--- s3_env: &s3_env access_key_id: ((((foundation))/s3_access_key_id)) endpoint: ((((foundation))/s3_endpoint)) region_name: ((((foundation))/s3_region_name)) secret_access_key: ((((foundation))/s3_secret_access_key)) azure_env: &azure_env PROFILE: ((azs.arm_profile)) CA_CERT: ((azs.azs_ca.certificate)) AZURE_CLI_CA_PATH: /usr/lib/python3.9/site-packages/certifi/cacert.pem ENDPOINT_RESOURCE_MANAGER: ((azs.endpoint-resource-manager)) VAULT_DNS: ((azs.vault_dns)) SUFFIX_STORAGE_ENDPOINT: ((azs.suffix_storage_endpoint)) AZURE_TENANT_ID: ((azs.tenant_id)) AZURE_CLIENT_ID: ((azs.client_id)) AZURE_CLIENT_SECRET: ((azs.client_secret)) AZURE_SUBSCRIPTION_ID: ((azs.subscription_id)) RESOURCE_GROUP: ((aks.resource_group)) LOCATION: ((azs.azurestack_region)) aks_env: &aks_env AKS_ORCHESTRATOR_RELEASE: ((aks.orchestrator_release)) AKS_ORCHESTRATOR_TYPE: ((aks.orchestrator_type)) AKS_ORCHESTRATOR_VERSION: ((aks.orchestrator_version)) AKS_MASTER_DNS_PREFIX: ((aks.master.dns_prefix)) AKS_MASTER_VMSIZE: ((aks.master.vmsize)) AKS_MASTER_NODE_COUNT: ((aks.master.node_count)) AKS_MASTER_DISTRO: ((aks.master.distro)) AKS_MASTER_SUBNET_NAME: ((aks.master.subnet_name)) AKS_AGENT_0_VMSIZE: ((aks.agent.0.vmsize)) AKS_AGENT_0_NODE_COUNT: ((aks.agent.0.node_count)) AKS_AGENT_0_DISTRO: ((aks.agent.0.distro)) AKS_AGENT_0_OSTYPE: ((aks.agent.0.ostype)) AKS_AGENT_0_POOL_NAME: ((aks.agent.0.pool_name)) AKS_AGENT_0_SUBNET_NAME: ((aks.agent.0.subnet_name)) AKS_VNET_NAME: ((aks.vnet.name)) AKS_VNET_RG: ((aks.vnet.rg)) AKS_VNET_CIDR: ((aks.vnet.Cidr)) AKS_RESOURCE_GROUP: ((aks.resource_group)) AKS_ADDITIONAL_APIMODEL: ((aks.additional_apimodel)) SSH_PUBLIC_KEY: ((aks.ssh_public_key)) credhub_env: &credhub_env CREDHUB_CLIENT: ((credhub-client)) CREDHUB_SECRET: ((credhub-secret)) CREDHUB_SERVER: ((credhub-server)) PREFIX: /concourse/main/((aks.team)) CREDHUB_CA_CERT: ((credhub-ca-cert.certificate)) slack_start_param: &slack_start_param channel: ((slack.channel)) text: | ((aks.team)) Job $BUILD_JOB_NAME started with ID $BUILD_ID for build $BUILD_NAME for team $BUILD_TEAM_NAME at $ATC_EXTERNAL_URL using pipeline $BUILD_PIPELINE_NAME see $ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME for details icon_emoji: ":concourse-started:" slack_succeeded_param: &slack_succeeded_param channel: ((slack.channel)) text: | ((aks.team)) Job $BUILD_JOB_NAME succeeded with ID $BUILD_ID for build $BUILD_NAME for team $BUILD_TEAM_NAME at $ATC_EXTERNAL_URL using pipeline $BUILD_PIPELINE_NAME see $ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME for details icon_emoji: ":concourse-succeeded:" slack_failed_param: &slack_failed_param channel: ((slack.channel)) text: | ((aks.team)) Job $BUILD_JOB_NAME failed with ID $BUILD_ID for build $BUILD_NAME for team $BUILD_TEAM_NAME at $ATC_EXTERNAL_URL using pipeline $BUILD_PIPELINE_NAME see $ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME for details icon_emoji: ":concourse-failed:" resource_types: - name: file-url type: docker-image source: repository: pivotalservices/concourse-curl-resource tag: latest - name: pivnet tags: ((tags)) type: docker-image source: repository: pivotalcf/pivnet-resource tag: latest-final - name: slack-notification tags: ((tags)) type: docker-image source: repository: cfcommunity/slack-notification-resource resources: # triggers #- name: daily-trigger # tags: ((tags)) # icon: calendar-clock # type: time # source: # interval: 24h - name: one-time-trigger tags: ((tags)) icon: calendar-clock type: time source: interval: 999999h #- name: after-midnight # tags: ((tags)) # icon: calendar-clock # type: time # source: # start: 01:00 AM # stop: ((after_midnight_end)) # interval: 24h # location: Europe/Berlin # notifications #- name: notify # tags: ((tags)) # icon: bell # type: slack-notification # source: # url: ((slack.webhook)) # #- name: sonobuoy-results # tags: ((tags)) # icon: cloud-download # type: s3 # source: # <<: *s3_env # bucket: ((aks.bucket)) # regexp: ((aks.resource_group))/((2[0-9]{3})(0[1-9]|1[012])([123]0|[012][1-9]|31))(([01][0-9]|2[0-3])((([0-5][0-9]))){1,2})_sonobuoy_(.*).tar.gz - name: installation tags: ((tags)) icon: cloud-download type: s3 source: <<: *s3_env bucket: ((aks.bucket)) regexp: ((aks.resource_group))/installation-(.*).zip - name: kubeconfig tags: ((tags)) icon: cloud-download type: s3 source: <<: *s3_env bucket: ((aks.bucket)) regexp: ((aks.resource_group))/kubeconfig-(.*).json #- name: k8stoken # tags: ((tags)) # icon: cloud-download # type: s3# # source: # <<: *s3_env # bucket: ((aks.bucket)) # regexp: ((aks.resource_group))/ppdmk8stoken-(.*).json - name: apimodel tags: ((tags)) icon: cloud-download type: s3 source: <<: *s3_env bucket: ((aks.bucket)) regexp: ((aks.resource_group))/apimodel-(.*).json - name: tmcmanifest tags: ((tags)) icon: cloud-download type: s3 source: <<: *s3_env bucket: ((aks.bucket)) regexp: ((aks.resource_group))/k8s-attach-manifest-(.*).yaml - name: dps-automation-image tags: ((tags)) icon: docker type: docker-image source: repository: harbor.pks.home.labbuildr.com/bottkars/dps-automation-image-alpine tag: latest ca_certs: - domain: harbor.pks.home.labbuildr.com cert: ((pksdemo/pks_cert.ca)) - name: dps-modules tags: ((tags)) icon: git type: git check_every: 1h source: uri: https://github.com/bottkars/dps_modules.git branch: main #- name: sonobuoy-release # tags: ((tags)) # icon: github # type: github-release # check_every: 24h # source: # private_key: ((((foundation))/template-deploy-key.private_key)) # owner: vmware-tanzu # repository: sonobuoy - name: aks-engine-release tags: ((tags)) icon: github type: github-release check_every: 24h source: owner: Azure repository: aks-engine tag_filter: ((aks.engine_release)) - name: apimodel-json check_every: 10m icon: cloud-braces type: file-url source: # ((aks.engine_tagfilter)) #url: https://github.com/Azure/aks-engine/blob/release-((aks.engine_release))/examples/azure-stack/kubernetes-azurestack.json url: https://raw.githubusercontent.com/Azure/aks-engine/release-((aks.engine_release))/examples/azure-stack/kubernetes-azurestack.json filename: kubernetes-azurestack.json - name: azs-concourse tags: ((tags)) icon: git type: git check_every: 1h source: uri: https://github.com/bottkars/azs-concourse.git branch: ((azs_concourse_branch)) display: background_image: https://azurecomcdn.azureedge.net/cvt-0ae2bfb185688cefc969d084e7e88d4937bf929a02f81389fb2d6bc0998fc171/images/page/services/kubernetes-service/accelerate.png jobs: - name: deploy-aks-cluster plan: - in_parallel: - get: one-time-trigger trigger: true - get: apimodel-json - get: aks-engine-release tags: ((tags)) params: unpack: true globs: - aks-engine-*-linux-amd64.tar.gz - get: azs-concourse tags: ((tags)) - get: dps-automation-image tags: ((tags)) params: unpack: true - task: deploy-cluster tags: ((tags)) file: azs-concourse/ci/tasks/deploy-aks.yml image: dps-automation-image input_mapping: aks-engine: aks-engine-release params: <<: *azure_env <<: *aks_env - put: installation tags: ((tags)) params: file: aks-installation/installation-*.zip - put: apimodel tags: ((tags)) params: file: apimodel/apimodel-*.json - put: kubeconfig tags: ((tags)) params: file: kubeconfig/kubeconfig-*.json - name: query-aks-agent-pool plan: - in_parallel: - get: installation passed: [ deploy-aks-cluster ] trigger: false tags: ((tags)) params: unpack: true - get: aks-engine-release tags: ((tags)) params: unpack: true globs: - aks-engine-*-linux-amd64.tar.gz - get: azs-concourse tags: ((tags)) - get: dps-automation-image tags: ((tags)) params: unpack: true - task: query-aks-agent-pool tags: ((tags)) file: azs-concourse/ci/tasks/query-aks-agent-pool.yml image: dps-automation-image input_mapping: aks-engine: aks-engine-release current-installation: installation params: <<: *aks_env AKS_AGENT_POOL: linuxpool # - put: installation # tags: ((tags)) # params: # file: aks-installation/installation-*.zip # - put: apimodel # tags: ((tags)) # params: # file: apimodel/apimodel-*.json # - put: kubeconfig # tags: ((tags)) # params: # file: kubeconfig/kubeconfig-*.json - name: upgrade-aks-cluster plan: - in_parallel: - get: installation passed: - deploy-aks-cluster trigger: false tags: ((tags)) params: unpack: true - get: aks-engine-release tags: ((tags)) params: unpack: true globs: - aks-engine-*-linux-amd64.tar.gz - get: azs-concourse tags: ((tags)) passed: - deploy-aks-cluster - get: dps-automation-image tags: ((tags)) params: unpack: true - task: upgrade-cluster tags: ((tags)) file: azs-concourse/ci/tasks/upgrade-aks.yml image: dps-automation-image input_mapping: aks-engine: aks-engine-release current-installation: installation params: <<: *azure_env <<: *aks_env AKS_ORCHESTRATOR_VERSION_UPDATE: ((aks.orchestrator_version_update)) - put: installation tags: ((tags)) params: file: aks-installation/installation-*.zip - put: apimodel tags: ((tags)) params: file: apimodel/apimodel-*.json - put: kubeconfig tags: ((tags)) params: file: kubeconfig/kubeconfig-*.json - name: scale-aks-cluster plan: - in_parallel: - get: installation passed: - deploy-aks-cluster trigger: false tags: ((tags)) params: unpack: true - get: aks-engine-release tags: ((tags)) params: unpack: true globs: - aks-engine-*-linux-amd64.tar.gz # - get: sonobuoy-results # tags: ((tags)) # trigger: true # passed: # - validate-aks-cluster - get: azs-concourse tags: ((tags)) - get: dps-automation-image tags: ((tags)) params: unpack: true - task: scale-cluster tags: ((tags)) file: azs-concourse/ci/tasks/scale-aks.yml image: dps-automation-image input_mapping: aks-engine: aks-engine-release current-installation: installation params: <<: *azure_env <<: *aks_env AKS_AGENT_0_NEW_NODE_COUNT: ((aks.agent.0.new_node_count)) - put: installation tags: ((tags)) params: file: aks-installation/installation-*.zip - put: apimodel tags: ((tags)) params: file: apimodel/apimodel-*.json - put: kubeconfig tags: ((tags)) params: file: kubeconfig/kubeconfig-*.json #- name: validate-aks-cluster # plan: # - in_parallel: # - get: kubeconfig # tags: ((tags)) # passed: [ deploy-aks-cluster ] # trigger: true ## - get: sonobuoy-release # tags: ((tags)) # params: # unpack: true # globs: # - sonobuoy_*_linux_amd64.tar.gz # - get: azs-concourse # tags: ((tags)) # - get: dps-automation-image # tags: ((tags)) # - task: validate-cluster # tags: ((tags)) # file: azs-concourse/ci/tasks/validate-kubernetes-cluster.yml # image: dps-automation-image# # params: # SONOBUOY_MODE: quick #certified-conformance # Valid modes are non-disruptive-conformance, quick, certified-conformance. (default non-disruptive-conformance) # - put: sonobuoy-results # tags: ((tags)) # params: # file: validation-report/*_sonobuoy_*.tar.gz - name: attach-aks-cluster-to-tmc serial: true plan: - in_parallel: - get: kubeconfig passed: - deploy-aks-cluster trigger: false - get: dps-automation-image - get: dps-modules - task: attach-cluster-to-tmc image: dps-automation-image file: dps-modules/ci/tasks/attach-k8s-to-tmc.yml input_mapping: dps-modules: dps-modules params: DEBUG: "FALSE" TMC_API_TOKEN: ((TMC.API_TOKEN)) TMC_CONTEXT: ((TMC.CONTEXT)) TMC_CLUSTERGROUP: ((TMC.CLUSTERGROUP)) - put: tmcmanifest params: file: tmcmanifest/k8s-attach-manifest-*.yaml - name: install-kubeapps plan: - in_parallel: - get: kubeconfig tags: ((tags)) passed: [ deploy-aks-cluster ] trigger: false # - get: kubectl-release - get: azs-concourse tags: ((tags)) - get: dps-automation-image tags: ((tags)) - task: install-bitnami-kubeapps tags: ((tags)) file: azs-concourse/ci/tasks/install-kubeapps.yml image: dps-automation-image - name: delete-aks-cluster plan: - get: azs-concourse tags: ((tags)) - get: dps-automation-image tags: ((tags)) - task: delete-rg tags: ((tags)) image: dps-automation-image file: azs-concourse/ci/tasks/delete-resourcegroup.yml params: <<: *azure_env #- name: configure-ppdm-aks-cluster # serial: true # plan: # - in_parallel: # - get: kubeconfig # passed: # - deploy-aks-cluster # trigger: true # - get: dps-automation-image # - get: dps-modules # - task: configure-aks-cluster # image: dps-automation-image # file: dps-modules/ci/tasks/configure-k8s-ppdm.yml # input_mapping: # dps-modules: dps-modules # params: # <<: *azure_env # DEBUG: "FALSE" # RUN_PPDM_PLAYBOOK: "FALSE" # - put: k8stoken # params: # file: k8stoken/ppdmk8stoken-*.json