Commit 2c24a4f4 authored by Sandro Mathys's avatar Sandro Mathys
Browse files

change structure/order in pipeline a bit

parent 2ae58ffb
......@@ -18,6 +18,7 @@ variables:
cache:
key: "${CI_ENVIRONMENT_SLUG}-${CI_COMMIT_REF_SLUG}"
paths:
- "ci/sp-key.pem"
- ".config/helm/registry.json"
stages:
......@@ -44,15 +45,12 @@ prepare staging:
- test -n "${SHIBBOLETH_SP_HELM_CHART_REGISTRY_TOKEN}" || missing_vars="${missing_vars} SHIBBOLETH_SP_HELM_CHART_REGISTRY_TOKEN"
- test -n "${VAULT_PASSWORD}" || missing_vars="${missing_vars} VAULT_PASSWORD"
- if test -n "${missing_vars}"; then echo "Required environment variable(s) not set:${missing_vars} - check CI / CD variables in the project settings" >&2; exit 1; fi;
# just in case
- kubectl delete secret shibboleth-sp-helm-chart-certs 2>&1 || true
script:
# apparently ash can't do process substitution, so we have to write this to a file temporarily
- echo "${VAULT_PASSWORD}" > ".vault_password"
script:
- ansible-vault view --vault-password-file ".vault_password" "ci/sp-key.pem.vault" > "ci/sp-key.pem"
- kubectl create secret tls shibboleth-sp-helm-chart-certs --cert="ci/sp-cert.pem" --key="ci/sp-key.pem"
# they shouldn't survive the stage anyway, but let's make sure
- rm -f ".vault_password" "ci/sp-key.pem"
after_script:
- rm -f ".vault_password"
deploy staging:
stage: deploy
......@@ -66,9 +64,13 @@ deploy staging:
before_script:
# just in case
- helm uninstall "${HELM_RELEASE}" 2>&1 || true
- kubectl delete secret shibboleth-sp-helm-chart-certs 2>&1 || true
script:
- kubectl create secret tls shibboleth-sp-helm-chart-certs --cert="ci/sp-cert.pem" --key="ci/sp-key.pem"
# thanks to --atomic, this command won't just install the chart but also ensure it works
- helm upgrade --install "${HELM_RELEASE}" chart --values="ci/values.yaml" --atomic --debug
after_script:
- rm -f "ci/sp-key.pem"
verify staging:
stage: verify
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment