Skip to content

Updated circleci config to push to gar #573

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
bwells-moz wants to merge 13 commits into
base: master
Choose a base branch
from
Open

Updated circleci config to push to gar #573

Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
2b5585d
Updated circleci config to push to gar
bwells-moz Jun 2, 2025
0e56d85
Updated circleci config
bwells-moz Jun 3, 2025
936bc47
Removed shell and make commands, further updates to the config
bwells-moz Jun 3, 2025
cb5dc13
Updated circleconfig- following autopush
bwells-moz Jun 3, 2025
c1cbf0f
Updated orbs with gcp-cli and gcp-gcr
bwells-moz Jun 3, 2025
fad6870
Removed the scripts folder. Older change, not needed
bwells-moz Jun 3, 2025
8469374
Including changes to env vars using our gcpv2 context
bwells-moz Jun 4, 2025
765acd5
Restoring gcp-gcr orb
bwells-moz Jun 4, 2025
87ad71c
Removed docker requirement from deploy-gar
bwells-moz Jun 4, 2025
48ebec2
Ran yarn prettier-run to resolve lint
bwells-moz Jun 4, 2025
119ae60
Revert "Ran yarn prettier-run to resolve lint"
bwells-moz Jun 4, 2025
00a940e
Ran yarn prettier-run to resolve lint
bwells-moz Jun 4, 2025
53fb56a
Resolving PR comments
bwells-moz Jun 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 49 additions & 1 deletion .circleci/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@ executors:

orbs:
shellcheck: circleci/shellcheck@3.0.0
gcp-cli: circleci/gcp-cli@3.3.0
gcp-gcr: circleci/gcp-gcr@0.16.3

commands:
checkout-and-dependencies:
Expand Down Expand Up @@ -60,7 +62,16 @@ workflows:
only:
- master
- production

- deploy-gar:
requires:
- docker
context:
- gcpv2-workload-identity
# filters:
# branches:
# only:
# - master
# - production
# This is a weekly workflow, just to deploy new versions of the docker images,
# so that updates to the underlying images are used and deployed.
# This is configured to run on Thursdays (4th day in the week, Sunday is 0).
Expand Down Expand Up @@ -187,3 +198,40 @@ jobs:
echo "$DOCKER_PASS" | docker login -u "$DOCKER_USER" --password-stdin
docker push $IMAGE_NAME:$IMAGE_LATEST_TAG
docker push $IMAGE_NAME:$IMAGE_VERSION_TAG
deploy-gar:
executor: gcp-gcr/default
parameters:
build_tag:
type: string
default: build
image:
type: string
default: firefoxprofiler
registry-url:
type: string
default: us-docker.pkg.dev
steps:
- checkout
- gcp-cli/setup:
use_oidc: true
- run:
name: Prepare environment variables for OIDC authentication and Deploy to Google Artifact Registry
command: |
echo 'export GOOGLE_PROJECT_ID="moz-fx-profiler-prod"' >> "$BASH_ENV"
echo "export OIDC_WIP_ID=$GCPV2_WORKLOAD_IDENTITY_POOL_ID" >> "$BASH_ENV"
echo "export OIDC_WIP_PROVIDER_ID=$GCPV2_CIRCLECI_WORKLOAD_IDENTITY_PROVIDER" >> "$BASH_ENV"
echo "export GOOGLE_PROJECT_NUMBER=$GCPV2_WORKLOAD_IDENTITY_POOL_PROJECT_NUMBER" >> "$BASH_ENV"
echo "export OIDC_SERVICE_ACCOUNT_EMAIL=$GCP_SERVICE_ACCOUNT_EMAIL" >> "$BASH_ENV"
echo 'export GCP_GAR_REPO="profiler-prod"' >> "$BASH_ENV"
echo "export GAR_IMAGE=\"<<parameters.registry-url>>/${GOOGLE_PROJECT_ID}/${GCP_GAR_REPO}/<<parameters.image>>\"" >> $BASH_ENV
Comment on lines +220 to +226
Copy link
Contributor

@julienw julienw Jun 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For more simplicity, and if they are needed, I would create these env variables directly in the step below, like we do for IMAGE_VERSION_TAG IMAGE_LATEST_TAG.

For the hardcoded ones, it could be easier to add an environment property to the job or step like described in parts 2 and 3 in https://circleci.com/docs/set-environment-variable/.

Using the commands with $BASH_ENV are useful if:

  • we want some interpolation
  • we want these variables present for all the following steps

But I'm not opposed keeping them here if you prefer, buy only if we need them.


gcloud auth configure-docker us-docker.pkg.dev --quiet

IMAGE_VERSION_TAG="0.0.${CIRCLE_BUILD_NUM}"
IMAGE_LATEST_TAG="${CIRCLE_BRANCH}-latest"

docker tag <<parameters.image>> $GAR_IMAGE:$IMAGE_VERSION_TAG
docker tag <<parameters.image>> $GAR_IMAGE:$IMAGE_LATEST_TAG

docker push $GAR_IMAGE:$IMAGE_VERSION_TAG
docker push $GAR_IMAGE:$IMAGE_LATEST_TAG