omds-service-connection-stg'
# KeyVaultName: kv-odms-secret-stg
# SecretsFilter: '*'
# - task: AzureCLI@2
# inputs:
# azureSubscription: 'omds-service-connection-stg'
# scriptType: 'bash'
# scriptLocation: 'inlineScript'
# inlineScript: |
# az storage blob download \
# --auth-mode login \
# --account-name $(storageAccountName) \
# --container-name $(containerName) \
# --name $(Build.SourceVersion).zip \
# --file $(Build.SourcesDirectory)/$(Build.SourceVersion).zip
# - task: Bash@3
# displayName: Bash Script
# inputs:
# targetType: inline
# script: unzip $(Build.SourcesDirectory)/$(Build.SourceVersion).zip -d $(Build.SourcesDirectory)/$(Build.SourceVersion)
# - task: AzureStaticWebApp@0
# displayName: 'Static Web App: '
# inputs:
# workingDirectory: '$(Build.SourcesDirectory)'
# app_location: '/$(Build.SourceVersion)'
# config_file_location: /dictation_client
# skip_app_build: true
# skip_api_build: true
# is_static_export: false
# verbose: false
# azure_static_web_apps_api_token: $(STATIC_DICTATION_DEPLOYMENT_TOKEN)
- job: migration
condition: succeeded('initialize')
displayName: DB migration
dependsOn:
- initialize
- backend_deploy
- frontend_deploy
pool:
name: odms-deploy-pipeline
steps:
- checkout: self
clean: true
fetchDepth: 1
# - task: AzureKeyVault@2
# displayName: 'Azure Key Vault: kv-odms-secret-stg'
# inputs:
# ConnectedServiceName: 'omds-service-connection-stg'
# KeyVaultName: kv-odms-secret-stg
# - task: CmdLine@2
# displayName: migration
# inputs:
# script: >2
# # DB接続情報書き換え
# sed -i -e "s/DB_NAME/$(db-name)/g" ./dictation_server/db/dbconfig.yml
# sed -i -e "s/DB_PASS/$(db-pass)/g" ./dictation_server/db/dbconfig.yml
# sed -i -e "s/DB_USERNAME/$(db-user)/g" ./dictation_server/db/dbconfig.yml
# sed -i -e "s/DB_PORT/$(db-port)/g" ./dictation_server/db/dbconfig.yml
# sed -i -e "s/DB_HOST/$(db-host)/g" ./dictation_server/db/dbconfig.yml
# sql-migrate --version
# cat ./dictation_server/db/dbconfig.yml
# # migration実行
# sql-migrate up -config=./dictation_server/db/dbconfig.yml -env=ci

117
azure-pipelines-staging.yml
View File

@ -1,5 +1,4 @@
# Pipeline側でKeyVaultやDocker、AppService等に対する操作権限を持ったServiceConenctionを作成し、 # Pipeline側でKeyVaultやDocker、AppService等に対する操作権限を持ったServiceConenctionを作成しておくこと
# 環境変数 AZURE_SERVICE_CONNECTION の値としてServiceConenction名を設定しておくこと
# また、環境変数 STATIC_DICTATION_DEPLOYMENT_TOKEN の値として静的WebAppsのデプロイトークンを設定しておくこと # また、環境変数 STATIC_DICTATION_DEPLOYMENT_TOKEN の値として静的WebAppsのデプロイトークンを設定しておくこと
trigger: trigger:
branches: branches:
@ -47,7 +46,7 @@ jobs:
- task: AzureKeyVault@2 - task: AzureKeyVault@2
displayName: 'Azure Key Vault: kv-odms-secret-stg' displayName: 'Azure Key Vault: kv-odms-secret-stg'
inputs: inputs:
ConnectedServiceName: $(AZURE_SERVICE_CONNECTION) ConnectedServiceName: 'omds-service-connection-stg'
KeyVaultName: kv-odms-secret-stg KeyVaultName: kv-odms-secret-stg
SecretsFilter: '*' SecretsFilter: '*'
- task: Bash@3 - task: Bash@3
@ -77,40 +76,22 @@ jobs:
- task: Docker@0 - task: Docker@0
displayName: build displayName: build
inputs: inputs:
azureSubscriptionEndpoint: $(AZURE_SERVICE_CONNECTION) azureSubscriptionEndpoint: 'omds-service-connection-stg'
azureContainerRegistry: '{"loginServer":"crodmsregistrymaintenance.azurecr.io", "id" : "/subscriptions/108fb131-cdca-4729-a2be-e5bd8c0b3ba7/resourceGroups/maintenance-rg/providers/Microsoft.ContainerRegistry/registries/crOdmsRegistryMaintenance"}' azureContainerRegistry: '{"loginServer":"crodmsregistrymaintenance.azurecr.io", "id" : "/subscriptions/108fb131-cdca-4729-a2be-e5bd8c0b3ba7/resourceGroups/maintenance-rg/providers/Microsoft.ContainerRegistry/registries/crOdmsRegistryMaintenance"}'
dockerFile: DockerfileServerDictation.dockerfile dockerFile: DockerfileServerDictation.dockerfile
imageName: $(Build.Repository.Name)/staging/dictation:$(Build.SourceVersion) imageName: odmscloud/staging/dictation:$(Build.SourceVersion)
buildArguments: |
BUILD_VERSION=$(Build.SourceVersion)
- task: Docker@0 - task: Docker@0
displayName: push displayName: push
inputs: inputs:
azureSubscriptionEndpoint: $(AZURE_SERVICE_CONNECTION) azureSubscriptionEndpoint: 'omds-service-connection-stg'
azureContainerRegistry: '{"loginServer":"crodmsregistrymaintenance.azurecr.io", "id" : "/subscriptions/108fb131-cdca-4729-a2be-e5bd8c0b3ba7/resourceGroups/maintenance-rg/providers/Microsoft.ContainerRegistry/registries/crOdmsRegistryMaintenance"}' azureContainerRegistry: '{"loginServer":"crodmsregistrymaintenance.azurecr.io", "id" : "/subscriptions/108fb131-cdca-4729-a2be-e5bd8c0b3ba7/resourceGroups/maintenance-rg/providers/Microsoft.ContainerRegistry/registries/crOdmsRegistryMaintenance"}'
action: Push an image action: Push an image
imageName: $(Build.Repository.Name)/staging/dictation:$(Build.SourceVersion) imageName: odmscloud/staging/dictation:$(Build.SourceVersion)
- job: backend_deploy - job: frontend_build
dependsOn: backend_build dependsOn: backend_build
condition: succeeded('backend_build') condition: succeeded('backend_build')
displayName: Backend Deploy
pool:
name: odms-deploy-pipeline
steps:
- checkout: self
clean: true
fetchDepth: 1
- task: AzureRmWebAppDeployment@4
inputs:
ConnectionType: 'AzureRM'
azureSubscription: $(AZURE_SERVICE_CONNECTION)
appType: 'webAppContainer'
WebAppName: 'app-odms-dictation-stg'
ResourceGroupName: 'stg-application-rg'
DockerNamespace: 'crodmsregistrymaintenance.azurecr.io'
DockerRepository: '$(Build.Repository.Name)/staging/dictation'
DockerImageTag: '$(Build.SourceVersion)'
- job: frontend_build
dependsOn: initialize
condition: succeeded('initialize')
displayName: Build Frontend Files displayName: Build Frontend Files
variables: variables:
storageAccountName: saomdspipeline storageAccountName: saomdspipeline
@ -141,7 +122,7 @@ jobs:
replaceExistingArchive: true replaceExistingArchive: true
- task: AzureCLI@2 - task: AzureCLI@2
inputs: inputs:
azureSubscription: $(AZURE_SERVICE_CONNECTION) azureSubscription: 'omds-service-connection-stg'
scriptType: 'bash' scriptType: 'bash'
scriptLocation: 'inlineScript' scriptLocation: 'inlineScript'
inlineScript: | inlineScript: |
@ -151,10 +132,22 @@ jobs:
--container-name $(containerName) \ --container-name $(containerName) \
--name $(Build.SourceVersion).zip \ --name $(Build.SourceVersion).zip \
--type block \ --type block \
--overwrite \
--file $(Build.ArtifactStagingDirectory)/$(Build.SourceVersion).zip --file $(Build.ArtifactStagingDirectory)/$(Build.SourceVersion).zip
- job: frontend_deploy - job: backend_deploy
dependsOn: frontend_build dependsOn: frontend_build
condition: succeeded('frontend_build') condition: succeeded('frontend_build')
displayName: Backend Deploy
pool:
name: odms-deploy-pipeline
steps:
- checkout: self
clean: true
fetchDepth: 1
# TODO: Productionと同様にデプロイを行う
- job: frontend_deploy
dependsOn: backend_deploy
condition: succeeded('backend_deploy')
displayName: Deploy Frontend Files displayName: Deploy Frontend Files
variables: variables:
storageAccountName: saomdspipeline storageAccountName: saomdspipeline
@ -165,69 +158,15 @@ jobs:
- checkout: self - checkout: self
clean: true clean: true
fetchDepth: 1 fetchDepth: 1
- task: AzureKeyVault@2 # TODO: Productionと同様にデプロイを行う
displayName: 'Azure Key Vault: kv-odms-secret-stg'
inputs:
ConnectedServiceName: $(AZURE_SERVICE_CONNECTION)
KeyVaultName: kv-odms-secret-stg
SecretsFilter: '*'
- task: AzureCLI@2
inputs:
azureSubscription: $(AZURE_SERVICE_CONNECTION)
scriptType: 'bash'
scriptLocation: 'inlineScript'
inlineScript: |
az storage blob download \
--auth-mode login \
--account-name $(storageAccountName) \
--container-name $(containerName) \
--name $(Build.SourceVersion).zip \
--file $(Build.SourcesDirectory)/$(Build.SourceVersion).zip
- task: Bash@3
displayName: Bash Script
inputs:
targetType: inline
script: unzip $(Build.SourcesDirectory)/$(Build.SourceVersion).zip -d $(Build.SourcesDirectory)/$(Build.SourceVersion)
- task: AzureStaticWebApp@0
displayName: 'Static Web App: '
inputs:
workingDirectory: '$(Build.SourcesDirectory)'
app_location: '/$(Build.SourceVersion)'
config_file_location: /dictation_client
skip_app_build: true
skip_api_build: true
is_static_export: false
verbose: false
azure_static_web_apps_api_token: $(STATIC_DICTATION_DEPLOYMENT_TOKEN)
- job: migration - job: migration
condition: succeeded('initialize') dependsOn: frontend_deploy
condition: succeeded('frontend_deploy')
displayName: DB migration displayName: DB migration
dependsOn:
- initialize
- backend_deploy
- frontend_deploy
pool: pool:
name: db-migrate-pipelines name: odms-deploy-pipeline
steps: steps:
- checkout: self - checkout: self
clean: true clean: true
fetchDepth: 1 fetchDepth: 1
- task: AzureKeyVault@2 # TODO: Productionと同様にマイグレーションを行う
displayName: 'Azure Key Vault: kv-odms-secret-stg'
inputs:
ConnectedServiceName: $(AZURE_SERVICE_CONNECTION)
KeyVaultName: kv-odms-secret-stg
- task: CmdLine@2
displayName: migration
inputs:
script: >2
# DB接続情報書き換え
sed -i -e "s/DB_NAME/$(db-name)/g" ./dictation_server/db/dbconfig.yml
sed -i -e "s/DB_PASS/$(db-pass)/g" ./dictation_server/db/dbconfig.yml
sed -i -e "s/DB_USERNAME/$(db-user)/g" ./dictation_server/db/dbconfig.yml
sed -i -e "s/DB_PORT/$(db-port)/g" ./dictation_server/db/dbconfig.yml
sed -i -e "s/DB_HOST/$(db-host)/g" ./dictation_server/db/dbconfig.yml
sql-migrate --version
cat ./dictation_server/db/dbconfig.yml
# migration実行
sql-migrate up -config=./dictation_server/db/dbconfig.yml -env=ci