From 23e150c622aec4f84fd77c8766542fbc9c8ca4e1 Mon Sep 17 00:00:00 2001 From: Michal Kovarik Date: Apr 02 2020 10:35:45 +0000 Subject: Skip deployment to prod if pipeline deployment is frozen Check state of interal semaphore and block deployment to prod. --- diff --git a/roles/c3i/defaults/main.yml b/roles/c3i/defaults/main.yml index 68b2daa..cfe4e1f 100644 --- a/roles/c3i/defaults/main.yml +++ b/roles/c3i/defaults/main.yml @@ -29,6 +29,9 @@ c3i_build_and_test_snippet: # Path to Jenkinsfile snippet for integration tests used by promotion workflow c3i_integration_test_snippet: +# list of flags in semaphore to allow prod promotion +c3i_semaphore_custom_flags: [] + c3i_definition_dir: openshift/pipelines c3i_definition_update_script: ansible-playbook deploy.yml -e c3i_skip_service_accounts=true @@ -59,6 +62,10 @@ c3i_messaging_topic_consumer_part: "Consumer.rh-jenkins-ci-plugin" c3i_messaging_greenwave_topic_virtualtopic_part: "VirtualTopic.eng.greenwave.decision.update" c3i_messaging_repotracker_topic_virtualtopic_part: "VirtualTopic.eng.repotracker.container.tag.>" +c3i_semaphore_default_flags: + - deployments-allowed +c3i_semaphore_flags: "{{ c3i_semaphore_default_flags + c3i_semaphore_custom_flags }}" + c3i_dev_image_tag: "latest" c3i_lib_branch: master diff --git a/roles/c3i/templates/greenwave-promote.Jenkinsfile b/roles/c3i/templates/greenwave-promote.Jenkinsfile index 07052b2..3bb39df 100644 --- a/roles/c3i/templates/greenwave-promote.Jenkinsfile +++ b/roles/c3i/templates/greenwave-promote.Jenkinsfile @@ -30,7 +30,27 @@ pipeline { ) } stages { + stage("Check semaphore") { + steps { + script { + if (env.SEMAPHORE_CHECK == 'True') { + if (c3i.checkSemaphore(env.SEMAPHORE_FLAGS.split(' '))) { + env.ALLOW_DEPLOYMENT = "true" + } + else { + currentBuild.displayName = "Skipped" + } + } + else { + env.ALLOW_DEPLOYMENT = "true" + } + } + } + } stage("Message Check and setup") { + when { + expression { env.ALLOW_DEPLOYMENT } + } steps { script { if (params.CI_MESSAGE) { @@ -92,6 +112,9 @@ pipeline { } } stage('Copy image') { + when { + expression { env.ALLOW_DEPLOYMENT } + } steps { echo "Copy container image ${env.IMAGE} to ${env.PROMOTING_DESTINATION}:${env.TARGET_TAG}" retry(5) { diff --git a/roles/c3i/templates/greenwave-promote.yml b/roles/c3i/templates/greenwave-promote.yml index 18cec8c..9f6e961 100644 --- a/roles/c3i/templates/greenwave-promote.yml +++ b/roles/c3i/templates/greenwave-promote.yml @@ -39,6 +39,10 @@ spec: value: {{ c3i_messaging_topic_consumer_part }}.c3i-{{ item }}-{{ job_vars.name_post }}{{ c3i_test_subscriber }}.{{ c3i_messaging_greenwave_topic_virtualtopic_part }} - name: MAIL_ADDRESS value: {{ c3i_mail_address }} + - name: SEMAPHORE_CHECK + value: "{{ job_vars.semaphore_check }}" + - name: SEMAPHORE_FLAGS + value: {{ c3i_semaphore_flags | join(' ') }} # CI_MESSAGE and MESSAGE_HEADERS are used internally by JMS messaging plugin - name: CI_MESSAGE - name: MESSAGE_HEADERS diff --git a/roles/c3i/templates/jobs/greenwave-promote-to-prod.yml b/roles/c3i/templates/jobs/greenwave-promote-to-prod.yml index 5ece4f9..6fc12d5 100644 --- a/roles/c3i/templates/jobs/greenwave-promote-to-prod.yml +++ b/roles/c3i/templates/jobs/greenwave-promote-to-prod.yml @@ -5,3 +5,4 @@ decision_context_regex: c3i_promote_stage_to_prod target_tag: prod promoting_destination_prefix: "{{ c3i_quay_address }}/{{ c3i_quay_namespace }}" source_container_repo_prefix: "{{ c3i_quay_address }}/{{ c3i_quay_namespace }}" +semaphore_check: True diff --git a/roles/c3i/templates/jobs/greenwave-promote-to-stage.yml b/roles/c3i/templates/jobs/greenwave-promote-to-stage.yml index 3caf8c8..96c2e2a 100644 --- a/roles/c3i/templates/jobs/greenwave-promote-to-stage.yml +++ b/roles/c3i/templates/jobs/greenwave-promote-to-stage.yml @@ -5,3 +5,4 @@ decision_context_regex: c3i_promote_dev_to_stage target_tag: stage promoting_destination_prefix: "{{ c3i_quay_address }}/{{ c3i_quay_namespace }}" source_container_repo_prefix: "{{ c3i_quay_address }}/{{ c3i_quay_namespace }}" +semaphore_check: False