Merge pull request #3089 from overleaf/csh-issue-3406-use-overleaf-copybara-web-private-key

Use overleaf copybara web private key

GitOrigin-RevId: 206ee2ccab3f08ae1e7059fa510f2b152e9f1a8f
This commit is contained in:
Christopher Hoskin 2020-08-11 09:33:54 +01:00 committed by Copybot
parent 31546c7de8
commit fbfd6a3205

View file

@ -0,0 +1,213 @@
tags:
- web
- $BRANCH_NAME
- $SHORT_SHA
substitutions:
_COPYBARA: NO_RUN
images:
- 'gcr.io/$PROJECT_ID/web:$BRANCH_NAME-${SHORT_SHA}_$BUILD_ID'
steps:
- id: copy_external_pages
name: 'gcr.io/cloud-builders/docker'
entrypoint: sh
args:
- 'bin/copy_external_pages'
waitFor: ['-']
- id: pull_cache
name: 'gcr.io/cloud-builders/docker'
entrypoint: sh
args:
- '-c'
- 'docker pull gcr.io/$PROJECT_ID/web:$BRANCH_NAME-deps || docker pull gcr.io/$PROJECT_ID/web:master-deps || true'
waitFor: ['-']
- id: pull_cloud_builder
name: 'gcr.io/overleaf-ops/cloud-builder'
entrypoint: 'true'
waitFor: ['-']
- id: build_deps
name: 'gcr.io/$PROJECT_ID/cloud-builder'
args:
- 'build_deps'
waitFor:
- pull_cache
- id: push_deps
name: 'gcr.io/cloud-builders/docker'
entrypoint: sh
args:
- '-c'
- 'docker push gcr.io/$PROJECT_ID/web:$BRANCH_NAME-deps'
waitFor:
- build_deps
- id: build_dev
name: 'gcr.io/$PROJECT_ID/cloud-builder'
args:
- 'build_dev'
waitFor:
- copy_external_pages
- build_deps
- id: format
name: 'gcr.io/$PROJECT_ID/cloud-builder'
args:
- 'format_in_docker'
waitFor:
- build_dev
- id: lint
name: 'gcr.io/$PROJECT_ID/cloud-builder'
args:
- 'lint_in_docker'
waitFor:
- build_dev
- id: test_acceptance_app
name: 'gcr.io/$PROJECT_ID/cloud-builder'
args:
- 'test_acceptance_app'
waitFor:
- build_dev
- id: test_acceptance_modules
name: 'gcr.io/$PROJECT_ID/cloud-builder'
args:
- 'test_acceptance_modules'
- '-j4'
- '--output-sync'
waitFor:
- build_dev
- id: test_frontend
name: 'gcr.io/$PROJECT_ID/cloud-builder'
args:
- 'test_frontend'
waitFor:
- build_dev
- id: test_karma
name: 'gcr.io/$PROJECT_ID/cloud-builder'
args:
- 'test_karma_build_run'
waitFor:
- build_dev
- id: test_unit_app
name: 'gcr.io/$PROJECT_ID/cloud-builder'
args:
- 'test_unit_app_parallel_gnu_make_docker'
- 'J=10'
waitFor:
- build_dev
- id: test_unit_modules
name: 'gcr.io/$PROJECT_ID/cloud-builder'
args:
- 'test_unit_modules'
- '-j4'
- '--output-sync'
waitFor:
- build_dev
- id: build_webpack
name: 'gcr.io/$PROJECT_ID/cloud-builder'
args:
- 'build_webpack'
waitFor:
- build_dev
- id: build_production
name: 'gcr.io/$PROJECT_ID/cloud-builder'
args:
- 'build'
waitFor:
- build_webpack
- id: tar
name: 'gcr.io/$PROJECT_ID/cloud-builder'
args:
- 'tar'
waitFor:
- build_webpack
- id: tests_passed
name: 'gcr.io/$PROJECT_ID/cloud-builder'
entrypoint: 'true'
args: []
waitFor:
- format
- lint
- test_acceptance_app
- test_acceptance_modules
- test_unit_app
- test_unit_modules
- test_frontend
- id: cdn_upload
name: gcr.io/cloud-builders/gsutil
entrypoint: /bin/bash
args:
- '-c'
- 'bin/cdn_upload'
env:
- 'CDN_STAG=gs://ol-stag-web-assets-1'
- 'CDN_PROD=gs://mgcp-1117973-ol-prod-web-assets-1'
waitFor:
- tar
- tests_passed
- id: decrypt_sentry_secret
name: gcr.io/cloud-builders/gcloud
args:
- kms
- decrypt
- --ciphertext-file=.sentryclirc.enc
- --plaintext-file=.sentryclirc
- --location=us-east1
- --keyring=cloud-build-1
- --key=cloud-build-key
waitFor:
- build_dev
- id: sentry_upload
name: 'getsentry/sentry-cli'
entrypoint: /bin/sh
args:
- 'bin/sentry_upload'
waitFor:
- decrypt_sentry_secret
- tar
- tests_passed
- id: predecrypt
name: gcr.io/cloud-builders/gcloud
entrypoint: /bin/bash
args:
- '-c'
- 'touch /root/.ssh/id_ed25519 && chmod -R 0600 /root/.ssh'
volumes:
- name: 'ssh'
path: /root/.ssh
waitFor:
- build_dev
- id: fetch_copybara_key
name: gcr.io/google.com/cloudsdktool/cloud-sdk:alpine
entrypoint: /bin/bash
args:
- '-c'
- 'gcloud secrets versions access latest --secret=overleaf-copybara-web-private-key > /root/.ssh/id_ed25519 && chmod 600 /root/.ssh/id_ed25519'
volumes:
- name: 'ssh'
path: /root/.ssh
waitFor:
- predecrypt
- id: pull_copybara
name: 'sharelatex/copybara'
entrypoint: 'true'
args: []
waitFor:
- build_dev
- id: copybara
name: 'sharelatex/copybara'
entrypoint: bin/invoke-copybara
env:
- 'COPYBARA_CONFIG=./copybara/community/copy.bara.sky'
- 'COPYBARA=${_COPYBARA}'
- 'BRANCH_NAME=$BRANCH_NAME'
volumes:
- name: 'ssh'
path: /root/.ssh
waitFor:
- pull_copybara
- fetch_copybara_key
- tests_passed
timeout: 3600s
options:
machineType: 'N1_HIGHCPU_32'
env:
- 'BRANCH_NAME=$BRANCH_NAME'
- 'BUILD_NUMBER=${SHORT_SHA}_$BUILD_ID'
- 'COMMIT_SHA=$COMMIT_SHA'
- 'DOCKER_COMPOSE_FLAGS=-f docker-compose.ci.yml'