diff --git a/apps/metrics/ci/pipeline.yml b/apps/metrics/ci/pipeline.yml index ad1b7d9b4..04399567a 100644 --- a/apps/metrics/ci/pipeline.yml +++ b/apps/metrics/ci/pipeline.yml @@ -10,10 +10,15 @@ env-cf: &env-cf CF_STACK: cflinuxfs4 node-image: &node-image - type: docker-image - source: - repository: node - tag: 20.9-bullseye + platform: linux + image_resource: + type: registry-image + source: + aws_access_key_id: ((ecr-aws-key)) + aws_secret_access_key: ((ecr-aws-secret)) + repository: pages-node-v20 + aws_region: us-gov-west-1 + tag: latest cf-image: &cf-image platform: linux @@ -31,9 +36,7 @@ test-metrics: &test-metrics output_mapping: src-metrics: src-metrics-dev config: - platform: linux - image_resource: - <<: *node-image + <<: *node-image inputs: [name: src-metrics] outputs: [name: src-metrics] run: @@ -44,9 +47,7 @@ test-metrics: &test-metrics - in_parallel: - task: lint-metrics config: - platform: linux - image_resource: - <<: *node-image + <<: *node-image inputs: [name: src-metrics-dev] run: dir: src-metrics-dev/apps/metrics @@ -55,9 +56,7 @@ test-metrics: &test-metrics - task: test-metrics config: - platform: linux - image_resource: - <<: *node-image + <<: *node-image inputs: [name: src-metrics-dev] run: dir: src-metrics-dev/apps/metrics @@ -128,9 +127,11 @@ jobs: passed: [set-pipeline-((deploy-env))] params: {depth: 1} trigger: true - - put: gh-status - inputs: [src-metrics] - params: {state: pending} + - put: pr-((git-branch)) + params: + path: pull-request + status: pending + context: concourse - do: *test-metrics @@ -138,9 +139,7 @@ jobs: output_mapping: src-metrics: src-metrics-prod config: - platform: linux - image_resource: - <<: *node-image + <<: *node-image inputs: [name: src-metrics] outputs: [name: src-metrics] run: @@ -176,9 +175,11 @@ jobs: on_failure: in_parallel: - - put: gh-status - inputs: [src-metrics] - params: {state: failure} + - put: pr-((git-branch)) + params: + path: pull-request + status: failure + context: concourse - put: slack params: text: | @@ -190,9 +191,11 @@ jobs: on_success: in_parallel: - - put: gh-status - inputs: [src-metrics] - params: {state: success} + - put: pr-((git-branch)) + params: + path: pull-request + status: success + context: concourse - put: slack params: text: | @@ -261,15 +264,6 @@ resources: source: url: ((slack-webhook-url)) - - name: gh-status - type: cogito - check_every: 1h - source: - owner: 18F - repo: federalist - access_token: ((gh-access-token)) - context_prefix: concourse - - name: nightly type: time source: @@ -283,18 +277,29 @@ resources: resource_types: - - name: cogito - type: docker-image - check_every: 24h - source: - repository: pix4d/cogito - - name: pull-request - type: docker-image + type: registry-image source: - repository: teliaoss/github-pr-resource + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: github-pr-resource + aws_region: us-gov-west-1 + tag: latest - name: slack-notification - type: docker-image + type: registry-image + source: + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: slack-notification-resource + aws_region: us-gov-west-1 + tag: latest + + - name: time + type: registry-image source: - repository: cfcommunity/slack-notification-resource + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: time-resource + aws_region: us-gov-west-1 + tag: latest \ No newline at end of file diff --git a/ci/docker/entrypoint.sh b/ci/docker/entrypoint.sh index 693bd54b7..15ca74315 100755 --- a/ci/docker/entrypoint.sh +++ b/ci/docker/entrypoint.sh @@ -93,12 +93,6 @@ start_docker() { local docker_opts="${DOCKER_OPTS:-}" - # Pass through `--garden-mtu` from gardian container - if [[ "${docker_opts}" != *'--mtu'* ]]; then - local mtu="$(cat /sys/class/net/$(ip route get 8.8.8.8|awk '{ print $5 }')/mtu)" - docker_opts+=" --mtu ${mtu}" - fi - # Use Concourse's scratch volume to bypass the graph filesystem by default if [[ "${docker_opts}" != *'--data-root'* ]] && [[ "${docker_opts}" != *'--graph'* ]]; then docker_opts+=' --data-root /scratch/docker' diff --git a/ci/partials/test-api.yml b/ci/partials/test-api.yml index 0479ecd0f..8e1942af5 100644 --- a/ci/partials/test-api.yml +++ b/ci/partials/test-api.yml @@ -2,13 +2,15 @@ platform: linux image_resource: type: registry-image source: - repository: cloudgov/concourse-dcind - tag: original + aws_access_key_id: ((ecr-aws-key)) + aws_secret_access_key: ((ecr-aws-secret)) + repository: pages-dind-v25 + aws_region: us-gov-west-1 + tag: latest inputs: - name: src - name: redis - name: postgres - - name: node run: dir: src path: ci/docker/entrypoint.sh @@ -20,4 +22,4 @@ run: docker-compose -f ci/docker/docker-compose.yml run app app/ci/tasks/test-api.sh docker-compose -f ci/docker/docker-compose.yml down docker volume rm $(docker volume ls -q) - docker network prune -f \ No newline at end of file + docker network prune -f diff --git a/ci/pipeline-dev.yml b/ci/pipeline-dev.yml index 89be76b2c..d7ed30342 100644 --- a/ci/pipeline-dev.yml +++ b/ci/pipeline-dev.yml @@ -38,9 +38,13 @@ jobs: params: {integration_tool: checkout} passed: [set-pipeline] trigger: true - - put: gh-status - inputs: [src] - params: {state: pending} + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: pending + base_context: concourse + context: test-and-deploy-api-pages - in_parallel: - get: cf-image - get: redis @@ -93,7 +97,7 @@ jobs: params: <<: *env-cf APP_ENV: ((deploy-env)) - CF_APP_NAME: pages-((deploy-env)) + CF_APP_NAME: pages-((deploy-env)) - task: run-database-migrations file: src/ci/partials/run-database-migrations.yml @@ -102,24 +106,24 @@ jobs: <<: *env-cf APP_ENV: ((deploy-env)) on_failure: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} - - put: slack - params: - text: | - :x: FAILED: to migrate database for pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + put: slack + params: + text: | + :x: FAILED: to migrate database for pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) on_failure: in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: failure + base_context: concourse + context: test-and-deploy-api-pages - put: slack params: text: | @@ -130,9 +134,13 @@ jobs: icon_url: ((slack-icon-url)) on_success: in_parallel: - - put: gh-status - inputs: [src] - params: {state: success} + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: success + base_context: concourse + context: test-and-deploy-api-pages - put: slack params: text: | @@ -149,10 +157,13 @@ jobs: params: {integration_tool: checkout} passed: [set-pipeline] trigger: true - - put: gh-status - inputs: [src] - params: {state: pending} - + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: pending + base_context: concourse + context: test-and-deploy-admin-client-pages - do: *test-admin-client - get: cf-image - task: configure-nginx @@ -181,9 +192,13 @@ jobs: on_failure: in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: failure + base_context: concourse + context: test-and-deploy-admin-client-pages - put: slack params: text: | @@ -195,9 +210,13 @@ jobs: on_success: in_parallel: - - put: gh-status - inputs: [src] - params: {state: success} + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: success + base_context: concourse + context: test-and-deploy-admin-client-pages - put: slack params: text: | @@ -214,9 +233,13 @@ jobs: params: {integration_tool: checkout} passed: [set-pipeline] trigger: true - - put: gh-status - inputs: [src] - params: {state: pending} + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: pending + base_context: concourse + context: deploy-queues-ui-pages - get: cf-image - task: deploy-queues-ui file: src/ci/partials/deploy.yml @@ -237,9 +260,13 @@ jobs: CF_APP_NAME: pages-queues-ui-((deploy-env)) on_failure: in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: failure + base_context: concourse + context: deploy-queues-ui-pages - put: slack params: text: | @@ -250,9 +277,13 @@ jobs: icon_url: ((slack-icon-url)) on_success: in_parallel: - - put: gh-status - inputs: [src] - params: {state: success} + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: success + base_context: concourse + context: deploy-queues-ui-pages - put: slack params: text: | @@ -297,9 +328,13 @@ jobs: - deploy-queues-ui-pages - get: node - get: cf-image - - put: gh-status - inputs: [src] - params: {state: pending} + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: pending + base_context: concourse + context: e2e-test - task: get-app-env file: src/ci/partials/get-app-env.yml image: cf-image @@ -326,9 +361,13 @@ jobs: - put: s3 on_failure: in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: failure + base_context: concourse + context: e2e-test - put: slack params: text: | @@ -339,9 +378,13 @@ jobs: icon_url: ((slack-icon-url)) on_success: in_parallel: - - put: gh-status - inputs: [src] - params: {state: success} + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: success + base_context: concourse + context: e2e-test - put: slack params: text: | @@ -352,13 +395,20 @@ jobs: icon_url: ((slack-icon-url)) - name: audit-dependencies - plan: + plan: - get: src resource: pr-((deploy-env)) params: {integration_tool: checkout} trigger: true passed: [set-pipeline] - get: node + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: pending + base_context: concourse + context: audit-dependencies - in_parallel: - task: audit-app file: src/ci/partials/audit.yml @@ -372,9 +422,13 @@ jobs: VULN_THRESHOLD: 8 # errors on critical or high on_failure: in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: failure + base_context: concourse + context: audit-dependencies - put: slack params: text: | @@ -385,9 +439,13 @@ jobs: icon_url: ((slack-icon-url)) on_success: in_parallel: - - put: gh-status - inputs: [src] - params: {state: success} + - put: src + resource: pr-((deploy-env)) + params: + path: src + status: success + base_context: concourse + context: audit-dependencies - put: slack params: text: | @@ -438,7 +496,7 @@ jobs: channel: ((slack-channel)) username: ((slack-username)) icon_url: ((slack-icon-url)) - + - name: set-pipeline plan: - get: src @@ -495,15 +553,6 @@ resources: source: url: ((slack-webhook-url)) - - name: gh-status - type: cogito - check_every: 1h - source: - owner: cloud-gov - repo: pages-core - access_token: ((gh-access-token)) - context_prefix: concourse - - name: cf-image type: registry-image source: @@ -530,23 +579,38 @@ resources: resource_types: - - name: cogito - type: docker-image - check_every: 24h - source: - repository: pix4d/cogito - - name: pull-request - type: docker-image + type: registry-image source: - repository: teliaoss/github-pr-resource + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: github-pr-resource + aws_region: us-gov-west-1 + tag: latest - name: slack-notification - type: docker-image + type: registry-image source: - repository: cfcommunity/slack-notification-resource + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: slack-notification-resource + aws_region: us-gov-west-1 + tag: latest - name: s3-resource - type: docker-image + type: registry-image source: - repository: 18fgsa/s3-resource-simple \ No newline at end of file + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: s3-simple-resource + aws_region: us-gov-west-1 + tag: latest + + - name: time + type: registry-image + source: + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: time-resource + aws_region: us-gov-west-1 + tag: latest diff --git a/ci/pipeline-production.yml b/ci/pipeline-production.yml index 7ef23bcd7..c3090ffb4 100644 --- a/ci/pipeline-production.yml +++ b/ci/pipeline-production.yml @@ -56,9 +56,6 @@ jobs: passed: [set-pipeline] trigger: true params: {depth: 1} - - put: gh-status - inputs: [src] - params: {state: pending} - get: cf-image - do: *test-api - task: build-api @@ -94,7 +91,7 @@ jobs: params: <<: *env-cf APP_ENV: ((deploy-env)) - CF_APP_NAME: pages-((deploy-env)) + CF_APP_NAME: pages-((deploy-env)) - task: run-database-migrations file: src/ci/partials/run-database-migrations.yml @@ -103,59 +100,43 @@ jobs: <<: *env-cf APP_ENV: ((deploy-env)) on_failure: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} - - put: slack - params: - text: | - :x: FAILED: to migrate database for pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :x: FAILED: to migrate database for pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) on_failure: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} - - put: slack - params: - text: | - :x: FAILED: to migrate database for pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :x: FAILED: to migrate database for pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) on_failure: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} - - put: slack - params: - text: | - :x: FAILED: api deployment on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :x: FAILED: api deployment on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) on_success: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: success} - - put: slack - params: - text: | - :white_check_mark: SUCCESS: Successfully deployed api on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :white_check_mark: SUCCESS: Successfully deployed api on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) - name: test-and-deploy-admin-client-pages-((deploy-env)) plan: @@ -165,9 +146,6 @@ jobs: trigger: true params: {depth: 1} - get: node - - put: gh-status - inputs: [src] - params: {state: pending} - do: *test-admin-client - get: cf-image @@ -196,32 +174,24 @@ jobs: CF_APP_NAME: pages-admin-((deploy-env)) on_failure: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} - - put: slack - params: - text: | - :x: FAILED: admin client deployment on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :x: FAILED: admin client deployment on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) on_success: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: success} - - put: slack - params: - text: | - :white_check_mark: SUCCESS: Successfully deployed admin client on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :white_check_mark: SUCCESS: Successfully deployed admin client on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) - name: deploy-queues-ui-pages-((deploy-env)) plan: @@ -230,9 +200,6 @@ jobs: passed: [set-pipeline] trigger: true params: {depth: 1} - - put: gh-status - inputs: [src] - params: {state: pending} - get: cf-image - task: deploy-queues-ui file: src/ci/partials/deploy.yml @@ -252,31 +219,23 @@ jobs: <<: *env-cf CF_APP_NAME: pages-queues-ui-((deploy-env)) on_failure: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} - - put: slack - params: - text: | - :x: FAILED: pages queues UI deployment on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :x: FAILED: pages queues UI deployment on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) on_success: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: success} - - put: slack - params: - text: | - :white_check_mark: SUCCESS: Successfully deployed pages queues UI on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :white_check_mark: SUCCESS: Successfully deployed pages queues UI on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) - name: nightly-tasks-pages-((deploy-env)) plan: @@ -362,7 +321,7 @@ jobs: icon_url: ((slack-icon-url)) - name: audit-dependencies - plan: + plan: - get: src resource: src-((deploy-env))-tagged trigger: true @@ -380,31 +339,23 @@ jobs: params: VULN_THRESHOLD: 8 # errors on critical or high on_failure: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} - - put: slack - params: - text: | - :x: FAILED: dependency audit on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :x: FAILED: dependency audit on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) on_success: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: success} - - put: slack - params: - text: | - :white_check_mark: SUCCESS: Successfully passed dependency audit on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :white_check_mark: SUCCESS: Successfully passed dependency audit on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) - name: nightly-site-bucket-key-rotator plan: @@ -450,7 +401,7 @@ jobs: channel: ((slack-channel)) username: ((slack-username)) icon_url: ((slack-icon-url)) - + - name: set-pipeline plan: - get: src @@ -516,15 +467,6 @@ resources: source: url: ((slack-webhook-url-cg-pages)) - - name: gh-status - type: cogito - check_every: 1h - source: - owner: cloud-gov - repo: pages-core - access_token: ((gh-access-token)) - context_prefix: concourse - - name: cf-image type: registry-image source: @@ -547,18 +489,34 @@ resources: resource_types: + - name: git + type: registry-image + source: + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: git-resource + aws_region: us-gov-west-1 + tag: latest + - name: github-release type: registry-image source: repository: concourse/github-release-resource - - name: cogito - type: docker-image - check_every: 24h + - name: slack-notification + type: registry-image source: - repository: pix4d/cogito + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: slack-notification-resource + aws_region: us-gov-west-1 + tag: latest - - name: slack-notification - type: docker-image + - name: time + type: registry-image source: - repository: cfcommunity/slack-notification-resource + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: time-resource + aws_region: us-gov-west-1 + tag: latest diff --git a/ci/pipeline-staging.yml b/ci/pipeline-staging.yml index 9b78604ea..cc440686d 100644 --- a/ci/pipeline-staging.yml +++ b/ci/pipeline-staging.yml @@ -161,9 +161,6 @@ jobs: passed: [set-pipeline] trigger: true params: {depth: 1} - - put: gh-status - inputs: [src] - params: {state: pending} - get: cf-image - do: *test-api - task: build-api @@ -199,7 +196,7 @@ jobs: params: <<: *env-cf APP_ENV: ((deploy-env)) - CF_APP_NAME: pages-((deploy-env)) + CF_APP_NAME: pages-((deploy-env)) - task: run-database-migrations file: src/ci/partials/run-database-migrations.yml @@ -208,59 +205,43 @@ jobs: <<: *env-cf APP_ENV: ((deploy-env)) on_failure: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} - - put: slack - params: - text: | - :x: FAILED: to migrate database for pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :x: FAILED: to migrate database for pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) on_failure: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} - - put: slack - params: - text: | - :x: FAILED: to migrate database for pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :x: FAILED: to migrate database for pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) on_failure: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} - - put: slack - params: - text: | - :x: FAILED: api deployment on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :x: FAILED: api deployment on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) on_success: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: success} - - put: slack - params: - text: | - :white_check_mark: SUCCESS: Successfully deployed api on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :white_check_mark: SUCCESS: Successfully deployed api on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) - name: test-and-deploy-admin-client-pages plan: @@ -270,9 +251,6 @@ jobs: trigger: true params: {depth: 1} - get: node - - put: gh-status - inputs: [src] - params: {state: pending} - do: *test-admin-client - get: cf-image @@ -301,32 +279,24 @@ jobs: CF_APP_NAME: pages-admin-((deploy-env)) on_failure: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} - - put: slack - params: - text: | - :x: FAILED: admin client deployment on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :x: FAILED: admin client deployment on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) on_success: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: success} - - put: slack - params: - text: | - :white_check_mark: SUCCESS: Successfully deployed admin client on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :white_check_mark: SUCCESS: Successfully deployed admin client on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) - name: deploy-queues-ui-pages plan: @@ -335,9 +305,6 @@ jobs: passed: [set-pipeline] trigger: true params: {depth: 1} - - put: gh-status - inputs: [src] - params: {state: pending} - get: cf-image - task: deploy-queues-ui file: src/ci/partials/deploy.yml @@ -357,31 +324,23 @@ jobs: <<: *env-cf CF_APP_NAME: pages-queues-ui-((deploy-env)) on_failure: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} - - put: slack - params: - text: | - :x: FAILED: pages queues UI deployment on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :x: FAILED: pages queues UI deployment on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) on_success: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: success} - - put: slack - params: - text: | - :white_check_mark: SUCCESS: Successfully deployed pages queues UI on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :white_check_mark: SUCCESS: Successfully deployed pages queues UI on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) - name: nightly-tasks-pages plan: @@ -436,7 +395,7 @@ jobs: icon_url: ((slack-icon-url)) - name: audit-dependencies - plan: + plan: - get: src resource: src-((deploy-env)) trigger: true @@ -454,31 +413,23 @@ jobs: params: VULN_THRESHOLD: 8 # errors on critical or high on_failure: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} - - put: slack - params: - text: | - :x: FAILED: dependency audit on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :x: FAILED: dependency audit on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) on_success: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: success} - - put: slack - params: - text: | - :white_check_mark: SUCCESS: Successfully passed dependency audit on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :white_check_mark: SUCCESS: Successfully passed dependency audit on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) - name: nightly-site-bucket-key-rotator plan: @@ -536,9 +487,6 @@ jobs: - deploy-queues-ui-pages - get: node - get: cf-image - - put: gh-status - inputs: [src] - params: {state: pending} - task: get-app-env file: src/ci/partials/get-app-env.yml image: cf-image @@ -564,31 +512,23 @@ jobs: PRODUCT: pages - put: s3 on_failure: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: failure} - - put: slack - params: - text: | - :x: FAILED: pages e2e testing on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :x: FAILED: pages e2e testing on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) on_success: - in_parallel: - - put: gh-status - inputs: [src] - params: {state: success} - - put: slack - params: - text: | - :white_check_mark: SUCCESS: Successfully passed e2e testing on pages ((deploy-env)) - <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> - channel: ((slack-channel)) - username: ((slack-username)) - icon_url: ((slack-icon-url)) + - put: slack + params: + text: | + :white_check_mark: SUCCESS: Successfully passed e2e testing on pages ((deploy-env)) + <$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME?vars.deploy-env="((deploy-env))"|View build details> + channel: ((slack-channel)) + username: ((slack-username)) + icon_url: ((slack-icon-url)) - name: set-pipeline plan: @@ -683,15 +623,6 @@ resources: source: url: ((slack-webhook-url)) - - name: gh-status - type: cogito - check_every: 1h - source: - owner: cloud-gov - repo: pages-core - access_token: ((gh-access-token)) - context_prefix: concourse - - name: cf-image type: registry-image source: @@ -719,23 +650,47 @@ resources: resource_types: - - name: cogito - type: docker-image - check_every: 24h + - name: git + type: registry-image source: - repository: pix4d/cogito + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: git-resource + aws_region: us-gov-west-1 + tag: latest - name: pull-request - type: docker-image + type: registry-image source: - repository: teliaoss/github-pr-resource + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: github-pr-resource + aws_region: us-gov-west-1 + tag: latest - name: slack-notification - type: docker-image + type: registry-image source: - repository: cfcommunity/slack-notification-resource + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: slack-notification-resource + aws_region: us-gov-west-1 + tag: latest - name: s3-resource - type: docker-image + type: registry-image + source: + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: s3-simple-resource + aws_region: us-gov-west-1 + tag: latest + + - name: time + type: registry-image source: - repository: 18fgsa/s3-resource-simple + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: time-resource + aws_region: us-gov-west-1 + tag: latest