# Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. timeout: 14400s steps: - id: prepare name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "source /usr/local/bin/task_helper_functions.sh && prepare_environment", ] env: - "TF_VAR_org_id=$_ORG_ID" - "TF_VAR_folder_id=$_FOLDER_ID" - "TF_VAR_billing_account=$_BILLING_ACCOUNT" - "TF_VAR_single_project=true" - id: wait-startup-script name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: ["/bin/bash", "-c", "cft test run TestValidateStartupScript --stage verify --verbose"] waitFor: - prepare - id: bootstrap-gitlab-vm name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" entrypoint: "bash" args: - "-c" - |- gcloud storage cp gs://$(terraform -chdir=/workspace/test/setup output -raw gitlab_secret_project)-ssl-cert/gitlab.crt /usr/local/share/ca-certificates update-ca-certificates if (ls /etc/ssl/certs | grep gitlab.pem); then cft test run TestBootstrapGitlabVM --stage verify --verbose || exit 1 else echo ERROR: Was not able to download certificate and update system bundle. && exit 1 fi waitFor: - wait-startup-script - id: vpc-sc name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestVPCSC --stage init --verbose && cft test run TestVPCSC --stage apply --verbose && sleep 5m", ] env: - "TF_VAR_org_id=$_ORG_ID" - "access_level_members=serviceAccount:$PROJECT_NUMBER@cloudbuild.gserviceaccount.com" - id: single-project-init name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestStandaloneSingleProjectExample --stage init --verbose", ] - id: single-project-apply name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestStandaloneSingleProjectExample --stage apply --verbose", ] - id: single-project-verify name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestStandaloneSingleProjectExample --stage verify --verbose || (cft test run TestStandaloneSingleProjectExample --stage apply --verbose && cft test run TestStandaloneSingleProjectExample --stage verify --verbose)", ] - id: single-project-app-deployment name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" entrypoint: "bash" args: - "-c" - |- gcloud storage cp gs://$(terraform -chdir=/workspace/test/setup output -raw gitlab_secret_project)-ssl-cert/gitlab.crt /usr/local/share/ca-certificates update-ca-certificates if (ls /etc/ssl/certs | grep gitlab.pem); then cft test run TestSingleProjectSourceCymbalBank --stage verify --verbose || exit 1 else echo ERROR: Was not able to download certificate and update system bundle. && exit 1 fi - id: app-single-project-e2e name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: ["/bin/bash", "-c", "cft test run TestAppE2ECymbalBankSingleProject --stage verify --verbose"] - id: single-project-teardown name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestStandaloneSingleProjectExample --stage teardown --verbose", ] - id: vpcsc-teardown name: "gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS" args: [ "/bin/bash", "-c", "cft test run TestVPCSC --stage teardown --verbose", ] waitFor: - single-project-teardown tags: - "ci" - "integration" substitutions: _DOCKER_IMAGE_DEVELOPER_TOOLS: "cft/developer-tools" _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: "1.23" options: machineType: E2_HIGHCPU_8 env: - 'TF_PLUGIN_CACHE_DIR=""' - 'TF_VAR_branch_name=$BRANCH_NAME' - "TF_VAR_service_perimeter_mode=ENFORCE"