Automate docker image build for deployments

We currently have scripts that builds docker images out of git tags. This then releases (docker push) them in the swh gitlab registry.

Another human intervention is required to update the swh-charts repositories to reference the new image versions to use (a yaml file [1]). Those actions are manual. We need to switch to automation for this part [2], e.g. script(s) called from within jenkins jobs.

There exists 2 workflows:

New release of a swh package (we have somewhat control over it). It should be packaged with its dependencies updated. Other packages depending on it should be rebuilt too.
Release of external packages (which we don't control).

That could be implemented with 2 jobs:

One job about release of a new component version (and its impacts. e.g. swh.core)
Another job triggered daily to keep up-to-date external dependencies

Release update job:

1. React on git tag push (on development repositories), which triggers
1. swh-apps!11 (merged): A script to generate list of impacted images to rebuild (starting with the first repository/application at step 1.).
1. Rebuild said impacted images in proper order (from first application 1.) and release new image versions in the gitlab registry
1. swh-apps!13 (merged): Another script to update the staging values-swh-application-versions.yaml [1] (commit and push)
1. argocd then triggers the deployment first in staging
1. If all is good [3], argocd triggers deployment on production (merge staging branch into production and push)
1. Otherwise, this reverts the commit from step 5 (git revert and push that commit in staging branch)

Daily update job:

Triggered by a cron
List all apps and triggers a rebuild
The end checks stays the same as the previous job

status:

build-docker-image [2]
build-docker-images (list impacted images, then in // -trigger-> build-docker-image, then opens MR) [3]
swh/infra/ci-cd/swh-jenkins-jobs!181 (merged): incoming-tag -triggers-> build-docker-images

[1] https://gitlab.softwareheritage.org/swh/infra/ci-cd/swh-charts/-/blob/production/values-swh-application-versions.yaml

[2] https://jenkins.softwareheritage.org/job/swh-apps/job/build-docker-image/

[3] https://jenkins.softwareheritage.org/job/swh-apps/job/build-docker-images/ [2] The current implementation would be scripts triggered within a jenkins job

[3] It'd be a manual check by the sysadm reviewing the mr

Edited Jun 28, 2023 by Antoine R. Dumont