Move review CI jobs to separate sh files

.gitlab-ci.yml

@@ -199,119 +199,6 @@ build docker image:
     DOCKER_LATEST: registry.hub.docker.com/thalia/concrexit:latest
     DOCKER_TAG: registry.hub.docker.com/thalia/concrexit:$CI_COMMIT_SHA
 
-.reviewsetup:
-  when: manual
-  image: python:latest
-  before_script:
-    - DEBIAN_FRONTEND=noninteractive apt-get --yes --quiet update
-    - DEBIAN_FRONTEND=noninteractive apt-get --yes --quiet install jq
-    - pip install awscli
-    - >-
-      instanceids=$(
-      aws --region eu-west-1 ec2 describe-instances
-      --filters "Name=tag:Name,Values=concrexit-review-${CI_COMMIT_REF_SLUG}"
-      | jq --raw-output '.Reservations|map(.Instances[0].InstanceId)|join(" ")'
-      )
-    - aws --region eu-west-1 ec2 terminate-instances --instance-ids ${instanceids} || true
-
-review:
-  stage: deploy
-  environment:
-    name: review/${CI_COMMIT_REF_NAME}
-    url: https://${CI_COMMIT_REF_SLUG}.public.review.technicie.nl/
-    on_stop: review remove
-  extends: .reviewsetup
-  script:
-    - username=$(head /dev/urandom | tr -dc 'a-z' | head -c 10)
-    - password=$(head /dev/urandom | tr -dc 'a-zA-Z' | head -c 32)
-    - >-
-      sed -i
-      -e "s/@version@/$CI_COMMIT_SHA/g"
-      -e "s/@username@/$username/g"
-      -e "s/@password@/$password/g"
-      ./resources/ec2-bootstrap.sh
-    - >-
-      instanceid=$(
-      aws --region eu-west-1 ec2 run-instances
-      --count 1
-      --instance-type t2.micro
-      --tag-specifications "ResourceType=instance,Tags=[{Key=Name,Value=concrexit-review-${CI_COMMIT_REF_SLUG}}]"
-      --launch-template LaunchTemplateId=lt-03762fc23450c2471,Version=5
-      --user-data file://resources/ec2-bootstrap.sh
-      | jq --raw-output '.Instances[0].InstanceId'
-      )
-    - aws --region eu-west-1 ec2 wait instance-running --instance-ids ${instanceid}
-    - ipaddress=$(aws --region eu-west-1 ec2 describe-instances --instance-ids ${instanceid} | jq --raw-output '.Reservations[0].Instances[0].PrivateIpAddress')
-    - |
-      cat > add-record.json <<EOF
-      {
-        "Comment": "CREATE review deployment record",
-        "Changes": [
-          {
-            "Action": "CREATE",
-            "ResourceRecordSet": {
-              "Name": "${CI_COMMIT_REF_SLUG}.private.review.technicie.nl",
-              "Type": "A",
-              "TTL": 10,
-              "ResourceRecords": [{"Value": "${ipaddress}"}]
-            }
-          }
-        ]
-
-      }
-      EOF
-    - |
-      cat > change-record.json <<EOF
-      {
-        "Comment": "CHANGE review deployment record",
-        "Changes": [
-          {
-            "Action": "UPSERT",
-            "ResourceRecordSet": {
-              "Name": "${CI_COMMIT_REF_SLUG}.private.review.technicie.nl",
-              "Type": "A",
-              "TTL": 10,
-              "ResourceRecords": [{"Value": "${ipaddress}"}]
-            }
-          }
-        ]
-      }
-      EOF
-    - >-
-      changeinfoid=$(
-      (
-      aws --region eu-west-1 route53 change-resource-record-sets
-      --hosted-zone-id Z3I4ZHBBD5NSHU
-      --change-batch file://add-record.json
-      ||
-      aws --region eu-west-1 route53 change-resource-record-sets
-      --hosted-zone-id Z3I4ZHBBD5NSHU
-      --change-batch file://change-record.json
-      )
-      | jq --raw-output '.ChangeInfo.Id'
-      )
-    - aws --region eu-west-1 route53 wait resource-record-sets-changed --id ${changeinfoid}
-    - echo -e "The deployment is done. Please wait for the website to come up. You can login on https://${CI_COMMIT_REF_SLUG}.public.review.technicie.nl/ with:\nUsername:$username\nPassword:$password"
-
-
-review remove:
-  stage: deploy
-  environment:
-    name: review/${CI_COMMIT_REF_NAME}
-    action: stop
-  variables:
-    GIT_STRATEGY: none
-  extends: .reviewsetup
-  script:
-    - >-
-      aws --region eu-west-1 route53 list-resource-record-sets
-      --hosted-zone-id Z3I4ZHBBD5NSHU
-      --query "ResourceRecordSets[?Name == '${CI_COMMIT_REF_SLUG}.private.review.technicie.nl.']"
-      |
-      jq '{"Comment": "DELETE review deployment record", "Changes": map({"Action": "DELETE", "ResourceRecordSet": .})}'
-      > remove-record.json
-    - aws --region eu-west-1 route53 change-resource-record-sets --hosted-zone-id Z3I4ZHBBD5NSHU --change-batch file://remove-record.json || true
-
 build production docker image:
   extends: build docker image
   only:
@@ -327,6 +214,45 @@ build production docker image:
     DOCKER_TAG_PRODUCTION: registry.hub.docker.com/thalia/concrexit:$CI_COMMIT_TAG
     DEV_REQUIREMENTS: 0
 
+.reviewsetup:
+  when: "manual"
+  image: "python:latest"
+  variables:
+      AWS_DEFAULT_REGION: "eu-west-1"
+  before_script:
+    - "DEBIAN_FRONTEND=noninteractive apt-get --yes --quiet update"
+    - "DEBIAN_FRONTEND=noninteractive apt-get --yes --quiet install jq"
+    - "pip install awscli"
+
+review create:
+  extends: ".reviewsetup"
+  stage: "deploy"
+  environment:
+    name: "review/${CI_COMMIT_REF_NAME}"
+    url: "https://${CI_COMMIT_REF_SLUG}.public.review.technicie.nl/"
+    on_stop: "review remove"
+  script:
+    - "username=$(head /dev/urandom | tr -dc 'a-z' | head -c 10)"
+    - "password=$(head /dev/urandom | tr -dc 'a-zA-Z' | head -c 32)"
+    - >-
+      sed --in-place
+      --expression "s/@version@/$CI_COMMIT_SHA/g"
+      --expression "s/@username@/$username/g"
+      --expression "s/@password@/$password/g"
+      ./resources/ec2-bootstrap.sh
+    - "resources/review-host-create.sh"
+    - 'echo -e "The deployment is done. Please wait for the website to come up. You can login on https://${CI_COMMIT_REF_SLUG}.public.review.technicie.nl/ with:\nUsername:$username\nPassword:$password"'
+
+
+review remove:
+  extends: ".reviewsetup"
+  stage: "deploy"
+  environment:
+    name: "review/${CI_COMMIT_REF_NAME}"
+    action: "stop"
+  script:
+    - "resources/review-host-remove.sh"
+
 cache:
   key: "$CI_JOB_NAME"
   paths:

resources/review-host-create.sh

+#!/usr/bin/env bash
+
+set -o errexit -o verbose 
+
+if [ -z "${GITLAB_CI}" ]; then
+    echo "Not running in Gitlab CI"
+    exit 1;
+fi
+
+mapfile -t running_instance_ids < <(
+    aws ec2 describe-instances  \
+    --filters "Name=tag:Name,Values=concrexit-review-${CI_COMMIT_REF_SLUG}" \
+              "Name=instance-state-name,Values=running,shutting-down,stopping,stopped" \
+    --query "Reservations[].Instances[].[InstanceId]" \
+    --output "text" 
+)
+if [ "${#running_instance_ids[@]}" -gt 0 ]; then
+    aws ec2 terminate-instances --instance-ids "${running_instance_ids[@]}"
+fi
+
+new_instance_id=$(
+    aws ec2 run-instances \
+    --tag-specifications "ResourceType=instance,Tags=[{Key=Name,Value=concrexit-review-${CI_COMMIT_REF_SLUG}}]" \
+    --launch-template "LaunchTemplateId=lt-03762fc23450c2471,Version=5" \
+    --user-data file://resources/ec2-bootstrap.sh | 
+        jq --raw-output ".Instances[0].InstanceId"
+    )
+aws ec2 wait instance-running --instance-ids "${new_instance_id}"
+
+private_ipv4_address=$(aws ec2 describe-instances --instance-ids "${new_instance_id}" | jq --raw-output '.Reservations[0].Instances[0].PrivateIpAddress')
+temporary_record_change_file=$(mktemp --suffix ".json") 
+cat > "${temporary_record_change_file}" <<EOF
+{
+  "Comment": "Add or update private review host record",
+  "Changes": [
+    {
+      "Action": "UPSERT",
+      "ResourceRecordSet": {
+        "Name": "${CI_COMMIT_REF_SLUG}.private.review.technicie.nl",
+        "Type": "A",
+        "TTL": 10,
+        "ResourceRecords": [{"Value": "${private_ipv4_address}"}]
+      }
+    }
+  ]
+}
+EOF
+route53_record_change_id=$(
+    aws route53 change-resource-record-sets \
+    --hosted-zone-id "Z3I4ZHBBD5NSHU" \
+    --change-batch "file://${temporary_record_change_file}" | 
+        jq --raw-output ".ChangeInfo.Id"
+    )
+aws route53 wait resource-record-sets-changed --id "${route53_record_change_id}"

resources/review-host-remove.sh

+#!/usr/bin/env bash
+
+set -o errexit -o verbose 
+
+if [ -z "${GITLAB_CI}" ]; then
+    echo "Not running in Gitlab CI"
+    exit 1;
+fi
+
+mapfile -t running_instance_ids < <(
+    aws ec2 describe-instances  \
+    --filters "Name=tag:Name,Values=concrexit-review-${CI_COMMIT_REF_SLUG}" \
+              "Name=instance-state-name,Values=running,shutting-down,stopping,stopped" \
+    --query "Reservations[].Instances[].[InstanceId]" \
+    --output "text" 
+)
+if [ "${#running_instance_ids[@]}" -gt 0 ]; then
+    aws ec2 terminate-instances --instance-ids "${running_instance_ids[@]}"
+fi
+
+resource_record_set=$(
+    aws route53 list-resource-record-sets \
+    --hosted-zone-id "Z3I4ZHBBD5NSHU" \
+    --query "ResourceRecordSets[?Name == '${CI_COMMIT_REF_SLUG}.private.review.technicie.nl.']" |
+        jq --raw-output ".[0]"
+    ) 
+
+if [ "${resource_record_set}" != "null" ]; then
+    temporary_record_change_file=$(mktemp --suffix ".json") 
+    cat > "${temporary_record_change_file}" <<EOF
+{
+  "Comment": "Delete private review host record",
+  "Changes":  [
+        {
+            "Action": "DELETE",
+            "ResourceRecordSet": ${resource_record_set}
+        }
+    ]
+}
+EOF
+    aws route53 change-resource-record-sets --hosted-zone-id "Z3I4ZHBBD5NSHU" --change-batch "file://${temporary_record_change_file}"
+fi