Fixing the commit issue and history of commit which is exposed

pavan-kumarkulkarni · pavan-kumarkulkarni · commit 6dc8fda8c787 · 2024-03-29T15:14:11.000+05:30
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -1,6 +1,8 @@
 include:
   - project: 'pluralsight/experience/gitlab-helpers'
-    file: '/salt-deploy/helper.yml'
+    file: '/slack-notification/helper.yml'
+  - project: 'pluralsight/experience/gitlab-helpers'
+    file: '/helm-deploy/helper.yml'
 
 image: openjdk:8
 
@@ -16,6 +18,18 @@ variables:
   ARTIFACTORY_PATH: ${ARTIFACTORY_ID}/${ARTIFACTORY_ARTIFACT_VERSION}
   ARTIFACTORY_ARTIFACT_URL: ${ARTIFACTORY_REPOSITORY_URL}/${ARTIFACTORY_REPOSITORY}/${ARTIFACTORY_PATH}
   BUILD_VERSION: 1.0.${CI_PIPELINE_IID}
+  HELM_K8S_CLUSTER_URL: https://6C29C0073BB19BEF220B9437E6962AF2.gr7.us-west-2.eks.amazonaws.com
+  K8S_CLUSTER_NAME: app-eks.eplur-staging.us-west-2
+  ENV: ${CI_JOB_STAGE} 
+  SERVICE_NAME: "hydra-notifications"
+  SLACK_ICON_EMOJI: ":gitlab:"
+  SLACK_CHANNEL: '#data-platform-alerts'
+  SNYK_ORG_ID: "d8094638-7a37-413f-b1b4-ad840fb9e239"
+  SLACK_MESSAGE: |
+    *[[SERVICE_NAME]]* deployed to *[[ENV]]*.
+    Version: *[[BUILD_VERSION]]*
+    [[PIPELINE_LINK]]
+  SLACK_USERNAME: 'GITLAB'
 
 before_script:
   - apt-get update -yqq
@@ -25,35 +39,64 @@ before_script:
   - gpg --recv-keys --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/scalasbt-release.gpg --keyserver hkp://keyserver.ubuntu.com:80 2EE0EA64E40A89B84B2DF73499E82A75642AC823
   - chmod 644 /etc/apt/trusted.gpg.d/scalasbt-release.gpg
   - apt-get update -yqq
-  - apt-get install -yqq sbt
+  - apt-get install -yqq sbt curl
+  - curl --compressed https://static.snyk.io/cli/latest/snyk-linux -o snyk
+  - chmod +x ./snyk
+  - mv ./snyk /usr/local/bin/ 
+
 
 stages:
   - build
   - package
+  - code-analysis
   - publish
+  - deploy-dev
+  - notify
+  - notify_dev
+  - deploy-staging
+  - notify_staging
+
 
 build:
   stage: build
+  retry: 2
   script:
     - sbt clean compile test
+
 package:
   stage: package
+  retry: 2
   script:
     - sbt universal:packageBin
     - CURYEAR=$(date +%Y)
     - CURMONTH=$(date +%-m)
     - echo -n "${CURYEAR}.${CURMONTH}.${BUILD_VERSION}" > VERSION
-    - pwd
-    - ls -lh
     - unzip server/target/universal/*.zip
     - mv hydra-notifications-server-* hydra-notifications-server
     - tar czf ${ARTIFACT_NAME}-${BUILD_VERSION}.tgz --exclude=*.tmp --exclude=*.tgz --exclude=*.tgz.md5 .
     - echo "##teamcity[publishArtifacts '${ARTIFACT_NAME}.tgz']"
-
   artifacts:
     paths:
       - hydra-notifications-server
 
+snyk-code-analysis:
+  stage: code-analysis
+  allow_failure: true      
+  script:
+    - |
+      snyk_ver=$(snyk --version)
+      echo "--> Installed SNYK Version:${snyk_ver}"
+      echo "----- Configuring SNYK Api Token and Org -----"
+      snyk config set api=${SNYK_API_TOKEN}
+      snyk config set org=${SNYK_ORG_ID}
+      echo "--> Iniciating SNYK Code Analysis"
+      snyk code test --report --project-id="cdafcbb5-24d1-4afc-bcda-96055113fc57" --commit-id="${CI_COMMIT_SHA}"
+  artifacts:
+    when: always
+    paths:
+      - ./snyk-code-analysis.json
+      
+
 publish:
   stage: publish
   image: harbor.vnerd.com/proxy/library/docker:cli
@@ -62,18 +105,93 @@ publish:
     - docker
   needs:
     - package
+    - snyk-code-analysis
   before_script:
     - echo "$DOCKER_REGISTRY_USERNAME:$DOCKER_REGISTRY_PASSWORD"
     - echo -n "$DOCKER_REGISTRY_PASSWORD" | docker login -u "$DOCKER_REGISTRY_USERNAME" --password-stdin "$DOCKER_REGISTRY_URL"
   script:
-    - pwd
-    - ls -lh
     - docker build -t ${IMAGE_NAME} -f Dockerfile .
     - docker tag ${IMAGE_NAME} ${DOCKER_REGISTRY_IMAGE}:${BUILD_VERSION}
     - docker push ${DOCKER_REGISTRY_IMAGE}:${BUILD_VERSION}
-
   variables:
     DOCKER_HOST: tcp://localhost:2376
     DOCKER_TLS_CERTDIR: "/certs"
     DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client"
     DOCKER_TLS_VERIFY: 1
+
+.notify-all:
+  image: harbor.vnerd.com/library/ps-helm:latest
+  tags:
+    - ps
+    - docker 
+  script:
+    - ps-notify slack "$SLACK_MESSAGE" "$SLACK_CHANNEL"  --slack-username $SLACK_USERNAME --slack-icon-emoji $SLACK_ICON_EMOJI
+  variables:
+    NODE_ENV: $ENV
+
+deploy-dev:
+    stage: deploy-dev
+    extends: .helmDeploy
+    environment:
+      name: dev
+    variables:
+      HELM_CHART_NAME: ps-service
+      HELM_DEPLOY_TOKEN: ${HELM_DEPLOY_TOKEN}
+      K8S_CLUSTER_NAME: app-eks.eplur-staging.us-west-2
+      HELM_K8S_CLUSTER_URL: https://6C29C0073BB19BEF220B9437E6962AF2.gr7.us-west-2.eks.amazonaws.com
+      BOUNDED_CONTEXT: adapt-dvs-dev
+      HELM_TARGET_NAMESPACE: ${BOUNDED_CONTEXT}
+      APPLICATION_ROLE: dev-hydra-notifications
+      HELM_VALUES_FILE: helm/eks-dev-values.yml
+      HELM_SET_VALUES: "NODE_ENV=production, INGEST_URL=https://dev-hydra.eplur-staging.vnerd.com, PUBLIC_URL=https://dvs-dev.eplur-staging.vnerd.com/dvs-data-explorer, REACT_APP_INGEST_URL=https://dev-hydra.eplur-staging.vnerd.com, REACT_APP_STREAMS_URL=https://hydra-streams-dev.eplur-staging.vnerd.com, STREAMS_URL=https://hydra-streams-dev.eplur-staging.vnerd.com"
+    before_script:
+      - export BUILD_VERSION="$(date +%Y).$(date +%m).$(date +%d).${CI_COMMIT_SHORT_SHA}"
+      - kubectl config set-cluster app-${CI_ENVIRONMENT_NAME%/*} --server=${HELM_K8S_CLUSTER_URL} --embed-certs --certificate-authority="$HELM_K8S_CLUSTER_CACERT"
+      - kubectl config set-credentials deploy --token=`echo ${HELM_DEPLOY_TOKEN} | base64 -d`
+      - kubectl config set-context deploy --cluster=app-${CI_ENVIRONMENT_NAME%/*} --namespace=${HELM_TARGET_NAMESPACE} --user=deploy
+      - kubectl config use-context deploy
+
+slack:dev:
+  stage: notify_dev
+  extends: .notify-all
+  when: on_success
+  needs: ['deploy-dev']
+  before_script:
+    - echo "Sending notification to slack"
+  variables:
+    ENV: "DEV Cluster"
+    SERVICE_NAME: "dev-hydra-notifications"
+
+deploy-staging:
+    stage: deploy-staging
+    extends: .helmDeploy
+    when: manual
+    environment:
+      name: staging
+    variables:
+      HELM_CHART_NAME: ps-service
+      HELM_DEPLOY_TOKEN: ${HELM_DEPLOY_TOKEN}
+      K8S_CLUSTER_NAME: app-eks.eplur-staging.us-west-2
+      HELM_K8S_CLUSTER_URL: https://6C29C0073BB19BEF220B9437E6962AF2.gr7.us-west-2.eks.amazonaws.com
+      BOUNDED_CONTEXT: adapt-dvs
+      HELM_TARGET_NAMESPACE: ${BOUNDED_CONTEXT}
+      APPLICATION_ROLE: is-hydra-notifications
+      HELM_VALUES_FILE: helm/eks-staging-values.yml
+      HELM_SET_VALUES: "NODE_ENV=production, INGEST_URL=https://hydra-publish.eplur-staging.vnerd.com, PUBLIC_URL=https://dvs.eplur-staging.vnerd.com/dvs-data-explorer, REACT_APP_INGEST_URL=https://hydra-publish.eplur-staging.vnerd.com, REACT_APP_STREAMS_URL=https://hydra-streams.eplur-staging.vnerd.com, STREAMS_URL=https://hydra-streams.eplur-staging.vnerd.com"
+    before_script:
+      - export BUILD_VERSION="$(date +%Y).$(date +%m).$(date +%d).${CI_COMMIT_SHORT_SHA}"
+      - kubectl config set-cluster app-${CI_ENVIRONMENT_NAME%/*} --server=${HELM_K8S_CLUSTER_URL} --embed-certs --certificate-authority="$HELM_K8S_CLUSTER_CACERT"
+      - kubectl config set-credentials deploy --token=`echo ${HELM_DEPLOY_TOKEN} | base64 -d`
+      - kubectl config set-context deploy --cluster=app-${CI_ENVIRONMENT_NAME%/*} --namespace=${HELM_TARGET_NAMESPACE} --user=deploy
+      - kubectl config use-context deploy
+
+slack:staging:
+  stage: notify_staging
+  extends: .notify-all
+  when: on_success
+  needs: ['deploy-staging']
+  before_script:
+    - echo "Sending notification to slack"
+  variables:
+    ENV: "STAGING Cluster"
+    SERVICE_NAME: "is-hydra-notifications"
diff --git a/helm/eks-dev-values.yml b/helm/eks-dev-values.yml
@@ -0,0 +1,63 @@
+image:
+  repository: harbor.vnerd.com/library/hydra-notifications
+  pullPolicy: Always
+  tag: latest
+
+serviceAccount:
+  create: true
+  annotations:
+    eks.amazonaws.com/role-arn: arn:aws:iam::523344010929:role/is-aws-msk-is-hydra-streams-us-west-2
+
+deployment:
+  apiVersion: "apps/v1"
+  updateStrategy:
+    rollingUpdate:
+      maxUnavailable: 0
+    type: RollingUpdate
+
+replicas: 1
+
+service:
+  type: ClusterIP
+  port: 8080
+  annotations: {}
+  labels: {}
+
+ingress:
+  enabled: true
+  ingressClassName: internal
+  annotations: {}
+  labels: {}
+  hosts:
+    - hydra-notifications-dev.eplur-staging.vnerd.com
+    - hydra-notifications-dev-stage.vnerd.com
+  tls:
+    - hosts:
+        - hydra-notifications-dev-stage.vnerd.com
+  path: /
+  pathType: Prefix
+
+hpa:
+  enabled: true
+  minReplicas: 1
+  maxReplicas: 1
+  targetMemoryUtilizationPercentage: 80
+
+resources:
+  limits:
+    memory: 512Mi
+  requests:
+    cpu: 250m
+    memory: 50Mi
+
+tolerations: []
+
+nodeSelector: {}
+
+config:
+  LOG_DIR: /var/log/hydra-notifications
+  LOG_LEVEL: ERROR
+  PORT_NUMBER: 8080
+  SLACK_TOKEN: 
+  OPSGENIE_TOKEN: 
+  STREAMS_URL: https://hydra-streams-dev.eplur-staging.vnerd.com
diff --git a/helm/eks-staging-values.yml b/helm/eks-staging-values.yml
@@ -20,12 +20,13 @@ service:
 
 ingress:
   enabled: true
-  ingressClassName: alb
+  ingressClassName: internal
   labels: {}
   hosts:
     - hydra-notifications.eplur-staging.vnerd.com
     - hydra-notifications-stage.vnerd.com
   path: /
+  pathType: Prefix
 
 
 hpa:
@@ -50,7 +51,6 @@ config:
   LOG_DIR: /var/log/hydra-notifications
   LOG_LEVEL: ERROR
   PORT_NUMBER: 8080
-  SLACK_TOKEN: xoxp-2345022201-286493579810-550147647603-73094781a9bc0e8dc2ecaad62c19ea0b
-  OPSGENIE_TOKEN: e171c410-5cc6-4786-b962-90b923715996
-  STREAMS_URL: https://hydra-streams.eplur-staging.vnerd.com
-
+  SLACK_TOKEN: 
+  OPSGENIE_TOKEN: 
+  STREAMS_URL: https://hydra-streams.eplur-staging.vnerd.com
