Merge branch 'main' into production

4ff5f87d · Hanzla Sajid · 0b37fd02 · 1f39702e · 4ff5f87d · 4ff5f87d
Commit 4ff5f87d authored 6 months ago by Hanzla Sajid
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -10,12 +10,9 @@ default:

 stages:
  - build
-  - build_staging
-  - deploy_staging
-  - deploy_review
-  - build_production
-  - deploy_production
-  - test
+  - deploy
+  - smoketest
+  - destroy

 variables:
  # This variable needs to be named differently than in triggering projects
@@ -46,12 +43,14 @@ variables:
  resource_group: $ENVIRONMENT_ID # never execute terraform in parallel on the same environment
  interruptible: false

-.e2e:
-  image: 'europe-north1-docker.pkg.dev/holi-shared/docker-hub-remote/archlinux:latest'
+.smoketest:
+  stage: "smoketest"
+  image: 'europe-north1-docker.pkg.dev/holi-shared/docker/holi-docker/holi-k6-builder'
  script:
-    - API_DOMAIN=`cat $API_DOMAIN_FILE`
-    - echo "e2e tests against $CI_ENVIRONMENT_SLUG environment go here and against $API_DOMAIN"
+    - API_DOMAIN=$(cat $API_DOMAIN_FILE)
    - terraform/environments/scripts/wait-for-ssl.sh "https://${API_DOMAIN}"
+    - BASE_URL="https://${API_DOMAIN}/graphql" /tmp/k6 run smoketest/main.js
+    # TODO should/could we roll back the service to the last working revision on test failure?

 # end job templates

@@ -77,6 +76,7 @@ install_lint_test:
 # See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
 sast:
  needs: ['install_lint_test']
+  stage: build
 include:
 - template: Security/SAST.gitlab-ci.yml

@@ -108,7 +108,7 @@ include:
    - docker push $GCR_IMAGE:$CI_COMMIT_REF_SLUG # just for easyly knowing which is the last image for a branch

 build_mesh_staging:
-  stage: build_staging
+  stage: build
  extends: .build_mesh
  variables:
    # these could be fetched via terraform output ("gcr_location" in infra project), but then we would need an extra job for terraform
@@ -124,7 +124,7 @@ build_mesh_staging:
    REDIS_DB: 5

 build_docker_staging:
-  stage: build_staging
+  stage: build
  extends: .build_docker
  needs: ['build_mesh_staging']
  variables:
@@ -132,7 +132,7 @@ build_docker_staging:

 ## review environments 
 deploy_review:
-  stage: deploy_review
+  stage: deploy
  extends: .deploy
  needs: ['build_docker_staging']
  environment:
@@ -145,9 +145,8 @@ deploy_review:
    - production
    - /^noenv\/.*/

-e2e_review:
-  stage: test
-  extends: .e2e
+smoketest_review:
+  extends: .smoketest
  needs: ['deploy_review']
  except:
    - main
@@ -155,6 +154,7 @@ e2e_review:
    - /^noenv\/.*/

 destroy_review:
+  stage: destroy
  needs: ['deploy_review']
  image:
    name: 'europe-north1-docker.pkg.dev/holi-shared/docker-hub-remote/hashicorp/terraform:1.6.6'
@@ -186,7 +186,7 @@ destroy_review:
 ## staging environment

 deploy_staging:
-  stage: deploy_staging
+  stage: deploy
  extends: .deploy
  needs: ['build_docker_staging']
  environment:
@@ -198,8 +198,8 @@ deploy_staging:
  only:
    - main

-e2e_staging:
-  extends: .e2e
+smoketest_staging:
+  extends: .smoketest
  needs: ['deploy_staging']
  only:
    - main
@@ -207,7 +207,7 @@ e2e_staging:
 ## production environment

 build_mesh_production:
-  stage: build_production
+  stage: build
  extends: .build_mesh
  variables:
    # these could be fetched via terraform output ("gcr_location" in infra project), but then we would need an extra job for terraform
@@ -225,7 +225,7 @@ build_mesh_production:
    - production

 build_docker_production:
-  stage: build_production
+  stage: build
  extends: .build_docker
  needs: ['build_mesh_production']
  variables:
@@ -234,7 +234,7 @@ build_docker_production:
    - production

 deploy_production:
-  stage: deploy_production
+  stage: deploy
  extends: .deploy
  needs: ['build_docker_production']
  allow_failure: false
@@ -247,7 +247,14 @@ deploy_production:
  only:
    - production

+smoketest_staging:
+  extends: .smoketest
+  needs: ['deploy_production']
+  only:
+    - production/home/ole/projects/holi/holi-meta/holi-okuna/smoketest
+
 trigger_docs_generation:
+  stage: deploy
  needs: ['deploy_production']
  trigger:
    project: app/app.gitlab-pages.holi.team

--- a/smoketest/main.js
+++ b/smoketest/main.js
+import http from 'k6/http'
+import { check, sleep } from 'k6'
+import exec from 'k6/execution'
+
+// This configuration only executes 1 test, enough for a smoketest
+export const options = {
+  vus: 1,
+  iterations: 1,
+}
+
+export default () => {
+  // define the graphql request
+  const params = {
+    headers: {
+      'Content-Type': 'application/json',
+    },
+  }
+  const query = `query{topics{totalResults}}`
+
+  // perform the graphql request
+  const response = http.post(`${__ENV.BASE_URL}`, JSON.stringify({ query }), params)
+
+  // define the tests
+  const testResults = [
+    check(response, {
+      'is status 200': (r) => r.status === 200,
+    }),
+    check(JSON.parse(response.body), {
+      // there can be multiple tests here, e.g.
+      //"contains topics object": (r) => typeof r.data.topics != null,
+      'contains totalResults count': (r) => typeof r.data.topics.totalResults == 'number',
+    }),
+  ]
+
+  // fail on any unmet expectations. We need to do this explicitly, because k6 is a load testing tool
+  if (testResults.includes(false)) {
+    exec.test.abort('smoke test failed')
+  }
+}
--- a/terraform/environments/deployment.tf
+++ b/terraform/environments/deployment.tf
@@ -198,6 +198,19 @@ resource "google_cloud_run_service" "unified_api" {
        # this needs to be set to all-traffic in order to route a cloud run url correctly, since it does resolve to a non-private ip address.
        "run.googleapis.com/vpc-access-egress" = "all-traffic"
      }
+      # labels set on the revision level
+      labels = {
+        "environment_type" = local.environment_type
+        "holi_service"     = "unified-api"
+      }
+    }
+  }
+
+  metadata {
+    # labels set on the service level
+    labels = {
+      "environment_type" = local.environment_type
+      "holi_service"     = "unified-api"
    }
  }


--- a/terraform/environments/vars.tf
+++ b/terraform/environments/vars.tf
 locals {
  # predefined environment names are staging, production, and for any branch, its gitlab <CI_ENVIRONMENT_SLUG>
-  environment  = terraform.workspace
+  environment      = terraform.workspace
+  environment_name = trim(substr(local.environment, 0, 22), ".-") # limits the length of the name that it fits constraints google imposes for some resources, e.g. project ids
+  environment_type = contains(["staging", "production"], local.environment) ? local.environment : "review"
+
  service_name = "unified-api"
  # the dns name can be at most 64 chars in total. The environment passed in via gitlab is max 24 chars (CI_ENVIRONMENT_SLUG).
  dns_name = "${local.environment}.${data.terraform_remote_state.holi_unified_api_common_state.outputs.dns_unified_api_domain}"

-  api_domain            = trimsuffix(google_dns_record_set.holi_social_unified_api_domain_record_set.name, ".")
-  api_endpoint_url      = "https://${local.api_domain}/graphql"
+  api_domain       = trimsuffix(google_dns_record_set.holi_social_unified_api_domain_record_set.name, ".")
+  api_endpoint_url = "https://${local.api_domain}/graphql"

  okuna_domain          = "https://${local.environment == "production" ? "production" : "staging"}.${data.terraform_remote_state.holi_okuna_common_state.outputs.dns_okuna_domain}"
  okuna_url             = "https://${local.environment == "production" ? "production" : "staging"}.${data.terraform_remote_state.holi_okuna_common_state.outputs.dns_okuna_domain}/graphql"
@@ -52,11 +55,11 @@ output "translation_api_url" {
 }

 output "api_domain" {
-  value = local.api_domain
+  value       = local.api_domain
  description = "Domain under which the unified API runs"
 }

 output "api_endpoint_url" {
-  value = local.api_endpoint_url
+  value       = local.api_endpoint_url
  description = "GraphQL API endpoint URL of the unified API"
-}
\ No newline at end of file
+}