DEV-1114 patchday: extracted harbor/maria in own stages

.gitlab-ci.yml

@@ -16,8 +16,10 @@ stages:
   - run-setup
   - run-setup-digitalocean
   - run-update
-  - run-patchday-elastic-postgres
+  - run-patchday-harbor
-  - run-patchday-all-k8s
+  - run-patchday-elastic
+  - run-patchday-database
+  - run-patchday-all
   - run-hcloud-firewall
 
 lint-job:
@@ -362,9 +364,23 @@ run-management-update-demompmx:
     - ssh-add -L
   timeout: 2h
 
+run-patchday-harbor-devnso:
+  extends: .run-patchday
+  stage: run-patchday-harbor
+  resource_group: devnso
+  script:
+    - export STAGE=devnso
+    - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
+    - echo "${ANSIBLE_VAULT_PASS_DEV}" > /tmp/vault-pass
+    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'harbor'
+  after_script:
+    - rm /tmp/vault-pass
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "main"
+
 run-patchday-elastic-devnso:
   extends: .run-patchday
-  stage: run-patchday-elastic-postgres
+  stage: run-patchday-elastic
   resource_group: devnso
   script:
     - export STAGE=devnso
@@ -376,9 +392,9 @@ run-patchday-elastic-devnso:
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "main"
 
-run-patchday-postgres-devnso:
+run-patchday-database-postgres-devnso:
   extends: .run-patchday
-  stage: run-patchday-elastic-postgres
+  stage: run-patchday-database
   resource_group: devnso
   script:
     - export STAGE=devnso
@@ -390,23 +406,37 @@ run-patchday-postgres-devnso:
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "main"
 
+run-patchday-database-maria-devnso:
+  extends: .run-patchday
+  stage: run-patchday-database
+  resource_group: devnso
+  script:
+    - export STAGE=devnso
+    - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
+    - echo "${ANSIBLE_VAULT_PASS_DEV}" > /tmp/vault-pass
+    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'maria'
+  after_script:
+    - rm /tmp/vault-pass
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "main"
+
 run-patchday-all-devnso:
   extends: .run-patchday
-  stage: run-patchday-all-k8s
+  stage: run-patchday-all
   resource_group: devnso
   script:
     - export STAGE=devnso
     - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
     - echo "${ANSIBLE_VAULT_PASS_DEV}" > /tmp/vault-pass
-    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'all:!elastic:!postgres:!k8s_cluster'
+    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'all:!harbor:!elastic:!postgres:!maria:!k8s_cluster'
   after_script:
     - rm /tmp/vault-pass
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "main"
 
-run-patchday-k8s-devnso:
+run-patchday-all-k8s-devnso:
   extends: .run-patchday
-  stage: run-patchday-all-k8s
+  stage: run-patchday-all
   resource_group: devnso
   script:
     - export STAGE=devnso
@@ -418,9 +448,9 @@ run-patchday-k8s-devnso:
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "main"
 
-run-patchday-k8s-devscr:
+run-patchday-all-k8s-devscr:
   extends: .run-patchday
-  stage: run-patchday-all-k8s
+  stage: run-patchday-all
   resource_group: devscr
   script:
     - export STAGE=devscr
@@ -432,9 +462,23 @@ run-patchday-k8s-devscr:
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "main"
 
+run-patchday-harbor-qa:
+  extends: .run-patchday
+  stage: run-patchday-harbor
+  resource_group: qa
+  script:
+    - export STAGE=qa
+    - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
+    - echo "${ANSIBLE_VAULT_PASS_QA}" > /tmp/vault-pass
+    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'harbor'
+  after_script:
+    - rm /tmp/vault-pass
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "qa"
+
 run-patchday-elastic-qa:
   extends: .run-patchday
-  stage: run-patchday-elastic-postgres
+  stage: run-patchday-elastic
   resource_group: qa
   script:
     - export STAGE=qa
@@ -446,9 +490,9 @@ run-patchday-elastic-qa:
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "qa"
 
-run-patchday-postgres-qa:
+run-patchday-database-postgres-qa:
   extends: .run-patchday
-  stage: run-patchday-elastic-postgres
+  stage: run-patchday-database
   resource_group: qa
   script:
     - export STAGE=qa
@@ -460,23 +504,37 @@ run-patchday-postgres-qa:
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "qa"
 
+run-patchday-database-maria-qa:
+  extends: .run-patchday
+  stage: run-patchday-database
+  resource_group: qa
+  script:
+    - export STAGE=qa
+    - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
+    - echo "${ANSIBLE_VAULT_PASS_QA}" > /tmp/vault-pass
+    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'maria'
+  after_script:
+    - rm /tmp/vault-pass
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "qa"
+
 run-patchday-all-qa:
   extends: .run-patchday
-  stage: run-patchday-all-k8s
+  stage: run-patchday-all
   resource_group: qa
   script:
     - export STAGE=qa
     - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
     - echo "${ANSIBLE_VAULT_PASS_QA}" > /tmp/vault-pass
-    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'all:!elastic:!postgres:!k8s_cluster'
+    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'all:!harbor:!elastic:!postgres:!maria:!k8s_cluster'
   after_script:
     - rm /tmp/vault-pass
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "qa"
 
-run-patchday-k8s-qa:
+run-patchday-all-k8s-qa:
   extends: .run-patchday
-  stage: run-patchday-all-k8s
+  stage: run-patchday-all
   resource_group: qa
   script:
     - export STAGE=qa
@@ -488,9 +546,23 @@ run-patchday-k8s-qa:
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "qa"
 
+run-patchday-harbor-prodnso:
+  extends: .run-patchday
+  stage: run-patchday-harbor
+  resource_group: prodnso
+  script:
+    - export STAGE=prodnso
+    - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
+    - echo "${ANSIBLE_VAULT_PASS_PRODNSO}" > /tmp/vault-pass
+    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'harbor'
+  after_script:
+    - rm /tmp/vault-pass
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "prodnso"
+
 run-patchday-elastic-prodnso:
   extends: .run-patchday
-  stage: run-patchday-elastic-postgres
+  stage: run-patchday-elastic
   resource_group: prodnso
   script:
     - export STAGE=prodnso
@@ -502,9 +574,9 @@ run-patchday-elastic-prodnso:
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "prodnso"
 
-run-patchday-postgres-prodnso:
+run-patchday-database-postgres-prodnso:
   extends: .run-patchday
-  stage: run-patchday-elastic-postgres
+  stage: run-patchday-database
   resource_group: prodnso
   script:
     - export STAGE=prodnso
@@ -516,23 +588,37 @@ run-patchday-postgres-prodnso:
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "prodnso"
 
+run-patchday-database-maria-prodnso:
+  extends: .run-patchday
+  stage: run-patchday-database
+  resource_group: prodnso
+  script:
+    - export STAGE=prodnso
+    - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
+    - echo "${ANSIBLE_VAULT_PASS_PRODNSO}" > /tmp/vault-pass
+    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'maria'
+  after_script:
+    - rm /tmp/vault-pass
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "prodnso"
+
 run-patchday-all-prodnso:
   extends: .run-patchday
-  stage: run-patchday-all-k8s
+  stage: run-patchday-all
   resource_group: prodnso
   script:
     - export STAGE=prodnso
     - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
     - echo "${ANSIBLE_VAULT_PASS_PRODNSO}" > /tmp/vault-pass
-    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'all:!elastic:!postgres:!k8s_cluster'
+    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'all:!harbor:!elastic:!postgres:!maria:!k8s_cluster'
   after_script:
     - rm /tmp/vault-pass
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "prodnso"
 
-run-patchday-k8s-prodnso:
+run-patchday-all-k8s-prodnso:
   extends: .run-patchday
-  stage: run-patchday-all-k8s
+  stage: run-patchday-all
   resource_group: prodnso
   script:
     - export STAGE=prodnso
@@ -546,7 +632,7 @@ run-patchday-k8s-prodnso:
 
 run-patchday-all-prodwork01:
   extends: .run-patchday
-  stage: run-patchday-all-k8s
+  stage: run-patchday-all
   resource_group: prodwork01
   script:
     - export STAGE=prodwork01
@@ -558,9 +644,9 @@ run-patchday-all-prodwork01:
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "prodnso"
 
-run-patchday-k8s-prodwork01:
+run-patchday-all-k8s-prodwork01:
   extends: .run-patchday
-  stage: run-patchday-all-k8s
+  stage: run-patchday-all
   resource_group: prodwork01
   script:
     - export STAGE=prodwork01
@@ -572,9 +658,9 @@ run-patchday-k8s-prodwork01:
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "prodnso"
 
-run-patchday-postgres-demompmx:
+run-patchday-database-postgres-demompmx:
   extends: .run-patchday
-  stage: run-patchday-elastic-postgres
+  stage: run-patchday-database
   resource_group: demompmx
   script:
     - export STAGE=demompmx
@@ -586,23 +672,37 @@ run-patchday-postgres-demompmx:
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "prodnso"
 
+run-patchday-database-maria-demompmx:
+  extends: .run-patchday
+  stage: run-patchday-database
+  resource_group: demompmx
+  script:
+    - export STAGE=demompmx
+    - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
+    - echo "${ANSIBLE_VAULT_PASS_DEMOMPMX}" > /tmp/vault-pass
+    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'maria'
+  after_script:
+    - rm /tmp/vault-pass
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "prodnso"
+
 run-patchday-all-demompmx:
   extends: .run-patchday
-  stage: run-patchday-all-k8s
+  stage: run-patchday-all
   resource_group: demompmx
   script:
     - export STAGE=demompmx
     - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
     - echo "${ANSIBLE_VAULT_PASS_DEMOMPMX}" > /tmp/vault-pass
-    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'all:!elastic:!postgres:!k8s_cluster'
+    - ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci --limit 'all:!postgres:!maria:!k8s_cluster'
   after_script:
     - rm /tmp/vault-pass
   rules:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_BRANCH == "prodnso"
 
-run-patchday-k8s-demompmx:
+run-patchday-all-k8s-demompmx:
   extends: .run-patchday
-  stage: run-patchday-all-k8s
+  stage: run-patchday-all
   resource_group: demompmx
   script:
     - export STAGE=demompmx
@@ -730,7 +830,7 @@ run-setup-digitalocean:
 
 run-patchday-devnso-digitalocean:
   extends: .run-ansible
-  stage: run-patchday-all-k8s
+  stage: run-patchday-all
   before_script:
     - echo "${ANSIBLE_VAULT_PASS_DEV}" > /tmp/vault-pass
   script: