build/int.cloudbuild.hpc.yaml

# Copyright 2025 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. timeout: 14400s steps: - id: prepare name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "source /usr/local/bin/task_helper_functions.sh && prepare_environment", ] env: - "TF_VAR_org_id=$_ORG_ID" - "TF_VAR_folder_id=$_FOLDER_ID" - "TF_VAR_billing_account=$_BILLING_ACCOUNT" - "TF_VAR_single_project=false" - "TF_VAR_create_cloud_nat=true" # config-sync running on cluster VPC needs to access gitlab - id: wait-startup-script name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: ["/bin/bash", "-c", "cft test run TestValidateStartupScript --stage verify --verbose"] waitFor: - prepare - id: bootstrap-gitlab-vm name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" entrypoint: "bash" args: - "-c" - |- gcloud storage cp gs://$(terraform -chdir=/workspace/test/setup output -raw gitlab_secret_project)-ssl-cert/gitlab.crt /usr/local/share/ca-certificates update-ca-certificates if (ls /etc/ssl/certs | grep gitlab.pem); then cft test run TestBootstrapGitlabVM --stage verify --verbose || exit 1 else echo ERROR: Was not able to download certificate and update system bundle. && exit 1 fi waitFor: - wait-startup-script - id: vpc-sc name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestVPCSC --stage init --verbose && cft test run TestVPCSC --stage apply --verbose && sleep 5m", ] env: - "TF_VAR_org_id=$_ORG_ID" - "access_level_members=serviceAccount:$PROJECT_NUMBER@cloudbuild.gserviceaccount.com" waitFor: - wait-startup-script # Distinct init stages for tf output state passing - id: bootstrap-init name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: ["/bin/bash", "-c", "cft test run TestBootstrap --stage init --verbose"] waitFor: - vpc-sc env: - "TF_VAR_org_id=$_ORG_ID" - "TF_VAR_billing_account=$_BILLING_ACCOUNT" - id: bootstrap-apply name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: ["/bin/bash", "-c", "cft test run TestBootstrap --stage apply --verbose"] waitFor: - bootstrap-init env: - "TF_VAR_org_id=$_ORG_ID" - "TF_VAR_billing_account=$_BILLING_ACCOUNT" - id: bootstrap-verify name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: ["/bin/bash", "-c", "cft test run TestBootstrap --stage verify --verbose"] waitFor: - bootstrap-apply env: - "TF_VAR_org_id=$_ORG_ID" - "TF_VAR_billing_account=$_BILLING_ACCOUNT" - id: multitenant-init name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: ["/bin/bash", "-c", "cft test run TestMultitenant --stage init --verbose"] waitFor: - bootstrap-apply - id: multitenant-apply name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestMultitenant --stage apply --verbose", ] waitFor: - multitenant-init - id: multitenant-verify name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestMultitenant --stage verify --verbose", ] waitFor: - multitenant-apply - id: fleetscope-init name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: ["/bin/bash", "-c", "cft test run TestFleetscope --stage init --verbose"] waitFor: - multitenant-apply - id: fleetscope-apply name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: ["/bin/bash", "-c", "cft test run TestFleetscope --stage apply --verbose"] waitFor: - fleetscope-init - id: fleetscope-verify name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" entrypoint: "bash" args: - "-c" - |- gcloud storage cp gs://$(terraform -chdir=/workspace/test/setup output -raw gitlab_secret_project)-ssl-cert/gitlab.crt /usr/local/share/ca-certificates update-ca-certificates if (ls /etc/ssl/certs | grep gitlab.pem); then cft test run TestFleetscope --stage verify --verbose else echo ERROR: Was not able to download certificate and update system bundle. fi waitFor: - fleetscope-apply - id: appfactory-init name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: ["/bin/bash", "-c", "cft test run TestHPCAppfactory --stage init --verbose"] waitFor: - fleetscope-apply - id: appfactory-apply name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: ["/bin/bash", "-c", "cft test run TestHPCAppfactory --stage apply --verbose"] waitFor: - appfactory-init - id: appfactory-verify name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestHPCAppfactory --stage verify --verbose", ] waitFor: - appfactory-apply - id: appinfra-init name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: ["/bin/bash", "-c", "cft test run TestHPCAppInfra --stage init --verbose"] waitFor: - appfactory-apply - id: appinfra-apply name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: ["/bin/bash", "-c", "cft test run TestHPCAppInfra --stage apply --verbose"] waitFor: - appinfra-init - id: appinfra-verify name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: ["/bin/bash", "-c", "cft test run TestHPCAppInfra --stage verify --verbose"] waitFor: - appinfra-apply - id: monte-carlo-simulation-e2e name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestHPCMonteCarloE2E --stage verify --verbose", ] waitFor: - appinfra-apply - fleetscope-verify - id: appinfra-teardown name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestHPCAppInfra --stage teardown --verbose", ] waitFor: - monte-carlo-simulation-e2e - appinfra-verify - appfactory-verify - fleetscope-verify - multitenant-verify - bootstrap-verify - id: appfactory-teardown name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestHPCAppfactory --stage teardown --verbose", ] waitFor: - appinfra-teardown - id: fleetscope-teardown name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestFleetscope --stage teardown --verbose", ] waitFor: - appfactory-teardown - id: multitenant-teardown name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestMultitenant --stage teardown --verbose", ] waitFor: - fleetscope-teardown - id: bootstrap-teardown name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestBootstrap --stage teardown --verbose", ] waitFor: - multitenant-teardown env: - "TF_VAR_org_id=$_ORG_ID" - "TF_VAR_billing_account=$_BILLING_ACCOUNT" - id: vpcsc-teardown name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestVPCSC --stage teardown --verbose", ] waitFor: - multitenant-teardown tags: - "ci" - "integration" substitutions: _DOCKER_IMAGE_DEVELOPER_TOOLS: "cft/developer-tools" _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: "1.23" options: env: - 'TF_PLUGIN_CACHE_DIR=""' - 'TF_VAR_branch_name=$BRANCH_NAME' - "TF_VAR_service_perimeter_mode=ENFORCE" - 'INSTALL_KUEUE=true'

build/int.cloudbuild.hpc.yaml (261 lines of code) (raw):