feat(serverless): executor logic to determine stage and branch alias

zotoio · Jun 15, 2018 · 2724671 · 2724671
1 parent 7815549
commit 2724671
Show file tree

Hide file tree

Showing 6 changed files with 53 additions and 12 deletions.
diff --git a/.envExample b/.envExample
@@ -41,6 +41,9 @@ GTM_S3_DEPENDENCY_BUCKET=gtmstorage
 GTM_WELCOME_MESSAGE_ENABLED=true
 GTM_REPO_BLACKLIST=.*ignore-repo.*,.*another-repo.*
 GTM_AWS_KMS_KEY_ID=<redacted>
+GTM_SLS_EXECUTOR_AWS_STAGE=<stage for lambdas deployed by ExecutorDockerServerless>
+GTM_SLS_EXECUTOR_AWS_REGION=<region for lambdas>
+GTM_SLS_EXECUTOR_AWS_EXECUTION_ROLE=<iam role for lambda execution>
 
 GTM_CRYPT_GITHUB_TOKEN=<redacted>
 GTM_CRYPT_GITHUB_WEBHOOK_SECRET=<redacted>

diff --git a/README.md b/README.md
@@ -98,6 +98,9 @@ Create an asynchronous CI agnostic mechanism for running custom test stage gates
 |GTM_S3_DEPENDENCY_BUCKET| aws s3 storage of build dependencies|
 |GTM_AWS_S3_PROXY| https_proxy for aws s3 |
 |GTM_REPO_BLACKLIST| comma separated list of regex to blackist repo names from triggering events |
+|GTM_SLS_EXECUTOR_AWS_STAGE| stage override from default calculation of dev/test|
+|GTM_SLS_EXECUTOR_AWS_REGION| aws region for lambdas default ap-southeast-2|
+|GTM_SLS_EXECUTOR_AWS_EXECUTION_ROLE| docker serverless lambda execution role |
 
 > important: values of env vars prefixed with `GTM_CRYPT_*` must be created via `npm run sls-encrypt [name] [value]`
 

diff --git a/src/agent/AgentUtils.js b/src/agent/AgentUtils.js
@@ -360,7 +360,9 @@ export class AgentUtils {
             '##GH_CLONE_URL##': obj.repository.clone_url,
             '##GH_PR_BRANCHNAME##': obj.pull_request ? obj.pull_request.head.ref : '',
             '##PARENTBUILDNUMBER##': this.metaValue(parent, 'buildNumber'),
-            '##PARENTBUILDNAME##': this.metaValue(parent, 'buildName')
+            '##PARENTBUILDNAME##': this.metaValue(parent, 'buildName'),
+            '##GIT_URL##': obj.pull_request ? obj.pull_request.html_url : obj.compare,
+            '##GIT_COMMIT##': obj.pull_request ? obj.pull_request.head.sha : obj.head_commit.id
         };
 
         // just add all the GTM env vars to map

diff --git a/src/executors/ExecutorDockerServerless.js b/src/executors/ExecutorDockerServerless.js
@@ -33,17 +33,22 @@ export class ExecutorDockerServerless extends ExecutorDocker {
         this.eventData = eventData;
         this.log = log;
         this._packagesToDeploy = this.identifyChangedPackages();
-        this.refParts = this.eventData.ref ? this.eventData.ref.split('/') : [];
-        this.pushBranch = this.refParts.length > 0 ? this.refParts[this.refParts.length] : null;
+        this.pushBranch = this.pushBranchName();
     }
     get packagesToDeploy() {
         return this._packagesToDeploy;
     }
 
     async executeTask(task) {
-        task.options = this.mergeTaskOptions(task);
+        task.options = await this.mergeTaskOptions(task);
         return super.executeTask(task);
     }
+    pushBranchName() {
+        let refParts = this.eventData.ref ? this.eventData.ref.split('/') : [];
+        let branchName = refParts.length > 0 ? refParts[refParts.length - 1].replace(/[^A-Za-z0-9\-+_]/g, '-') : null;
+        this.log.info(`pushBranchName: ${branchName}`);
+        return branchName;
+    }
 
     identifyChangedPackages() {
         let packages = [];
@@ -63,8 +68,13 @@ export class ExecutorDockerServerless extends ExecutorDocker {
 
         return packages;
     }
+    slsStage() {
+        let stage = process.env.GTM_SLS_EXECUTOR_AWS_STAGE || this.eventData.pushForPullRequest ? 'test' : 'dev';
+        this.log.info(`stage: ${stage}`);
+        return stage;
+    }
 
-    mergeTaskOptions(task) {
+    async mergeTaskOptions(task) {
         let options = {
             image: process.env.GTM_DOCKER_DEFAULT_WORKER_IMAGE || 'zotoio/gtm-worker:latest',
             command: '/usr/workspace/serverless-mono-deploy.sh',
@@ -73,12 +83,15 @@ export class ExecutorDockerServerless extends ExecutorDocker {
                 GIT_PR_ID: '##GHPRNUM##',
                 GIT_PR_BRANCHNAME: '##GH_PR_BRANCHNAME##',
                 GIT_PUSH_BRANCHNAME: this.pushBranch,
+                GIT_URL: '##GIT_URL##',
+                GIT_COMMIT: '##GIT_COMMIT##',
                 SLS_AFFECTED_PACKAGES: this.packagesToDeploy.join(','),
                 IAM_ENABLED: process.env.IAM_ENABLED,
                 S3_DEPENDENCY_BUCKET: '##GTM_S3_DEPENDENCY_BUCKET##',
                 AWS_S3_PROXY: '##GTM_AWS_S3_PROXY##',
-                AWS_STAGE: process.env.GTM_AWS_STAGE,
-                AWS_REGION: process.env.GTM_AWS_REGION
+                SLS_AWS_STAGE: this.slsStage(),
+                SLS_AWS_REGION: process.env.GTM_SLS_EXECUTOR_AWS_REGION || 'ap-southeast-2',
+                SLS_AWS_EXECUTION_ROLE: process.env.GTM_SLS_EXECUTOR_AWS_EXECUTION_ROLE
             },
             validator: {
                 type: 'outputRegex',
@@ -87,8 +100,10 @@ export class ExecutorDockerServerless extends ExecutorDocker {
         };
 
         if (!process.env.IAM_ENABLED) {
-            options.env['GTM_AWS_ACCESS_KEY_ID'] = KmsUtils.getDecrypted(process.env.GTM_CRYPT_AGENT_AWS_ACCESS_KEY_ID);
-            options.env['GTM_AWS_SECRET_ACCESS_KEY'] = KmsUtils.getDecrypted(
+            options.env['GTM_AWS_ACCESS_KEY_ID'] = await KmsUtils.getDecrypted(
+                process.env.GTM_CRYPT_AGENT_AWS_ACCESS_KEY_ID
+            );
+            options.env['GTM_AWS_SECRET_ACCESS_KEY'] = await KmsUtils.getDecrypted(
                 process.env.GTM_CRYPT_AGENT_AWS_SECRET_ACCESS_KEY
             );
             options.env['GTM_AWS_REGION'] = process.env.GTM_AWS_REGION;

diff --git a/src/serverless/gtmGithubHook/gtmGithubHook.js b/src/serverless/gtmGithubHook/gtmGithubHook.js
@@ -83,11 +83,15 @@ async function handleEvent(type, body, signature) {
         queueUrl: process.env.SQS_PENDING_QUEUE_URL,
         region: process.env.GTM_AWS_REGION
     });
-
+    let pushForPullRequest = false;
+    // if this is a push, determine whether related to an open pull_request
+    if (type === 'push' && body.commits.length > 0) {
+        pushForPullRequest = await githubUtils.isCommitForPullRequest(body.commits[0].id);
+    }
+    body.pushForPullRequest = pushForPullRequest;
     let bodyString = JSON.stringify(body);
     let ghEventId = UUID();
     let ghAgentGroup = taskConfig[type] && taskConfig[type].agentGroup ? taskConfig[type].agentGroup : 'default';
-
     let event = [
         {
             id: ghEventId,

diff --git a/src/serverless/gtmGithubUtils.js b/src/serverless/gtmGithubUtils.js
@@ -285,6 +285,19 @@ async function handleEventTaskResult(message, done) {
     }
 }
 
+async function isCommitForPullRequest(commitSha) {
+    try {
+        let github = await connect();
+        let query = `${commitSha}+is:pr+state:open`;
+        const prResult = await github.search.issues({ q: query });
+        console.log(`isCommitForPullRequest result: ${json.plain(prResult)}`);
+        return prResult.data.items && prResult.data.items.length > 0;
+    } catch (e) {
+        console.log('----- ERROR COMMUNICATING WITH GITHUB -----');
+        console.log(e);
+    }
+}
+
 module.exports = {
     connect: connect,
     signRequestBody: signRequestBody,
@@ -293,5 +306,6 @@ module.exports = {
     getFile: getFile,
     handleEventTaskResult: handleEventTaskResult,
     updateGitHubPullRequestStatus: updateGitHubPullRequestStatus,
-    createPullRequestStatus: createPullRequestStatus
+    createPullRequestStatus: createPullRequestStatus,
+    isCommitForPullRequest: isCommitForPullRequest
 };