.gitlab-ci.yml

image:
  name: docker:20.10.17

variables:
  ANSIBLE_REMOTE_TMP: "/tmp"
  PKR_VAR_flavor: "m1.small"
  PKR_VAR_source_image: "CentOS-7-x86_64-GenericCloud-2009"
  PKR_VAR_floating_ip_network: "uab-campus"
  PKR_VAR_security_groups: '["allow-ssh"]'
  PKR_VAR_skip_create_image: "false"
  PKR_VAR_ssh_username: "centos"
  PKR_VAR_networks: '["ec11e2be-8fac-46cf-8fa2-9dffb74ba5df"]'
  GIT_AUTHOR_NAME: "Gitlab runner"
  GIT_AUTHOR_EMAIL: "gitlab@runner"

stages:
  - build
  - test
  - deploy

build_image:
  image: $CI_REGISTRY_IMAGE:latest
  stage: build
  environment:
    name: knightly
  tags:
    - build
  script:
    - |
      if [ ! -d $CI_PROJECT_DIR/CRI_XCBC ]; then
        git clone https://github.com/uabrc/CRI_XCBC.git
        cd CRI_XCBC
        git remote add upstream https://github.com/jprorama/CRI_XCBC.git
        cd ..
      fi
    - cd CRI_XCBC
    - git config user.name "${GIT_AUTHOR_NAME}"
    - git config user.email "${GIT_AUTHOR_EMAIL}"
    - git fetch --all
    - git fetch origin '+refs/pull/*/head:refs/remotes/origin/pr/*'
    - git fetch upstream '+refs/pull/*/head:refs/remotes/upstream/pr/*'
    - git checkout uab-prod
    - git merge origin/uab-prod
    - git checkout -b integration
    - git merge upstream/dev
    - export CRI_XCBC_HEAD=$(git rev-parse --short HEAD)
    - export CRI_XCBC_dev=$(git rev-parse --short upstream/dev)
    - export CRI_XCBC_prod=$(git rev-parse --short origin/uab-prod)
    - cd ..
    - export PACKER_IMAGE_HEAD=$(git rev-parse --short HEAD)
    - export BUILD_DATE=$(TZ=America/Chicago date +%Y%m%d)
    - echo CRI_XCBC_HEAD=${CRI_XCBC_HEAD} | tee -a $CI_PROJECT_DIR/image.env
    - echo CRI_XCBC_dev=${CRI_XCBC_dev} | tee -a $CI_PROJECT_DIR/image.env
    - echo CRI_XCBC_prod=${CRI_XCBC_prod} | tee -a $CI_PROJECT_DIR/image.env
    - echo PACKER_IMAGE_HEAD=${PACKER_IMAGE_HEAD} | tee -a $CI_PROJECT_DIR/image.env
    - echo BUILD_DATE=${BUILD_DATE} | tee -a $CI_PROJECT_DIR/image.env
    - >
      curl --header "PRIVATE-TOKEN: ${ANSIBLE_VAR_TOKEN}"
      "${CI_API_V4_URL}/projects/2836/repository/files/knightly/raw?ref=main"
      -o CRI_XCBC/group_vars/knightly
    - s3cmd get --force -r --host=$AWS_HOST --host-bucket=$AWS_HOST s3://cheaha-cloud-ansible-files/ ansible/files/
    - 'sed -i -E "s/(lts_access_key: ).*/\1\"${AWS_ACCESS_KEY_ID}\"/" CRI_XCBC/group_vars/knightly'
    - 'sed -i -E "s/(lts_secret_key: ).*/\1\"${AWS_SECRET_ACCESS_KEY}\"/" CRI_XCBC/group_vars/knightly'
    - packer validate openstack-ood
    - >
      PKR_VAR_build_instance_name="ood-${CRI_XCBC_HEAD}"
      PKR_VAR_image_date_suffix=false
      PKR_VAR_image_name="ood-${BUILD_DATE}"
      packer build -machine-readable openstack-ood | tee ood_build.log
    - echo BUILT_OOD_IMAGE_ID=$(grep 'Image:' ood_build.log | awk '{print $4}') | tee -a $CI_PROJECT_DIR/image.env
    - openstack image set --property CRI_XCBC_prod=${CRI_XCBC_prod} --property CRI_XCBC_dev=${CRI_XCBC_dev} --property PACKER_IMAGE_HEAD=${PACKER_IMAGE_HEAD} ${BUILT_OOD_IMAGE_ID}
  artifacts:
    reports:
      dotenv: image.env

test:
  image: $CI_REGISTRY_IMAGE:latest
  stage: test
  environment:
    name: knightly
  tags:
    - build
  script:
    - OLD_INSTANCE_IP=$(openstack floating ip list --floating-ip-address $CHEAHA_IP -c "Fixed IP Address" -f value)
    - echo $OLD_INSTANCE_IP
    - |
      if [ ! -z $OLD_INSTANCE_IP ]; then
        export OLD_INSTANCE_ID=$(openstack server list --name ood-knightly --ip $OLD_INSTANCE_IP -c ID -f value)
      fi
    - echo OLD_INSTANCE_ID=$OLD_INSTANCE_ID | tee -a instance.env
    - |
      cat > user_data.txt << OEOF
      #!/bin/bash
      cat > /etc/resolv.conf << EOF
      search openstack.internal cm.cluster rc.uab.edu ib.cluster drac.cluster eth.cluster ib-hdr.cluster
      nameserver 172.20.0.25
      EOF
      echo "$DEV_KEY" >> /root/.ssh/authorized_keys
      ip route replace default via 10.250.0.3 dev eth0
      ip route add 172.20.0.0/16 via 10.250.0.1 dev eth0
      mkdir -p /run/shibboleth
      chown shibd:shibd /run/shibboleth
      pip3 install s3cmd
      s3cmd get --force -r --access_key=$AWS_ACCESS_KEY_ID --secret_key=$AWS_SECRET_ACCESS_KEY --host=$AWS_HOST --host-bucket=$AWS_HOST s3://knightly-key/ /etc/ssh/
      OEOF
    - >
      export NEW_INSTANCE_ID=$(openstack server create
      -c id -f value --image $BUILT_OOD_IMAGE_ID
      --network openstack-cheaha-internal
      --security-group ood-https-ports
      --security-group allow-ssh
      --user-data user_data.txt
      --flavor m1.medium
      --wait
      ood-knightly)
    - echo NEW_INSTANCE_ID=$NEW_INSTANCE_ID | tee -a instance.env
    - openstack server add floating ip $NEW_INSTANCE_ID $TEST_IP
    - >
      curl --retry 10 --retry-delay 20 --retry-connrefused https://knightly.rc.uab.edu/Shibboleth.sso/Metadata --resolve knightly.rc.uab.edu:443:$TEST_IP -kf
      || (openstack server delete $NEW_INSTANCE_ID && openstack image delete $BUILT_OOD_IMAGE_ID && false)
    - |
      if [ $CI_PIPELINE_SOURCE = "schedule" ]; then
        openstack server remove floating ip $NEW_INSTANCE_ID $TEST_IP
      else
        openstack server delete $NEW_INSTANCE_ID
        openstack image delete $BUILT_OOD_IMAGE_ID
      fi
  artifacts:
    reports:
      dotenv: instance.env

deploy_knightly:
  image: $CI_REGISTRY_IMAGE:latest
  stage: deploy
  environment:
    name: knightly
  tags:
    - build
  script:
    - |
      if [ ! -z $OLD_INSTANCE_ID ]; then
        openstack server remove floating ip $OLD_INSTANCE_ID $CAMPUS_IP
        openstack server remove floating ip $OLD_INSTANCE_ID $CHEAHA_IP
      fi
    - |
      if [ ! -z $NEW_INSTANCE_ID ]; then
        openstack server add floating ip $NEW_INSTANCE_ID $CAMPUS_IP
        openstack server add floating ip $NEW_INSTANCE_ID $CHEAHA_IP
      fi
  only:
    - schedules

deploy_cheaha:
  stage: deploy
  environment:
    name: cheaha
  tags:
    - build
  script:
    - echo "Job placeholder to deploy to Cheaha"
  when: manual
  only:
    - main