Commit 5c22841f authored by Sandro Mathys's avatar Sandro Mathys
Browse files

add some helpful comments

parent a5c9e516
......@@ -33,6 +33,8 @@ stages:
.cleanup:
interruptible: true
script:
# we `2>&1 || true` everything, because this template is used twice in the pipeline and thus it's likely we're trying to delete stuff that already doesn't exist.
# also, if the previous deploy job failed, we might find a mixed bag of existing resources.
- helm uninstall "${HELM_RELEASE}" 2>&1 || true
- kubectl --namespace "${NAMESPACE}" --server "${KUBE_APISERVER}" --token="${KUBE_TOKEN}" delete secret shibboleth-sp-helm-chart-certs 2>&1 || true
- kubectl --namespace "${NAMESPACE}" --server "${KUBE_APISERVER}" --token="${KUBE_TOKEN}" delete secret shibboleth-sp-helm-chart-sealer-keys 2>&1 || true
......@@ -59,10 +61,13 @@ prepare staging:
# apparently ash can't do process substitution, so we have to write this to a file temporarily
- echo "${VAULT_PASSWORD}" > ".vault_password"
script:
# can't do this in the deploy step, because we have no ansible there
- ansible-vault view --vault-password-file ".vault_password" "ci/sp-key.pem.vault" > "ci/sp-key.pem"
after_script:
- rm -f ".vault_password"
# just in case there's some left overs for some reason - because if so, the next job will fail
# we always want to perform an install (rather than an upgrade) in order to ensure the pre-install hooks work
precleanup staging:
stage: precleanup
environment:
......@@ -98,6 +103,8 @@ verify staging:
- kubectl --namespace "${NAMESPACE}" --server "${KUBE_APISERVER}" --token="${KUBE_TOKEN}" logs "${HELM_RELEASE}-helm-test-curl" -c "root"
- kubectl --namespace "${NAMESPACE}" --server "${KUBE_APISERVER}" --token="${KUBE_TOKEN}" logs "${HELM_RELEASE}-helm-test-curl" -c "session"
# we always want to perform an install (rather than an upgrade) in order to ensure the pre-install hooks work
# thus we're making extra sure to delete everything
postcleanup staging:
stage: postcleanup
environment:
......@@ -106,7 +113,6 @@ postcleanup staging:
- staging
extends:
.cleanup
.package:
interruptible: true
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment