mirror of
https://github.com/google/nomulus
synced 2026-01-07 14:05:44 +00:00
464f9aed1f
* Migrate Spec11 pipeline to flex template Unfortunately this PR has turned out to be much bigger than I initially conceived. However this is no good way to separate it out because the changes are intertwined. This PR includes 3 main changes: 1. Change the spec11 pipline to use Dataflow Flex Template. 2. Retire the use of the old JPA layer that relies on credential saved in KMS. 3. Some extensive refactoring to streamline the logic and improve test isolation. * Fix job name and remove projectId from options * Add parameter logs * Set RegistryEnvironment * Remove logging and modify safe browsing API key regex * Rename a test method and rebase * Remove unused Junit extension * Specify job region
140 lines
5.8 KiB
YAML
140 lines
5.8 KiB
YAML
# To run the build locally, install cloud-build-local first.
|
|
# See: https://cloud.google.com/cloud-build/docs/build-debug-locally
|
|
# You will need access to a private registry, so be sure to install the docker
|
|
# credential helper.
|
|
# Then, in the root of a nomulus source tree, run:
|
|
# cloud-build-local --config=cloudbuild-nomulus.yaml --dryrun=false \
|
|
# --substitutions TAG_NAME=[TAG] ..
|
|
# This will build the contents of the current directory and generate the
|
|
# nomulus war-files locally.
|
|
# The PROJECT_ID is the current project name that gcloud uses.
|
|
# You can add "--push true" to have the image pushed to GCR.
|
|
#
|
|
# To manually trigger a build on GCB, run:
|
|
# gcloud builds submit --config cloudbuild-nomulus.yaml --substitutions TAG_NAME=[TAG] ..
|
|
#
|
|
# To trigger a build automatically, follow the instructions below and add a trigger:
|
|
# https://cloud.google.com/cloud-build/docs/running-builds/automate-builds
|
|
steps:
|
|
# Create a directory to store the artifacts
|
|
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
|
|
args: ['mkdir', 'nomulus']
|
|
# Run tests
|
|
#- name: 'gcr.io/${PROJECT_ID}/builder:latest'
|
|
# # Set home for Gradle caches. Must be consistent with last step below
|
|
# # and ./build_nomulus_for_env.sh
|
|
# env: [ 'GRADLE_USER_HOME=./cloudbuild-caches' ]
|
|
# args: ['./gradlew',
|
|
# 'test',
|
|
# '-PskipDockerIncompatibleTests=true',
|
|
# '-PmavenUrl=gcs://domain-registry-maven-repository/maven',
|
|
# '-PpluginsUrl=gcs://domain-registry-maven-repository/plugins'
|
|
# ]
|
|
# Build the tool binary and image.
|
|
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
|
|
args: ['release/build_nomulus_for_env.sh', 'tool', 'output']
|
|
# Save TAG_NAME in ./output/tag_name, to be uploaded later. This file is purely
|
|
# informational. It makes it easier to tell the tag of the current 'live' release.
|
|
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
|
|
entrypoint: /bin/bash
|
|
args: [ '-c', 'echo ${TAG_NAME} > output/tag_name']
|
|
# Tag the tool image and push it to the registry.
|
|
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
|
|
entrypoint: /bin/bash
|
|
args:
|
|
- -c
|
|
- |
|
|
set -e
|
|
docker tag nomulus-tool gcr.io/${PROJECT_ID}/nomulus-tool:${TAG_NAME}
|
|
docker tag nomulus-tool gcr.io/${PROJECT_ID}/nomulus-tool:latest
|
|
docker push gcr.io/${PROJECT_ID}/nomulus-tool:${TAG_NAME}
|
|
docker push gcr.io/${PROJECT_ID}/nomulus-tool:latest
|
|
# Get the tool image digest and substitute in the digest in other GCB files.
|
|
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
|
|
entrypoint: /bin/bash
|
|
args:
|
|
- -c
|
|
- |
|
|
set -e
|
|
digest=$(gcloud container images list-tags gcr.io/${PROJECT_ID}/nomulus-tool \
|
|
--format="get(digest)" --filter="tags = ${TAG_NAME}")
|
|
sed -i s/'$${_IMAGE}'/nomulus-tool/g release/cloudbuild-tag.yaml
|
|
sed -i s/':$${TAG_NAME}'/@$digest/g release/cloudbuild-tag.yaml
|
|
sed -i s/'nomulus-tool:latest'/nomulus-tool@$digest/g release/cloudbuild-deploy-*.yaml
|
|
# Build and package the deployment files for alpha.
|
|
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
|
|
args: ['release/build_nomulus_for_env.sh', 'alpha', 'output']
|
|
# Build and package the deployment files for crash.
|
|
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
|
|
args: ['release/build_nomulus_for_env.sh', 'crash', 'output']
|
|
# Build and package the deployment files for sandbox.
|
|
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
|
|
args: ['release/build_nomulus_for_env.sh', 'sandbox', 'output']
|
|
# Build and package the deployment files for production.
|
|
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
|
|
args: ['release/build_nomulus_for_env.sh', 'production', 'output']
|
|
# Build and stage Dataflow Flex templates.
|
|
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
|
|
entrypoint: /bin/bash
|
|
# Set home for Gradle caches. Must be consistent with previous steps above
|
|
# and ./build_nomulus_for_env.sh
|
|
env: [ 'GRADLE_USER_HOME=./cloudbuild-caches' ]
|
|
args:
|
|
- -c
|
|
- |
|
|
./release/stage_beam_pipeline.sh \
|
|
beam_pipeline_common \
|
|
${TAG_NAME} \
|
|
${PROJECT_ID} \
|
|
google.registry.beam.initsql.InitSqlPipeline \
|
|
google/registry/beam/init_sql_pipeline_metadata.json \
|
|
google.registry.beam.datastore.BulkDeleteDatastorePipeline \
|
|
google/registry/beam/bulk_delete_datastore_pipeline_metadata.json \
|
|
google.registry.beam.spec11.Spec11Pipeline \
|
|
google/registry/beam/spec11_pipeline_metadata.json
|
|
# Tentatively build and publish Cloud SQL schema jar here, before schema release
|
|
# process is finalized. Also publish nomulus:core jars that are needed for
|
|
# server/schema compatibility tests.
|
|
- name: 'gcr.io/${PROJECT_ID}/builder:latest'
|
|
entrypoint: /bin/bash
|
|
# Set home for Gradle caches. Must be consistent with previous steps above
|
|
# and ./build_nomulus_for_env.sh
|
|
env: [ 'GRADLE_USER_HOME=./cloudbuild-caches' ]
|
|
args:
|
|
- -c
|
|
- |
|
|
set -e
|
|
./gradlew \
|
|
:db:publish \
|
|
-PmavenUrl=gcs://domain-registry-maven-repository/maven \
|
|
-PpluginsUrl=gcs://domain-registry-maven-repository/plugins \
|
|
-Ppublish_repo=gcs://${PROJECT_ID}-deployed-tags/maven \
|
|
-Pschema_version=${TAG_NAME}
|
|
./gradlew \
|
|
:core:publish \
|
|
-PmavenUrl=gcs://domain-registry-maven-repository/maven \
|
|
-PpluginsUrl=gcs://domain-registry-maven-repository/plugins \
|
|
-Ppublish_repo=gcs://${PROJECT_ID}-deployed-tags/maven \
|
|
-Pnomulus_version=${TAG_NAME}
|
|
# Upload schema jar for use by schema deployment.
|
|
# TODO(weiminyu): consider using the jar in maven repo during deployment and
|
|
# stop the upload here.
|
|
cp db/build/libs/schema.jar output/
|
|
# The tarballs and jars to upload to GCS.
|
|
artifacts:
|
|
objects:
|
|
location: 'gs://${PROJECT_ID}-deploy/${TAG_NAME}'
|
|
paths:
|
|
- 'output/*.tar'
|
|
- 'output/tag_name'
|
|
- 'output/nomulus.jar'
|
|
- 'output/schema.jar'
|
|
- 'release/cloudbuild-tag.yaml'
|
|
- 'release/cloudbuild-sync.yaml'
|
|
- 'release/cloudbuild-deploy-*.yaml'
|
|
- 'release/cloudbuild-schema-deploy-*.yaml'
|
|
|
|
timeout: 3600s
|
|
options:
|
|
machineType: 'N1_HIGHCPU_8'
|