--- image: atlassian/default-image:2 definitions: services: docker: memory: 3072 pipelines: default: - parallel: - step: name: Build images script: - docker build . --file docker/coturn/Dockerfile --tag coturn - docker build . --file docker/coturn-dns/Dockerfile --tag coturn-dns services: - docker caches: - docker - step: name: Lint the Dockerfile image: hadolint/hadolint:latest-debian script: - hadolint docker/coturn/Dockerfile - hadolint docker/coturn-dns/Dockerfile branches: main: - parallel: - step: name: Build images script: - docker build . --file docker/coturn/Dockerfile --tag coturn - docker build . --file docker/coturn-dns/Dockerfile --tag coturn-dns - docker save coturn --output "coturn.tar" - docker save coturn-dns --output "coturn-dns.tar" services: - docker caches: - docker artifacts: - "*.tar" - step: name: Deploy terraform image: hashicorp/terraform:latest script: - cd terraform/ - terraform init - terraform plan - terraform apply -input=false -auto-approve - step: name: Deploy K8s apps (production) script: - pipe: atlassian/kubectl-run:3.1.2 variables: KUBE_CONFIG: $KUBE_CONFIG_PRD KUBECTL_COMMAND: '-n argocd apply -k k8s/argocd/overlays/production --server-side --force-conflicts' - step: name: Push images image: google/cloud-sdk:alpine script: # Authenticating with the service account key file - echo $GCLOUD_API_KEYFILE | base64 -d > ./gcloud-api-key.json - gcloud auth activate-service-account --key-file gcloud-api-key.json - gcloud config set project $GCLOUD_PROJECT - cat ./gcloud-api-key.json | docker login -u _json_key --password-stdin https://gcr.io # Push Docker images - VERSION="latest" - docker load --input "coturn.tar" - docker load --input "coturn-dns.tar" - docker tag "coturn" "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION-staging}" - docker tag "coturn-dns" "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION-staging}" - docker push "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION-staging}" - docker push "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION-staging}" services: - docker - step: name: Deploy, Verify and Test Production deployment: production image: node:22 script: - apt-get update && apt-get install -y curl jq git - curl -LO "https://dl.k8s.io/release/v1.28.3/bin/linux/amd64/kubectl" - install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl - echo $KUBE_CONFIG_PRD | base64 -d > kubeconfig - export KUBECONFIG=$(pwd)/kubeconfig - kubectl -n coturn rollout restart deployment/coturn - kubectl -n coturn rollout status -w deployment/coturn - kubectl -n coturn-dns rollout restart deployment/coturn-dns - kubectl -n coturn-dns rollout status -w deployment/coturn-dns - chmod +x scripts/verify-deployment.sh - ./scripts/verify-deployment.sh $BITBUCKET_COMMIT production - npx playwright install-deps - git clone --depth 1 git@bitbucket.org:jamkazam/video-e2e.git - cd video-e2e - npm install - npx playwright install chromium - ./bin/production-test after-script: - | if [ $BITBUCKET_EXIT_CODE -ne 0 ]; then curl -X POST -H 'Content-type: application/json' --data "{\"text\":\"🚨 Pipeline Failed: Production verification/tests failed for commit $BITBUCKET_COMMIT. \"}" https://hooks.slack.com/services/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 fi develop: - parallel: - step: name: Build images script: - docker build . --file docker/coturn/Dockerfile --tag coturn - docker build . --file docker/coturn-dns/Dockerfile --tag coturn-dns - docker save coturn --output "coturn.tar" - docker save coturn-dns --output "coturn-dns.tar" services: - docker caches: - docker artifacts: - "*.tar" - step: name: Deploy terraform image: hashicorp/terraform:latest script: - cd terraform/ - terraform init - terraform plan - terraform apply -input=false -auto-approve - step: name: Deploy K8s apps (staging) script: # Set a default branch for local testing or safety if BITBUCKET_BRANCH is not always present - export BITBUCKET_BRANCH=${BITBUCKET_BRANCH:-notarealbranch} # Template argocd/base/applications.yaml in place for the current pipeline run - envsubst < k8s/argocd/base/applications.yaml > k8s/argocd/base/applications.yaml.tmp - mv k8s/argocd/base/applications.yaml.tmp k8s/argocd/base/applications.yaml # Now run kubectl apply -k. Kustomize will pick up the modified base file. - pipe: atlassian/kubectl-run:3.1.2 variables: KUBE_CONFIG: $KUBE_CONFIG_STG KUBECTL_COMMAND: '-n argocd apply -k k8s/argocd/overlays/staging --server-side --force-conflicts' - step: name: Push images image: google/cloud-sdk:alpine script: # Authenticating with the service account key file - echo $GCLOUD_API_KEYFILE | base64 -d > ./gcloud-api-key.json - gcloud auth activate-service-account --key-file gcloud-api-key.json - gcloud config set project $GCLOUD_PROJECT - cat ./gcloud-api-key.json | docker login -u _json_key --password-stdin https://gcr.io # Push Docker images - VERSION="latest" - docker load --input "coturn.tar" - docker load --input "coturn-dns.tar" - docker tag "coturn" "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION}" - docker tag "coturn-dns" "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION}" - docker push "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION}" - docker push "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION}" services: - docker - step: name: Deploy, Verify and Test Staging deployment: staging image: node:22 script: - apt-get update && apt-get install -y curl jq git - curl -LO "https://dl.k8s.io/release/v1.28.3/bin/linux/amd64/kubectl" - install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl - echo $KUBE_CONFIG_STG | base64 -d > kubeconfig - export KUBECONFIG=$(pwd)/kubeconfig - kubectl -n coturn rollout restart deployment/coturn - kubectl -n coturn rollout status -w deployment/coturn - kubectl -n coturn-dns rollout restart deployment/coturn-dns - kubectl -n coturn-dns rollout status -w deployment/coturn-dns - chmod +x scripts/verify-deployment.sh - ./scripts/verify-deployment.sh $BITBUCKET_COMMIT staging - npx playwright install-deps - git clone --depth 1 git@bitbucket.org:jamkazam/video-e2e.git - cd video-e2e - npm install - npx playwright install chromium - ./bin/staging-test after-script: - | if [ $BITBUCKET_EXIT_CODE -ne 0 ]; then curl -X POST -H 'Content-type: application/json' --data "{\"text\":\"🚨 Pipeline Failed: Staging verification/tests failed for commit $BITBUCKET_COMMIT. \"}" https://hooks.slack.com/services/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 fi - step: name: Promote to Production script: - git config --global user.email "ci-bot@jamkazam.com" - git config --global user.name "CI Bot" - git fetch origin main:main - git checkout main - git merge $BITBUCKET_COMMIT - git push origin main custom: build-and-push-coturn-dns: - variables: - name: VERSION default: "1.0.10" - step: name: Build and Push coturn-dns image: google/cloud-sdk:alpine script: # Authenticating with the service account key file - echo $GCLOUD_API_KEYFILE | base64 -d > ./gcloud-api-key.json - gcloud auth activate-service-account --key-file gcloud-api-key.json - gcloud config set project $GCLOUD_PROJECT - cat ./gcloud-api-key.json | docker login -u _json_key --password-stdin https://gcr.io # Build and Push Docker image - docker build . --file docker/coturn-dns/Dockerfile --tag "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION}" - docker push "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION}" services: - docker run-staging-test: - step: name: Verify and Test Staging deployment: staging image: node:22 script: - apt-get update && apt-get install -y curl jq git - curl -LO "https://dl.k8s.io/release/v1.28.3/bin/linux/amd64/kubectl" - install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl - echo $KUBE_CONFIG_STG | base64 -d > kubeconfig - export KUBECONFIG=$(pwd)/kubeconfig - npx playwright install-deps - chmod +x scripts/verify-deployment.sh - ./scripts/verify-deployment.sh $BITBUCKET_COMMIT staging - git clone --depth 1 git@bitbucket.org:jamkazam/video-e2e.git - cd video-e2e - npm install - npx playwright install chromium - ./bin/staging-test after-script: - | if [ $BITBUCKET_EXIT_CODE -ne 0 ]; then curl -X POST -H 'Content-type: application/json' --data "{\"text\":\"🚨 Pipeline Failed: Staging verification/tests failed for commit $BITBUCKET_COMMIT. \"}" https://hooks.slack.com/services/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 fi