Startsida Utforska Hjälp
Logga in
cecf
/
deploy
5
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Gren: master
Grenar Taggar
deploy
/
neo4j-helm
/
.circleci
/
config.yml

config.yml 13 KB
Permalänk Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334 
  1. version: 2.1
    2. 

  2. jobs:
    3. 

  3.   build:
    4. 

  4.     docker:
    5. 

  5.       # Custom image; see tools/build/Dockerfile
    6. 

  6.       - image: gcr.io/neo4j-helm/build:latest
    7. 

  7. 

  8.     environment:
    9. 

  9.       PROJECT: neo4j-helm
    10. 

  10.       CLUSTER: ci-test
    11. 

  11.       ZONE: us-central1-a
    12. 

  12.       NODES: 3
    13. 

  13.       NAME_CLUSTERED: testrunc
    14. 

  14.       NAME_STANDALONE: testrunsa
    15. 

  15.       NAME_RESTORE: testrevive
    16. 

  16.       BUILD_ARTIFACTS: build
    17. 

  17.       SERVICE_KEY_FILE: /tmp/service-key.json
    18. 

  18.       BUCKET: gs://circleci-build-system
    19. 

  19.       AZURE_CONTAINER_NAME: circleci-build-system
    20. 

  20. 

  21.     steps:
    22. 

  22.       - checkout
    23. 

  23.       - setup_remote_docker
    24. 

  24.       - run:
    25. 

  25.           name: Tooling pre-requisites
    26. 

  26.           command: |
    27. 

  27.             # We will install local tools so add those to path.
    28. 

  28.             echo "export PATH=./tools:.:$PATH" >> $BASH_ENV
    29. 

  29.             mkdir -p $BUILD_ARTIFACTS
    30. 

  30.             mkdir -p tools
    31. 

  31. 

  32.       - restore_cache:
    33. 

  33.           name: Restore NPM Package Cache
    34. 

  34.           keys:
    35. 

  35.             - npm-packages-{{ checksum "doc/package.json" }}
    36. 

  36. 

  37.       - run: 
    38. 

  38.           name: Setup GCP Tooling
    39. 

  39.           command: |
    40. 

  40.             echo $GCLOUD_SERVICE_KEY > $SERVICE_KEY_FILE
    41. 

  41.             gcloud auth activate-service-account \
    42. 

  42.                 $GCLOUD_SERVICE_ACCOUNT \
    43. 

  43.                 --key-file=$SERVICE_KEY_FILE
    44. 

  44.             gcloud auth configure-docker --quiet
    45. 

  45. 

  46.                
    47. 

  47.       - run:
    48. 

  48.           name: Setup Azure Tooling
    49. 

  49.           command: |
    50. 

  50.             # az command is built into the testing container.
    51. 

  51.             az login --service-principal --username "$SP_ID" --password "$SP_PASSWORD" --tenant "$TENANT_ID"
    52. 

  52. 

  53.       - run:
    54. 

  54.           name: Generate Docs
    55. 

  55.           command: |
    56. 

  56.              cd doc 
    57. 

  57.              npm install
    58. 

  58.              echo "Generating docs"
    59. 

  59.              ./node_modules/.bin/antora --stacktrace docs.yml
    60. 

  60. 

  61.       - save_cache:
    62. 

  62.           name: Save Yarn Package Cache
    63. 

  63.           key: npm-packages-{{ checksum "doc/package.json" }}
    64. 

  64.           paths:
    65. 

  65.             - ~/.cache/npm
    66. 

  66. 

  67.       - run:
    68. 

  68.           name: Lint
    69. 

  69.           command: helm lint .    
    70. 

  70. 

  71.       - run:
    72. 

  72.           name: GKE Setup / Auth
    73. 

  73.           command: |
    74. 

  74.              echo "GKE SETUP"
    75. 

  75.              export CLUSTER_NAME=$CLUSTER-$CIRCLE_BUILD_NUM
    76. 

  76.              ./tools/test/provision-k8s.sh $CLUSTER_NAME
    77. 

  77.       
    78. 

  78.       - run:
    79. 

  79.           name: Create test namespace
    80. 

  80.           command: |
    81. 

  81.             cat \<<EOF | kubectl apply -f -
    82. 

  82.             apiVersion: v1
    83. 

  83.             kind: Namespace
    84. 

  84.             metadata:
    85. 

  85.               name: ns-$CIRCLE_BUILD_NUM
    86. 

  86.             EOF
    87. 

  87. 

  88.       - run:
    89. 

  89.           name: Install secrets for maintenance ops and testing
    90. 

  90.           command: |
    91. 

  91.             NAMESPACE=ns-$CIRCLE_BUILD_NUM
    92. 

  92.             kubectl create secret generic neo4j-service-key \
    93. 

  93.               --namespace $NAMESPACE \
    94. 

  94.               --from-file=credentials=$SERVICE_KEY_FILE
    95. 

  95.             
    96. 

  96.             # This secret is injected in the test process to demonstrate that
    97. 

  97.             # config works.  This is just any valid config we can check inside of
    98. 

  98.             # a running system.
    99. 

  99.             kubectl create secret generic my-secret-config \
    100. 

  100.               --namespace $NAMESPACE \
    101. 

  101.               --from-literal=NEO4J_dbms_transaction_concurrent_maximum=100
    102. 

  102. 

  103.             echo "export ACCOUNT_NAME=$ACCOUNT_NAME" >> azure-credentials.sh
    104. 

  104.             echo "export ACCOUNT_KEY=$ACCOUNT_KEY" >> azure-credentials.sh
    105. 

  105.             kubectl create secret generic azure-credentials \
    106. 

  106.               --namespace $NAMESPACE \
    107. 

  107.               --from-file=credentials=azure-credentials.sh
    108. 

  108. 

  109.       - run:
    110. 

  110.           name: Package and Install Neo4j-Helm Chart
    111. 

  111.           command: |
    112. 

  112.              NAMESPACE=ns-$CIRCLE_BUILD_NUM
    113. 

  113.              helm package .
    114. 

  114.              chart_archive=$(ls neo4j*.tgz)
    115. 

  115.              cp *.tgz $BUILD_ARTIFACTS/
    116. 

  116. 

  117.              echo "Installing $chart_archive (CAUSAL CLUSTER TEST SCENARIO)"
    118. 

  118.              helm install $NAME_CLUSTERED -f deployment-scenarios/ci/cluster.yaml $chart_archive \
    119. 

  119.                  --namespace $NAMESPACE \
    120. 

  120.                  -v 3 | tee -a $BUILD_ARTIFACTS/INSTALL-cluster.txt
    121. 

  121. 

  122.              echo "Installing $chart_archive (STANDALONE SCENARIO)"
    123. 

  123.              helm install $NAME_STANDALONE -f deployment-scenarios/ci/standalone.yaml $chart_archive \
    124. 

  124.                  --namespace $NAMESPACE \
    125. 

  125.                  -v 3 | tee -a $BUILD_ARTIFACTS/INSTALL-standalone.txt
    126. 

  126. 

  127.              echo "Installing $chart_archive (AZURE RESTORE SCENARIO)"
    128. 

  128.              helm install $NAME_RESTORE -f deployment-scenarios/ci/single-instance-restore.yaml $chart_archive \
    129. 

  129.                  --namespace $NAMESPACE \
    130. 

  130.                  -v 3 | tee -a $BUILD_ARTIFACTS/INSTALL-restore.txt
    131. 

  131. 

  132.       #- run:
    133. 

  133.       #    name: Twiddling our Thumbs
    134. 

  134.       #    command: |
    135. 

  135.       #      sleep 60
    136. 

  136.       #      NAMESPACE=ns-$CIRCLE_BUILD_NUM
    137. 

  137.       #      kubectl logs --namespace $NAMESPACE \
    138. 

  138.       #        -l "app.kubernetes.io/name=neo4j,app.kubernetes.io/component=core" | tee -a $BUILD_ARTIFACTS/startlogs.txt
    139. 

  139. 

  140.       - run:
    141. 

  141.           name: Wait for GKE STANDALONE deployment to succeed and become ready
    142. 

  142.           command: |
    143. 

  143.               NAMESPACE=ns-$CIRCLE_BUILD_NUM
    144. 

  144.               kubectl rollout status --namespace $NAMESPACE StatefulSet/$NAME_STANDALONE-neo4j-core --watch | tee -a $BUILD_ARTIFACTS/wait-standalone.txt
    145. 

  145.       
    146. 

  146.       # We're going to test standalone first because it forms faster than cluster.  In the background,
    147. 

  147.       # cluster is still forming....
    148. 

  148.       - run: 
    149. 

  149.           name: Test STANDALONE
    150. 

  150.           command: |
    151. 

  151.               NAMESPACE=ns-$CIRCLE_BUILD_NUM
    152. 

  152.               helm test $NAME_STANDALONE --namespace $NAMESPACE --logs | tee -a $BUILD_ARTIFACTS/TEST-STANDALONE.txt
    153. 

  153. 

  154.       - run: 
    155. 

  155.           name: Package backup chart
    156. 

  156.           command: |
    157. 

  157.               NAMESPACE=ns-$CIRCLE_BUILD_NUM
    158. 

  158.               
    159. 

  159.               helm package tools/backup
    160. 

  160.               chart_archive=$(ls neo4j*.tgz)
    161. 

  161.               cp *.tgz $BUILD_ARTIFACTS/
    162. 

  162. 

  163.       - run:
    164. 

  164.           name: Kubectl update
    165. 

  165.           command: |
    166. 

  166.             kubectl version
    167. 

  167. 

  168.       - run:
    169. 

  169.           name: Install GCP Backup chart on standalone
    170. 

  170.           command: |
    171. 

  171.               NAMESPACE=ns-$CIRCLE_BUILD_NUM
    172. 

  172.               
    173. 

  173.               helm install standalone-backup-gcp tools/backup \
    174. 

  174.                 --namespace $NAMESPACE \
    175. 

  175.                 --set neo4jaddr=$NAME_STANDALONE-neo4j.$NAMESPACE.svc.cluster.local:6362 \
    176. 

  176.                 --set bucket=$BUCKET/$CIRCLE_BUILD_NUM/ \
    177. 

  177.                 --set database="neo4j\,system" \
    178. 

  178.                 --set cloudProvider=gcp \
    179. 

  179.                 --set jobSchedule="0 */12 * * *" \
    180. 

  180.                 --set secretName=neo4j-service-key \
    181. 

  181.               
    182. 

  182.               sleep 5
    183. 

  183.               kubectl get all -n $NAMESPACE
    184. 

  184.               echo "Taking a backup"
    185. 

  185.               kubectl create job --namespace $NAMESPACE --from=cronjob/standalone-backup-gcp-job gcp-hot-backup
    186. 

  186. 

  187.       - run:
    188. 

  188.           name: Install Azure Backup chart on standalone
    189. 

  189.           command: |
    190. 

  190.               NAMESPACE=ns-$CIRCLE_BUILD_NUM
    191. 

  191.               
    192. 

  192.               helm install standalone-backup-azure tools/backup \
    193. 

  193.                 --namespace $NAMESPACE \
    194. 

  194.                 --set neo4jaddr=$NAME_STANDALONE-neo4j.$NAMESPACE.svc.cluster.local:6362 \
    195. 

  195.                 --set bucket=$AZURE_CONTAINER_NAME/build-$CIRCLE_BUILD_NUM/ \
    196. 

  196.                 --set database="neo4j\,system" \
    197. 

  197.                 --set cloudProvider=azure \
    198. 

  198.                 --set jobSchedule="0 */12 * * *" \
    199. 

  199.                 --set secretName=azure-credentials
    200. 

  200.               
    201. 

  201.               sleep 5
    202. 

  202.               kubectl get all -n $NAMESPACE
    203. 

  203.               echo "Taking a backup"
    204. 

  204.               kubectl create job --namespace $NAMESPACE --from=cronjob/standalone-backup-azure-job azure-hot-backup
    205. 

  205. 

  206.       - run:
    207. 

  207.           name: Wait for GKE CLUSTERED deployment to succeed and become ready
    208. 

  208.           command: |
    209. 

  209.              NAMESPACE=ns-$CIRCLE_BUILD_NUM
    210. 

  210.              kubectl rollout status --namespace $NAMESPACE StatefulSet/$NAME_CLUSTERED-neo4j-core --watch | tee -a $BUILD_ARTIFACTS/wait-cluster.txt
    211. 

  211.              kubectl rollout status --namespace $NAMESPACE StatefulSet/$NAME_CLUSTERED-neo4j-replica --watch | tee -a $BUILD_ARTIFACTS/wait-cluster-rr.txt
    212. 

  212. 

  213.       - run:
    214. 

  214.           name: Test
    215. 

  215.           command: |
    216. 

  216.             NAMESPACE=ns-$CIRCLE_BUILD_NUM
    217. 

  217.             helm test $NAME_CLUSTERED --namespace $NAMESPACE --logs | tee -a $BUILD_ARTIFACTS/TEST-CLUSTER.txt
    218. 

  218. 

  219.       - run:
    220. 

  220.           name: Harvest Logs from cluster
    221. 

  221.           when: always
    222. 

  222.           command: |
    223. 

  223.              # Prove log persistence
    224. 

  224.              NAMESPACE=ns-$CIRCLE_BUILD_NUM
    225. 

  225.              for idx in 0 1 2 ; do 
    226. 

  226.                 kubectl --namespace $NAMESPACE exec $NAME_CLUSTERED-neo4j-core-$idx -- /bin/cat /data/logs/debug.log > $BUILD_ARTIFACTS/core-$idx-debug.log ; 
    227. 

  227.              done
    228. 

  228. 

  229.              kubectl --namespace $NAMESPACE exec $NAME_CLUSTERED-neo4j-replica-0 -- /bin/cat /data/logs/debug.log > $BUILD_ARTIFACTS/replica-0-debug.log
    230. 

  230. 

  231.       - run:
    232. 

  232.           name: Settle
    233. 

  233.           command: |
    234. 

  234.             sleep 120
    235. 

  235. 

  236.       - run: 
    237. 

  237.           name: Verify that GCP backup succeeded
    238. 

  238.           command: |
    239. 

  239.             # If "latest" backup pointer files exist in a dir that is specific to this
    240. 

  240.             # build number, we should be good.
    241. 

  241.             NAMESPACE=ns-$CIRCLE_BUILD_NUM
    242. 

  242.             kubectl get all -n $NAMESPACE
    243. 

  243.             export LOGFILE=$BUILD_ARTIFACTS/gcp-backup.log
    244. 

  244.             kubectl get job --namespace $NAMESPACE | tee -a $LOGFILE
    245. 

  245.             helm status standalone-backup-gcp --namespace $NAMESPACE | tee -a $LOGFILE
    246. 

  246. 

  247.             backup_pods=$(kubectl get pods --namespace $NAMESPACE | grep gcp-hot-backup | sed 's/ .*$//' | head -n 1)
    248. 

  248. 

  249.             echo "Backup pods $backup_pods" | tee -a $LOGFILE
    250. 

  250.             kubectl describe pod --namespace $NAMESPACE "$backup_pods" | tee -a $LOGFILE
    251. 

  251.             kubectl logs --namespace $NAMESPACE "$backup_pods" | tee -a $LOGFILE
    252. 

  252. 

  253.             gsutil ls "$BUCKET/$CIRCLE_BUILD_NUM/neo4j/neo4j-latest.tar.gz" 2>&1 | tee -a $BUILD_ARTIFACTS/gcp-backup.log
    254. 

  254.             gsutil ls "$BUCKET/$CIRCLE_BUILD_NUM/system/system-latest.tar.gz" 2>&1 | tee -a $BUILD_ARTIFACTS/gcp-backup.log
    255. 

  255. 

  256.       - run: 
    257. 

  257.           name: Verify that Azure backup succeeded
    258. 

  258.           command: |
    259. 

  259.             # If "latest" backup pointer files exist in a dir that is specific to this
    260. 

  260.             # build number, we should be good.
    261. 

  261.             NAMESPACE=ns-$CIRCLE_BUILD_NUM
    262. 

  262.             kubectl get all -n $NAMESPACE
    263. 

  263.             export LOGFILE=$BUILD_ARTIFACTS/azure-backup.log
    264. 

  264.             kubectl get job --namespace $NAMESPACE | tee -a $LOGFILE
    265. 

  265.             helm status standalone-backup-azure --namespace $NAMESPACE | tee -a $LOGFILE
    266. 

  266. 

  267.             backup_pods=$(kubectl get pods --namespace $NAMESPACE | grep azure-hot-backup | sed 's/ .*$//' | head -n 1)
    268. 

  268. 

  269.             echo "Backup pods $backup_pods" | tee -a $LOGFILE
    270. 

  270.             kubectl describe pod --namespace $NAMESPACE "$backup_pods" | tee -a $LOGFILE
    271. 

  271.             kubectl logs --namespace $NAMESPACE "$backup_pods" | tee -a $LOGFILE
    272. 

  272. 

  273.             az storage blob list -c $AZURE_CONTAINER_NAME --account-name helmbackups --prefix build-$CIRCLE_BUILD_NUM/ | tee -a files.txt
    274. 

  274.             cat files.txt >> $LOGFILE
    275. 

  275.             total_files=$(cat files.txt | grep name | wc -l)
    276. 

  276.             if [ $total_files = 6 ] ; then
    277. 

  277.               echo "Test pass" ;
    278. 

  278.             else
    279. 

  279.               echo "$total_files total files on Azure storage; failed"
    280. 

  280.               exit 1
    281. 

  281.             fi
    282. 

  282. 

  283.       - run:
    284. 

  284.           name: Verify Azure RESTORE succeeded to single instance
    285. 

  285.           command: |
    286. 

  286.               NAMESPACE=ns-$CIRCLE_BUILD_NUM
    287. 

  287.               export NEO4J_PASSWORD=mySecretPassword              
    288. 

  288.               kubectl logs --namespace $NAMESPACE $NAME_RESTORE-neo4j-core-0 \
    289. 

  289.                 -c restore-from-backup | tee -a $BUILD_ARTIFACTS/restore.log
    290. 

  290. 

  291.               # Wait for instance to come alive.
    292. 

  292.               kubectl rollout status --namespace $NAMESPACE StatefulSet/$NAME_RESTORE-neo4j-core --watch | tee -a $BUILD_ARTIFACTS/wait-standalone-restore.txt
    293. 

  293. 

  294.               echo "MATCH (n) RETURN count(n) as n;" | kubectl run -i --rm cypher-shell \
    295. 

  295.               --namespace $NAMESPACE \
    296. 

  296.               --image=neo4j:4.4.10-enterprise --restart=Never \
    297. 

  297.               --command -- ./bin/cypher-shell -u neo4j -p "$NEO4J_PASSWORD" \
    298. 

  298.               -a bolt://$NAME_RESTORE-neo4j.$NAMESPACE.svc.cluster.local 2>&1 | tee restore-result.log
    299. 

  299. 

  300.               echo "MATCH (n) RETURN count(n) as n;" | kubectl run -i --rm cypher-shell \
    301. 

  301.                 --namespace $NAMESPACE \
    302. 

  302.                 --image=neo4j:4.4.10-enterprise --restart=Never \
    303. 

  303.                 --command -- ./bin/cypher-shell -u neo4j -p "$NEO4J_PASSWORD" \
    304. 

  304.                 -a neo4j://$NAME_RESTORE-neo4j.$NAMESPACE.svc.cluster.local 2>&1 | tee restore-result.log
    305. 

  305.               cp restore-result.log $BUILD_ARTIFACTS/
    306. 

  306. 

  307.               # Strip all cypher shell output down to a single integer result cound for n
    308. 

  308.               export record_count=$(cat restore-result.log | egrep '^[0-9]+$')
    309. 

  309.               echo "record_count=$record_count"
    310. 

  310.               if [ "$record_count" -gt "1000" ] ; then 
    311. 

  311.                 echo "Test pass" ; 
    312. 

  312.               else 
    313. 

  313.                 echo "Test FAIL with record count $record_count"
    314. 

  314.                 exit 1
    315. 

  315.               fi
    316. 

  316. 

  317.       - run:
    318. 

  318.           name: Uninstall / Cleanup
    319. 

  319.           # Make sure to always run this, particularly if the test fails,
    320. 

  320.           # to avoid clogging our cluster.
    321. 

  321.           when: always
    322. 

  322.           command: |
    323. 

  323.             echo "TEAR DOWN GKE INSTANCE"
    324. 

  324.             gcloud container clusters delete $CLUSTER-$CIRCLE_BUILD_NUM \
    325. 

  325.               --async \
    326. 

  326.               --zone "$ZONE" \
    327. 

  327.               --project $PROJECT \
    328. 

  328.               --quiet
    329. 

  329. 

  330.       - store_artifacts:
    331. 

  331.           path: build
    332. 

  332.       
    333. 

  333.       - store_artifacts:
    334. 

  334.           path: doc/build/site
    335.