ministryofjustice · vimalsuresh · Mar 26, 2025 · Jan 28, 2025 · Jan 28, 2025 · Jan 28, 2025
@@ -5,6 +5,7 @@ orbs:
   aws-ecr: circleci/aws-ecr@8.2.1
   helm: circleci/helm@2.0.1
   slack: circleci/slack@4.12.5
+  python: circleci/python@3.0.0
 
 # ------------------
 # EXECUTORS
@@ -19,7 +20,141 @@ executors:
       - image: ministryofjustice/cloud-platform-tools
 
 jobs:
-  Deploy_tests_on_cloud_platform:
+  generate_release_name:
+    docker:
+      - image: cimg/ruby:3.3.4
+    steps:
+      - checkout
+      - run:
+          name: Install Gem
+          command: gem install petname
+      - run:
+          name: Run Ruby Script
+          command: |
+            ruby docker/scripts/generate_release_name.rb > release_name.txt
+      - store_artifacts:
+          path: release_name.txt
+          destination: release_name.txt
+      - persist_to_workspace:
+          root: .
+          paths:
+            - release_name.txt
+
+  check_redis_setup_docker_image:
+    executor: build-executor
+    steps:
+      - checkout
+      - run:
+          name: Calculate checksums
+          command: |
+            DOCKERFILE_CHECKSUM=$(sha1sum docker/Dockerfile | awk '{ print $1 }')
+            SETUP_SCRIPT_CHECKSUM=$(sha1sum docker/scripts/setup.rb | awk '{ print $1 }')
+            REDIS_SETUP_IMAGE_TAG="redis-setup-${DOCKERFILE_CHECKSUM}-${SETUP_SCRIPT_CHECKSUM}"
+            echo "export REDIS_SETUP_IMAGE_TAG=${REDIS_SETUP_IMAGE_TAG}" >> "$BASH_ENV"
+            echo "Image Tag: ${REDIS_SETUP_IMAGE_TAG}"
+      - aws-cli/setup:
+          role_arn: $ECR_ROLE_TO_ASSUME
+          region: $ECR_REGION
+      - run:
+          name: Check if Docker image exists in ECR
+          command: |
+            echo "Checking if image exists in ECR..."
+            echo "Image Tag: ${REDIS_SETUP_IMAGE_TAG}"
+            IMAGE_EXISTS=$(aws ecr describe-images --repository-name ${ECR_REPOSITORY} --image-ids imageTag=${REDIS_SETUP_IMAGE_TAG} --region ${ECR_REGION} 2>&1 || true)
+            echo "IMAGE_EXISTS: $IMAGE_EXISTS"
+            if echo "$IMAGE_EXISTS" | grep -q 'ImageNotFoundException'; then
+              echo "Image ${REDIS_SETUP_IMAGE_TAG} does not exist in ECR. Proceeding with build."
+              echo "export SKIP_BUILD=false" >> "$BASH_ENV"
+            else
+              echo "Image ${REDIS_SETUP_IMAGE_TAG} already exists in ECR. Skipping build."
+              echo "export SKIP_BUILD=true" >> "$BASH_ENV"
+            fi
+      - run:
+          name: Save environment variables
+          command: cp $BASH_ENV bash.env
+      - persist_to_workspace:
+          root: .
+          paths:
+            - bash.env
+
+  build_and_push_redis_setup_docker_image:
+    executor: build-executor
+    steps:
+      - checkout
+      - attach_workspace:
+          at: .
+      - run:
+          name: Load environment variables
+          command: |
+            cat bash.env >> $BASH_ENV
+      - run: |
+          # verify; this should print 'true' or 'false'
+          printenv SKIP_BUILD
+      - setup_remote_docker:
+          docker_layer_caching: true
+      - aws-cli/setup:
+          role_arn: $ECR_ROLE_TO_ASSUME
+          region: $ECR_REGION
+      - run:
+          name: Build Docker image
+          command: |
+            if [ "$SKIP_BUILD" != "true" ]; then
+              docker build -t redis-setup:latest -f docker/Dockerfile .
+            else
+              echo "Skipping build"
+            fi
+      - run:
+          name: Tag Docker image
+          command: |
+            if [ "$SKIP_BUILD" != "true" ]; then
+              docker tag redis-setup:latest ${AWS_ECR_REGISTRY_ID}.dkr.ecr.${ECR_REGION}.amazonaws.com/${ECR_REPOSITORY}:${REDIS_SETUP_IMAGE_TAG}
+            else
+              echo "Skipping tag"
+            fi
+      - run:
+          name: Login to ECR
+          command: |
+            if [ "$SKIP_BUILD" != "true" ]; then
+              aws ecr get-login-password --region $ECR_REGION | docker login --username AWS --password-stdin ${AWS_ECR_REGISTRY_ID}.dkr.ecr.${ECR_REGION}.amazonaws.com
+            else
+              echo "Skipping ECR login"
+            fi
+      - run:
+          name: Push Docker image
+          command: |
+            if [ "$SKIP_BUILD" != "true" ]; then
+              docker push ${AWS_ECR_REGISTRY_ID}.dkr.ecr.${ECR_REGION}.amazonaws.com/${ECR_REPOSITORY}:${REDIS_SETUP_IMAGE_TAG}
+            else
+              echo "Skipping push"
+            fi
+
+  deploy_test_setup:
+    executor: deploy-executor
+    parameters:
+      environment:
+        description: Destination environment
+        type: string
+        default: laa-cwa-feature-tests-dev
+      token:
+        description: CircleCI Service account token
+        type: string
+        default: ${CIRCLE_CI_TOKEN} 
+    steps:
+      - checkout
+      - attach_workspace:
+          at: .
+      - run:
+          name: Load environment variables
+          command: |
+            if [ -f bash.env ]; then
+              cat bash.env >> $BASH_ENV
+              source $BASH_ENV
+            fi
+      - run:
+          name: Debug REDIS_SETUP_IMAGE_TAG
+          command: echo "REDIS_SETUP_IMAGE_TAG=${REDIS_SETUP_IMAGE_TAG}"
+
+  deploy_tests_on_cloud_platform:
     executor: deploy-executor
     parameters:
       environment:
@@ -32,6 +167,15 @@ jobs:
         default: ${CIRCLE_CI_TOKEN}
     steps:
       - checkout
+      - attach_workspace:
+          at: .
+      - run:
+          name: Load environment variables
+          command: |
+            if [ -f bash.env ]; then
+              cat bash.env >> $BASH_ENV
+              source $BASH_ENV
+            fi
       - run:
           name: Authenticate with cluster
           command: |
@@ -47,30 +191,36 @@ jobs:
             export SANITISED_BRANCH=$(echo "${CIRCLE_BRANCH,,}" | sed -r 's/[/_]+/-/g')
             export SHORT_SHA1=$(echo "${CIRCLE_SHA1,,}" | cut -c1-7)
             export SANITISED_BRANCH_WITH_SHA="${SANITISED_BRANCH}-${SHORT_SHA1}"
-            helm install --generate-name ./charts/cwa-tests \
+            RELEASE_NAME=$(cat release_name.txt) 
+            helm install "${RELEASE_NAME}-run" ./charts/cwa-tests \
             -f charts/cwa-tests/Values.yaml \
-            --set ecr.image.tag=${SANITISED_BRANCH_WITH_SHA} \
+            --set run=true \
+            --set ecr.image.tag="${SANITISED_BRANCH_WITH_SHA}" \
+            --set global.registryAddress="${AWS_ECR_REGISTRY_ID}.dkr.ecr.${ECR_REGION}.amazonaws.com" \
             --wait --timeout 300s
-            export POD_NAME=$(kubectl get pods -n laa-cwa-feature-tests-dev --no-headers | awk '{print $1}' | grep '^cwa-tests-[0-9]\{10\}$' | sort | tail -1)
-            kubectl logs -f -n laa-cwa-feature-tests-dev $POD_NAME
+            kubectl logs -f "${RELEASE_NAME}-run-laa-pcuam-cwa-tests"
       - run:
-          name: Creating Artifacts folder
+          name: Wait for specific pod to complete
           command: |
-            mkdir /tmp/artifacts;
-            echo "Test reports for CWA UI tests" > /tmp/artifacts/art-2;
-      - store_artifacts:
-          path: reports
-          destination: test-reports
+            RELEASE_NAME=$(cat release_name.txt) 
+            export POD_NAME=$(kubectl get pods -o jsonpath='{.items[?(@.metadata.name=="${RELEASE_NAME}-run-laa-pcuam-cwa-tests")].metadata.name}')
+            echo "Waiting for pod ${POD_NAME} to complete..."
+            kubectl wait --for=condition=complete pod/${POD_NAME} --timeout=18000s
+            echo "...completed"
       - run:
           name: Clean namespace
-          command:  helm ls -n << parameters.environment >> --short | xargs -L1 -I {} helm uninstall {} -n << parameters.environment >>
+          command: |
+            RELEASE_NAME=$(cat release_name.txt)
+            helm ls -n << parameters.environment >> --short | \
+            grep "${RELEASE_NAME}" | \
+            xargs -L1 -I {} helm uninstall {} -n << parameters.environment >>
       - slack/notify:
           channel: laa-cwa-testing
           event: pass
           mentions: '@pcuam-devs'
           template: basic_success_1
 
-  Build_and_Push_Docker_Image:
+  build_and_push_docker_image:
     executor: build-executor
     steps:
       - checkout
@@ -107,15 +257,16 @@ jobs:
           mentions: '@pcuam-devs'
           template: basic_fail_1
 
-  Notify_Slack_For_Approval:
+  notify_slack_for_approval:
     executor: deploy-executor
     steps:
       - slack/notify:
           channel: laa-cwa-testing
           event: always
           mentions: '@pcuam-devs'
           template: basic_on_hold_1
-  Notify_Slack_For_Success:
+
+  notify_slack_for_success:
     executor: deploy-executor
     steps:
       - slack/notify:
@@ -126,31 +277,45 @@ jobs:
 
 workflows:
   version: 2
-  build_and_push:
+  build_and_deploy:
     jobs:
-      - Build_and_Push_Docker_Image
-      - Notify_Slack_For_Approval:
+      - generate_release_name
+      - check_redis_setup_docker_image
+      - build_and_push_redis_setup_docker_image:
           requires:
-            - Build_and_Push_Docker_Image
-
-  deploy_tests:
-    jobs:
+            - check_redis_setup_docker_image
+      - deploy_test_setup:
+          requires:
+            - generate_release_name
+            - build_and_push_redis_setup_docker_image
+      - hold_test_setup:
+          type: approval
+          requires:
+            - deploy_test_setup
+      - build_and_push_docker_image:
+          requires:
+            - hold_test_setup
+      - notify_slack_for_approval:
+          requires:
+            - build_and_push_docker_image
       - hold_test_deployment:
           type: approval
-      - Deploy_tests_on_cloud_platform:
+          requires:
+            - notify_slack_for_approval
+      - deploy_tests_on_cloud_platform:
           requires:
             - hold_test_deployment
 
   scheduled_ui_test_run:
     jobs:
-      - Deploy_tests_on_cloud_platform
-      - Notify_Slack_For_Success:
+      - deploy_tests_on_cloud_platform
+      - notify_slack_for_success:
           requires:
-            - Deploy_tests_on_cloud_platform
+            - deploy_tests_on_cloud_platform
     triggers:
       - schedule:
           cron: "30 1 * * *"
           filters:
            branches:
             only:
-            - main
+            - main
@@ -1,8 +1,9 @@
 global:
   branch: main
   costcentre: LAA
-  namespace: "laa-cwa-test"
+  namespace: "laa-cwa-feature-tests-dev"
   serviceAccount: "irsa-s3-laa-cwa-feature-tests-dev"
+  circle_sha1: ""
   browser: chrome
   test_env: tst
 
@@ -11,4 +12,24 @@ ecr:
     registryAddress: 754256621582.dkr.ecr.eu-west-2.amazonaws.com
     regPath: laa-pcuam/laa-cwa-feature-tests-dev
     tag: batches-latest
-    pullPolicy: Always
+    pullPolicy: Always
+
+redisSetup:
+  image:
+    tag: ""
+
+securityContext:
+  runAsUser: 1000
+  runAsGroup: 1000
+  fsGroup: 1000
+  capabilities:
+    drop:
+      - "ALL"
+  seccompProfile:
+    type: RuntimeDefault
+
+# Default values for cwa-tests.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+setup: false
+run: false
@@ -0,0 +1,12 @@
+{{- define "cwa-tests.setup" -}}
+{{- include "cwa-tests.setup.config-map" . }}
+{{- include "cwa-tests.setup.pvc" . }}
+{{- include "cwa-tests.setup.redis-pvc" . }}
+{{- include "cwa-tests.setup.redis-deployment" . }}
+{{- include "cwa-tests.setup.redis-service" . }}
+{{- include "cwa-tests.setup.redis-setup" . }}
+{{- end -}}
+
+{{- define "cwa-tests.run" -}}
+{{- include "cwa-tests.run.pod" . }}
+{{- end -}}
@@ -0,0 +1,5 @@
+{{- if .Values.setup }}
+{{- include "cwa-tests.setup" . }}
+{{- else if .Values.run }}
+{{- include "cwa-tests.run" . }}
+{{- end }}
@@ -1,18 +1,19 @@
+{{- define "cwa-tests.run.pod" -}}
 apiVersion: v1
 kind: Pod
 metadata:
-  name: {{ .Release.Name }}
+  name: {{ .Release.Name }}-laa-pcuam-cwa-tests
   labels:
     app.kubernetes.io/managed-by: Helm
-    meta.helm.sh/release-name: {{ .Chart.Name }}
+    meta.helm.sh/release-name: {{ .Release.Name }}
     meta.helm.sh/release-namespace: {{ .Values.global.namespace }}
 
 spec:
   restartPolicy: Never
   serviceAccountName: {{ .Values.global.serviceAccount }}
   containers:
   - name: laa-pcuam-cwa-tests
-    image: {{ .Values.ecr.image.registryAddress }}/{{ .Values.ecr.image.regPath }}:{{ .Values.ecr.image.tag }}
+    image: "{{ .Values.global.registryAddress }}/{{ .Values.global.regPath }}:{{ .Values.ecr.image.tag }}"
     env:
     - name: TEST_ENV
       value: {{ .Values.global.test_env }}
@@ -23,4 +24,5 @@ spec:
       limits:
         cpu: 4000m
         memory: 8192Mi
-    command: ["/bin/sh", "-ec", "bundle exec cucumber"]
+    command: ["/bin/sh", "-ec", "bundle exec cucumber"]
+{{- end -}}
@@ -0,0 +1,12 @@
+{{- define "cwa-tests.setup.config-map" -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-config-map
+  labels:
+    meta.helm.sh/release-name: {{ .Release.Name }}
+data:
+  redisSetupImageTag: "{{ .Values.redisSetup.image.tag }}"
+  circleSha1: "{{ .Values.global.circle_sha1 }}"
+---
+{{- end -}}