maestro/server/pipeline.yaml (81 lines of code) (raw):
$schema: "pipeline.schema.v1"
serviceGroup: Microsoft.Azure.ARO.HCP.Maestro.Server
rolloutName: Maestro Server Rollout
resourceGroups:
- name: '{{ .global.rg }}'
subscription: '{{ .global.subscription }}'
steps:
- name: mirror-image
action: Shell
command: ../../image-sync/on-demand/sync.sh
dryRun:
variables:
- name: DRY_RUN
value: "true"
variables:
- name: TARGET_ACR
configRef: 'acr.svc.name'
- name: SOURCE_REGISTRY
configRef: maestro.image.registry
- name: REPOSITORY
configRef: maestro.image.repository
- name: DIGEST
configRef: maestro.image.digest
- name: PULL_SECRET_KV
configRef: global.keyVault.name
- name: PULL_SECRET
configRef: imageSync.componentSync.pullSecretName
- name: '{{ .svc.rg }}'
subscription: '{{ .svc.subscription }}'
aksCluster: '{{ .svc.aks.name }}'
steps:
- name: deploy
action: Shell
command: make deploy
dryRun:
variables:
- name: DRY_RUN
value: "true"
dependsOn:
- mirror-image
variables:
- name: EVENTGRID_NAME
configRef: maestro.eventGrid.name
- name: REGION_RG
configRef: regionRG
- name: SVC_RG
configRef: svc.rg
- name: AKS_NAME
configRef: svc.aks.name
- name: IMAGE_REPO
configRef: maestro.image.repository
- name: IMAGE_DIGEST
configRef: maestro.image.digest
- name: USE_AZURE_DB
configRef: maestro.postgres.deploy
- name: DATABASE_SERVER_NAME
configRef: maestro.postgres.name
- name: DATABASE_NAME
configRef: maestro.postgres.databaseName
- name: ISTIO_RESTRICT_INGRESS
configRef: maestro.restrictIstioIngress
- name: KEYVAULT_NAME
configRef: serviceKeyVault.name
- name: MQTT_CLIENT_NAME
configRef: maestro.server.mqttClientName
- name: MAESTRO_LOG_LEVEL
configRef: maestro.server.loglevel
- name: ISTO_TAG
configRef: svc.istio.tag
- name: NAMESPACE
configRef: maestro.server.k8s.namespace
- name: SERVICE_ACCOUNT_NAME
configRef: maestro.server.k8s.serviceAccountName
- name: MANAGED_IDENTITY_NAME
configRef: maestro.server.managedIdentityName
- name: CS_NAMESPACE
configRef: clustersService.k8s.namespace
- name: CS_SERVICE_ACCOUNT_NAME
configRef: clustersService.k8s.serviceAccountName
- name: ACR_NAME
configRef: acr.svc.name